Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
No replies
SystemAdmin
SystemAdmin
2364 Posts
ACCEPTED ANSWER

Pinned topic tracking the unwanted hits on machine

‏2013-04-04T07:04:17Z |
How can i trace the IPs sending very regular,numerous and unwanted hits on our httpserver configured on RHEL machine?
logs instance:

142.4.127.86 - - 03/Apr/2013:07:14:38 -0400 "GET http://ads.yashi.com/293/ HTTP/1.0" 200 2440
142.4.127.86 - - 03/Apr/2013:07:14:34 -0400 "GET http://ads.yashi.com/293/ HTTP/1.0" 200 1967
118.183.248.28 - - 03/Apr/2013:07:14:50 -0400 "GET http://www.tarakc1.net/hit.php?s=ohoh666&type=2&c=0&j=1 HTTP/1.0" 200 2232
142.0.142.125 - - 03/Apr/2013:07:14:51 -0400 "GET http://tag.admeld.com/ad/json?publisher_id=424&site_id=2965&placement=64173&url=http%3A%2F%2Fwww.cosmeticscard.com&zip=27709&dma=560&size=300x250&floor_price=0.05&callback=window.adjuggler.rtb.admeld.callback_0 HTTP/1.0" 200 765
142.4.109.119 - - 03/Apr/2013:07:14:40 -0400 "GET http://ads.yashi.com/3103/ HTTP/1.0" 200 1967
198.200.33.195 - - 03/Apr/2013:07:14:14 -0400 "GET http://ib.adnxs.com/ttj?id=1240673&cb=${CACHEBUSTER}&pubclick=${CLICK_URL} HTTP/1.0" 200 -
142.4.127.178 - - 03/Apr/2013:07:14:40 -0400 "GET http://ads.yashi.com/944/ HTTP/1.0" 200 1967
142.4.127.181 - - 03/Apr/2013:07:14:36 -0400 "GET http://ads.yashi.com/944/ HTTP/1.0" 200 2440
24.206.11.47 - - 03/Apr/2013:07:14:23 -0400 "CONNECT api.steampowered.com:443 HTTP/1.1" 200 -
99-253-63-74.static.reverse.lstn.net - - 03/Apr/2013:07:14:51 -0400 "GET http://ads1.ministerial5.com/creative/2-002134540-00001i;size=1 HTTP/1.0" 200 185
198.71.87.59 - - 03/Apr/2013:07:14:41 -0400 "GET http://adprudence.rotator.hadj7.adjuggler.net/servlet/ajrotator/189896/0/vh?ajecscp=1364987664072&z=adprudence&dim=145922&kw=&click=&pv=1519670736655813 HTTP/1.0" 200 1624
23.19.107.237.rdns.ubiquity.io - - 03/Apr/2013:07:14:27 -0400 "GET http://ib.adnxs.com/ttj?id=1206414 HTTP/1.0" 200 -
198.200.33.195 - - 03/Apr/2013:07:14:22 -0400 "GET http://ib.adnxs.com/ttj?id=1240673&cb=${CACHEBUSTER}&pubclick=${CLICK_URL} HTTP/1.0" 200 -
198.200.50.27 - - 03/Apr/2013:07:14:39 -0400 "GET http://ads1.ministerial5.com/creative/2-002135025-00001j;size=1 HTTP/1.0" 200 169
198.204.242.228 - - 03/Apr/2013:07:14:12 -0400 "GET http://ib.adnxs.com/ttj?id=1120632&cb=${CACHEBUSTER}&pubclick=${CLICK_URL} HTTP/1.0" 200 -
198-136-31-115.static.gorillaservers.com - - 03/Apr/2013:07:14:52 -0400 "GET http://ads.yashi.com/929/ HTTP/1.0" 200 1967
oshas.socialprocess.net - - 03/Apr/2013:07:14:37 -0400 "GET http://ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&section=2821793&pub_url=${PUB_URL} HTTP/1.0" 200 4515