2023/12/30 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2023/12/30分です。

特徴

共通

GPONルータの脆弱性を狙うアクセス
zgrabによるスキャン行為
/.envへのスキャン行為

Location:JP

curlによるスキャン行為
.cssへのスキャン行為
.jsへのスキャン行為
/.gitへのスキャン行為
configファイルへのスキャン行為
5.188.210.227に関する不正通信
Gh0stRATのような動き

を確認しました。

Location:US

Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
curlによるスキャン行為
wgetによるスキャン行為
.cssへのスキャン行為
.jsへのスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
Apache Solrへのスキャン行為
configファイルへのスキャン行為
Gh0stRATのような動き

を確認しました。

Location:UK

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Telerik UIの脆弱性(CVE-2019-18935)を狙うアクセス
CensysInspectによるスキャン行為
.jsへのスキャン行為
/.gitへのスキャン行為
configファイルへのスキャン行為

を確認しました。

Location:SG

Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
Apache Solrへのスキャン行為
5.188.210.227に関する不正通信

を確認しました。

他

アクセス数推移

JP：総アクセス数：261 (前日比：192)
US：総アクセス数：174 (前日比：-174)
UK：総アクセス数：163 (前日比：82)
SG：総アクセス数：139 (前日比：46)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.188.210.227	Russia
1	18.162.61.219	United States
20	18.170.78.71	United States
1	44.201.186.241	United States
5	45.33.93.26	United States
1	45.56.108.128	United States
1	45.79.54.95	United States
1	45.79.181.104	United States
1	46.101.7.22	United States
1	64.62.197.68	United States
1	64.62.197.70	United States
1	64.62.197.71	United States
1	64.62.197.128	United States
1	68.183.61.43	United States
3	78.153.140.224	Russia
1	91.92.247.206	Bulgaria
15	101.32.192.203	Singapore
1	104.192.0.61	United States
8	135.125.217.54	France
8	135.125.246.189	France
1	141.98.7.188	Bulgaria
5	142.93.56.62	United States
13	143.110.220.107	United States
2	165.154.182.53	Hong Kong
1	167.71.209.152	United States
2	172.104.208.144	United States
145	172.105.216.226	United States
3	176.58.108.100	United States
1	185.170.144.3	Estonia
1	185.180.140.5	Portugal
4	185.254.196.173	Ukraine
4	185.254.196.186	Ukraine
1	192.241.204.4	United States
1	198.199.103.75	United States
2	198.235.24.11	United States
2	205.210.31.144	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
38	`-`
1	`Go-http-client/1.1`
1	`Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; GTB7.5; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36`
6	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15`
15	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.108 Safari/537.36`
25	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`
1	`axios/0.27.2`
143	`curl/7.54.0`
1	`curl/8.1.2`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`Gh0st\xad`
1		`HELP`
1		`MGLNDD_18.179.20.5_80\n`
1		`\x03`
1		`\x16\x03\x01\x01\xfa\x01`
1		`\x16\x03\x01\x02`
26		`\x16\x03\x01`
1		`\x1b\x84\xd5\xb0]\xf4\xc4\x93\xc50\xc2X\x8c\xda\xb1\xd7\xac\xafn\x1d\xe1\x1e\x1a3*\x85\xb7\x1d'\xb1\xc9k\xbf\xf0\xbc\n`
1		`\xbd\xff\x9e\xffE\xff\x9e\xff\xbd\xff\x9e\xff\xa4\xff\x86\xff\xc4\xff\xbe\xff\xc7\xff\xdb\xff\xee\xffx\\d9\xff\xed\xff\xa4\xff\x9d\xff\xcf\xff\xd8\xff\xe5\xff\x04\xff\x12\xff0\xff\xb1\xff\xbd\xff\xe7\xff\xe2\xff\xdd\xff\xdc\xff\xde\xff\xc8\xff\xcc\xff\xbe\xff\xf8\xff&\xff\x01\xff\x0f\xff\xf5\xff\x06\xff\xff\xff\xf7\xff!\xff\xde\xff\x02\xff&\xff\x0c\xff\x01\xff\xf5\xff\n`
2		``
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
25	GET	`/.env`	HTTP/1.1
1	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/1.php`	HTTP/1.1
1	GET	`/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000`	HTTP/1.1
1	GET	`/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42`	HTTP/1.1
1	GET	`/CSS/Miniweb.css`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/Portal/Portal.mwsl`	HTTP/1.1
1	GET	`/Portal0000.htm`	HTTP/1.1
1	GET	`/WGUi`	HTTP/1.1
1	GET	`/__Additional`	HTTP/1.1
1	GET	`/admin.asp`	HTTP/1.1
1	GET	`/admin.aspx`	HTTP/1.1
1	GET	`/admin.cfm`	HTTP/1.1
1	GET	`/admin.cgi`	HTTP/1.1
1	GET	`/admin.html`	HTTP/1.1
1	GET	`/admin.jhtml`	HTTP/1.1
1	GET	`/admin.jsa`	HTTP/1.1
1	GET	`/admin.jsp`	HTTP/1.1
1	GET	`/admin.php`	HTTP/1.1
1	GET	`/admin.pl`	HTTP/1.1
1	GET	`/admin.shtml`	HTTP/1.1
1	GET	`/admin/config.php`	HTTP/1.1
1	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/api/sonicos/auth`	HTTP/1.1
1	GET	`/api/sonicos/tfa`	HTTP/1.1
1	GET	`/app/.git/config`	HTTP/1.1
1	GET	`/auth.html`	HTTP/1.1
1	GET	`/auth1.html`	HTTP/1.1
1	GET	`/base.asp`	HTTP/1.1
1	GET	`/base.aspx`	HTTP/1.1
1	GET	`/base.cfm`	HTTP/1.1
1	GET	`/base.cgi`	HTTP/1.1
1	GET	`/base.html`	HTTP/1.1
1	GET	`/base.inc`	HTTP/1.1
1	GET	`/base.jhtml`	HTTP/1.1
1	GET	`/base.jsa`	HTTP/1.1
1	GET	`/base.jsp`	HTTP/1.1
1	GET	`/base.php`	HTTP/1.1
1	GET	`/base.pl`	HTTP/1.1
1	GET	`/base.shtml`	HTTP/1.1
1	GET	`/bundle.js`	HTTP/1.1
1	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
1	GET	`/default.asp`	HTTP/1.1
1	GET	`/default.aspx`	HTTP/1.1
1	GET	`/default.cfm`	HTTP/1.1
1	GET	`/default.cgi`	HTTP/1.1
1	GET	`/default.html`	HTTP/1.1
1	GET	`/default.jhtml`	HTTP/1.1
1	GET	`/default.jsa`	HTTP/1.1
1	GET	`/default.jsp`	HTTP/1.1
1	GET	`/default.php`	HTTP/1.1
1	GET	`/default.pl`	HTTP/1.1
1	GET	`/default.shtml`	HTTP/1.1
1	GET	`/docs/cplugError.html/`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/form.html`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/home.asp`	HTTP/1.1
1	GET	`/home.aspx`	HTTP/1.1
1	GET	`/home.cfm`	HTTP/1.1
1	GET	`/home.cgi`	HTTP/1.1
1	GET	`/home.html`	HTTP/1.1
1	GET	`/home.jhtml`	HTTP/1.1
1	GET	`/home.jsa`	HTTP/1.1
1	GET	`/home.jsp`	HTTP/1.1
1	GET	`/home.php`	HTTP/1.1
1	GET	`/home.pl`	HTTP/1.1
1	GET	`/home.shtml`	HTTP/1.1
1	GET	`/index.asp`	HTTP/1.1
1	GET	`/index.aspx`	HTTP/1.1
1	GET	`/index.cfm`	HTTP/1.1
1	GET	`/index.cgi`	HTTP/1.1
2	GET	`/index.html`	HTTP/1.1
1	GET	`/index.jhtml`	HTTP/1.1
1	GET	`/index.jsa`	HTTP/1.1
1	GET	`/index.jsp`	HTTP/1.1
1	GET	`/index.php`	HTTP/1.1
1	GET	`/index.pl`	HTTP/1.1
1	GET	`/index.shtml`	HTTP/1.1
1	GET	`/indice.asp`	HTTP/1.1
1	GET	`/indice.aspx`	HTTP/1.1
1	GET	`/indice.cfm`	HTTP/1.1
1	GET	`/indice.cgi`	HTTP/1.1
1	GET	`/indice.html`	HTTP/1.1
1	GET	`/indice.jhtml`	HTTP/1.1
1	GET	`/indice.jsa`	HTTP/1.1
1	GET	`/indice.jsp`	HTTP/1.1
1	GET	`/indice.php`	HTTP/1.1
1	GET	`/indice.pl`	HTTP/1.1
1	GET	`/indice.shtml`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/inicio.asp`	HTTP/1.1
1	GET	`/inicio.aspx`	HTTP/1.1
1	GET	`/inicio.cfm`	HTTP/1.1
1	GET	`/inicio.cgi`	HTTP/1.1
1	GET	`/inicio.html`	HTTP/1.1
1	GET	`/inicio.jhtml`	HTTP/1.1
1	GET	`/inicio.jsa`	HTTP/1.1
1	GET	`/inicio.jsp`	HTTP/1.1
1	GET	`/inicio.php`	HTTP/1.1
1	GET	`/inicio.pl`	HTTP/1.1
1	GET	`/inicio.shtml`	HTTP/1.1
1	GET	`/localstart.asp`	HTTP/1.1
1	GET	`/localstart.aspx`	HTTP/1.1
1	GET	`/localstart.cfm`	HTTP/1.1
1	GET	`/localstart.cgi`	HTTP/1.1
1	GET	`/localstart.html`	HTTP/1.1
1	GET	`/localstart.jhtml`	HTTP/1.1
1	GET	`/localstart.jsa`	HTTP/1.1
1	GET	`/localstart.jsp`	HTTP/1.1
1	GET	`/localstart.php`	HTTP/1.1
1	GET	`/localstart.pl`	HTTP/1.1
1	GET	`/localstart.shtml`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/main.asp`	HTTP/1.1
1	GET	`/main.aspx`	HTTP/1.1
1	GET	`/main.cfm`	HTTP/1.1
1	GET	`/main.cgi`	HTTP/1.1
1	GET	`/main.html`	HTTP/1.1
1	GET	`/main.jhtml`	HTTP/1.1
1	GET	`/main.jsa`	HTTP/1.1
1	GET	`/main.jsp`	HTTP/1.1
1	GET	`/main.php`	HTTP/1.1
1	GET	`/main.pl`	HTTP/1.1
1	GET	`/main.shtml`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
1	GET	`/menu.asp`	HTTP/1.1
1	GET	`/menu.aspx`	HTTP/1.1
1	GET	`/menu.cfm`	HTTP/1.1
1	GET	`/menu.cgi`	HTTP/1.1
1	GET	`/menu.html`	HTTP/1.1
1	GET	`/menu.jhtml`	HTTP/1.1
1	GET	`/menu.jsa`	HTTP/1.1
1	GET	`/menu.jsp`	HTTP/1.1
1	GET	`/menu.php`	HTTP/1.1
1	GET	`/menu.pl`	HTTP/1.1
1	GET	`/menu.shtml`	HTTP/1.1
1	GET	`/nmaplowercheck1703847860`	HTTP/1.1
1	GET	`/password.php`	HTTP/1.1
1	GET	`/pools/default/buckets`	HTTP/1.1
1	GET	`/pools`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/readme.txt`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
1	GET	`/showLogin.cc`	HTTP/1.1
1	GET	`/sslvpnLogin.html`	HTTP/1.1
1	GET	`/start.asp`	HTTP/1.1
1	GET	`/start.aspx`	HTTP/1.1
1	GET	`/start.cfm`	HTTP/1.1
1	GET	`/start.cgi`	HTTP/1.1
1	GET	`/start.html`	HTTP/1.1
1	GET	`/start.jhtml`	HTTP/1.1
1	GET	`/start.jsa`	HTTP/1.1
1	GET	`/start.jsp`	HTTP/1.1
1	GET	`/start.php`	HTTP/1.1
1	GET	`/start.pl`	HTTP/1.1
1	GET	`/start.shtml`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/v3/time`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`default.asp`	HTTP/1.1
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
15	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1
2	HEAD	`/`	HTTP/1.1
1	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/graphql`	HTTP/1.1
1	POST	`/scripts/WPnBr.dll`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
1	POST	`/wsman`	HTTP/1.1
1	t3	`12.1.2\n`

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
20	18.171.152.123	United States
7	35.216.190.15	United States
1	45.33.80.243	United States
1	45.79.128.205	United States
2	45.79.181.104	United States
1	45.79.181.223	United States
6	45.129.14.57	Romania
13	45.129.14.79	Romania
3	54.36.115.221	France
1	65.49.1.95	United States
3	65.49.20.69	United States
1	66.240.205.34	United States
3	78.153.140.224	Russia
1	80.66.88.215	Russia
2	83.97.73.87	Germany
12	90.151.171.106	Russia
18	90.151.171.108	Russia
2	91.92.243.232	Bulgaria
7	95.214.235.169	Ukraine
3	103.187.190.4	private ip address
1	107.170.231.42	United States
1	134.209.189.53	United States
1	139.59.101.104	Singapore
1	141.98.7.188	Bulgaria
1	159.100.13.152	Germany
1	159.203.224.33	United States
2	162.142.125.10	United States
1	167.71.243.137	United States
2	167.94.145.58	United States
27	172.104.4.17	United States
1	172.104.11.46	United States
1	172.104.11.51	United States
2	172.105.128.13	United States
1	176.113.115.220	Russia
3	178.79.140.40	United States
3	185.156.72.7	Russia
1	185.170.144.3	Estonia
1	191.101.157.17	United States
1	192.155.90.118	United States
1	192.155.90.220	United States
1	194.5.53.79	Netherlands
1	194.5.53.108	Netherlands
1	194.26.135.222	United Kingdom
1	198.199.98.149	United States
1	198.199.108.39	United States
1	198.199.110.73	United States
2	198.235.24.101	United States
2	205.210.31.5	United States
2	205.210.31.154	United States
2	205.210.31.240	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
57	`-`
1	`BlackBerry8320/4.2.2 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/100`
3	`Go-http-client/1.1`
1	`Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0)`
1	`Mozilla/5.0 (Linux; Android 10; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 12; motorola edge 20 pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 7.1.1; Coolpad 3632A Build/NMF26F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.125 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 2.1; en-us; Nexus One Build/ERD62) AppleWebKit/530.17 (KHTML, like Gecko) Version/4.0 Mobile Safari/530.17`
1	`Mozilla/5.0 (Linux; U; Android 4.2.2; de-de; SM-T110 Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
6	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:103.0) Gecko/20100101 Firefox/103.0 abuse.xmco.fr`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 OPR/85.0.4341.72`
1	`Mozilla/5.0 (Windows NT 10.0; rv:108.0) Gecko/20100101 Firefox/108.0`
1	`Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) MxBrowser/4.5.10.7000 Chrome/30.0.1551.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20120403211507 Firefox/12.0`
15	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from) Z73802194750Q1`
15	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
1	`Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36`
1	`Mozilla/5.0 (Windows Phone 10.0; Android 4.2.1; DEVICE INFO) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Mobile Safari/537.36 Edge/12.0`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.75 Safari/537.36`
13	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36`
1	`Mozilla/5.0 (X11; NetBSD amd64; rv:30.0) Gecko/20100101 Firefox/30.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
4	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
1	`Uzbl (Webkit 1.3) (Linux i686 [i686])`
1	`Web Downloader/6.9`
1	`Wget/1.12 (freebsd8.1)`
22	`curl/7.54.0`
1	`wii libnup/1.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`Gh0st\xad`
1		`MGLNDD_34.68.118.83_80\n`
7		`\x03`
1		`\x16\x03\x01\x01\xfb\x01`
4		`\x16\x03\x01\x02`
36		`\x16\x03\x01`
2		``
5	CONNECT	`api[.]ipify[.]org:443`	HTTP/1.1
3	CONNECT	`check.best-proxies[.]ru:443`	HTTP/1.1
1	CONNECT	`checkip[.]amazonaws[.]com:443`	HTTP/1.1
2	CONNECT	`eth0[.]me:443`	HTTP/1.1
1	CONNECT	`fingerprints[.]bablosoft[.]com:443`	HTTP/1.1
2	CONNECT	`ip[.]bablosoft[.]com:443`	HTTP/1.1
1	CONNECT	`v4[.]ident[.]me:443`	HTTP/1.1
2	GET	`../../proc/ HTTP`
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
2	GET	`/.aws/config`	HTTP/1.1
2	GET	`/.aws/credentials`	HTTP/1.1
2	GET	`/.aws/secrets`	HTTP/1.1
13	GET	`/.env`	HTTP/1.1
1	GET	`/.git/HEAD`	HTTP/1.1
3	GET	`/.git/config`	HTTP/1.1
2	GET	`//.aws/credentials`	HTTP/1.1
1	GET	`/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/CSS/Miniweb.css`	HTTP/1.1
1	GET	`/GRtO`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/Portal/Portal.mwsl`	HTTP/1.1
1	GET	`/Portal0000.htm`	HTTP/1.1
1	GET	`/__Additional`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/admin/config.php`	HTTP/1.1
1	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/aws-secret.yaml`	HTTP/1.1
1	GET	`/aws.yml`	HTTP/1.1
2	GET	`/aws/credentials`	HTTP/1.1
2	GET	`/aws/secrets`	HTTP/1.1
1	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
1	GET	`/config.js`	HTTP/1.1
2	GET	`/config.json`	HTTP/1.1
1	GET	`/config/aws.yml`	HTTP/1.1
1	GET	`/config/config.json`	HTTP/1.1
1	GET	`/config/default.json`	HTTP/1.1
1	GET	`/default.cgi`	HTTP/1.1
1	GET	`/docs/cplugError.html/`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
1	GET	`/index.jsp`	HTTP/1.1
1	GET	`/indice.asp`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/main.php`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
1	GET	`/nmaplowercheck1703843554`	HTTP/1.1
1	GET	`/pools/default/buckets`	HTTP/1.1
1	GET	`/pools`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/sendgrid/.env`	HTTP/1.1
2	GET	`/server-status`	HTTP/1.1
1	GET	`/solr/admin/cores?action=STATUS&wt=json`	HTTP/1.1
1	GET	`/solr/admin/info/system`	HTTP/1.1
1	GET	`/start.html`	HTTP/1.1
1	GET	`/telescope/requests`	HTTP/1.1
1	GET	`/v2/_catalog`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
5	GET	`http[:]//api[.]ipify[.]org?Z73802194750Q1`	HTTP/1.1
3	GET	`http[:]//check[.]best-proxies.ru/ip.php?Z73802194750Q1`	HTTP/1.1
1	GET	`http[:]//checkip[.]amazonaws[.]com?Z73802194750Q1`	HTTP/1.1
2	GET	`http[:]//eth0[.]me?Z73802194750Q1`	HTTP/1.1
1	GET	`http[:]//fingerprints[.]bablosoft[.]com/ip?Z73802194750Q1`	HTTP/1.1
2	GET	`http[:]//ip[.]bablosoft[.]com/?Z73802194750Q1`	HTTP/1.1
1	GET	`http[:]//v4[.]ident[.]me?Z73802194750Q1`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
1	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/scripts/WPnBr.dll`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
2	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
20	18.171.152.12	United States
2	31.220.88.155	Spain
1	45.55.133.116	United States
1	45.79.172.21	United States
3	45.79.181.104	United States
1	45.79.181.179	United States
2	45.79.181.223	United States
1	45.79.181.251	United States
1	45.227.254.48	Belize
1	52.80.126.145	China
1	52.81.17.152	China
1	52.81.61.158	China
7	54.36.115.221	France
12	57.129.23.166	France
1	64.62.197.53	United States
2	83.97.73.87	Germany
1	91.92.249.159	Bulgaria
1	94.156.64.217	Bulgaria
8	95.214.235.169	Ukraine
40	100.25.30.137	United States
1	103.153.76.135	Vietnam
1	139.59.101.104	Singapore
2	141.98.7.188	Bulgaria
1	146.70.15.44	Romania
2	159.223.77.217	United States
2	159.223.87.174	United States
1	162.243.136.62	United States
1	165.232.46.99	United States
2	167.71.217.188	United States
2	167.248.133.39	United States
1	172.104.11.51	United States
1	172.105.128.11	United States
3	176.58.108.100	United States
1	176.113.115.184	Russia
3	184.105.247.194	United States
3	185.156.72.7	Russia
19	185.180.143.18	Portugal
1	191.101.157.174	United States
1	192.99.7.195	Canada
1	192.155.90.220	United States
1	192.241.210.27	United States
1	192.241.235.23	United States
1	198.199.117.94	United States
2	205.210.31.19	United States
2	205.210.31.91	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
43	`-`
5	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Edg/109.0.1518.78`
18	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
40	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0`
29	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
3	`Mozilla/5.0 zgrab/0.x`
5	`Mozilla/5.0`
1	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_132.145.66.34_80\n`
5		`\x03`
1		`\x16\x03\x01\x01\x07\x01`
1		`\x16\x03\x01\x01\xc0\x01`
1		`\x16\x03\x01\x01\xfc\x01`
31		`\x16\x03\x01`
2		``
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
1	GET	`/.DS_Store`	HTTP/1.1
30	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/.vscode/sftp.json`	HTTP/1.1
2	GET	`//.env`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/Telerik.Web.UI.WebResource.axd?type=rau`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/admin/.env`	HTTP/1.1
1	GET	`/admin/`	HTTP/1.1
1	GET	`/admin/config.php`	HTTP/1.0
1	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/api/session/properties`	HTTP/1.1
1	GET	`/app/.env`	HTTP/1.1
1	GET	`/application/.env`	HTTP/1.1
1	GET	`/apps/.env`	HTTP/1.1
1	GET	`/auth/.env`	HTTP/1.1
1	GET	`/back/.env`	HTTP/1.1
1	GET	`/backend/.env`	HTTP/1.1
5	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
1	GET	`/cgi-bin/authLogin.cgi`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
1	GET	`/cli/.env`	HTTP/1.1
1	GET	`/config/.env`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/cp/.env`	HTTP/1.1
1	GET	`/dependencies/.env`	HTTP/1.1
1	GET	`/deployment/.env`	HTTP/1.1
1	GET	`/dev/.env`	HTTP/1.1
1	GET	`/development/.env`	HTTP/1.1
1	GET	`/docker/.env`	HTTP/1.1
1	GET	`/document/.env`	HTTP/1.1
1	GET	`/engine/.env`	HTTP/1.1
1	GET	`/favicon-32x32.png`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/framework/.env`	HTTP/1.1
1	GET	`/frontend/.env`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
1	GET	`/index.jsp`	HTTP/1.1
1	GET	`/laravel-artisa/.env`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/login/.env`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
1	GET	`/master/.env`	HTTP/1.1
1	GET	`/personal/.env`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/private/.env`	HTTP/1.1
1	GET	`/project/.env`	HTTP/1.1
1	GET	`/protected/.env`	HTTP/1.1
1	GET	`/rest/.env`	HTTP/1.1
1	GET	`/search/.env`	HTTP/1.1
1	GET	`/server/.env`	HTTP/1.1
1	GET	`/shared/.env`	HTTP/1.1
1	GET	`/showLogin.cc`	HTTP/1.1
1	GET	`/site/.env`	HTTP/1.1
1	GET	`/sitecore/shell/sitecore.version.xml`	HTTP/1.1
1	GET	`/solr/`	HTTP/1.1
1	GET	`/src/.env`	HTTP/1.1
1	GET	`/static/historypage.js`	HTTP/1.1
1	GET	`/sugar_version.json`	HTTP/1.1
1	GET	`/system/.env`	HTTP/1.1
1	GET	`/vod_installer/.env`	HTTP/1.1
1	GET	`/vue/.env`	HTTP/1.1
1	GET	`/web/.env`	HTTP/1.1
1	GET	`/webfig/`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/non-existant-image.png`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/.%2e/%2e%2e/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/sphere1.png`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.188.210.227	Russia
20	13.40.26.170	United States
40	34.207.253.95	United States
1	45.33.80.243	United States
1	45.56.108.128	United States
1	45.79.181.104	United States
3	45.79.181.179	United States
2	45.79.181.223	United States
1	54.36.115.221	France
5	54.37.79.75	France
7	57.129.23.166	France
1	64.227.135.5	United States
1	65.49.20.68	United States
4	66.240.192.138	United States
1	80.66.88.215	Russia
2	83.97.73.87	Germany
1	85.239.33.6	Russia
2	91.92.243.232	Bulgaria
8	95.214.235.169	Ukraine
1	103.187.190.3	private ip address
1	119.13.157.198	Australia
3	139.162.215.177	Netherlands
1	141.98.7.187	Bulgaria
1	141.98.7.188	Bulgaria
2	162.142.125.222	United States
1	162.243.136.41	United States
1	162.243.143.50	United States
2	165.154.182.174	Hong Kong
2	167.94.138.34	United States
2	167.94.145.56	United States
1	172.104.11.4	United States
2	172.105.128.11	United States
1	172.105.128.13	United States
1	172.233.238.21	United States
3	184.105.139.68	United States
1	185.170.144.3	Estonia
1	185.180.140.6	Portugal
1	192.241.201.86	United States
4	198.20.69.98	United States
1	198.199.115.10	United States
2	198.235.24.221	United States
2	205.210.31.23	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
47	`-`
1	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 OPR/94.0.0.0 (Edition Yx GX)`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Edg/109.0.1518.70`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
40	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.172 Safari/537.22`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
21	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
3	`Mozilla/5.0 zgrab/0.x`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_13.67.44.234_80`
2		`\x03`
30		`\x16\x03\x01`
2		``
2	GET	`../../proc/ HTTP`
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
24	GET	`/.env`	HTTP/1.1
2	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/admin/.env`	HTTP/1.1
1	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/app/.env`	HTTP/1.1
1	GET	`/application/.env`	HTTP/1.1
1	GET	`/apps/.env`	HTTP/1.1
1	GET	`/auth/.env`	HTTP/1.1
1	GET	`/back/.env`	HTTP/1.1
1	GET	`/backend/.env`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
1	GET	`/cli/.env`	HTTP/1.1
1	GET	`/config/.env`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/cp/.env`	HTTP/1.1
1	GET	`/dependencies/.env`	HTTP/1.1
1	GET	`/deployment/.env`	HTTP/1.1
1	GET	`/dev/.env`	HTTP/1.1
1	GET	`/development/.env`	HTTP/1.1
1	GET	`/docker/.env`	HTTP/1.1
1	GET	`/document/.env`	HTTP/1.1
1	GET	`/engine/.env`	HTTP/1.1
8	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/framework/.env`	HTTP/1.1
1	GET	`/frontend/.env`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
1	GET	`/laravel-artisa/.env`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/login/.env`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
1	GET	`/master/.env`	HTTP/1.1
1	GET	`/personal/.env`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/private/.env`	HTTP/1.1
1	GET	`/project/.env`	HTTP/1.1
1	GET	`/protected/.env`	HTTP/1.1
1	GET	`/rest/.env`	HTTP/1.1
2	GET	`/robots.txt`	HTTP/1.1
1	GET	`/search/.env`	HTTP/1.1
1	GET	`/server/.env`	HTTP/1.1
1	GET	`/shared/.env`	HTTP/1.1
1	GET	`/showLogin.cc`	HTTP/1.1
1	GET	`/site/.env`	HTTP/1.1
2	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/solr/admin/info/system`	HTTP/1.1
1	GET	`/src/.env`	HTTP/1.1
1	GET	`/system/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/vod_installer/.env`	HTTP/1.1
1	GET	`/vue/.env`	HTTP/1.1
1	GET	`/web/.env`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`http[:]//5[.]188[.]210[.]227/echo.php`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
3	PRI	`*`	HTTP/2.0
1	t3	`12.1.2`