本報告彙整了 2ns.org 監測節點偵測到的即時攻擊行為。包含 SQL Injection、XSS 跨站腳本 以及非法檔案存取嘗試。提供管理者作為防火牆黑名單設定參考。
最後更新:2026-04-23 14:53:21 📥 下載完整報告
| 時間 | 攻擊名稱 | 來源 IP (下載威脅IP清單) | 動作 |
|---|---|---|---|
| - | HTTP.URI.SQL.Injection | 95.179.167.233 | dropped |
| - | PHP.CGI.Argument.Injection | 34.19.116.61 | dropped |
| - | Telerik.Web.UI.RadAsyncUpload.Handling.Arbitrary.File.Upload | 45.156.128.102 | dropped |
| - | Apache.HTTP.Server.cgi-bin.Path.Traversal | 45.156.128.104 | dropped |
| - | Apache.HTTP.Server.cgi-bin.Path.Traversal | 45.156.128.104 | dropped |
| - | Mirai.Botnet | 91.224.92.177 | dropped |
| - | Apache.HTTP.Server.cgi-bin.Path.Traversal | 178.104.245.171 | dropped |
| - | Malicious.HTTP.URI.Requests | 185.177.72.66 | dropped |
| - | Malicious.HTTP.URI.Requests | 185.177.72.66 | dropped |
| - | Apache.HTTP.Server.cgi-bin.Path.Traversal | 115.191.32.57 | dropped |
| - | Mirai.Botnet | 8.141.19.33 | dropped |
| - | Apache.HTTP.Server.cgi-bin.Path.Traversal | 87.106.91.226 | dropped |
| - | zlib.Library.inflateGetHeader.Handling.Buffer.Overflow | 44.196.118.6 | dropped |
| - | NETGEAR.DGN1000.CGI.Unauthenticated.Remote.Code.Execution | 36.70.69.81 | dropped |
| - | D-Link.DSL-2750B.CLI.OS.Command.Injection | 178.81.200.82 | dropped |
| - | zlib.Library.inflateGetHeader.Handling.Buffer.Overflow | 44.213.202.136 | dropped |
| - | zlib.Library.inflateGetHeader.Handling.Buffer.Overflow | 34.227.156.153 | dropped |
| - | zlib.Library.inflateGetHeader.Handling.Buffer.Overflow | 18.213.240.226 | dropped |
| - | zlib.Library.inflateGetHeader.Handling.Buffer.Overflow | 34.203.111.15 | dropped |
| - | Mirai.Botnet | 192.109.200.204 | dropped |
| - | HTTP.URI.SQL.Injection | 18.88.32.116 | dropped |
| - | zlib.Library.inflateGetHeader.Handling.Buffer.Overflow | 107.22.208.39 | dropped |
| - | Apache.HTTP.Server.cgi-bin.Path.Traversal | 83.168.89.181 | dropped |
| - | Mirai.Botnet | 91.224.92.177 | dropped |
| - | Web.Server.Password.File.Access | 37.60.247.234 | dropped |
| - | Cross.Site.Scripting | 37.60.247.234 | detected |
| - | WordPress.REST.API.Username.Enumeration.Information.Disclosure | 103.79.178.1 | dropped |
| - | WordPress.REST.API.Username.Enumeration.Information.Disclosure | 103.79.178.1 | dropped |
| - | Mirai.Botnet | 47.238.236.74 | dropped |
| - | ThinkPHP.Controller.Parameter.Remote.Code.Execution | 192.252.178.239 | dropped |
| - | AndroxGh0st.Malware | 20.172.36.113 | dropped |
| - | ThinkPHP.Controller.Parameter.Remote.Code.Execution | 45.207.163.41 | dropped |
| - | ThinkPHP.Controller.Parameter.Remote.Code.Execution | 45.207.163.41 | dropped |
| - | ThinkPHP.Controller.Parameter.Remote.Code.Execution | 45.207.163.41 | dropped |
| - | ThinkPHP.Controller.Parameter.Remote.Code.Execution | 45.207.163.41 | dropped |
| - | ThinkPHP.Controller.Parameter.Remote.Code.Execution | 45.207.163.41 | dropped |
| - | PHP.CGI.Argument.Injection | 34.19.116.58 | dropped |
| - | PHP.CGI.Argument.Injection | 34.19.116.55 | dropped |
| - | Apache.HTTP.Server.cgi-bin.Path.Traversal | 34.19.116.50 | dropped |
| - | ThinkPHP.Controller.Parameter.Remote.Code.Execution | 34.19.116.56 | dropped |
| - | Apache.HTTP.Server.cgi-bin.Path.Traversal | 34.19.116.50 | dropped |
| - | SystemBC.Botnet | 68.69.177.112 | dropped |
| - | zlib.Library.inflateGetHeader.Handling.Buffer.Overflow | 107.20.181.148 | dropped |
| - | Oracle.Java.Applet.CMM.Code.Execution | 18.232.36.1 | dropped |
| - | Web.Server.Password.File.Access | 80.94.95.169 | dropped |
| - | Cross.Site.Scripting | 144.31.151.136 | detected |
| - | Web.Server.Password.File.Access | 144.31.151.136 | dropped |
| - | Mirai.Botnet | 91.224.92.177 | dropped |
| - | WordPress.WooCommerce.Authentication.Bypass | 139.59.220.152 | dropped |
| - | WordPress.WooCommerce.Authentication.Bypass | 139.59.220.152 | dropped |