212.91.184.14 did a six second search for admin tools on my website today, from "muieblackcat" to "pma/scripts/setup.php" -- maybe some script kiddies determined to give their country a bad name? Nevertheless, since it seems they have been at it for some time (or so Google tells me): this ought to stop.
they think they can make smart bots.. think again. even a 5 year old can make a crawler
212.91.184.14 - - [30.okt..2011:23:44:17 +0100] "GET /muieblackcat HTTP/1.1" 404 1196 212.91.184.14 - - [30.okt..2011:23:44:18 +0100] "GET //scripts/setup.php HTTP/1.1" 404 1196 212.91.184.14 - - [30.okt..2011:23:44:18 +0100] "GET //db/scripts/setup.php HTTP/1.1" 404 1196 212.91.184.14 - - [30.okt..2011:23:44:18 +0100] "GET //dbadmin/scripts/setup.php HTTP/1.1" 404 1196 212.91.184.14 - - [30.okt..2011:23:44:18 +0100] "GET //myadmin/scripts/setup.php HTTP/1.1" 404 1196 212.91.184.14 - - [30.okt..2011:23:44:18 +0100] "GET //mysql/scripts/setup.php HTTP/1.1" 404 1196 212.91.184.14 - - [30.okt..2011:23:44:18 +0100] "GET //mysqladmin/scripts/setup.php HTTP/1.1" 404 1196 212.91.184.14 - - [30.okt..2011:23:44:18 +0100] "GET //phpadmin/scripts/setup.php HTTP/1.1" 404 1196 212.91.184.14 - - [30.okt..2011:23:44:18 +0100] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 403 1356 212.91.184.14 - - [30.okt..2011:23:44:19 +0100] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 403 1356 212.91.184.14 - - [30.okt..2011:23:44:19 +0100] "GET //phpmyadmin1/scripts/setup.php HTTP/1.1" 403 1356 212.91.184.14 - - [30.okt..2011:23:44:19 +0100] "GET //phpmyadmin2/scripts/setup.php HTTP/1.1" 403 1356 212.91.184.14 - - [30.okt..2011:23:44:19 +0100] "GET //pma/scripts/setup.php HTTP/1.1" 404 1196
Please help us keep Internet safer and cleaner by leaving a descriptive comment about 212.91.184.14 IP address
- Hacked Gmail accounts
- WordPress Hacking Attempts
- SSH Hacking Attempts
- Why Can't I See The Exact Address?
DNSBL* - is a list of IP addresses published through the Internet Domain Name Service (DNS) either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists.
WHOIS** - is a query/response protocol that is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system number. WHOIS lookups were traditionally performed with a command line interface application, and network administrators predominantly still use this method, but many simplified web-based tools exist. WHOIS services are typically communicated using the Transmission Control Protocol (TCP). Servers listen to requests on the well-known port number 43.
** Approximate Geographic Location - This is NOT the exact geographical location of the person/organization with the given IP address. However, this should still give you a good idea about the area/region where this person/orgranization is located.