2024/01/22 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2024/01/22分です。

特徴

共通

GPONルータの脆弱性を狙うアクセス
.jsへのスキャン行為
/.envへのスキャン行為
Apache Tomcatへのスキャン行為

Location:JP

PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
curlによるスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:US

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Telerik UIの脆弱性(CVE-2019-18935)を狙うアクセス
CensysInspectによるスキャン行為
curlによるスキャン行為
zgrabによるスキャン行為
/.gitへのスキャン行為
WordPress Pluginへのスキャン行為

を確認しました。

Location:UK

D-link製品の脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
zgrabによるスキャン行為

を確認しました。

Location:SG

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
zgrabによるスキャン行為
/.gitへのスキャン行為
configファイルへのスキャン行為
Gh0stRATのような動き

を確認しました。

他

アクセス数推移

JP：総アクセス数：152 (前日比：-101)
US：総アクセス数：119 (前日比：35)
UK：総アクセス数：116 (前日比：-126)
SG：総アクセス数：125 (前日比：-93)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	3.8.125.132	United States
1	20.199.93.221	United States
1	31.220.88.155	Spain
1	34.220.21.21	United States
2	35.178.53.6	United States
1	45.56.108.128	United States
1	47.89.193.162	United States
1	47.254.74.59	United States
33	54.222.143.33	China
1	54.223.58.116	China
1	60.190.226.186	China
1	62.146.239.1	Germany
1	65.49.20.68	United States
3	74.82.47.5	United States
2	78.153.140.175	Russia
2	78.153.140.177	Russia
1	89.190.156.61	United States
1	104.192.0.61	United States
13	104.248.112.111	United States
1	106.75.167.183	China
3	129.204.230.165	China
13	135.125.244.48	France
3	135.125.246.189	France
3	144.91.107.42	Germany
1	146.70.184.13	Romania
1	154.27.68.195	United States
1	159.203.224.14	United States
1	172.105.128.11	United States
33	172.206.16.183	United Kingdom
4	185.142.236.40	Seychelles
7	185.254.196.173	Ukraine
3	185.254.196.186	Ukraine
2	192.9.137.115	United States
1	192.101.68.19	United States
1	198.74.56.46	United States
2	198.235.24.68	United States
2	205.210.31.20	United States
1	206.189.124.139	United States

UserAgent一覧

件数	UserAgent
24	`-`
2	`Go-http-client/1.1`
2	`Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; U; PPC Mac OS X; fr-fr) AppleWebKit/312.5 (KHTML, like Gecko) Safari/312.3`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.9 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3464.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 OPR/94.0.0.0 (Edition Yx GX)`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36`
33	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko`
61	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0`
2	`Python-urllib/3.10`
1	`curl/8.1.2`
1	`python-requests/2.28.1`
3	`python-requests/2.31.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`%\xeey\x8c\x19\xf6\x1er`\x10\x04\xb0\x86?`
1		`'\x136W\\\xba\xd2M`\x10\x04\xb0\xc4\x1f`
1		`MGLNDD_18.179.20.5_80\n`
1		`\x03`
2		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x01\xc0\x01`
1		`\x16\x03\x01\x01\xfa\x01`
11		`\x16\x03\x01`
1		`\xa0\xd1\xab\xc7\xfb\x7f\x98\xde`\x10\x04\xb0\xad\x8c`
1		`\xb0\xd3\xa4\x92\xe9\x91\xb4\x1a`\x10\x04\xb0\b\x8e`
1	GET	`/.DS_Store`	HTTP/1.1
1	GET	`/.aws/credentials`	HTTP/1.1
1	GET	`/.env.development`	HTTP/1.1
1	GET	`/.env.dist`	HTTP/1.1
1	GET	`/.env.old`	HTTP/1.1
1	GET	`/.env.prod`	HTTP/1.1
1	GET	`/.env.production`	HTTP/1.1
1	GET	`/.env.project`	HTTP/1.1
1	GET	`/.env.save`	HTTP/1.1
35	GET	`/.env`	HTTP/1.1
2	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/1.php`	HTTP/1.1
1	GET	`/Public/home/js/check.js`	HTTP/1.1
1	GET	`/admin-app/.env`	HTTP/1.1
1	GET	`/admin/.env`	HTTP/1.1
2	GET	`/api/.env`	HTTP/1.1
2	GET	`/app/.env`	HTTP/1.1
1	GET	`/app/config/.env`	HTTP/1.1
1	GET	`/application/.env`	HTTP/1.1
2	GET	`/apps/.env`	HTTP/1.1
1	GET	`/audio/.env`	HTTP/1.1
1	GET	`/back/.env`	HTTP/1.1
1	GET	`/backend/.env`	HTTP/1.1
1	GET	`/base/.env`	HTTP/1.1
1	GET	`/blog/.env`	HTTP/1.1
1	GET	`/bundle.js`	HTTP/1.1
1	GET	`/cgi-bin/.env`	HTTP/1.1
1	GET	`/cms/.env`	HTTP/1.1
1	GET	`/conf/.env`	HTTP/1.1
2	GET	`/core/.env`	HTTP/1.1
1	GET	`/crm/.env`	HTTP/1.1
1	GET	`/database/.env`	HTTP/1.1
1	GET	`/development/.env`	HTTP/1.1
2	GET	`/docker/.env`	HTTP/1.1
1	GET	`/ec2-18-179-20-5.ap-northeast-1.compute.amazonaws.com/.env`	HTTP/1.1
1	GET	`/enviroments/.env.production`	HTTP/1.1
1	GET	`/enviroments/.env`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/fedex/.env`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/form.html`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
2	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/library/.env`	HTTP/1.1
1	GET	`/live_env`	HTTP/1.1
2	GET	`/local/.env`	HTTP/1.1
1	GET	`/manager/html`	HTTP/1.1
1	GET	`/new/.env`	HTTP/1.1
1	GET	`/newsite/.env`	HTTP/1.1
1	GET	`/old/.env`	HTTP/1.1
1	GET	`/password.php`	HTTP/1.1
1	GET	`/phpmyadmin/index.php`	HTTP/1.1
1	GET	`/phpmyadmin4.8.5/index.php`	HTTP/1.1
1	GET	`/pmd/index.php`	HTTP/1.1
1	GET	`/private/.env`	HTTP/1.1
1	GET	`/protected/.env`	HTTP/1.1
1	GET	`/public/.env`	HTTP/1.1
1	GET	`/rest/.env`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/script/.env`	HTTP/1.1
1	GET	`/shared/.env`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/sites/all/libraries/mailchimp/.env`	HTTP/1.1
1	GET	`/sources/.env`	HTTP/1.1
1	GET	`/src/.env`	HTTP/1.1
1	GET	`/static/admin/javascript/hetong.js`	HTTP/1.1
1	GET	`/storage/.env`	HTTP/1.1
1	GET	`/system/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/v3/time`	HTTP/1.1
1	GET	`/vendor/.env`	HTTP/1.1
1	GET	`/vendor/laravel/.env`	HTTP/1.1
2	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wp-admin/.env`	HTTP/1.1
1	GET	`/wp-content/.env`	HTTP/1.1
1	GET	`/www/.env`	HTTP/1.1
1	GET	`http[:]//www[.]ip138[.]com/`	HTTP/1.1
1	POST	`/boaform/admin/formLogin`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	8.137.106.178	Singapore
1	15.237.186.231	United States
20	18.171.137.172	United States
1	23.26.201.240	United States
2	35.177.66.0	United States
1	45.79.172.21	United States
10	54.36.115.221	France
2	54.37.79.75	France
2	78.153.140.175	Russia
2	78.153.140.177	Russia
1	83.97.73.245	Germany
1	89.190.156.61	United States
1	89.190.156.226	United States
1	91.92.245.180	Bulgaria
1	94.156.65.203	Bulgaria
7	95.214.235.169	Ukraine
19	107.151.182.54	United States
1	139.59.101.104	Singapore
6	152.32.169.36	Hong Kong
2	152.32.247.30	Hong Kong
1	154.27.68.195	United States
2	162.142.125.214	United States
2	167.94.138.33	United States
1	167.99.83.152	United States
1	172.105.128.11	United States
3	184.105.139.69	United States
1	185.161.248.148	United Kingdom
1	185.224.128.187	Netherlands
2	193.222.96.151	Bulgaria
1	194.165.16.72	Panama
1	198.46.171.20	United States
1	198.199.94.44	United States
1	198.199.119.127	United States
2	198.235.24.150	United States
2	205.210.31.81	United States
13	206.189.13.191	United States
1	216.218.206.68	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
36	`-`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.9 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Edg/109.0.1518.78`
18	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0`
1	`Mozilla/5.0 (Windows NT 7_1_1; Win64; x64) AppleWebKit/571.52 (KHTML, like Gecko) Chrome/92.0.1698 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 7_2_2; Win64; x64) AppleWebKit/595.51 (KHTML, like Gecko) Chrome/106.0.2109 Safari/537.36`
24	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/546.36 (KHTML, like Gecko) Chrome/67.0.523 Safari/537.36`
3	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
2	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`
1	`curl/8.1.2`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`MGLNDD_34.68.118.83_80\n`
2		`\x03`
2		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x01\xfb\x01`
21		`\x16\x03\x01`
1		`\x82\x1b\xd9\x1a\xc8\x06\xb6!`\x11\x04\xb0\xef\xc1`
1		`\|u6\xec\xc5\xe8\xef/`\x10\x04\xb0=q`
2		``
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
25	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`//wp-content/plugins/fix/up.php`	HTTP/1.1
1	GET	`/1.php`	HTTP/1.1
1	GET	`/Telerik.Web.UI.WebResource.axd?type=rau`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/`	HTTP/1.1
1	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/api/session/properties`	HTTP/1.1
1	GET	`/axis2-admin/`	HTTP/1.1
1	GET	`/axis2/`	HTTP/1.1
1	GET	`/axis2/axis2-admin/`	HTTP/1.1
1	GET	`/bundle.js`	HTTP/1.1
3	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
1	GET	`/cgi-bin/authLogin.cgi`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
1	GET	`/favicon-32x32.png`	HTTP/1.1
8	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/form.html`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
1	GET	`/index.jsp`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
2	GET	`/manager/html`	HTTP/1.1
1	GET	`/password.php`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/showLogin.cc`	HTTP/1.1
1	GET	`/sitecore/shell/sitecore.version.xml`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/solr/`	HTTP/1.1
1	GET	`/static/historypage.js`	HTTP/1.1
1	GET	`/sugar_version.json`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/uis/app/get/config`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/webfig/`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/non-existant-image.png`	HTTP/1.1
1	HEAD	`/icons/.%%32%65/.%%32%65/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/.%2e/%2e%2e/apache2/icons/sphere1.png`	HTTP/1.1
1	HEAD	`/icons/sphere1.png`	HTTP/1.1
3	POST	`/boaform/admin/formLogin`	HTTP/1.1
2	PRI	`*`	HTTP/2.0
1	t3	`12.1.2\n`

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
20	13.40.166.148	United States
20	18.171.172.171	United States
1	37.232.77.54	Georgia
8	38.242.222.177	United States
1	45.79.172.21	United States
1	45.79.181.223	United States
1	45.131.66.4	Germany
1	47.88.93.234	United States
1	47.251.11.3	United States
5	54.36.115.221	France
4	54.37.79.75	France
7	57.129.23.166	France
1	64.62.197.168	United States
1	64.62.197.177	United States
1	64.62.197.180	United States
1	66.45.237.154	United States
2	78.153.140.177	Russia
2	83.97.73.245	Germany
1	89.190.156.61	United States
8	95.214.235.169	Ukraine
1	117.184.26.242	China
1	138.68.185.171	United States
1	139.59.101.104	Singapore
1	141.98.7.186	Bulgaria
1	154.27.68.195	United States
2	162.142.125.213	United States
4	164.52.0.94	China
2	167.94.138.50	United States
2	167.94.138.125	United States
2	167.248.133.187	United States
1	172.105.128.11	United States
1	185.161.248.53	United Kingdom
1	185.224.128.187	Netherlands
1	192.241.205.67	United States
1	192.241.222.40	United States
1	192.241.226.34	United States
1	198.199.95.91	United States
2	198.235.24.24	United States
2	205.210.31.195	United States
1	216.218.206.67	United States

UserAgent一覧

件数	UserAgent
16	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
44	`-`
1	`Go-http-client/1.1`
2	`Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Mobile Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.9 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36`
25	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
4	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
4	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
2	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`(\xb6\xb3\xe1\xd4)\xdeo`\x04\x04\xb0\|\x1d`
2		`MGLNDD_132.145.66.34_80\n`
1		`\x03`
1		`\x07XR\xd0\"\x0e\xf5}`\x18\x04\xb0\xab/`
1		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x01\xfc\x01`
2		`\x16\x03\x01\x02`
28		`\x16\x03\x01`
1		`\xb0\xc9\xf8\xed\x88\x9a\x17o`\x18\x04\xb0\x98\xf0`
1		`\xf6D\xfa\xe00@\xe5R`\x10\x04\xb08m`
1	CONNECT	`google[.]com:443`	HTTP/1.1
2	GET	`/+CSCOE+/logon.html`	HTTP/1.1
25	GET	`/.env`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/Public/home/js/check.js`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
2	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/backup/`	HTTP/1.1
1	GET	`/blog/`	HTTP/1.1
2	GET	`/cdn-cgi/trace`	HTTP/1.1
2	GET	`/cgi-bin/login.cgi`	HTTP/1.1
9	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
2	GET	`/index.html`	HTTP/1.1
2	GET	`/login.jsp`	HTTP/1.1
2	GET	`/logon.htm`	HTTP/1.1
2	GET	`/manage/account/login`	HTTP/1.1
2	GET	`/manager/html`	HTTP/1.1
1	GET	`/new/`	HTTP/1.1
1	GET	`/old/`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/static/admin/javascript/hetong.js`	HTTP/1.1
1	GET	`/temp/`	HTTP/1.1
1	GET	`/test/`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wordpress/`	HTTP/1.1
1	GET	`/wp/`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.0
4	POST	`/boaform/admin/formLogin`	HTTP/1.1
4	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
20	3.9.14.50	United States
1	18.133.220.169	United States
2	31.220.88.155	Spain
19	35.177.59.204	United States
4	43.163.232.152	China
1	45.56.108.128	United States
1	45.79.181.223	United States
1	45.131.66.4	Germany
1	52.80.177.122	China
5	54.36.115.221	France
8	54.37.79.75	France
5	57.129.23.166	France
3	61.219.11.155	Taiwan
1	64.62.197.41	United States
5	64.225.17.123	United States
1	66.45.237.154	United States
1	66.240.205.34	United States
3	74.82.47.5	United States
2	78.153.140.175	Russia
2	78.153.140.177	Russia
2	83.97.73.245	Germany
1	89.190.156.61	United States
8	95.214.235.169	Ukraine
2	106.75.168.25	China
1	107.170.245.9	United States
2	124.225.157.249	China
2	159.223.38.219	United States
2	167.94.138.50	United States
2	167.94.145.54	United States
2	167.94.146.59	United States
2	167.248.133.122	United States
2	185.161.248.148	United Kingdom
1	185.180.143.138	Portugal
1	185.224.128.187	Netherlands
1	192.101.68.19	United States
1	192.241.210.20	United States
1	192.241.236.73	United States
2	198.235.24.5	United States
2	198.235.24.26	United States
2	198.235.24.52	United States

UserAgent一覧

件数	UserAgent
16	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
53	`-`
2	`Custom-AsyncHttpClient`
2	`Go-http-client/1.1`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 OPR/94.0.0.0 (Edition Yx GX)`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
5	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36`
28	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
3	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
4	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
1	`python-requests/2.28.1`
1	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`Gh0st\xad`
2		`MGLNDD_13.67.44.234_80`
2		`\x03`
2		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x01\x07\x01`
1		`\x16\x03\x01\x01\xc0\x01`
36		`\x16\x03\x01`
1		`\x96\x91l\xbe0A\xe7z`\x10\x04\xb0\xb8B`
1		`\xad\x9bx\xa8LJ\x82\xfa`\x18\x04\xb0\x02\xdd`
1		`\xd6\xfb\"\xe6\xdc4R\x80`\x11\x04\xb0RY`
1		`k\xa4\x85}\x10)\xb7\x95`\x10\x04\xb0J\xa9`
1	CONNECT	`google[.]com:443`	HTTP/1.1
2	GET	`/+CSCOE+/logon.html`	HTTP/1.1
30	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/Phpinfo/profiler`	HTTP/1.1
1	GET	`/Phpinfo`	HTTP/1.1
1	GET	`/Profiler`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/config.php`	HTTP/1.0
2	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
2	GET	`/cgi-bin/login.cgi`	HTTP/1.1
8	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
2	GET	`/index.html`	HTTP/1.1
2	GET	`/login.jsp`	HTTP/1.1
2	GET	`/logon.htm`	HTTP/1.1
2	GET	`/manage/account/login`	HTTP/1.1
1	GET	`/manager/html`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
3	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh`	HTTP/1.1
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
4	PRI	`*`	HTTP/2.0