城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.42.157.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32589
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;129.42.157.152. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021900 1800 900 604800 86400
;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 23:17:26 CST 2025
;; MSG SIZE rcvd: 107Host 152.157.42.129.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 152.157.42.129.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 45.95.168.164 | attack | Rude login attack (6 tries in 1d) |
2020-03-24 03:43:49 |
| 141.8.183.90 | attack | [Mon Mar 23 22:45:10.601907 2020] [:error] [pid 25293:tid 140519768332032] [client 141.8.183.90:39169] [client 141.8.183.90] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnjZhrdSec56q6n39A6CPwAAAqM"] ... |
2020-03-24 03:58:58 |
| 88.249.43.105 | attack | Unauthorized connection attempt from IP address 88.249.43.105 on Port 445(SMB) |
2020-03-24 03:51:50 |
| 49.89.255.86 | attack | Mar 23 16:22:40 garuda postfix/smtpd[38227]: warning: hostname 86.255.89.49.broad.sz.js.dynamic.163data.com.cn does not resolve to address 49.89.255.86: Name or service not known Mar 23 16:22:40 garuda postfix/smtpd[38227]: connect from unknown[49.89.255.86] Mar 23 16:22:42 garuda postfix/smtpd[38227]: warning: unknown[49.89.255.86]: SASL LOGIN authentication failed: generic failure Mar 23 16:22:42 garuda postfix/smtpd[38227]: lost connection after AUTH from unknown[49.89.255.86] Mar 23 16:22:42 garuda postfix/smtpd[38227]: disconnect from unknown[49.89.255.86] ehlo=1 auth=0/1 commands=1/2 Mar 23 16:23:06 garuda postfix/smtpd[38327]: warning: hostname 86.255.89.49.broad.sz.js.dynamic.163data.com.cn does not resolve to address 49.89.255.86: Name or service not known Mar 23 16:23:06 garuda postfix/smtpd[38327]: connect from unknown[49.89.255.86] Mar 23 16:23:08 garuda postfix/smtpd[38327]: warning: unknown[49.89.255.86]: SASL LOGIN authentication failed: generic failure M........ ------------------------------- |
2020-03-24 04:00:42 |
| 134.209.96.131 | attackspam | Mar 23 17:47:18 ArkNodeAT sshd\[15742\]: Invalid user ginger from 134.209.96.131 Mar 23 17:47:18 ArkNodeAT sshd\[15742\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.96.131 Mar 23 17:47:19 ArkNodeAT sshd\[15742\]: Failed password for invalid user ginger from 134.209.96.131 port 59958 ssh2 |
2020-03-24 03:30:12 |
| 190.217.168.132 | attack | Unauthorized connection attempt from IP address 190.217.168.132 on Port 445(SMB) |
2020-03-24 03:44:48 |
| 45.64.195.147 | attackbotsspam | Icarus honeypot on github |
2020-03-24 03:40:11 |
| 118.126.90.89 | attackbots | Mar 23 12:18:39 NPSTNNYC01T sshd[2963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.90.89 Mar 23 12:18:41 NPSTNNYC01T sshd[2963]: Failed password for invalid user bb from 118.126.90.89 port 58218 ssh2 Mar 23 12:25:20 NPSTNNYC01T sshd[4122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.90.89 ... |
2020-03-24 03:25:41 |
| 178.206.189.90 | attackbotsspam | Unauthorized connection attempt from IP address 178.206.189.90 on Port 445(SMB) |
2020-03-24 03:29:53 |
| 181.28.233.141 | attackbots | 2020-03-23T05:07:36.892907homeassistant sshd[7050]: Invalid user mysql from 181.28.233.141 port 47265 2020-03-23T05:07:36.900163homeassistant sshd[7050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.28.233.141 2020-03-23T05:07:38.876571homeassistant sshd[7050]: Failed password for invalid user mysql from 181.28.233.141 port 47265 ssh2 ... |
2020-03-24 03:38:53 |
| 222.120.14.166 | attack | 20/3/23@11:45:11: FAIL: IoT-Telnet address from=222.120.14.166 ... |
2020-03-24 03:57:13 |
| 27.115.15.8 | attack | 2020-03-23T17:08:33.739671 sshd[21444]: Invalid user info from 27.115.15.8 port 49806 2020-03-23T17:08:33.752838 sshd[21444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.115.15.8 2020-03-23T17:08:33.739671 sshd[21444]: Invalid user info from 27.115.15.8 port 49806 2020-03-23T17:08:35.608329 sshd[21444]: Failed password for invalid user info from 27.115.15.8 port 49806 ssh2 ... |
2020-03-24 03:44:14 |
| 85.97.188.76 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 23-03-2020 15:45:09. |
2020-03-24 03:59:44 |
| 180.76.162.111 | attackspambots | Mar 23 16:45:37 mail sshd[6067]: Invalid user ic from 180.76.162.111 ... |
2020-03-24 03:28:55 |
| 95.105.234.244 | attackbotsspam | Mar 23 16:36:11 vps46666688 sshd[19578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.105.234.244 Mar 23 16:36:13 vps46666688 sshd[19578]: Failed password for invalid user deutsche from 95.105.234.244 port 52764 ssh2 ... |
2020-03-24 03:36:15 |