ハニーポット(仮) 観測記録 2019/08/23分です。

特徴

Region：AP

ThinkPHPの脆弱性を狙うアクセス
phpMyAdminに対するスキャン行為
ZmEuに対するスキャン行為
を確認しました。

Region：US

ZmEuに対するスキャン行為
を確認しました。

Region：EU

HIKVISION監視カメラに対するスキャン行為
ZmEuに対するスキャン行為
110[.]249[.]212[.]46に関する不正通信
を確認しました。

他

アクセス数推移

AP：総アクセス数：70 (前日比：0)
US：総アクセス数：58 (前日比：-67)
EU：総アクセス数：16 (前日比：-11)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Region：AP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
4	106.39.78.4	China
4	124.251.44.162	China
4	124.251.44.18	China
3	129.213.64.91	United States
4	130.61.22.82	Germany
42	13.126.42.80	India
1	141.98.80.40	Panama
1	211.38.144.230	South Korea
5	27.155.87.45	China
1	58.17.148.116	China
1	66.249.64.36	United States

UserAgent一覧

件数	UserAgent
3	-
5	Go-http-client/1.1
1	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
1	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
1	Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
14	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
2	python-requests/2.22.0
1	User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.0.3705
42	ZmEu

リクエスト内容一覧

件数	Method	Request	Protocol
1	GET	/admincooptel/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/admin/phpmyadmin/scripts/setup.php	HTTP/1.1
1	GET	/admin/scripts/setup.php	HTTP/1.1
1	GET	/alt/sqladmin/scripts/setup.php	HTTP/1.1
1	GET	/configuracion/phpmyadmin/scripts/setup.php	HTTP/1.1
1	GET	/db/scripts/setup.php	HTTP/1.1
1	GET	/HNAP1/	HTTP/1.1
2	GET	/manager/html	HTTP/1.1
1	GET	/myadmin/scripts/setup.php	HTTP/1.1
1	GET	/MyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/mysqladmin/scripts/setup.php	HTTP/1.1
1	GET	/mysql/scripts/setup.php	HTTP/1.1
1	GET	/MySQL/scripts/setup.php	HTTP/1.1
1	GET	/php-admin/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.5.6/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.5.7/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.6.3/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.6.4/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.7.0/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.8.0.4/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.8.0/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.8.1/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.8.2/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin2/scripts/setup.php	HTTP/1.1
1	GET	/phpmyadmin.box25/scripts/setup.php	HTTP/1.1
1	GET	//phpmyadmin/scripts/setup.php	HTTP/1.1
1	GET	/php-my-admin/scripts/setup.php	HTTP/1.1
1	GET	/phpmy-admin/scripts/setup.php	HTTP/1.1
1	GET	/phpmyadmin/scripts/setup.php	HTTP/1.1
1	GET	/_phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/pHpMyAdMiN/scripts/setup.php	HTTP/1.1
1	GET	/phpmyadmin/scripts/setup.php/index.php	HTTP/1.1
1	GET	/phpmy/scripts/setup.php	HTTP/1.1
1	GET	/php/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/php/scripts/setup.php	HTTP/1.1
1	GET	/pma/scripts/setup.php	HTTP/1.1
1	GET	/PMA/scripts/setup.php	HTTP/1.1
1	GET	/pyaniste/mysqladmin/scripts/setup.php	HTTP/1.1
1	GET	/robots.txt	HTTP/1.1
2	GET	/script	HTTP/1.1
1	GET	/scripts/setup.php	HTTP/1.1
1	GET	/sqladmin/scripts/setup.php	HTTP/1.1
5	GET	/TP/index.php	HTTP/1.1
4	GET	/TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1	HTTP/1.1
5	GET	/TP/public/index.php	HTTP/1.1
1	GET	/w00tw00t.at.blackhats.romanian.anti-sec:)	HTTP/1.1
1	GET	/web/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/websql/scripts/setup.php	HTTP/1.1
5	POST	/TP/index.php?s=captcha	HTTP/1.1
1	\x03
2	\x16\x03\x01

Region:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	125.64.94.220	China
2	141.98.80.40	Panama
1	172.104.242.173	United States
1	185.244.173.247	Russia
1	193.169.254.11	Poland
1	211.38.144.230	South Korea
1	41.216.186.48	South Africa
6	46.246.45.86	Sweden
1	77.247.110.69	Netherlands
1	93.174.93.127	Netherlands
42	95.110.201.243	Italy

UserAgent一覧

件数	UserAgent
12	-
1	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
1	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
1	Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
1	python-requests/2.7.0 CPython/2.7.14 Windows/2012ServerR2
42	ZmEu

リクエスト内容一覧

件数	Method	Request	Protocol
1	-
1	GET	/admincooptel/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/admin/phpmyadmin/scripts/setup.php	HTTP/1.1
1	GET	/admin/scripts/setup.php	HTTP/1.1
1	GET	/alt/sqladmin/scripts/setup.php	HTTP/1.1
1	GET	/configuracion/phpmyadmin/scripts/setup.php	HTTP/1.1
1	GET	/db/scripts/setup.php	HTTP/1.1
1	GET	/HNAP1/	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
1	GET	/muieblackcat	HTTP/1.1
1	GET	//myadmin/scripts/setup.php	HTTP/1.1
1	GET	/myadmin/scripts/setup.php	HTTP/1.1
1	GET	//MyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/MyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/mysqladmin/scripts/setup.php	HTTP/1.1
1	GET	/mysql/scripts/setup.php	HTTP/1.1
1	GET	/MySQL/scripts/setup.php	HTTP/1.1
1	GET	/php-admin/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.5.6/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.5.7/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.6.3/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.6.4/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.7.0/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.8.0.4/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.8.0/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.8.1/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin-2.8.2/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin2/scripts/setup.php	HTTP/1.1
1	GET	/phpmyadmin.box25/scripts/setup.php	HTTP/1.1
2	GET	//phpmyadmin/scripts/setup.php	HTTP/1.1
1	GET	/php-my-admin/scripts/setup.php	HTTP/1.1
1	GET	/phpmy-admin/scripts/setup.php	HTTP/1.1
2	GET	/phpmyadmin/scripts/setup.php	HTTP/1.1
1	GET	/_phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	//phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/pHpMyAdMiN/scripts/setup.php	HTTP/1.1
1	GET	/phpmyadmin/scripts/setup.php/index.php	HTTP/1.1
1	GET	/phpmy/scripts/setup.php	HTTP/1.1
1	GET	/php/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/php/scripts/setup.php	HTTP/1.1
1	GET	//pma/scripts/setup.php	HTTP/1.1
1	GET	/pma/scripts/setup.php	HTTP/1.1
1	GET	/PMA/scripts/setup.php	HTTP/1.1
1	GET	/pyaniste/mysqladmin/scripts/setup.php	HTTP/1.1
1	GET	/scripts/setup.php	HTTP/1.1
1	GET	/sqladmin/scripts/setup.php	HTTP/1.1
1	GET	/w00tw00t.at.blackhats.romanian.anti-sec:)	HTTP/1.1
1	GET	/web/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/websql/scripts/setup.php	HTTP/1.1
1	HEAD	/	HTTP/1.1
1	HEAD	/robots.txt	HTTP/1.0
3	\x03
1	\x16\x03\x01

Region:EU

送信元IPアドレス一覧

件数	送信元IPアドレス	国
3	110.249.212.46	China
2	122.114.171.222	China
1	172.104.242.173	United States
1	41.216.186.48	South Africa
6	47.88.12.62	United States
1	77.247.110.69	Netherlands
1	89.248.174.219	Netherlands
1	89.248.174.39	Netherlands

UserAgent一覧

件数	UserAgent
14	-
1	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
1	python-requests/2.7.0 CPython/2.7.14 Windows/2012ServerR2

リクエスト内容一覧

件数	Method	Request	Protocol
3	-
3	GET	http://110[.]249[.]212[.]46/testget?q=23333&port=80	HTTP/1.1
6	GET	/ISAPI/System/Network/DDNS/capabilities	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
1	HEAD	/	HTTP/1.1
1	HEAD	/robots.txt	HTTP/1.0
1	\x03