城市(city): unknown
省份(region): unknown
国家(country): Norway
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.242.126.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50872
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;129.242.126.10. IN A
;; AUTHORITY SECTION:
. 39 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400
;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:02:53 CST 2022
;; MSG SIZE rcvd: 107
10.126.242.129.in-addr.arpa domain name pointer uit.no.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
10.126.242.129.in-addr.arpa name = uit.no.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 63.82.54.132 | attack | Aug 6 07:09:58 online-web-1 postfix/smtpd[257749]: connect from circa.huzeshoes.com[63.82.54.132] Aug x@x Aug 6 07:10:04 online-web-1 postfix/smtpd[257749]: disconnect from circa.huzeshoes.com[63.82.54.132] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Aug 6 07:10:06 online-web-1 postfix/smtpd[253928]: connect from circa.huzeshoes.com[63.82.54.132] Aug x@x Aug 6 07:10:11 online-web-1 postfix/smtpd[253928]: disconnect from circa.huzeshoes.com[63.82.54.132] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Aug 6 07:13:06 online-web-1 postfix/smtpd[256525]: connect from circa.huzeshoes.com[63.82.54.132] Aug x@x Aug 6 07:13:12 online-web-1 postfix/smtpd[256525]: disconnect from circa.huzeshoes.com[63.82.54.132] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Aug 6 07:13:34 online-web-1 postfix/smtpd[253928]: connect from circa.huzeshoes.com[63.82.54.132] Aug x@x Aug 6 07:13:39 online-web-1 postfix/smtpd[253928]: disconnect from circa.hu........ ------------------------------- |
2020-08-06 13:27:52 |
| 123.31.43.40 | attackbots | CF RAY ID: 5be1c4082878c3a4 IP Class: noRecord URI: /wp-login.php |
2020-08-06 13:22:49 |
| 211.72.117.101 | attackspam | Aug 6 01:24:33 Tower sshd[39798]: Connection from 211.72.117.101 port 43660 on 192.168.10.220 port 22 rdomain "" Aug 6 01:24:34 Tower sshd[39798]: Failed password for root from 211.72.117.101 port 43660 ssh2 Aug 6 01:24:34 Tower sshd[39798]: Received disconnect from 211.72.117.101 port 43660:11: Bye Bye [preauth] Aug 6 01:24:34 Tower sshd[39798]: Disconnected from authenticating user root 211.72.117.101 port 43660 [preauth] |
2020-08-06 13:33:37 |
| 93.174.91.85 | attackbotsspam | Aug 6 07:21:13 serwer sshd\[16692\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.174.91.85 user=root Aug 6 07:21:15 serwer sshd\[16692\]: Failed password for root from 93.174.91.85 port 36484 ssh2 Aug 6 07:24:53 serwer sshd\[16987\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.174.91.85 user=root ... |
2020-08-06 13:42:00 |
| 117.193.79.162 | attack | Aug 6 06:24:42 ms-srv sshd[39736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.193.79.162 user=root Aug 6 06:24:45 ms-srv sshd[39736]: Failed password for invalid user root from 117.193.79.162 port 52854 ssh2 |
2020-08-06 13:52:54 |
| 110.49.70.249 | attackbotsspam | 2020-08-06 00:21:37.186283-0500 localhost sshd[46812]: Failed password for invalid user p@SSW0RD from 110.49.70.249 port 61128 ssh2 |
2020-08-06 13:26:25 |
| 180.191.188.60 | attackspambots | php WP PHPmyadamin ABUSE blocked for 12h |
2020-08-06 13:35:16 |
| 104.155.76.131 | attack | 104.155.76.131 - - [06/Aug/2020:07:24:58 +0200] "GET /wp-login.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.155.76.131 - - [06/Aug/2020:07:25:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6649 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.155.76.131 - - [06/Aug/2020:07:25:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-08-06 13:37:38 |
| 79.78.3.245 | attack | Automatic report - Banned IP Access |
2020-08-06 13:38:39 |
| 177.25.151.54 | attackbotsspam | Fail2Ban Ban Triggered |
2020-08-06 13:35:35 |
| 91.106.193.72 | attackspambots | Aug 5 19:37:16 php1 sshd\[28165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root Aug 5 19:37:18 php1 sshd\[28165\]: Failed password for root from 91.106.193.72 port 36474 ssh2 Aug 5 19:41:30 php1 sshd\[28771\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root Aug 5 19:41:32 php1 sshd\[28771\]: Failed password for root from 91.106.193.72 port 48196 ssh2 Aug 5 19:45:40 php1 sshd\[29110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root |
2020-08-06 13:48:24 |
| 176.123.10.71 | attackbots | Aug 6 07:44:31 debian-2gb-nbg1-2 kernel: \[18951128.442278\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=176.123.10.71 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=54240 DPT=8088 WINDOW=65535 RES=0x00 SYN URGP=0 |
2020-08-06 13:50:56 |
| 121.8.157.138 | attackspambots | Aug 6 05:18:01 vlre-nyc-1 sshd\[5800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.8.157.138 user=root Aug 6 05:18:04 vlre-nyc-1 sshd\[5800\]: Failed password for root from 121.8.157.138 port 12581 ssh2 Aug 6 05:22:56 vlre-nyc-1 sshd\[5939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.8.157.138 user=root Aug 6 05:22:58 vlre-nyc-1 sshd\[5939\]: Failed password for root from 121.8.157.138 port 12584 ssh2 Aug 6 05:24:49 vlre-nyc-1 sshd\[5986\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.8.157.138 user=root ... |
2020-08-06 13:40:25 |
| 167.99.157.37 | attack | *Port Scan* detected from 167.99.157.37 (US/United States/New Jersey/North Bergen/-). 4 hits in the last 45 seconds |
2020-08-06 13:26:52 |
| 27.68.30.253 | attackbots | Automatic report - Port Scan Attack |
2020-08-06 13:57:02 |