ハニーポット(仮) 観測記録 2019/09/12分です。

特徴

Region：AP

AVTECH製品の脆弱性を狙うアクセス
HiSilicon DVR Devicesの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
を確認しました。

Region：US

HiSilicon DVR Devicesの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
を確認しました。

Region：EU

特になし

他

アクセス数推移

AP：総アクセス数：37 (前日比：-14)
US：総アクセス数：18 (前日比：-107)
EU：総アクセス数：12 (前日比：-3)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Region：AP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	113.128.104.117	China
1	113.172.234.241	Vietnam
7	116.52.207.206	China
2	14.248.82.198	Vietnam
1	142.93.11.103	United States
1	153.164.42.106	Japan
2	167.99.143.169	United States
1	178.62.71.94	United Kingdom
4	221.13.17.29	China
1	35.188.77.30	United States
4	39.135.1.158	China
1	54.36.149.3	France
7	60.186.195.128	China
4	62.234.110.91	China

UserAgent一覧

件数	UserAgent
18	-
3	Go-http-client/1.1
1	Mozilla/5.01717655 Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.20 (KHTML, like Gecko) Chrome/11.0.672.2 Safari/534.20
1	Mozilla/5.0 (compatible; AhrefsBot/6.1; +http://ahrefs.com/robot/)
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
3	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0
2	Mozilla/5.0 zgrab/0.x

リクエスト内容一覧

件数	Method	Request	Protocol
2	GET	/cgi-bin/nobody/Machine.cgi?action=get_capability	HTTP/1.1
2	GET	/cgi-bin/user/Config.cgi?.cab&action=get&category=Account.*	HTTP/1.1
2	GET	/current_config/passwd	HTTP/1.1
2	GET	/currentsetting.htm	HTTP/1.1
2	GET	/device_description.xml	HTTP/1.1
2	GET	/login/login.html	HTTP/1.1
4	GET	../../mnt/custom/ProductDefinition	HTTP
1	GET	/robots.txt	HTTP/1.1
2	GET	/Temporary_Listen_Addresses/SMSSERVICE	HTTP/1.1
3	GET	/TP/index.php	HTTP/1.1
3	GET	/TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
3	GET	/TP/public/index.php	HTTP/1.1
2	GET	/winbox.png	HTTP/1.1
3	GET	/wp-login.php	HTTP/1.1
1	HEAD	/	HTTP/1.1
3	POST	/TP/index.php?s=captcha	HTTP/1.1

Region:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	14.233.172.140	Vietnam
1	167.99.143.169	United States
1	177.132.213.95	Brazil
1	185.235.244.251	Russia
1	202.137.134.122	Laos
10	78.187.43.64	Turkey
1	90.40.78.86	France
1	92.63.194.15	Russia
1	95.137.128.150	Georgia

UserAgent一覧

件数	UserAgent
6	-
1	Go-http-client/1.1
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
1	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.8) Gecko/20100223 Firefox/3.5.8 Lunascape/6.1.0.20940 ( .NET CLR 3.5.30729)
1	Mozilla/5.0 zgrab/0.x

リクエスト内容一覧

件数	Method	Request	Protocol
1	GET	/elrekt.php	HTTP/1.1
1	GET	/html/public/index.php	HTTP/1.1
1	GET	/index.php	HTTP/1.1
1	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/login.cgi	HTTP/1.1
5	GET	../../mnt/custom/ProductDefinition	HTTP
1	GET	/public/index.php	HTTP/1.1
1	GET	/Temporary_Listen_Addresses/SMSSERVICE	HTTP/1.1
1	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	/TP/html/public/index.php	HTTP/1.1
1	GET	/TP/index.php	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
1	POST	/index.php?s=captcha	HTTP/1.1
1	\x03

Region:EU

送信元IPアドレス一覧

件数	送信元IPアドレス	国
5	185.100.87.247	Romania
1	201.184.86.139	Colombia
4	89.248.167.131	Seychelles
1	92.119.160.95	Nederland
1	92.63.194.15	Russia

UserAgent一覧

件数	UserAgent
5	-
1	Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
5	Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
1	python-requests/2.10.0

リクエスト内容一覧

件数	Method	Request	Protocol
1	GET	/evox/about	HTTP/1.1
1	GET	/favicon.ico	HTTP/1.1
1	GET	/HNAP1	HTTP/1.1
1	GET	/HNAP1/	HTTP/1.1
1	GET	/nmaplowercheck1568162055	HTTP/1.1
1	GET	/robots.txt	HTTP/1.1
1	GET	/sitemap.xml	HTTP/1.1
1	GET	/.well-known/security.txt	HTTP/1.1
1	HEAD	/	HTTP/1.1
1	POST	/sdk	HTTP/1.1
2	\x03