城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.126.126.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19849
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;134.126.126.99. IN A
;; AUTHORITY SECTION:
. 459 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400
;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:40:23 CST 2022
;; MSG SIZE rcvd: 10799.126.126.134.in-addr.arpa domain name pointer athletics.jmu.edu.
99.126.126.134.in-addr.arpa domain name pointer jmu.edu.
99.126.126.134.in-addr.arpa domain name pointer it-www1.jmu.edu.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
99.126.126.134.in-addr.arpa name = it-www1.jmu.edu.
99.126.126.134.in-addr.arpa name = athletics.jmu.edu.
99.126.126.134.in-addr.arpa name = jmu.edu.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 91.121.171.148 | attackspam | [SatAug3123:44:11.6760732019][:error][pid31300:tid47849301624576][client91.121.171.148:47712][client91.121.171.148]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\$mozilla\^\|mozilla/[45]\\\\\\\\.[1-9]\|\^mozilla/4\\\\\\\\.0\$\)"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"419"][id"330131"][rev"3"][msg"Atomicorp.comWAFRules:MaliciousBotBlocked\(FakeMozillaUserAgentStringDetected\)"][severity"CRITICAL"][hostname"ilsoffio.ch"][uri"/wp-admin/css/colors/sunrise/idb.php"][unique_id"XWrqKzssNwcLlxUsBOZq6gAAAVA"]\,referer:ilsoffio.ch[SatAug3123:45:06.6265892019][:error][pid31367:tid47849223132928][client91.121.171.148:35622][client91.121.171.148]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\$mozilla\^\|mozilla/[45]\\\\\\\\.[1-9]\|\^mozilla/4\\\\\\\\.0\$\)"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"419"][id"330131"][rev"3"][msg"Ato |
2019-09-01 08:57:59 |
| 35.240.226.127 | attackspam | Lines containing failures of 35.240.226.127 (max 1000) Aug 30 19:09:27 localhost sshd[6819]: Invalid user chu from 35.240.226.127 port 48714 Aug 30 19:09:27 localhost sshd[6819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.240.226.127 Aug 30 19:09:29 localhost sshd[6819]: Failed password for invalid user chu from 35.240.226.127 port 48714 ssh2 Aug 30 19:09:30 localhost sshd[6819]: Received disconnect from 35.240.226.127 port 48714:11: Bye Bye [preauth] Aug 30 19:09:30 localhost sshd[6819]: Disconnected from invalid user chu 35.240.226.127 port 48714 [preauth] Aug 31 00:15:53 localhost sshd[30823]: Invalid user senpai from 35.240.226.127 port 48624 Aug 31 00:15:53 localhost sshd[30823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.240.226.127 Aug 31 00:15:54 localhost sshd[30823]: Failed password for invalid user senpai from 35.240.226.127 port 48624 ssh2 Aug 31 00:15:56 localho........ ------------------------------ |
2019-09-01 09:29:17 |
| 113.161.66.41 | attackbotsspam | RDP Bruteforce |
2019-09-01 08:58:53 |
| 23.129.64.184 | attackspambots | Aug 18 03:41:38 microserver sshd[24172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.184 user=root Aug 18 03:41:40 microserver sshd[24172]: Failed password for root from 23.129.64.184 port 43973 ssh2 Aug 18 03:41:43 microserver sshd[24172]: Failed password for root from 23.129.64.184 port 43973 ssh2 Aug 18 03:41:46 microserver sshd[24172]: Failed password for root from 23.129.64.184 port 43973 ssh2 Aug 18 03:41:49 microserver sshd[24172]: Failed password for root from 23.129.64.184 port 43973 ssh2 Aug 27 04:50:26 microserver sshd[11357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.184 user=sshd Aug 27 04:50:28 microserver sshd[11357]: Failed password for sshd from 23.129.64.184 port 53868 ssh2 Aug 27 04:50:28 microserver sshd[11357]: Failed password for sshd from 23.129.64.184 port 53868 ssh2 Aug 27 04:50:32 microserver sshd[11357]: Failed password for sshd from 23.129.64.184 port 53868 ssh2 Aug 27 04 |
2019-09-01 08:55:07 |
| 185.242.113.224 | attack | Aug 31 23:49:57 rotator sshd\[16789\]: Failed password for root from 185.242.113.224 port 37946 ssh2Aug 31 23:49:59 rotator sshd\[16789\]: Failed password for root from 185.242.113.224 port 37946 ssh2Aug 31 23:50:02 rotator sshd\[16789\]: Failed password for root from 185.242.113.224 port 37946 ssh2Aug 31 23:50:04 rotator sshd\[16789\]: Failed password for root from 185.242.113.224 port 37946 ssh2Aug 31 23:50:07 rotator sshd\[16789\]: Failed password for root from 185.242.113.224 port 37946 ssh2Aug 31 23:50:10 rotator sshd\[16789\]: Failed password for root from 185.242.113.224 port 37946 ssh2 ... |
2019-09-01 08:59:31 |
| 42.104.97.231 | attackbotsspam | Sep 1 02:59:55 nextcloud sshd\[19900\]: Invalid user ncarpen from 42.104.97.231 Sep 1 02:59:55 nextcloud sshd\[19900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.104.97.231 Sep 1 02:59:57 nextcloud sshd\[19900\]: Failed password for invalid user ncarpen from 42.104.97.231 port 16704 ssh2 ... |
2019-09-01 09:28:44 |
| 203.215.170.170 | attack | 19/8/31@17:50:04: FAIL: Alarm-Intrusion address from=203.215.170.170 ... |
2019-09-01 09:04:20 |
| 190.90.95.146 | attackspam | Sep 1 01:53:58 MainVPS sshd[29466]: Invalid user test from 190.90.95.146 port 59568 Sep 1 01:53:58 MainVPS sshd[29466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.90.95.146 Sep 1 01:53:58 MainVPS sshd[29466]: Invalid user test from 190.90.95.146 port 59568 Sep 1 01:54:00 MainVPS sshd[29466]: Failed password for invalid user test from 190.90.95.146 port 59568 ssh2 Sep 1 01:58:31 MainVPS sshd[29816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.90.95.146 user=nobody Sep 1 01:58:33 MainVPS sshd[29816]: Failed password for nobody from 190.90.95.146 port 47896 ssh2 ... |
2019-09-01 09:13:48 |
| 49.88.112.90 | attack | Aug 31 20:23:28 aat-srv002 sshd[32755]: Failed password for root from 49.88.112.90 port 59041 ssh2 Aug 31 20:23:30 aat-srv002 sshd[32755]: Failed password for root from 49.88.112.90 port 59041 ssh2 Aug 31 20:23:33 aat-srv002 sshd[32755]: Failed password for root from 49.88.112.90 port 59041 ssh2 Aug 31 20:23:36 aat-srv002 sshd[313]: Failed password for root from 49.88.112.90 port 56366 ssh2 ... |
2019-09-01 09:26:50 |
| 82.200.129.232 | attackbotsspam | SPF Fail sender not permitted to send mail for @online.kz / Sent mail to target address hacked/leaked from abandonia in 2016 |
2019-09-01 08:53:06 |
| 218.92.0.198 | attack | Sep 1 03:23:51 eventyay sshd[9999]: Failed password for root from 218.92.0.198 port 27761 ssh2 Sep 1 03:23:53 eventyay sshd[9999]: Failed password for root from 218.92.0.198 port 27761 ssh2 Sep 1 03:23:55 eventyay sshd[9999]: Failed password for root from 218.92.0.198 port 27761 ssh2 ... |
2019-09-01 09:29:52 |
| 171.221.230.220 | attackbots | Automatic report - Banned IP Access |
2019-09-01 09:27:48 |
| 93.190.15.11 | attackspam | Sep 1 06:45:06 our-server-hostname postfix/smtpd[11846]: connect from unknown[93.190.15.11] Sep x@x Sep 1 06:45:07 our-server-hostname postfix/smtpd[13340]: connect from unknown[93.190.15.11] Sep x@x Sep x@x Sep 1 06:45:08 our-server-hostname postfix/smtpd[11846]: disconnect from unknown[93.190.15.11] Sep x@x Sep x@x Sep 1 06:45:10 our-server-hostname postfix/smtpd[13340]: disconnect from unknown[93.190.15.11] Sep 1 06:45:15 our-server-hostname postfix/smtpd[11877]: connect from unknown[93.190.15.11] Sep x@x Sep x@x Sep x@x Sep 1 06:45:18 our-server-hostname postfix/smtpd[11877]: disconnect from unknown[93.190.15.11] Sep 1 06:45:20 our-server-hostname postfix/smtpd[13104]: connect from unknown[93.190.15.11] Sep x@x Sep x@x Sep 1 06:45:23 our-server-hostname postfix/smtpd[13104]: disconnect from unknown[93.190.15.11] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=93.190.15.11 |
2019-09-01 09:18:38 |
| 34.80.215.54 | attackspam | Aug 31 14:30:45 lcprod sshd\[28801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.215.80.34.bc.googleusercontent.com user=root Aug 31 14:30:47 lcprod sshd\[28801\]: Failed password for root from 34.80.215.54 port 52556 ssh2 Aug 31 14:35:26 lcprod sshd\[29335\]: Invalid user edward from 34.80.215.54 Aug 31 14:35:26 lcprod sshd\[29335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.215.80.34.bc.googleusercontent.com Aug 31 14:35:28 lcprod sshd\[29335\]: Failed password for invalid user edward from 34.80.215.54 port 41590 ssh2 |
2019-09-01 08:49:14 |
| 148.72.65.10 | attack | Aug 31 14:50:59 lcprod sshd\[31074\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net user=root Aug 31 14:51:01 lcprod sshd\[31074\]: Failed password for root from 148.72.65.10 port 36612 ssh2 Aug 31 14:55:07 lcprod sshd\[31529\]: Invalid user gs from 148.72.65.10 Aug 31 14:55:07 lcprod sshd\[31529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net Aug 31 14:55:09 lcprod sshd\[31529\]: Failed password for invalid user gs from 148.72.65.10 port 52808 ssh2 |
2019-09-01 09:22:51 |