城市(city): unknown
省份(region): unknown
国家(country): Thailand
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 101.109.55.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30446
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;101.109.55.194. IN A
;; AUTHORITY SECTION:
. 599 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400
;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 22:25:20 CST 2022
;; MSG SIZE rcvd: 107194.55.109.101.in-addr.arpa domain name pointer node-b0i.pool-101-109.dynamic.totinternet.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
194.55.109.101.in-addr.arpa name = node-b0i.pool-101-109.dynamic.totinternet.net.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 202.62.39.6 | attack | 自动注册检测 202.62.39.6 - - [14/Apr/2019:19:12:43 +0800] "GET /?q=user/register HTTP/1.1" 200 3267 "https://ipinfo.asytech.cn/?q=node/add" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.101 Safari/537.36 QQBrowser/4.3.4986.400" |
2019-04-14 19:40:11 |
| 112.196.153.197 | botsattack | 112.196.153.197 - - [19/Apr/2019:11:51:46 +0800] "GET /wp-login.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" 112.196.153.197 - - [19/Apr/2019:11:51:47 +0800] "GET /wp-login.php HTTP/1.1" 404 232 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" 112.196.153.197 - - [19/Apr/2019:11:51:48 +0800] "GET / HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" 112.196.153.197 - - [19/Apr/2019:11:51:48 +0800] "GET / HTTP/1.1" 200 10284 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" |
2019-04-19 11:53:19 |
| 68.183.123.123 | attack | 68.183.123.123 - - [15/Apr/2019:09:53:42 +0800] "GET /sql/myadmin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 68.183.123.123 - - [15/Apr/2019:09:53:43 +0800] "GET /sql/webadmin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 68.183.123.123 - - [15/Apr/2019:09:53:43 +0800] "GET /sql/sqlweb/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 68.183.123.123 - - [15/Apr/2019:09:53:44 +0800] "GET /sql/websql/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 68.183.123.123 - - [15/Apr/2019:09:53:44 +0800] "GET /sql/webdb/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" |
2019-04-15 10:18:04 |
| 205.205.150.9 | bots | 205.205.150.9 - - [17/Apr/2019:06:19:22 +0800] "GET / HTTP/1.1" 200 212220 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)" |
2019-04-17 08:05:47 |
| 82.221.105.7 | bots | 82.221.105.7 - - [19/Apr/2019:14:31:43 +0800] "GET / HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36" 82.221.105.7 - - [19/Apr/2019:14:31:44 +0800] "GET /robots.txt HTTP/1.1" 301 194 "-" "-" 82.221.105.7 - - [19/Apr/2019:14:31:45 +0800] "GET /sitemap.xml HTTP/1.1" 301 194 "-" "-" 82.221.105.7 - - [19/Apr/2019:14:31:46 +0800] "GET /.well-known/security.txt HTTP/1.1" 301 194 "-" "-" 82.221.105.7 - - [19/Apr/2019:14:31:48 +0800] "GET /favicon.ico HTTP/1.1" 301 194 "-" "python-requests/2.10.0" |
2019-04-19 14:32:28 |
| 123.206.22.203 | attack | 123.206.22.203 - - [19/Apr/2019:14:04:26 +0800] "POST /webslee.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0" 123.206.22.203 - - [19/Apr/2019:14:04:26 +0800] "POST /q.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0" 123.206.22.203 - - [19/Apr/2019:14:04:26 +0800] "POST /pe.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0" 123.206.22.203 - - [19/Apr/2019:14:04:34 +0800] "POST /hm.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0" 123.206.22.203 - - [19/Apr/2019:14:04:42 +0800] "POST /cainiao.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0" 123.206.22.203 - - [19/Apr/2019:14:04:42 +0800] "POST /zuoshou.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0" 123.206.22.203 - - [19/Apr/2019:14:04:46 +0800] "POST /zuo.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0" 123.206.22.203 - - [19/Apr/2019:14:04:47 +0800] "POST /aotu.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0" |
2019-04-19 14:05:13 |
| 159.203.169.16 | bots | 端口扫描工具 159.203.169.16 - - [20/Apr/2019:04:41:30 +0800] "GET / HTTP/1.0" 200 24600 "-" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)" |
2019-04-20 05:08:16 |
| 192.243.53.51 | bots | 192.243.53.51 - - [17/Apr/2019:17:34:27 +0800] "GET / HTTP/1.1" 200 29611 "-" "SEMrushBot" |
2019-04-17 17:35:08 |
| 5.188.44.47 | spam | 5.188.44.47 - - [19/Apr/2019:13:11:26 +0800] "GET /index.php/2018/08/29/jack_ma_2018_08_29_en/ HTTP/1.1" 200 13881 "https://eznewstoday.com/index.php/2018/08/29/jack_ma_2018_08_29_en/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.88 Safari/537.36" 5.188.44.47 - - [19/Apr/2019:13:11:27 +0800] "GET /index.php/2018/08/29/jack_ma_2018_08_29_en/ HTTP/1.1" 200 13881 "https://eznewstoday.com/index.php/2018/08/29/jack_ma_2018_08_29_en/" "Opera/9.80 (Windows NT 6.2; Win64; x64) Presto/2.12.388 Version/12.17" 5.188.44.47 - - [19/Apr/2019:13:11:28 +0800] "GET /index.php/2018/08/29/jack_ma_2018_08_29_en/ HTTP/1.1" 200 13881 "https://eznewstoday.com/index.php/2018/08/29/jack_ma_2018_08_29_en/" "Opera/9.80 (Windows NT 6.2; Win64; x64) Presto/2.12.388 Version/12.17" |
2019-04-19 14:01:19 |
| 172.104.108.109 | bots | 172.104.108.109 - - [19/Apr/2019:09:14:51 +0800] "GET / HTTP/1.1" 301 194 "-" "Go-http-client/1.1" 172.104.108.109 - - [19/Apr/2019:09:14:52 +0800] "GET / HTTP/1.1" 200 3269 "http://118.25.52.138:80" "Go-http-client/1.1" |
2019-04-19 09:16:41 |
| 123.206.44.225 | attack | 123.206.44.225 - - [18/Apr/2019:22:22:21 +0800] "GET /web/phpMyAdmin/index.php HTTP/1.1" 404 518 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" 123.206.44.225 - - [18/Apr/2019:22:22:22 +0800] "GET /admin/pma/index.php HTTP/1.1" 404 513 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" 123.206.44.225 - - [18/Apr/2019:22:22:22 +0800] "GET /admin/PMA/index.php HTTP/1.1" 404 513 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" 123.206.44.225 - - [18/Apr/2019:22:22:23 +0800] "GET /admin/mysql/index.php HTTP/1.1" 404 515 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" 123.206.44.225 - - [18/Apr/2019:22:22:23 +0800] "GET /admin/mysql2/index.php HTTP/1.1" 404 516 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" |
2019-04-19 06:42:27 |
| 113.237.176.72 | attack | 113.237.176.72 - - [12/Apr/2019:13:28:32 +0800] "GET /mgw.htm?operationType=com.cars.otsmobile.queryLeftTicket&requestData=%5B%7B\\x22train_date\\x22%3A\\x2220181231\\x22%2C\\x22purpose_codes\\x22%3A\\x2200\\x22%2C\\x22from_station\\x22%3A\\x22BJP\\x22%2C\\x22to_station\\x22%3A\\x22SHH\\x22%2C\\x22station_train_code\\x22%3A\\x22\\x22%2C\\x22start_time_begin\\x22%3A\\x220000\\x22%2C\\x22start_time_end\\x22%3A\\x222400\\x22%2C\\x22train_headers\\x22%3A\\x22QB%23\\x22%2C\\x22train_flag\\x22%3A\\x22\\x22%2C\\x22seat_type\\x22%3A\\x220\\x22%2C\\x22seatBack_Type\\x22%3A\\x22\\x22%2C\\x22ticket_num\\x22%3A\\x22\\x22%2C\\x22dfpStr\\x22%3A\\x22\\x22%2C\\x22baseDTO\\x22%3A%7B\\x22check_code\\x22%3A\\x22d38a201f2de926ce0686aedfdcf2de68\\x22%2C\\x22device_no\\x22%3A\\x22WtaHBzID7ZQDADJh05y5LLpd\\x22%2C\\x22mobile_no\\x22%3A\\x22\\x22%2C\\x22os_type\\x22%3A\\x22a\\x22%2C\\x22time_str\\x22%3A\\x2220181030152947\\x22%2C\\x22version_no\\x22%3A\\x224.1.9\\x22%7D%7D%5D&ts=1540884587652&sign=37b8ebe6406579e4fb2ac8c9038eab37 HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" |
2019-04-12 13:29:24 |
| 58.251.121.185 | attack | 58.251.121.185 - - [15/Apr/2019:14:51:57 +0800] "GET /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang%3Den HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.185 - - [15/Apr/2019:14:51:57 +0800] "GET /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang%3Den HTTP/1.1" 404 209 "http://118.25.52.138/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang%3Den" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-15 14:52:24 |
| 14.17.21.58 | attack | 101.226.114.193 - - [17/Apr/2019:08:21:53 +0800] "GET /mx.php HTTP/1.1" 404 463 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.185 - - [17/Apr/2019:08:21:53 +0800] "GET /wcp.php HTTP/1.1" 404 464 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.21.58 - - [17/Apr/2019:08:21:53 +0800] "GET /1.php HTTP/1.1" 404 462 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.21.58 - - [17/Apr/2019:08:21:53 +0800] "GET /muhstik2.php HTTP/1.1" 404 469 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.65 - - [17/Apr/2019:08:21:53 +0800] "GET /lucky.php HTTP/1.1" 404 466 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.65 - - [17/Apr/2019:08:21:53 +0800] "GET /sheep.php HTTP/1.1" 404 466 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-17 08:22:36 |
| 61.160.195.187 | attack | 61.160.195.187 - - [21/Apr/2019:06:24:39 +0800] "GET /plus/recommend.php?action=&aid=1&_FILES%5Btype%5D%5Btmp_name%5D=%5C%27%20or%20mid=@%60%5C%27%60%20/*!50000union*//*!50000select*/1,2, 3,(select%20CONCAT(0x7c,userid,0x7c,pwd)+from+%60%23@__admin%60%20limit+0,1),5,6,7,8,9%23@%60%5C%27%60+&_FILES%5Btype%5D%5Bname%5D=1.jpg&_FILES%5Btype%5D%5Btype%5D=application/octet-strea m&_FILES%5Btype%5D%5Bsize%5D=4294 HTTP/1.1" 404 3409 "-" "-" 61.160.195.187 - - [21/Apr/2019:06:24:39 +0800] "GET /plus/recommend.php?aid=1&_FILES%5Btype%5D%5Bname%5D&_FILES%5Btype%5D%5Bsize%5D&_FILES%5Btype%5D%5Btype%5D&_FILES%5Btype%5D%5Btmp_name %5D=aa%5C'and+char(@%60'%60)+/*!50000Union*/+/*!50000SeLect*/+1,2,3,concat(0x3C6162633E,group_concat(0x7C,Host,0x7C,user,0x3a,password,0x7C),0x3C2F6162633E),5,6,7,8,9%20from%20mysql.%60us er%60%23 HTTP/1.1" 404 538 "-" "-" |
2019-04-21 06:55:34 |