城市(city): unknown
省份(region): unknown
国家(country): None
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.21.76.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38990
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.21.76.207. IN A
;; AUTHORITY SECTION:
. 373 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022000 1800 900 604800 86400
;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 20 20:50:02 CST 2022
;; MSG SIZE rcvd: 106Host 207.76.21.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 207.76.21.104.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 220.136.130.164 | attack | TCP port 445 (SMB) attempt blocked by firewall. [2019-05-25 01:11:10] |
2019-05-25 07:40:15 |
| 196.247.213.149 | botsattack | 196.247.213.149 - - [20/May/2019:21:04:16 +0800] "GET /check-ip/index.php?option=com_user&task=register HTTP/1.1" 200 9682 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" 196.247.213.149 - - [20/May/2019:21:04:20 +0800] "GET /check-ip/modules.php?name=Your_Account HTTP/1.1" 200 9686 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" 196.247.213.149 - - [20/May/2019:21:04:22 +0800] "GET /check-ip/member/ HTTP/1.1" 200 9676 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" 196.247.213.149 - - [20/May/2019:21:04:24 +0800] "GET /check-ip/index.php?act=dispMemberLoginForm HTTP/1.1" 200 9682 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" 196.247.213.149 - - [20/May/2019:21:04:28 +0800] "GET /check-ip/yabb.pl HTTP/1.1" 200 9678 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" 196.247.213.149 - - [20/May/2019:21:04:29 +0800] "GET /check-ip/YaBB.cgi HTTP/1.1" 200 9680 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" 196.247.213.149 - - [20/May/2019:21:04:33 +0800] "GET /check-ip/bbs.cgi HTTP/1.1" 200 9678 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" 196.247.213.149 - - [20/May/2019:21:04:37 +0800] "GET /check-ip/light.cgi HTTP/1.1" 200 9682 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" 196.247.213.149 - - [20/May/2019:21:04:39 +0800] "GET /check-ip/CGI/guestbook?page=1 HTTP/1.1" 404 232 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" |
2019-05-20 21:13:19 |
| 125.26.99.186 | spam | 垃圾推广 |
2019-05-13 09:27:42 |
| 205.185.114.87 | attack | Invalid user admin from 205.185.114.87 port 46312 |
2019-06-12 10:46:37 |
| 167.99.72.228 | attackproxy | 8080 |
2019-05-31 08:55:58 |
| 185.2.102.147 | bots | 185.2.102.147 - - [10/Jun/2019:18:24:52 +0800] "GET /aastra.cfg HTTP/1.0" 301 194 "-" "Wget/1.12 (linux-gnu)" 185.2.102.147 - - [10/Jun/2019:18:24:54 +0800] "GET / HTTP/1.0" 200 10435 "-" "Wget/1.12 (linux-gnu)" 185.2.102.147 - - [10/Jun/2019:18:25:29 +0800] "GET /000000000000.cfg HTTP/1.0" 301 194 "-" "Wget/1.12 (linux-gnu)" |
2019-06-10 18:26:04 |
| 209.0.146.74 | bots | 整个网段断断续续的流量 209.0.146.74 - - [21/May/2019:13:51:00 +0800] "GET /check-ip/199.67.217.85 HTTP/1.1" 200 9614 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.94 Safari/537.36" |
2019-05-21 14:03:05 |
| 207.180.222.104 | attack | Scanning (more than 2 packets) random ports - tries to find possible vulnerable services |
2019-05-25 07:30:41 |
| 185.175.208.208 | botsattack | 185.175.208.208 - - [30/May/2019:14:40:50 +0800] "GET /language/en-GB/en-GB.xml HTTP/2.0" 404 299 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" 185.175.208.208 - - [30/May/2019:14:40:51 +0800] "GET /misc/drupal.js HTTP/2.0" 404 299 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" 185.175.208.208 - - [30/May/2019:14:40:51 +0800] "GET /core/CHANGELOG.txt HTTP/2.0" 404 299 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" 185.175.208.208 - - [30/May/2019:14:40:51 +0800] "GET /CHANGELOG.txt HTTP/2.0" 404 299 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" 185.175.208.208 - - [30/May/2019:14:40:51 +0800] "GET /core/misc/drupal.js HTTP/2.0" 404 299 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" |
2019-05-30 14:47:48 |
| 129.204.239.125 | attack | 129.204.239.125 - - [24/May/2019:19:12:42 +0800] "GET /phpmyadmin HTTP/1.1" 301 194 "http://118.25.52.138/phpmyadmin" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" 129.204.239.125 - - [24/May/2019:19:12:42 +0800] "GET /phpmyadmin HTTP/1.1" 301 194 "http://118.25.52.138/phpmyadmin" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" |
2019-05-24 19:13:25 |
| 142.44.176.72 | bots | 142.44.176.72 - - [16/May/2019:15:23:15 +0800] "GET /check-ip/96.210.100.188 HTTP/1.1" 200 10022 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.4) Gecko/20100523 Firefox/3.6.4 ( .NET CLR 3.5.30729)" 142.44.176.72 - - [16/May/2019:15:23:33 +0800] "GET /check-ip/96.210.100.188 HTTP/1.1" 200 10371 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:2.0b11pre) Gecko/20110128 Firefox/4.0b11pre" 142.44.176.72 - - [16/May/2019:15:23:47 +0800] "GET /check-ip/96.210.100.188 HTTP/1.1" 200 10111 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/29.0" 142.44.176.72 - - [16/May/2019:15:23:58 +0800] "GET /check-ip/96.210.100.188 HTTP/1.1" 200 10460 "-" "Mozilla/5.0 (Windows NT 5.1; U; rv:5.0) Gecko/20100101 Firefox/5.0" |
2019-05-16 15:25:51 |
| 31.184.238.253 | spam | wordpress发布垃圾评论 |
2019-05-13 09:26:48 |
| 46.248.166.77 | bots | 46.248.166.77 - - [03/Jun/2019:08:12:33 +0800] "GET /check-ip/81.171.24.130 HTTP/1.1" 200 10579 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 46.248.166.77 - - [03/Jun/2019:08:12:34 +0800] "GET /check-ip/82.192.71.73 HTTP/1.1" 200 9321 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" |
2019-06-03 08:14:07 |
| 172.58.221.194 | attack | Google account has been hacked into. Recovery ip address comes up in Providence R.I.. Can you help me access my google account |
2019-06-12 01:31:18 |
| 119.131.210.74 | attack | 119.131.210.74 - - [29/May/2019:12:42:12 +0800] "GET /gs-guide-websocket/803/a8vbaovq/htmlfile?c=_jp.local HTTP/1.1" 301 194 "-" "-"
119.131.210.74 - - [29/May/2019:12:42:12 +0800] "GET /console/login/LoginForm.jsp HTTP/1.1" 301 194 "-" "-"
119.131.210.74 - - [29/May/2019:12:42:12 +0800] "POST /website/blog/ HTTP/1.1" 301 194 "-" "-"
119.131.210.74 - - [29/May/2019:12:42:13 +0800] "GET /core/install.php?rewrite=ok&langcode=en HTTP/1.1" 301 194 "-" "-"
119.131.210.74 - - [29/May/2019:12:42:13 +0800] "POST /RPC2 HTTP/1.1" 301 194 "-" "-"
119.131.210.74 - - [29/May/2019:12:42:13 +0800] "GET /users HTTP/1.1" 301 194 "-" "-"
119.131.210.74 - - [29/May/2019:12:42:13 +0800] "POST /flex2gateway/amf HTTP/1.1" 301 194 "-" "-"
119.131.210.74 - - [29/May/2019:12:42:13 +0800] "GET /?name={{1024*1023}} HTTP/1.1" 301 194 "-" "-"
119.131.210.74 - - [29/May/2019:12:42:13 +0800] "GET /ws_utc/resources/setting/options/general HTTP/1.1" 301 194 "-" "-" |
2019-05-29 13:16:54 |