ハニーポット(仮) 観測記録 2019/09/10分です。
特徴
Region:AP
HiSilicon DVR Devicesの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
phpMyAdminに対するスキャン行為
を確認しました。
Region:US
HiSilicon DVR Devicesの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
を確認しました。
Region:EU
AVTECH製品の脆弱性を狙うアクセス
HiSilicon DVR Devicesの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
を確認しました。
他
アクセス数推移
AP:総アクセス数:29 (前日比:-18)
US:総アクセス数:25 (前日比:-114)
EU:総アクセス数:33 (前日比:+18)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Region:AP
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 109.205.243.8 | Czechia |
| 1 | 113.173.110.238 | Vietnam |
| 1 | 119.23.237.161 | China |
| 2 | 123.21.31.133 | Vietnam |
| 1 | 130.211.254.102 | United States |
| 1 | 14.169.245.62 | Vietnam |
| 1 | 186.45.72.129 | Trinidad and Tobago |
| 1 | 213.159.208.176 | Russia |
| 1 | 217.151.71.225 | Russia |
| 2 | 219.138.105.186 | China |
| 4 | 220.180.238.9 | China |
| 1 | 66.249.73.197 | United States |
| 2 | 80.77.34.111 | Ukraine |
| 4 | 82.221.105.7 | Iceland |
| 1 | 88.247.23.81 | Turkey |
| 4 | 89.248.174.219 | Seychelles |
| 1 | 94.20.65.10 | Azerbaijan |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 19 | - |
| 1 | Go-http-client/1.1 |
| 1 | Mozilla/5.0 |
| 1 | Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) |
| 2 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
| 3 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
| 1 | python-requests/2.10.0 |
| 1 | python-requests/2.22.0 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | GET | aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa | HTTP/1.1 |
| 1 | GET | /console | HTTP/1.1 |
| 1 | GET | ../../etc/passwd | HTTP/1.1 |
| 1 | GET | /favicon.ico | HTTP/1.1 |
| 1 | GET | /lang_pack/EN.js | HTTP/1.1 |
| 10 | GET | ../../mnt/custom/ProductDefinition | HTTP |
| 1 | GET | ../../mnt/custom/ProductDefinition | HTTP/1.1 |
| 2 | GET | /phpmyadmin/ | HTTP/1.1 |
| 2 | GET | /robots.txt | HTTP/1.1 |
| 1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/¤tsetting.htm=1 | HTTP/1.1 |
| 1 | GET | /sitemap.xml | HTTP/1.1 |
| 1 | GET | /TP/index.php | HTTP/1.1 |
| 1 | GET | /TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
| 1 | GET | /TP/public/index.php | HTTP/1.1 |
| 1 | GET | /.well-known/security.txt | HTTP/1.1 |
| 2 | HEAD | /phpmyadmin/index.php | HTTP/1.1 |
| 1 | POST | /TP/index.php?s=captcha | HTTP/1.1 |
Region:US
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 123.20.174.134 | Vietnam |
| 1 | 14.187.46.123 | Vietnam |
| 1 | 172.104.242.173 | United States |
| 1 | 176.56.126.119 | Spain |
| 10 | 180.153.184.9 | China |
| 5 | 185.100.87.250 | Romania |
| 4 | 71.6.147.254 | United States |
| 2 | 89.248.174.219 | Seychelles |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 9 | - |
| 1 | Go-http-client/1.1 |
| 5 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36 |
| 9 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
| 1 | python-requests/2.10.0 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | - | ||
| 1 | GET | aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa | HTTP/1.1 |
| 1 | GET | /elrekt.php | HTTP/1.1 |
| 1 | GET | /evox/about | HTTP/1.1 |
| 1 | GET | /favicon.ico | HTTP/1.1 |
| 1 | GET | /HNAP1 | HTTP/1.1 |
| 1 | GET | /html/public/index.php | HTTP/1.1 |
| 1 | GET | /index.php | HTTP/1.1 |
| 1 | GET | /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
| 1 | GET | /lang_pack/EN.js | HTTP/1.1 |
| 3 | GET | ../../mnt/custom/ProductDefinition | HTTP |
| 1 | GET | /nmaplowercheck1568022544 | HTTP/1.1 |
| 1 | GET | /public/index.php | HTTP/1.1 |
| 1 | GET | /robots.txt | HTTP/1.1 |
| 1 | GET | /sitemap.xml | HTTP/1.1 |
| 1 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
| 1 | GET | /TP/html/public/index.php | HTTP/1.1 |
| 1 | GET | /TP/index.php | HTTP/1.1 |
| 1 | GET | /TP/public/index.php | HTTP/1.1 |
| 1 | GET | /.well-known/security.txt | HTTP/1.1 |
| 1 | HEAD | / | HTTP/1.1 |
| 1 | POST | /index.php?s=captcha | HTTP/1.1 |
| 1 | POST | /sdk | HTTP/1.1 |
Region:EU
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 7 | 116.252.2.224 | China |
| 10 | 170.106.5.12 | Singapore |
| 1 | 41.216.186.87 | South Africa |
| 1 | 45.136.108.26 | Russia |
| 10 | 51.83.234.53 | France |
| 1 | 51.9.222.111 | United Kingdom |
| 3 | 89.248.174.219 | Seychelles |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 12 | - |
| 2 | Go-http-client/1.1 |
| 18 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
| 1 | Python-urllib/2.7 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | GET | aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa | HTTP/1.1 |
| 1 | GET | /cgi-bin/nobody/Machine.cgi?action=get_capability | HTTP/1.1 |
| 1 | GET | /cgi-bin/user/Config.cgi?.cab&action=get&category=Account.* | HTTP/1.1 |
| 1 | GET | /current_config/passwd | HTTP/1.1 |
| 1 | GET | /currentsetting.htm | HTTP/1.1 |
| 1 | GET | /device_description.xml | HTTP/1.1 |
| 2 | GET | /elrekt.php | HTTP/1.1 |
| 1 | GET | ../../etc/passwd | HTTP/1.1 |
| 2 | GET | /html/public/index.php | HTTP/1.1 |
| 2 | GET | /index.php | HTTP/1.1 |
| 2 | GET | /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1 | HTTP/1.1 |
| 1 | GET | /login/login.html | HTTP/1.1 |
| 1 | GET | ../../mnt/custom/ProductDefinition | HTTP/1.1 |
| 2 | GET | /public/index.php | HTTP/1.1 |
| 1 | GET | /System/configurationFile?auth=YWRtaW46MTEK | HTTP/1.1 |
| 2 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
| 2 | GET | /TP/html/public/index.php | HTTP/1.1 |
| 2 | GET | /TP/index.php | HTTP/1.1 |
| 2 | GET | /TP/public/index.php | HTTP/1.1 |
| 1 | GET | /winbox.png | HTTP/1.1 |
| 2 | POST | /index.php?s=captcha | HTTP/1.1 |
| 2 | \x03 |
