This is the IPaddress(37.59.164.208) calling a hacked script file on my server

5 pointsby ziggratover 12 years ago

37.59.164.208 - - [09/Nov/2012:00:31:55 -0600] "POST /scripts/wp-trackbacks9.php HTTP/1.1" 200 183 "-" "Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 When i traced it i found the location as France and its going to Google homepage when i run it in the address bar. I'm unable to understand this and need your help HN.

1 comment

dexcsover 12 years ago

It just a redirect to google:<p>< HTTP/1.1 200 OK < Server: nginx < Date: Fri, 09 Nov 2012 11:26:14 GMT < Content-Type: text/html < Connection: keep-alive < Content-Length: 97 < Last-Modified: Fri, 19 Oct 2012 14:01:40 GMT < Expires: Sat, 10 Nov 2012 11:26:14 GMT < Cache-Control: max-age=86400 < Cache-Control: private < Cache-Control: must-revalidate < Accept-Ranges: bytes < <html> <head> <meta http-equiv="refresh" content="0; url=<a href="http://www.google.com&#62" rel="nofollow">http://www.google.com&#62</a>; </head> </html>

评论 #4762382 未加载