城市(city): unknown
省份(region): unknown
国家(country): Japan
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.91.54.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59133
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;116.91.54.138. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021200 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 01:00:51 CST 2025
;; MSG SIZE rcvd: 106138.54.91.116.in-addr.arpa domain name pointer fp745b368a.ap.nuro.jp.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
138.54.91.116.in-addr.arpa name = fp745b368a.ap.nuro.jp.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 46.229.168.141 | attackbots | Looking for resource vulnerabilities |
2019-11-09 18:31:19 |
| 112.196.70.204 | attackspambots | Unauthorised access (Nov 9) SRC=112.196.70.204 LEN=40 TTL=51 ID=8603 TCP DPT=8080 WINDOW=2124 SYN Unauthorised access (Nov 8) SRC=112.196.70.204 LEN=40 TTL=51 ID=544 TCP DPT=8080 WINDOW=6751 SYN Unauthorised access (Nov 8) SRC=112.196.70.204 LEN=40 TTL=51 ID=36337 TCP DPT=8080 WINDOW=6751 SYN |
2019-11-09 18:36:11 |
| 36.233.206.220 | attack | Port 1433 Scan |
2019-11-09 18:08:25 |
| 185.175.93.104 | attack | ET DROP Dshield Block Listed Source group 1 - port: 3422 proto: TCP cat: Misc Attack |
2019-11-09 18:11:56 |
| 45.82.153.76 | attack | 2019-11-09T11:06:23.479457mail01 postfix/smtpd[23208]: warning: unknown[45.82.153.76]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-09T11:06:42.413563mail01 postfix/smtpd[7698]: warning: unknown[45.82.153.76]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-09T11:07:00.405807mail01 postfix/smtpd[23208]: warning: unknown[45.82.153.76]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2019-11-09 18:27:52 |
| 186.86.52.83 | attackspam | Nov 9 07:14:45 mxgate1 postfix/postscreen[27578]: CONNECT from [186.86.52.83]:8197 to [176.31.12.44]:25 Nov 9 07:14:45 mxgate1 postfix/dnsblog[27691]: addr 186.86.52.83 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 9 07:14:45 mxgate1 postfix/dnsblog[27583]: addr 186.86.52.83 listed by domain bl.spamcop.net as 127.0.0.2 Nov 9 07:14:45 mxgate1 postfix/dnsblog[27579]: addr 186.86.52.83 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 9 07:14:45 mxgate1 postfix/dnsblog[27582]: addr 186.86.52.83 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 9 07:14:45 mxgate1 postfix/dnsblog[27581]: addr 186.86.52.83 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 9 07:14:45 mxgate1 postfix/dnsblog[27581]: addr 186.86.52.83 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 9 07:14:51 mxgate1 postfix/postscreen[27578]: DNSBL rank 6 for [186.86.52.83]:8197 Nov x@x Nov 9 07:14:56 mxgate1 postfix/postscreen[27578]: HANGUP after 4.2 from [186.86.52.83]:8197 in te........ ------------------------------- |
2019-11-09 18:23:33 |
| 172.104.139.67 | attackbots | 09.11.2019 07:24:17 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter |
2019-11-09 18:34:55 |
| 14.247.144.244 | attackbots | Nov 9 07:17:36 mxgate1 postfix/postscreen[27578]: CONNECT from [14.247.144.244]:26854 to [176.31.12.44]:25 Nov 9 07:17:36 mxgate1 postfix/dnsblog[27583]: addr 14.247.144.244 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 9 07:17:36 mxgate1 postfix/dnsblog[27580]: addr 14.247.144.244 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 9 07:17:36 mxgate1 postfix/dnsblog[27580]: addr 14.247.144.244 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 9 07:17:36 mxgate1 postfix/dnsblog[27580]: addr 14.247.144.244 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 9 07:17:36 mxgate1 postfix/dnsblog[27691]: addr 14.247.144.244 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 9 07:17:42 mxgate1 postfix/postscreen[27578]: DNSBL rank 4 for [14.247.144.244]:26854 Nov x@x Nov 9 07:17:43 mxgate1 postfix/postscreen[27578]: HANGUP after 0.93 from [14.247.144.244]:26854 in tests after SMTP handshake Nov 9 07:17:43 mxgate1 postfix/postscreen[27578]: DISCONNECT [14.247.14........ ------------------------------- |
2019-11-09 18:38:12 |
| 173.201.196.97 | attack | Automatic report - XMLRPC Attack |
2019-11-09 18:22:04 |
| 14.44.93.201 | attack | Nov 9 07:14:19 mxgate1 postfix/postscreen[27578]: CONNECT from [14.44.93.201]:46221 to [176.31.12.44]:25 Nov 9 07:14:19 mxgate1 postfix/dnsblog[27581]: addr 14.44.93.201 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 9 07:14:19 mxgate1 postfix/dnsblog[27580]: addr 14.44.93.201 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 9 07:14:20 mxgate1 postfix/dnsblog[27579]: addr 14.44.93.201 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 9 07:14:20 mxgate1 postfix/dnsblog[27579]: addr 14.44.93.201 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 9 07:14:24 mxgate1 postfix/dnsblog[27582]: addr 14.44.93.201 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 9 07:14:25 mxgate1 postfix/postscreen[27578]: DNSBL rank 5 for [14.44.93.201]:46221 Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.44.93.201 |
2019-11-09 18:20:30 |
| 218.104.204.101 | attack | $f2bV_matches |
2019-11-09 18:13:53 |
| 188.146.101.9 | attack | Nov 9 07:14:37 mxgate1 postfix/postscreen[27578]: CONNECT from [188.146.101.9]:60166 to [176.31.12.44]:25 Nov 9 07:14:37 mxgate1 postfix/dnsblog[27583]: addr 188.146.101.9 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 9 07:14:37 mxgate1 postfix/dnsblog[27691]: addr 188.146.101.9 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 9 07:14:37 mxgate1 postfix/dnsblog[27691]: addr 188.146.101.9 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 9 07:14:37 mxgate1 postfix/dnsblog[27691]: addr 188.146.101.9 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 9 07:14:37 mxgate1 postfix/dnsblog[27580]: addr 188.146.101.9 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 9 07:14:37 mxgate1 postfix/dnsblog[27692]: addr 188.146.101.9 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 9 07:14:43 mxgate1 postfix/postscreen[27578]: DNSBL rank 5 for [188.146.101.9]:60166 Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=188.146.101.9 |
2019-11-09 18:22:54 |
| 52.226.19.247 | attackspam | RDP Bruteforce |
2019-11-09 18:15:45 |
| 45.125.65.48 | attack | \[2019-11-09 05:04:10\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-09T05:04:10.205-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="8235301148778878004",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.48/61370",ACLName="no_extension_match" \[2019-11-09 05:04:43\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-09T05:04:43.723-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="8571701148297661002",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.48/56086",ACLName="no_extension_match" \[2019-11-09 05:07:20\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-09T05:07:20.098-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="8897201148672520014",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.48/55646",ACLNam |
2019-11-09 18:34:00 |
| 115.159.237.89 | attackspam | Nov 9 08:53:53 meumeu sshd[2807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.237.89 Nov 9 08:53:55 meumeu sshd[2807]: Failed password for invalid user best from 115.159.237.89 port 57694 ssh2 Nov 9 08:58:52 meumeu sshd[3464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.237.89 ... |
2019-11-09 18:25:17 |