城市(city): unknown
省份(region): unknown
国家(country): None
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.21.51.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55052
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.21.51.141. IN A
;; AUTHORITY SECTION:
. 572 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022000 1800 900 604800 86400
;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 20 20:35:32 CST 2022
;; MSG SIZE rcvd: 106Host 141.51.21.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 141.51.21.104.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 94.102.50.177 | attackbots | Sep 12 16:46:23 mc1 kernel: \[850145.429388\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=94.102.50.177 DST=159.69.205.51 LEN=52 TOS=0x02 PREC=0x00 TTL=120 ID=19550 DF PROTO=TCP SPT=53353 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Sep 12 16:46:26 mc1 kernel: \[850148.425178\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=94.102.50.177 DST=159.69.205.51 LEN=52 TOS=0x02 PREC=0x00 TTL=120 ID=19794 DF PROTO=TCP SPT=53353 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Sep 12 16:46:32 mc1 kernel: \[850154.424976\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=94.102.50.177 DST=159.69.205.51 LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=20362 DF PROTO=TCP SPT=53353 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0 ... |
2019-09-13 06:06:13 |
| 128.199.212.82 | attackbots | Sep 12 23:21:14 h2177944 sshd\[19544\]: Invalid user jenkins from 128.199.212.82 port 54341 Sep 12 23:21:14 h2177944 sshd\[19544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.212.82 Sep 12 23:21:17 h2177944 sshd\[19544\]: Failed password for invalid user jenkins from 128.199.212.82 port 54341 ssh2 Sep 12 23:27:51 h2177944 sshd\[19660\]: Invalid user admin1 from 128.199.212.82 port 56982 Sep 12 23:27:51 h2177944 sshd\[19660\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.212.82 ... |
2019-09-13 06:13:46 |
| 36.226.72.162 | attack | 23/tcp [2019-09-12]1pkt |
2019-09-13 06:02:01 |
| 178.62.214.85 | attack | Sep 13 00:27:16 markkoudstaal sshd[7597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.214.85 Sep 13 00:27:18 markkoudstaal sshd[7597]: Failed password for invalid user oracle from 178.62.214.85 port 45515 ssh2 Sep 13 00:31:42 markkoudstaal sshd[7978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.214.85 |
2019-09-13 06:35:43 |
| 185.216.140.240 | attackspam | 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x 2019-09-12 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=185.216.140.240 |
2019-09-13 06:24:12 |
| 157.230.123.136 | attackspambots | Sep 12 18:32:51 ny01 sshd[29057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.123.136 Sep 12 18:32:53 ny01 sshd[29057]: Failed password for invalid user 123 from 157.230.123.136 port 43996 ssh2 Sep 12 18:38:55 ny01 sshd[30134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.123.136 |
2019-09-13 06:43:08 |
| 103.23.100.87 | attackbots | Sep 12 16:46:05 mail sshd\[31911\]: Invalid user test from 103.23.100.87 Sep 12 16:46:05 mail sshd\[31911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.100.87 Sep 12 16:46:07 mail sshd\[31911\]: Failed password for invalid user test from 103.23.100.87 port 48186 ssh2 ... |
2019-09-13 06:25:41 |
| 82.118.22.87 | attackbots | Sep 12 16:32:13 mxgate1 postfix/postscreen[8177]: CONNECT from [82.118.22.87]:60178 to [176.31.12.44]:25 Sep 12 16:32:13 mxgate1 postfix/dnsblog[8178]: addr 82.118.22.87 listed by domain zen.spamhaus.org as 127.0.0.2 Sep 12 16:32:19 mxgate1 postfix/postscreen[8177]: DNSBL rank 2 for [82.118.22.87]:60178 Sep x@x Sep 12 16:32:19 mxgate1 postfix/postscreen[8177]: DISCONNECT [82.118.22.87]:60178 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=82.118.22.87 |
2019-09-13 05:58:39 |
| 182.71.209.203 | attack | www.geburtshaus-fulda.de 182.71.209.203 \[12/Sep/2019:16:46:42 +0200\] "POST /wp-login.php HTTP/1.1" 200 5785 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 182.71.209.203 \[12/Sep/2019:16:46:45 +0200\] "POST /wp-login.php HTTP/1.1" 200 5789 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-09-13 05:59:02 |
| 81.22.45.239 | attackbotsspam | Sep 12 22:40:21 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.239 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=6827 PROTO=TCP SPT=57325 DPT=16338 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-09-13 06:18:15 |
| 46.164.155.9 | attackbots | 2019-09-12T21:06:26.589144abusebot-7.cloudsearch.cf sshd\[24996\]: Invalid user 12345 from 46.164.155.9 port 44652 |
2019-09-13 06:09:16 |
| 106.38.62.126 | attackspambots | Sep 12 17:55:05 bouncer sshd\[9104\]: Invalid user adminadmin from 106.38.62.126 port 55696 Sep 12 17:55:05 bouncer sshd\[9104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.38.62.126 Sep 12 17:55:07 bouncer sshd\[9104\]: Failed password for invalid user adminadmin from 106.38.62.126 port 55696 ssh2 ... |
2019-09-13 06:23:19 |
| 89.248.172.175 | attackspambots | webserver:80 [12/Sep/2019] "GET /yealink/y000000000000.cfg HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" webserver:80 [12/Sep/2019] "GET /xml/y000000000000.cfg HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" webserver:80 [12/Sep/2019] "GET /voipprov/y000000000000.cfg HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" webserver:80 [12/Sep/2019] "GET /voip/y000000000000.cfg HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" webserver:80 [12/Sep/2019] "GET /pv/y000000000032.cfg HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" webserver:80 [11/Sep/2019] "HEAD / HTTP/1.1" 200 320 "-" "python-requests/2.7.0 CPython/2.7.14 Windows/2012ServerR2" |
2019-09-13 06:07:44 |
| 171.246.82.119 | attack | 23/tcp [2019-09-12]1pkt |
2019-09-13 06:08:48 |
| 106.75.64.239 | attackbots | Triggered by Fail2Ban at Vostok web server |
2019-09-13 06:39:57 |