城市(city): unknown
省份(region): unknown
国家(country): Indonesia
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.20.54.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29913
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;117.20.54.42. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022501 1800 900 604800 86400
;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 26 05:06:11 CST 2025
;; MSG SIZE rcvd: 105
42.54.20.117.in-addr.arpa domain name pointer 117-20-54-42.jogja.citra.net.id.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
42.54.20.117.in-addr.arpa name = 117-20-54-42.jogja.citra.net.id.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 167.71.219.1 | attackspam | Sep 3 23:13:25 mail sshd\[24652\]: Failed password for invalid user ivete from 167.71.219.1 port 48056 ssh2 Sep 3 23:31:29 mail sshd\[25188\]: Invalid user lilian from 167.71.219.1 port 56166 ... |
2019-09-04 07:36:55 |
| 95.58.194.141 | attack | $f2bV_matches |
2019-09-04 07:45:08 |
| 62.210.38.214 | attackspam | [TueSep0320:35:23.6934402019][:error][pid3992:tid47593438639872][client62.210.38.214:34508][client62.210.38.214]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\|WormlyBot\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"395"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(DisableifyouwanttoallowMSIE6\)"][severity"WARNING"][hostname"owc.li"][uri"/"][unique_id"XW6ya8jLWepjS-wgcHCnHAAAAFc"][TueSep0320:35:26.3813892019][:error][pid3992:tid47593428133632][client62.210.38.214:53934][client62.210.38.214]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\|WormlyBot\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"395"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(DisableifyouwanttoallowMSIE6\)"][ |
2019-09-04 07:46:54 |
| 159.65.159.178 | attack | Sep 4 01:17:16 legacy sshd[1231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.159.178 Sep 4 01:17:18 legacy sshd[1231]: Failed password for invalid user 123456 from 159.65.159.178 port 56676 ssh2 Sep 4 01:21:55 legacy sshd[1314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.159.178 ... |
2019-09-04 07:37:29 |
| 51.15.189.102 | attack | DirectAdmin Block |
2019-09-04 07:59:20 |
| 144.217.99.65 | attackspam | /wp-admin |
2019-09-04 08:05:19 |
| 91.1.220.72 | attackspambots | Sep 3 09:45:18 aiointranet sshd\[12674\]: Invalid user peuser from 91.1.220.72 Sep 3 09:45:18 aiointranet sshd\[12674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=p5b01dc48.dip0.t-ipconnect.de Sep 3 09:45:20 aiointranet sshd\[12674\]: Failed password for invalid user peuser from 91.1.220.72 port 43436 ssh2 Sep 3 09:49:58 aiointranet sshd\[13056\]: Invalid user ftpuser from 91.1.220.72 Sep 3 09:49:58 aiointranet sshd\[13056\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=p5b01dc48.dip0.t-ipconnect.de |
2019-09-04 07:46:03 |
| 23.129.64.150 | attackspambots | Sep 4 01:15:53 bouncer sshd\[25670\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.150 user=root Sep 4 01:15:54 bouncer sshd\[25670\]: Failed password for root from 23.129.64.150 port 28246 ssh2 Sep 4 01:15:57 bouncer sshd\[25670\]: Failed password for root from 23.129.64.150 port 28246 ssh2 ... |
2019-09-04 07:58:04 |
| 104.41.41.14 | attack | WordPress brute force |
2019-09-04 07:40:48 |
| 202.29.70.42 | attack | Sep 3 21:25:09 web8 sshd\[18137\]: Invalid user wu from 202.29.70.42 Sep 3 21:25:09 web8 sshd\[18137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.70.42 Sep 3 21:25:11 web8 sshd\[18137\]: Failed password for invalid user wu from 202.29.70.42 port 44630 ssh2 Sep 3 21:30:25 web8 sshd\[20710\]: Invalid user xmpp from 202.29.70.42 Sep 3 21:30:25 web8 sshd\[20710\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.70.42 |
2019-09-04 07:42:04 |
| 157.230.175.60 | attack | 2019-09-03T23:45:38.030358abusebot-3.cloudsearch.cf sshd\[8137\]: Invalid user service from 157.230.175.60 port 52584 |
2019-09-04 07:52:39 |
| 78.189.226.60 | attack | Caught in portsentry honeypot |
2019-09-04 07:55:35 |
| 150.223.9.220 | attackbots | SSH Brute-Forcing (ownc) |
2019-09-04 08:12:10 |
| 5.199.130.188 | attack | v+ssh-bruteforce |
2019-09-04 08:01:29 |
| 193.110.157.151 | attackbots | Sep 3 21:00:38 ws12vmsma01 sshd[60549]: Failed password for root from 193.110.157.151 port 57012 ssh2 Sep 3 21:00:38 ws12vmsma01 sshd[60549]: error: maximum authentication attempts exceeded for root from 193.110.157.151 port 57012 ssh2 [preauth] Sep 3 21:00:38 ws12vmsma01 sshd[60549]: Disconnecting: Too many authentication failures for root [preauth] ... |
2019-09-04 08:16:00 |