城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.249.21.81
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38897
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;13.249.21.81. IN A
;; AUTHORITY SECTION:
. 569 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400
;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:19:45 CST 2022
;; MSG SIZE rcvd: 105
81.21.249.13.in-addr.arpa domain name pointer server-13-249-21-81.iah50.r.cloudfront.net.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
81.21.249.13.in-addr.arpa name = server-13-249-21-81.iah50.r.cloudfront.net.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 147.135.179.98 | attack | Port scan on 2 port(s): 139 445 |
2019-10-31 01:10:23 |
| 202.45.147.125 | attackbots | Automatic report - Banned IP Access |
2019-10-31 01:14:39 |
| 104.248.199.34 | attack | Here more information about 104.248.199.34 info: [Netherlands] 14061 DighostnamealOcean, LLC Connected: 49 servere(s) Reason: ssh Ports: 23 Services: telnet servere: Europe/Moscow (UTC+3) Found at blocklist: abuseat.org, abuseIPDB.com myIP:89.179.244.250 [2019-10-28 07:11:48] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:13:53] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:14:17] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:14:32] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:19:28] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:20:27] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:20:30] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:21:10] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:21:30] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:22:21] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:22:27] (tcp) myIP:23 <- 104.248.199.34:55592 [2019-10-28 07:24:08] (tcp) myIP:23 <- 104.248.199.34:555........ --------------------------------- |
2019-10-31 01:10:59 |
| 128.199.154.60 | attackspam | Automatic report - Banned IP Access |
2019-10-31 01:01:51 |
| 91.121.67.107 | attackbotsspam | Oct 30 16:25:17 SilenceServices sshd[17407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.67.107 Oct 30 16:25:19 SilenceServices sshd[17407]: Failed password for invalid user owner from 91.121.67.107 port 44904 ssh2 Oct 30 16:29:26 SilenceServices sshd[20020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.67.107 |
2019-10-31 01:33:12 |
| 138.68.212.45 | attackbotsspam | 53169/tcp 49738/tcp 8118/tcp... [2019-08-31/10-30]49pkt,37pt.(tcp),3pt.(udp) |
2019-10-31 01:38:00 |
| 202.29.220.186 | attackbots | $f2bV_matches |
2019-10-31 01:08:41 |
| 187.162.51.63 | attackbots | Oct 29 13:18:59 hgb10502 sshd[15086]: User r.r from 187.162.51.63 not allowed because not listed in AllowUsers Oct 29 13:18:59 hgb10502 sshd[15086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.162.51.63 user=r.r Oct 29 13:19:01 hgb10502 sshd[15086]: Failed password for invalid user r.r from 187.162.51.63 port 33732 ssh2 Oct 29 13:19:01 hgb10502 sshd[15086]: Received disconnect from 187.162.51.63 port 33732:11: Bye Bye [preauth] Oct 29 13:19:01 hgb10502 sshd[15086]: Disconnected from 187.162.51.63 port 33732 [preauth] Oct 29 13:32:49 hgb10502 sshd[16191]: Invalid user test from 187.162.51.63 port 52243 Oct 29 13:32:51 hgb10502 sshd[16191]: Failed password for invalid user test from 187.162.51.63 port 52243 ssh2 Oct 29 13:32:51 hgb10502 sshd[16191]: Received disconnect from 187.162.51.63 port 52243:11: Bye Bye [preauth] Oct 29 13:32:51 hgb10502 sshd[16191]: Disconnected from 187.162.51.63 port 52243 [preauth] Oct 29 13:37:0........ ------------------------------- |
2019-10-31 01:17:54 |
| 118.126.88.207 | attackbotsspam | WordPress attack, tries to access /?xxnew2018_url2=x&xxnew2018_url1=x |
2019-10-31 01:06:44 |
| 5.188.154.116 | attackbots | RDPBruteVIL |
2019-10-31 01:06:18 |
| 106.12.202.181 | attackbotsspam | Invalid user temp from 106.12.202.181 port 46135 |
2019-10-31 01:39:02 |
| 45.136.110.47 | attackbots | Oct 30 15:32:53 h2177944 kernel: \[5321715.802565\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=37512 PROTO=TCP SPT=48368 DPT=7709 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 15:33:12 h2177944 kernel: \[5321734.927479\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=5322 PROTO=TCP SPT=48368 DPT=7137 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 15:42:51 h2177944 kernel: \[5322313.931056\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=41193 PROTO=TCP SPT=48368 DPT=8117 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 15:54:39 h2177944 kernel: \[5323021.898462\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=11402 PROTO=TCP SPT=48368 DPT=7225 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 16:16:15 h2177944 kernel: \[5324317.687129\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 |
2019-10-31 01:00:55 |
| 23.129.64.188 | attackbotsspam | Oct 30 18:20:52 vpn01 sshd[11748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.188 Oct 30 18:20:54 vpn01 sshd[11748]: Failed password for invalid user 22 from 23.129.64.188 port 39539 ssh2 ... |
2019-10-31 01:28:59 |
| 103.82.235.10 | attack | "POST /FCKeditor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F HTTP/1.1" 404 "POST /admin_aspcms/_system/AspCms_SiteSetting.asp HTTP/1.1" 404 "POST /plus/90sec.php HTTP/1.1" 404 "POST /utility/convert/index.php?a=config&source=d7.2_x2.0 HTTP/1.1" 404 "POST /utility/convert/data/config.inc.php HTTP/1.1" 404 "POST /uploads/dede/sys_verifies.php?action=down HTTP/1.1" 404 "POST /index.php/api/Uploadify/preview HTTP/1.1" 404 "POST /fdgq.php HTTP/1.1" 404 "POST /xbodk.php HTTP/1.1" 404 "POST /ysyqq.php HTTP/1.1" 404 |
2019-10-31 01:26:07 |
| 139.59.46.243 | attack | Oct 30 06:56:08 eddieflores sshd\[32533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.46.243 user=root Oct 30 06:56:10 eddieflores sshd\[32533\]: Failed password for root from 139.59.46.243 port 53218 ssh2 Oct 30 07:00:35 eddieflores sshd\[422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.46.243 user=root Oct 30 07:00:37 eddieflores sshd\[422\]: Failed password for root from 139.59.46.243 port 35958 ssh2 Oct 30 07:05:13 eddieflores sshd\[857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.46.243 user=root |
2019-10-31 01:18:51 |