67.205.111.77 (5rreo.com) Date,Time,Method,URL,Query,HTTP,Status,Size,Referer,Keyword,Agent 2011/02/04,03:15:23,GET,"/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:24,GET,"/cart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:25,GET,"/zen-cart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:25,GET,"/zencart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:26,GET,"/zen/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:27,GET,"/butik/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:27,GET,"/shop/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:28,GET,"/butik/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:28,GET,"/zcart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:29,GET,"/catalog/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:29,GET,"/shop2/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:30,GET,"/boutique/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:31,GET,"/store/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 0021DNS未登録さん2011/02/12(土) 20:43:40ID:???http://members3.jcom.home.ne.jp/rising-sun/ こちらにURLを掲載されてから、スパマーが大挙して書き込みに来るようになりました。 それまで5hot/月くらいだったので、どうやって俺のサイトを見つけたのか不思議です。 0022DNS未登録さん2011/02/12(土) 21:16:37ID:??? 馬鹿サイトサーチャーに引っかかったんじゃねw あほかと 0023DNS未登録さん2011/02/12(土) 21:40:10ID:???>>21 馬鹿だろ?
i125-202-167-50.s10.a029.ap.plala.or.jp 0039DNS未登録さん2011/02/24(木) 21:58:15.25ID:??? 89.106.13.209 - - [24/Feb/2011:03:08:57 +0900] "GET //phpmyadmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:08:57 +0900] "GET //phpMyAdmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:08:58 +0900] "GET //admin/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:08:59 +0900] "GET //dbadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:08:59 +0900] "GET //myadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:00 +0900] "GET //mysql/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:01 +0900] "GET //mysqladmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:01 +0900] "GET //phpadmin/ HTTP/1.1" 403 211 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:02 +0900] "GET //pma/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:03 +0900] "GET //phpdb/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:03 +0900] "GET //db/ HTTP/1.1" 403 205 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:04 +0900] "GET //mysqladmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:05 +0900] "GET //SQL/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:05 +0900] "GET //padmin/ HTTP/1.1" 403 209 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:06 +0900] "GET //pmadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:07 +0900] "GET //webdb/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 既出かな? 0040DNS未登録さん2011/02/24(木) 22:11:25.93ID:??? 既出っていうか、もう手当たり次第って感じだな でも、うちには何週間か来てない 0041DNS未登録さん2011/02/25(金) 00:34:28.24ID:??? pma関係は来るときはドカッとくる 0042DNS未登録さん2011/02/26(土) 04:05:39.00ID:??? ::1 - - [25/Feb/2011:04:07:33 +0900] "OPTIONS * HTTP/1.0" 200 - "-" "Apache (internal dummy connection)" 手前は節穴か 0043DNS未登録さん2011/02/26(土) 04:09:43.91ID:??? 77.222.43.19 - - [25/Feb/2011:22:57:37 +0900] "GET //phpmyadmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 77.222.43.19 - - [25/Feb/2011:22:57:38 +0900] "GET //phpMyAdmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 77.222.43.19 - - [25/Feb/2011:22:57:38 +0900] "GET //MyAdmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 77.222.43.19 - - [25/Feb/2011:22:57:41 +0900] "GET //myadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 77.222.43.19 - - [25/Feb/2011:22:57:44 +0900] "GET //pma/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 77.222.43.19 - - [25/Feb/2011:22:57:45 +0900] "GET //mysql/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" mod_geoipで弾いてるから実害無いが また来てやがる 0044DNS未登録さん2011/02/26(土) 05:51:42.63ID:??? //っていうのがうざいよね。 馬鹿なのって思うわ。 0045DNS未登録さん2011/02/26(土) 13:30:12.86ID:??? いや、馬鹿なんでしょ。 0046DNS未登録さん2011/02/27(日) 16:08:26.13ID:??? 195.7.10.56 [26/Feb/2011:13:38:52 +0900] GET //phpMyAdmin/scripts/setup.php HTTP/1.1 404 226 195.7.10.56 [26/Feb/2011:13:38:52 +0900] GET //phpMyAdmin1/scripts/setup.php HTTP/1.1 404 227 195.7.10.56 [26/Feb/2011:13:38:53 +0900] GET //phpMyAdmin-2/scripts/setup.php HTTP/1.1 404 228 195.7.10.56 [26/Feb/2011:13:38:54 +0900] GET //phpadmin/scripts/setup.php HTTP/1.1 404 224 195.7.10.56 [26/Feb/2011:13:38:55 +0900] GET //phpmyadmin/scripts/setup.php HTTP/1.1 404 226 195.7.10.56 [26/Feb/2011:13:38:55 +0900] GET //phpmyadmin.old/scripts/setup.php HTTP/1.1 404 230 195.7.10.56 [26/Feb/2011:13:38:56 +0900] GET //old.phpmyadmin/scripts/setup.php HTTP/1.1 404 230 195.7.10.56 [26/Feb/2011:13:38:57 +0900] GET //phpmyadmin1/scripts/setup.php HTTP/1.1 404 227 195.7.10.56 [26/Feb/2011:13:38:58 +0900] GET //phpmyadmin-2/scripts/setup.php HTTP/1.1 404 228 195.7.10.56 [26/Feb/2011:13:38:58 +0900] GET //phpmyadmin1/scripts/setup.php HTTP/1.1 404 227 195.7.10.56 [26/Feb/2011:13:38:59 +0900] GET //phpmyadmin2/scripts/setup.php HTTP/1.1 404 227 195.7.10.56 [26/Feb/2011:13:39:00 +0900] GET //pma/scripts/setup.php HTTP/1.1 404 219 とか 46.4.50.141 [27/Feb/2011:03:17:47 +0900] GET //lists/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 219 46.4.50.141 [27/Feb/2011:03:17:47 +0900] GET //newsletter/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 224 46.4.50.141 [27/Feb/2011:03:17:48 +0900] GET //news/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 218 46.4.50.141 [27/Feb/2011:03:17:49 +0900] GET //phplist/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 221 46.4.50.141 [27/Feb/2011:03:17:49 +0900] GET //phpList/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 221 46.4.50.141 [27/Feb/2011:03:17:50 +0900] GET //admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 213 46.4.50.141 [27/Feb/2011:03:17:50 +0900] GET //phplist/lsts/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 226 46.4.50.141 [27/Feb/2011:03:17:51 +0900] GET //phplists/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 222 46.4.50.141 [27/Feb/2011:03:17:51 +0900] GET //list/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 212 のが 1日1回くらい記録されているかなぁ。
SSHDにもやってくる。 reverse mapping checking getaddrinfo for 122.3.134.131.pldt.net [122.3.134.131] failed - POSSIBLE BREAK-IN ATTEMPT! : 202 time(s) reverse mapping checking getaddrinfo for 178-162-164-39.local [178.162.164.39] failed - POSSIBLE BREAK-IN ATTEMPT! : 55 time(s) Address 64.235.57.228 maps to lasvegas-nv-datacenter.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s)