城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.151.254.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32147
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;119.151.254.106. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021301 1800 900 604800 86400
;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 14 09:58:59 CST 2025
;; MSG SIZE rcvd: 108
Host 106.254.151.119.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 106.254.151.119.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 177.133.39.9 | attack | Automatic report - Port Scan Attack |
2019-10-18 23:36:53 |
| 5.189.16.37 | attackspam | Oct 18 16:59:33 mc1 kernel: \[2697136.698230\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.16.37 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=27012 PROTO=TCP SPT=56208 DPT=14712 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 18 17:04:07 mc1 kernel: \[2697410.603549\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.16.37 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=38567 PROTO=TCP SPT=56208 DPT=1076 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 18 17:07:52 mc1 kernel: \[2697635.991938\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.16.37 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=10776 PROTO=TCP SPT=56208 DPT=1416 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-10-18 23:27:56 |
| 202.179.185.12 | attackbots | 202.179.185.12 - - [18/Oct/2019:07:38:42 -0400] "GET /?page=../../../../etc/passwd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0 HTTP/1.1" 200 16653 "https://exitdevice.com/?page=../../../../etc/passwd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ... |
2019-10-18 23:51:09 |
| 51.77.144.50 | attack | Invalid user avis from 51.77.144.50 port 48994 |
2019-10-18 23:53:40 |
| 200.100.56.79 | attackspambots | Unauthorised access (Oct 18) SRC=200.100.56.79 LEN=40 TOS=0x10 PREC=0x40 TTL=240 ID=32204 DF TCP DPT=8080 WINDOW=14600 SYN |
2019-10-18 23:44:44 |
| 179.218.192.123 | attackbots | port scan and connect, tcp 23 (telnet) |
2019-10-18 23:55:07 |
| 167.86.114.108 | attackspambots | 2019-10-18T12:06:25.192675shield sshd\[21808\]: Invalid user sudip from 167.86.114.108 port 58342 2019-10-18T12:06:25.197118shield sshd\[21808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi267007.contaboserver.net 2019-10-18T12:06:27.168471shield sshd\[21808\]: Failed password for invalid user sudip from 167.86.114.108 port 58342 ssh2 2019-10-18T12:10:23.723544shield sshd\[22971\]: Invalid user PASSWORD!23 from 167.86.114.108 port 40978 2019-10-18T12:10:23.728077shield sshd\[22971\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi267007.contaboserver.net |
2019-10-18 23:46:29 |
| 138.197.21.218 | attackspambots | $f2bV_matches |
2019-10-19 00:03:57 |
| 5.35.68.32 | attackspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.35.68.32/ RU - 1H : (157) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN31514 IP : 5.35.68.32 CIDR : 5.35.0.0/17 PREFIX COUNT : 14 UNIQUE IP COUNT : 139520 WYKRYTE ATAKI Z ASN31514 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-18 13:39:35 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-18 23:26:09 |
| 94.60.143.192 | attack | Oct 18 13:38:35 lnxmysql61 sshd[22958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.60.143.192 Oct 18 13:38:35 lnxmysql61 sshd[22960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.60.143.192 Oct 18 13:38:37 lnxmysql61 sshd[22958]: Failed password for invalid user pi from 94.60.143.192 port 44832 ssh2 |
2019-10-18 23:57:09 |
| 165.22.33.120 | attack | Wordpress attack |
2019-10-18 23:52:33 |
| 1.52.120.94 | attack | 1.52.120.94 - - [18/Oct/2019:07:39:23 -0400] "GET /?page=products&action=..%2f..%2fetc%2fpasswd%00&manufacturerID=61&productID=4701-RIM&linkID=16812 HTTP/1.1" 200 17420 "https://exitdevice.com/?page=products&action=..%2f..%2fetc%2fpasswd%00&manufacturerID=61&productID=4701-RIM&linkID=16812" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ... |
2019-10-18 23:31:43 |
| 94.176.141.57 | attackbots | (Oct 18) LEN=44 TTL=241 ID=13227 DF TCP DPT=23 WINDOW=14600 SYN (Oct 18) LEN=44 TTL=241 ID=13930 DF TCP DPT=23 WINDOW=14600 SYN (Oct 18) LEN=44 TTL=241 ID=9756 DF TCP DPT=23 WINDOW=14600 SYN (Oct 18) LEN=44 TTL=241 ID=44913 DF TCP DPT=23 WINDOW=14600 SYN (Oct 18) LEN=44 TTL=241 ID=25342 DF TCP DPT=23 WINDOW=14600 SYN (Oct 18) LEN=44 TTL=241 ID=50062 DF TCP DPT=23 WINDOW=14600 SYN (Oct 18) LEN=44 TTL=241 ID=35523 DF TCP DPT=23 WINDOW=14600 SYN (Oct 18) LEN=44 TTL=241 ID=35720 DF TCP DPT=23 WINDOW=14600 SYN (Oct 18) LEN=44 TTL=241 ID=35146 DF TCP DPT=23 WINDOW=14600 SYN (Oct 18) LEN=44 TTL=241 ID=10245 DF TCP DPT=23 WINDOW=14600 SYN (Oct 17) LEN=44 TTL=241 ID=41899 DF TCP DPT=23 WINDOW=14600 SYN (Oct 17) LEN=44 TTL=241 ID=16142 DF TCP DPT=23 WINDOW=14600 SYN (Oct 17) LEN=44 TTL=241 ID=65459 DF TCP DPT=23 WINDOW=14600 SYN (Oct 17) LEN=44 TTL=241 ID=24877 DF TCP DPT=23 WINDOW=14600 SYN (Oct 17) LEN=44 TTL=241 ID=53078 DF TCP DPT=23 WINDOW=14600 S... |
2019-10-18 23:56:00 |
| 92.151.64.207 | attack | ... |
2019-10-18 23:26:50 |
| 54.37.151.239 | attackspam | $f2bV_matches |
2019-10-19 00:07:12 |