2019-04-18のアクセス数は1514件でした。
■送信元IPアドレスの数は 282件です。
■メソッドの一覧と件数は以下です。
method | 総数 |
CONNECT | 2 |
GET | 767 |
OPTIONS | 4 |
POST | 741 |
合計 結果 | 1514 |
■アクセスパス一覧と件数は以下です。
path | method | 総数 |
/ | GET | 51 |
/ | OPTIONS | 4 |
//myadmin/scripts/setup.php | GET | 2 |
//phpmyadmin/scripts/setup.php | GET | 1 |
//pma/scripts/setup.php | GET | 1 |
/admin/scripts/setup.php | GET | 1 |
/administrator/index.php | GET | 1 |
/api/v1/overview/default?filterBy=&itemsPerPage=10& name=&page=1&sortBy=d,creationTimestamp | GET | 1 |
/blog//?author=1 | GET | 1 |
/blog//wp-json/wp/v2/users/ | GET | 1 |
/blog/wp-login.php | GET | 32 |
/blog/wp-login.php | POST | 31 |
/blog/xmlrpc.php | POST | 31 |
/cms//?author=1 | GET | 1 |
/cms//wp-json/wp/v2/users/ | GET | 1 |
/cms/wp-login.php | GET | 33 |
/cms/wp-login.php | POST | 30 |
/cms/xmlrpc.php | POST | 31 |
/dbadmin/scripts/setup.php | GET | 1 |
/HNAP1/ | GET | 2 |
/manager/html | GET | 281 |
/muieblackcat | GET | 1 |
/myadmin/scripts/setup.php | GET | 2 |
/mysql/scripts/setup.php | GET | 1 |
/mysqladmin/scripts/setup.php | GET | 1 |
/phpma/scripts/setup.php | GET | 1 |
/phpMyAdmin/scripts/setup.php | GET | 2 |
/pma/scripts/setup.php | GET | 2 |
/sqlweb/scripts/setup.php | GET | 1 |
/tmUnblock.cgi | POST | 1 |
/TP/public/index.php | GET | 5 |
/TP/public/index.php?s=captcha | POST | 4 |
/TP/public/index.php?s=index/\think\app/invokefunction &function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1 | GET | 4 |
/users?page=&size=5 | POST | 3 |
/w00tw00t.at.blackhats.romanian.anti-sec:) | GET | 1 |
/webdb/scripts/setup.php | GET | 1 |
/websql/scripts/setup.php | GET | 1 |
/wordpress//?author=1 | GET | 1 |
/wordpress//wp-json/wp/v2/users/ | GET | 1 |
/wordpress/wp-login.php | GET | 32 |
/wordpress/wp-login.php | POST | 30 |
/wordpress/xmlrpc.php | POST | 31 |
/wp-login.php | GET | 31 |
/wp-login.php | POST | 31 |
/wp//?author=1 | GET | 1 |
/wp//wp-json/wp/v2/users/ | GET | 1 |
/wp/wp-login.php | GET | 32 |
/wp/wp-login.php | POST | 31 |
/wp/xmlrpc.php | POST | 31 |
/wp1//?author=1 | GET | 1 |
/wp1//wp-json/wp/v2/users/ | GET | 1 |
/wp1/wp-login.php | GET | 31 |
/wp1/wp-login.php | POST | 29 |
/wp1/xmlrpc.php | POST | 29 |
/wp2//?author=1 | GET | 1 |
/wp2//wp-json/wp/v2/users/ | GET | 1 |
/wp2/wp-login.php | GET | 30 |
/wp2/wp-login.php | POST | 31 |
/wp2/xmlrpc.php | POST | 31 |
/wp3//?author=1 | GET | 1 |
/wp3//wp-json/wp/v2/users/ | GET | 1 |
/wp3/wp-login.php | GET | 31 |
/wp3/wp-login.php | POST | 30 |
/wp3/xmlrpc.php | POST | 31 |
/wp4//?author=1 | GET | 1 |
/wp4//wp-json/wp/v2/users/ | GET | 1 |
/wp4/wp-login.php | GET | 31 |
/wp4/wp-login.php | POST | 31 |
/wp4/xmlrpc.php | POST | 31 |
/wp5//?author=1 | GET | 1 |
/wp5//wp-json/wp/v2/users/ | GET | 1 |
/wp5/wp-login.php | GET | 32 |
/wp5/wp-login.php | POST | 31 |
/wp5/xmlrpc.php | POST | 31 |
/wp6//?author=1 | GET | 1 |
/wp6//wp-json/wp/v2/users/ | GET | 1 |
/wp6/wp-login.php | GET | 32 |
/wp6/wp-login.php | POST | 31 |
/wp6/xmlrpc.php | POST | 31 |
/wp8//?author=1 | GET | 1 |
/wp8/wp-login.php | GET | 30 |
/wp8/wp-login.php | POST | 29 |
/wp8/xmlrpc.php | POST | 29 |
/xmlrpc.php | POST | 31 |
http://110.249.212.46/testget?q=23333&port=80 | GET | 2 |
http://www.baidu.com/ | GET | 2 |
www.baidu.com:443 | CONNECT | 2 |
気になるlog
wordpress系の件数の多さにより、過去最高のデータ量です。
きれいにwp-login.phpの調査、wp-login.phpへのlogin試行、/xmlrpc.phpへのxmlのpostとなってます。
許可しないIPからの”〜/xmlrpc.php”はブロックしておくべきですね。
-=-=507件目のlog=-=-
[2019-04-18 13:33:27+0900] 79.127.127.253 ほげ:80 "GET /muieblackcat HTTP/1.1" 200 False GET /muieblackcat HTTP/1.1 Accept: / Accept-Language: en-us Accept-Encoding: gzip, deflate Host: ほげ Connection: Close
”muieblackcat”が気になって調べたけど、どうやら脆弱性スキャナーらしい。IPで絞るとどうやらphpmyadminのスキャナーのように見えます。
time | src_ip | path | 総数 |
13:33:27 | 79.127.127.253 | /muieblackcat | 1 |
13:33:35 | 79.127.127.253 | //phpmyadmin/scripts/setup.php | 1 |
13:33:36 | 79.127.127.253 | //myadmin/scripts/setup.php | 1 |
13:33:37 | 79.127.127.254 | //pma/scripts/setup.php | 1 |
13:33:37 | 79.127.127.253 | //myadmin/scripts/setup.php | 1 |