城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 130.160.159.46
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7872
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;130.160.159.46. IN A
;; AUTHORITY SECTION:
. 524 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022011000 1800 900 604800 86400
;; Query time: 44 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 10 22:43:50 CST 2022
;; MSG SIZE rcvd: 10746.159.160.130.in-addr.arpa domain name pointer DHCP-159-046.resnet.ua.edu.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
46.159.160.130.in-addr.arpa name = DHCP-159-046.resnet.ua.edu.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 192.241.223.78 | attack | 143/tcp 4840/tcp 29095/tcp... [2020-06-27/08-28]9pkt,9pt.(tcp) |
2020-08-28 18:34:34 |
| 192.241.225.43 | attackbotsspam | TCP port : 8047 |
2020-08-28 18:38:04 |
| 157.230.245.91 | attackbotsspam | 2020-08-28T13:26:16.134281paragon sshd[582516]: Failed password for root from 157.230.245.91 port 49490 ssh2 2020-08-28T13:30:25.315429paragon sshd[582864]: Invalid user admin from 157.230.245.91 port 54246 2020-08-28T13:30:25.317880paragon sshd[582864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.245.91 2020-08-28T13:30:25.315429paragon sshd[582864]: Invalid user admin from 157.230.245.91 port 54246 2020-08-28T13:30:27.440821paragon sshd[582864]: Failed password for invalid user admin from 157.230.245.91 port 54246 ssh2 ... |
2020-08-28 18:19:30 |
| 117.50.11.192 | attackspam | 34964/udp 5093/udp 3702/udp... [2020-06-29/08-28]30pkt,9pt.(udp) |
2020-08-28 18:31:47 |
| 1.27.91.196 | attackbots | Port probing on unauthorized port 23 |
2020-08-28 18:28:51 |
| 212.47.233.253 | attack | Brute-force attempt banned |
2020-08-28 18:30:52 |
| 182.23.53.245 | attackbots | 445/tcp 445/tcp [2020-08-14/28]2pkt |
2020-08-28 18:56:11 |
| 114.35.60.74 | attackbotsspam | 23/tcp 23/tcp 23/tcp [2020-08-19/28]3pkt |
2020-08-28 18:58:05 |
| 192.241.227.101 | attack | 5093/udp 5006/tcp 993/tcp... [2020-06-29/08-27]16pkt,11pt.(tcp),3pt.(udp) |
2020-08-28 18:24:58 |
| 104.200.16.116 | attackbotsspam | 9200/tcp 9200/tcp 9200/tcp... [2020-07-04/08-28]6pkt,1pt.(tcp) |
2020-08-28 19:02:20 |
| 23.108.86.60 | attackspambots | Registration form abuse |
2020-08-28 18:24:28 |
| 34.223.226.168 | attack | IP 34.223.226.168 attacked honeypot on port: 80 at 8/27/2020 8:48:08 PM |
2020-08-28 18:38:47 |
| 188.190.221.122 | attackspam | [Fri Aug 28 10:47:53.714728 2020] [:error] [pid 31369:tid 139707023353600] [client 188.190.221.122:14184] [client 188.190.221.122] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "X0h@aVKDlRYC99MhbVJE@gAAAh0"] ... |
2020-08-28 19:03:00 |
| 221.122.119.50 | attackbotsspam | Invalid user el from 221.122.119.50 port 59797 |
2020-08-28 18:36:30 |
| 212.120.173.41 | attack | Invalid user student6 from 212.120.173.41 port 33364 |
2020-08-28 18:33:01 |