cht電腦資訊網路
adm Find login register

企圖入侵的 中國 IP 123.57.16.76

eliu
1 企圖入侵的 中國 IP 123.57.16.76
Promote 0 Bookmark 02015-01-19quote  

早上看網站的 Apache access_log 發現有企圖入侵的 IP 123.57.16.76

用 whois 一看,這不就是馬云的「阿里云」嗎?如果是這樣你敢把 data 放在他們家嗎?

直接封鎖這個 IP block

 

inetnum: 123.56.0.0 - 123.57.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099

---

123.57.16.76 - - [19/Jan/2015:08:39:30 0800] "HEAD /beifen.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:31 0800] "HEAD /beifen.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:31 0800] "HEAD /beifen.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:31 0800] "HEAD /backup.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:32 0800] "HEAD /backup.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:32 0800] "HEAD /backup.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:33 0800] "HEAD /Runtime.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:33 0800] "HEAD /Runtime.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:34 0800] "HEAD /Runtime.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:34 0800] "HEAD /data.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:34 0800] "HEAD /data.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:35 0800] "HEAD /data.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:35 0800] "HEAD /inc.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
123.57.16.76 - - [19/Jan/2015:08:39:36 0800] "HEAD /inc.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"

edited: 1
eliu
2
Promote 0 Bookmark 02015-03-24quote  

阿里雲又企圖入侵。

121.40.163.63 - - [24/Mar/2015:22:00:17 0800] "HEAD /wwwhyperratecom.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
121.40.163.63 - - [24/Mar/2015:22:00:17 0800] "HEAD /wwwhyperratecom.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
121.40.163.63 - - [24/Mar/2015:22:00:17 0800] "HEAD /hyperrate.com.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
121.40.163.63 - - [24/Mar/2015:22:00:18 0800] "HEAD /hyperrate.com.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
121.40.163.63 - - [24/Mar/2015:22:00:18 0800] "HEAD /hyperrate.com.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
121.40.163.63 - - [24/Mar/2015:22:00:18 0800] "HEAD /hyperrate.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
121.40.163.63 - - [24/Mar/2015:22:00:18 0800] "HEAD /hyperrate.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
121.40.163.63 - - [24/Mar/2015:22:00:18 0800] "HEAD /hyperrate.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
121.40.163.63 - - [24/Mar/2015:22:00:18 0800] "HEAD /hyperratecom.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"

 

inetnum: 121.40.0.0 - 121.43.255.255

netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country: CN

edited: 1
eliu
3
Promote 0 Bookmark 02015-03-25quote  

阿里雲怎麼一直想入侵別人的網站?

 

120.24.86.165 - - [25/Mar/2015:14:02:23 0800] "HEAD /hyperratecom.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
120.24.86.165 - - [25/Mar/2015:14:02:23 0800] "HEAD /beifen.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
120.24.86.165 - - [25/Mar/2015:14:02:23 0800] "HEAD /beifen.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
120.24.86.165 - - [25/Mar/2015:14:02:23 0800] "HEAD /beifen.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
120.24.86.165 - - [25/Mar/2015:14:02:23 0800] "HEAD /backup.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
120.24.86.165 - - [25/Mar/2015:14:02:23 0800] "HEAD /backup.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
120.24.86.165 - - [25/Mar/2015:14:02:23 0800] "HEAD /backup.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
120.24.86.165 - - [25/Mar/2015:14:02:23 0800] "HEAD /Runtime.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
120.24.86.165 - - [25/Mar/2015:14:02:23 0800] "HEAD /Runtime.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"

 

inetnum: 120.24.0.0 - 120.27.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country: CN

eliu
4
Promote 0 Bookmark 02015-07-02quote  

阿里雲又想入侵了

115.29.221.204 - - [02/Jul/2015:08:21:45 0800] "HEAD /Runtime.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
115.29.221.204 - - [02/Jul/2015:08:21:46 0800] "HEAD /data.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
115.29.221.204 - - [02/Jul/2015:08:21:46 0800] "HEAD /data.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
115.29.221.204 - - [02/Jul/2015:08:21:46 0800] "HEAD /inc.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
115.29.221.204 - - [02/Jul/2015:08:21:46 0800] "HEAD /inc.tar.gz HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
115.29.221.204 - - [02/Jul/2015:08:21:46 0800] "HEAD /datas.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
115.29.221.204 - - [02/Jul/2015:08:21:46 0800] "HEAD /Runtime/Data/_bak.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"

 

$ whois 115.29.221.204
% Information related to '115.28.0.0 - 115.29.255.255'

inetnum: 115.28.0.0 - 115.29.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099

eliu
5
Promote 0 Bookmark 02015-09-26quote  

阿里雲又想入侵了

139.196.14.61 - - [26/Sep/2015:14:35:14 0800] "HEAD /web.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:14 0800] "HEAD /hyperrate.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:14 0800] "HEAD /www.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:14 0800] "HEAD /wwwroot.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:14 0800] "HEAD /1.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:14 0800] "HEAD /123.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:14 0800] "HEAD /hyperratecom.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:14 0800] "HEAD /hyperrate.com.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:15 0800] "HEAD /hyperrate.com.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:15 0800] "HEAD /hyperratecom.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:15 0800] "HEAD /beifen.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:15 0800] "HEAD /web.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:15 0800] "HEAD /wwwroot.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:15 0800] "HEAD /www.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:15 0800] "HEAD /hyperrate.zip HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:15 0800] "HEAD /www1.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:15 0800] "HEAD /web1.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
139.196.14.61 - - [26/Sep/2015:14:35:15 0800] "HEAD /webroot.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"

 

inetnum: 139.196.0.0 - 139.196.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country: CN

edited: 2
eliu
6
Promote 0 Bookmark 02015-10-26quote  

inetnum: 115.28.0.0 - 115.29.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099

115.29.246.40 - - [26/Oct/2015:10:41:38 0800] "HEAD /htdocs.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
115.29.246.40 - - [26/Oct/2015:10:41:38 0800] "HEAD /backup.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
115.29.246.40 - - [26/Oct/2015:10:41:38 0800] "HEAD /data.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
115.29.246.40 - - [26/Oct/2015:10:41:39 0800] "HEAD /Runtime.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
115.29.246.40 - - [26/Oct/2015:10:41:39 0800] "HEAD /inc/datas.rar HTTP/1.1" 404 139 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"

cht電腦資訊網路
adm Find login register
views:20662