ハニーポット(仮) 観測記録 2019/08/23分です。
特徴
Region:AP
ThinkPHPの脆弱性を狙うアクセス
phpMyAdminに対するスキャン行為
ZmEuに対するスキャン行為
を確認しました。
Region:US
ZmEuに対するスキャン行為
を確認しました。
Region:EU
HIKVISION監視カメラに対するスキャン行為
ZmEuに対するスキャン行為
110[.]249[.]212[.]46に関する不正通信
を確認しました。
他
アクセス数推移
AP:総アクセス数:70 (前日比:0)
US:総アクセス数:58 (前日比:-67)
EU:総アクセス数:16 (前日比:-11)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Region:AP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
4 | 106.39.78.4 | China |
4 | 124.251.44.162 | China |
4 | 124.251.44.18 | China |
3 | 129.213.64.91 | United States |
4 | 130.61.22.82 | Germany |
42 | 13.126.42.80 | India |
1 | 141.98.80.40 | Panama |
1 | 211.38.144.230 | South Korea |
5 | 27.155.87.45 | China |
1 | 58.17.148.116 | China |
1 | 66.249.64.36 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
3 | - |
5 | Go-http-client/1.1 |
1 | Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) |
1 | Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0) |
1 | Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1 |
14 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
2 | python-requests/2.22.0 |
1 | User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.0.3705 |
42 | ZmEu |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | GET | /admincooptel/phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /admin/phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /admin/scripts/setup.php | HTTP/1.1 |
1 | GET | /alt/sqladmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /configuracion/phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /db/scripts/setup.php | HTTP/1.1 |
1 | GET | /HNAP1/ | HTTP/1.1 |
2 | GET | /manager/html | HTTP/1.1 |
1 | GET | /myadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /MyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /mysqladmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /mysql/scripts/setup.php | HTTP/1.1 |
1 | GET | /MySQL/scripts/setup.php | HTTP/1.1 |
1 | GET | /php-admin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.5.6/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.5.7/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.6.3/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.6.4/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.7.0/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.8.0.4/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.8.0/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.8.1/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.8.2/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin2/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin.box25/scripts/setup.php | HTTP/1.1 |
1 | GET | //phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /php-my-admin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmy-admin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /_phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /pHpMyAdMiN/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin/scripts/setup.php/index.php | HTTP/1.1 |
1 | GET | /phpmy/scripts/setup.php | HTTP/1.1 |
1 | GET | /php/phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /php/scripts/setup.php | HTTP/1.1 |
1 | GET | /pma/scripts/setup.php | HTTP/1.1 |
1 | GET | /PMA/scripts/setup.php | HTTP/1.1 |
1 | GET | /pyaniste/mysqladmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /robots.txt | HTTP/1.1 |
2 | GET | /script | HTTP/1.1 |
1 | GET | /scripts/setup.php | HTTP/1.1 |
1 | GET | /sqladmin/scripts/setup.php | HTTP/1.1 |
5 | GET | /TP/index.php | HTTP/1.1 |
4 | GET | /TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1 | HTTP/1.1 |
5 | GET | /TP/public/index.php | HTTP/1.1 |
1 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
1 | GET | /web/phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /websql/scripts/setup.php | HTTP/1.1 |
5 | POST | /TP/index.php?s=captcha | HTTP/1.1 |
1 | \x03 | ||
2 | \x16\x03\x01 |
Region:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 125.64.94.220 | China |
2 | 141.98.80.40 | Panama |
1 | 172.104.242.173 | United States |
1 | 185.244.173.247 | Russia |
1 | 193.169.254.11 | Poland |
1 | 211.38.144.230 | South Korea |
1 | 41.216.186.48 | South Africa |
6 | 46.246.45.86 | Sweden |
1 | 77.247.110.69 | Netherlands |
1 | 93.174.93.127 | Netherlands |
42 | 95.110.201.243 | Italy |
UserAgent一覧
件数 | UserAgent |
---|---|
12 | - |
1 | Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0) |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0 |
1 | Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1 |
1 | python-requests/2.7.0 CPython/2.7.14 Windows/2012ServerR2 |
42 | ZmEu |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | GET | /admincooptel/phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /admin/phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /admin/scripts/setup.php | HTTP/1.1 |
1 | GET | /alt/sqladmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /configuracion/phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /db/scripts/setup.php | HTTP/1.1 |
1 | GET | /HNAP1/ | HTTP/1.1 |
1 | GET | /manager/html | HTTP/1.1 |
1 | GET | /muieblackcat | HTTP/1.1 |
1 | GET | //myadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /myadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | //MyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /MyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /mysqladmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /mysql/scripts/setup.php | HTTP/1.1 |
1 | GET | /MySQL/scripts/setup.php | HTTP/1.1 |
1 | GET | /php-admin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.5.6/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.5.7/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.6.3/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.6.4/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.7.0/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.8.0.4/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.8.0/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.8.1/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.8.2/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin2/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin.box25/scripts/setup.php | HTTP/1.1 |
2 | GET | //phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /php-my-admin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmy-admin/scripts/setup.php | HTTP/1.1 |
2 | GET | /phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /_phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | //phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /pHpMyAdMiN/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin/scripts/setup.php/index.php | HTTP/1.1 |
1 | GET | /phpmy/scripts/setup.php | HTTP/1.1 |
1 | GET | /php/phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /php/scripts/setup.php | HTTP/1.1 |
1 | GET | //pma/scripts/setup.php | HTTP/1.1 |
1 | GET | /pma/scripts/setup.php | HTTP/1.1 |
1 | GET | /PMA/scripts/setup.php | HTTP/1.1 |
1 | GET | /pyaniste/mysqladmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /scripts/setup.php | HTTP/1.1 |
1 | GET | /sqladmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
1 | GET | /web/phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /websql/scripts/setup.php | HTTP/1.1 |
1 | HEAD | / | HTTP/1.1 |
1 | HEAD | /robots.txt | HTTP/1.0 |
3 | \x03 | ||
1 | \x16\x03\x01 |
Region:EU
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
3 | 110.249.212.46 | China |
2 | 122.114.171.222 | China |
1 | 172.104.242.173 | United States |
1 | 41.216.186.48 | South Africa |
6 | 47.88.12.62 | United States |
1 | 77.247.110.69 | Netherlands |
1 | 89.248.174.219 | Netherlands |
1 | 89.248.174.39 | Netherlands |
UserAgent一覧
件数 | UserAgent |
---|---|
14 | - |
1 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
1 | python-requests/2.7.0 CPython/2.7.14 Windows/2012ServerR2 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
3 | - | ||
3 | GET | http://110[.]249[.]212[.]46/testget?q=23333&port=80 | HTTP/1.1 |
6 | GET | /ISAPI/System/Network/DDNS/capabilities | HTTP/1.1 |
1 | GET | /TP/public/index.php | HTTP/1.1 |
1 | HEAD | / | HTTP/1.1 |
1 | HEAD | /robots.txt | HTTP/1.0 |
1 | \x03 |