城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.21.8.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34631
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.21.8.231. IN A
;; AUTHORITY SECTION:
. 600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021701 1800 900 604800 86400
;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 03:00:04 CST 2022
;; MSG SIZE rcvd: 105Host 231.8.21.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 231.8.21.104.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 185.153.197.116 | attackspambots | Oct 17 17:19:15 h2177944 kernel: \[4201500.887528\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.153.197.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=40993 PROTO=TCP SPT=56604 DPT=82 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 17 17:21:08 h2177944 kernel: \[4201613.788546\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.153.197.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=35355 PROTO=TCP SPT=56604 DPT=3342 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 17 17:21:24 h2177944 kernel: \[4201629.618476\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.153.197.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=14601 PROTO=TCP SPT=56604 DPT=3371 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 17 17:30:19 h2177944 kernel: \[4202165.021503\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.153.197.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=8196 PROTO=TCP SPT=56604 DPT=3336 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 17 17:42:03 h2177944 kernel: \[4202868.802260\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.153.197.116 DST=85.21 |
2019-10-17 23:53:53 |
| 114.95.173.181 | attack | Port 1433 Scan |
2019-10-17 23:20:33 |
| 23.238.115.210 | attackspambots | Oct 17 16:35:23 root sshd[9733]: Failed password for root from 23.238.115.210 port 58414 ssh2 Oct 17 16:39:27 root sshd[9816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.238.115.210 Oct 17 16:39:29 root sshd[9816]: Failed password for invalid user action from 23.238.115.210 port 41448 ssh2 ... |
2019-10-17 23:32:06 |
| 46.101.226.14 | attack | Automatic report - Banned IP Access |
2019-10-17 23:43:28 |
| 106.12.91.102 | attackspam | Oct 17 17:56:42 hosting sshd[26798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.91.102 user=root Oct 17 17:56:44 hosting sshd[26798]: Failed password for root from 106.12.91.102 port 37624 ssh2 ... |
2019-10-17 23:18:18 |
| 114.39.118.65 | attackspambots | Fail2Ban Ban Triggered |
2019-10-17 23:41:40 |
| 82.141.237.225 | attackspambots | Oct 17 12:54:19 vtv3 sshd\[21035\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.141.237.225 user=root Oct 17 12:54:20 vtv3 sshd\[21035\]: Failed password for root from 82.141.237.225 port 28313 ssh2 Oct 17 12:59:15 vtv3 sshd\[23365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.141.237.225 user=root Oct 17 12:59:16 vtv3 sshd\[23365\]: Failed password for root from 82.141.237.225 port 56974 ssh2 Oct 17 13:03:39 vtv3 sshd\[25791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.141.237.225 user=root Oct 17 13:17:52 vtv3 sshd\[975\]: Invalid user do. from 82.141.237.225 port 21881 Oct 17 13:17:52 vtv3 sshd\[975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.141.237.225 Oct 17 13:17:54 vtv3 sshd\[975\]: Failed password for invalid user do. from 82.141.237.225 port 21881 ssh2 Oct 17 13:22:21 vtv3 sshd\[3527\]: pam_uni |
2019-10-17 23:27:17 |
| 47.91.105.138 | attackbotsspam | Oct 17 14:35:36 mc1 kernel: \[2602103.804097\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=47.91.105.138 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=11776 PROTO=TCP SPT=51319 DPT=14224 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 17 14:39:38 mc1 kernel: \[2602346.148509\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=47.91.105.138 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=32308 PROTO=TCP SPT=51319 DPT=14180 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 17 14:41:41 mc1 kernel: \[2602469.282013\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=47.91.105.138 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=29649 PROTO=TCP SPT=51319 DPT=22465 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-10-17 23:31:48 |
| 106.13.144.8 | attack | Sep 22 00:31:57 vtv3 sshd\[31104\]: Invalid user adm from 106.13.144.8 port 49960 Sep 22 00:31:57 vtv3 sshd\[31104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 Sep 22 00:32:00 vtv3 sshd\[31104\]: Failed password for invalid user adm from 106.13.144.8 port 49960 ssh2 Sep 22 00:35:33 vtv3 sshd\[795\]: Invalid user csf from 106.13.144.8 port 54866 Sep 22 00:35:33 vtv3 sshd\[795\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 Sep 22 00:46:23 vtv3 sshd\[6282\]: Invalid user hq from 106.13.144.8 port 41348 Sep 22 00:46:23 vtv3 sshd\[6282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 Sep 22 00:46:25 vtv3 sshd\[6282\]: Failed password for invalid user hq from 106.13.144.8 port 41348 ssh2 Sep 22 00:50:01 vtv3 sshd\[7857\]: Invalid user user03 from 106.13.144.8 port 46248 Sep 22 00:50:01 vtv3 sshd\[7857\]: pam_unix\(sshd:auth\): authenticat |
2019-10-17 23:48:39 |
| 221.3.101.235 | attackbotsspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/221.3.101.235/ CN - 1H : (599) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 221.3.101.235 CIDR : 221.3.0.0/17 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 WYKRYTE ATAKI Z ASN4837 : 1H - 7 3H - 29 6H - 61 12H - 126 24H - 217 DateTime : 2019-10-17 14:33:51 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-17 23:50:54 |
| 111.231.204.127 | attack | Oct 17 16:53:48 h2177944 sshd\[22618\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.204.127 user=root Oct 17 16:53:50 h2177944 sshd\[22618\]: Failed password for root from 111.231.204.127 port 38944 ssh2 Oct 17 16:59:36 h2177944 sshd\[22760\]: Invalid user first from 111.231.204.127 port 58808 Oct 17 16:59:36 h2177944 sshd\[22760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.204.127 ... |
2019-10-17 23:50:20 |
| 54.39.151.167 | attackspambots | 2019-10-17T15:05:08.943152abusebot.cloudsearch.cf sshd\[25230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.151.167 user=root |
2019-10-17 23:35:56 |
| 178.128.76.6 | attack | detected by Fail2Ban |
2019-10-17 23:39:33 |
| 79.137.34.248 | attackspambots | Oct 17 15:29:22 vps58358 sshd\[17006\]: Invalid user linux from 79.137.34.248Oct 17 15:29:24 vps58358 sshd\[17006\]: Failed password for invalid user linux from 79.137.34.248 port 35477 ssh2Oct 17 15:32:53 vps58358 sshd\[17024\]: Invalid user kumar from 79.137.34.248Oct 17 15:32:56 vps58358 sshd\[17024\]: Failed password for invalid user kumar from 79.137.34.248 port 55481 ssh2Oct 17 15:36:38 vps58358 sshd\[17072\]: Invalid user colnago from 79.137.34.248Oct 17 15:36:40 vps58358 sshd\[17072\]: Failed password for invalid user colnago from 79.137.34.248 port 47250 ssh2 ... |
2019-10-17 23:27:33 |
| 201.59.191.106 | attackbotsspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/201.59.191.106/ BR - 1H : (362) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN7738 IP : 201.59.191.106 CIDR : 201.59.128.0/18 PREFIX COUNT : 524 UNIQUE IP COUNT : 7709184 WYKRYTE ATAKI Z ASN7738 : 1H - 1 3H - 2 6H - 2 12H - 3 24H - 4 DateTime : 2019-10-17 13:40:40 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery |
2019-10-17 23:47:52 |