Open f2ex opened 3 years ago
"http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)"
59.108.96.197 - - [14/Jun/2021:03:38:19 +0800] "POST //email/shell.php HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 211.93.67.4 - - [14/Jun/2021:04:19:12 +0800] "POST //editplus.asp HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 221.236.6.97 - - [14/Jun/2021:04:19:12 +0800] "POST //editplus.asp HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 118.244.66.224 - - [14/Jun/2021:04:50:26 +0800] "POST //dxyylc/md5.asp HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 125.254.179.251 - - [14/Jun/2021:04:50:26 +0800] "POST //dxyylc/md5.asp HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 61.29.241.137 - - [14/Jun/2021:05:24:26 +0800] "POST //dxyylc/1ndex.php HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 61.235.47.144 - - [14/Jun/2021:06:04:36 +0800] "POST //downl0ade/index.asp HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 61.186.172.227 - - [14/Jun/2021:06:04:36 +0800] "POST //downl0ade/index.asp HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 211.82.33.27 - - [14/Jun/2021:09:33:08 +0800] "POST //data/sz.php HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 211.143.80.153 - - [14/Jun/2021:12:00:06 +0800] "POST //data/cache/fuck.php.parse_search_.inc HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 210.52.16.242 - - [14/Jun/2021:16:05:44 +0800] "POST //css/ing/admin_login.php HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)" 220.193.101.48 - - [14/Jun/2021:19:58:43 +0800] "POST //convert/data/config.inc.php HTTP/1.1"301 162 "http://misc.yahoo.com.cn/""Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)"
It looks like a yahoo spider, but it does not follow the robots.txt rules and scans sensitive files every day. And these ips are all marked as malicious ips. Please check this, thanks.
Paste the full User-Agent String here
Is this for Addition / Removal?
Did the User-Agent request robots.txt first?
Post Log Excerpt to show User-Agent behavior (10-20 lines is enough)
Additional information
It looks like a yahoo spider, but it does not follow the robots.txt rules and scans sensitive files every day. And these ips are all marked as malicious ips. Please check this, thanks.