城市(city): Neftekamsk
省份(region): Bashkortostan Republic
国家(country): Russia
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 136.169.193.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15873
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;136.169.193.92. IN A
;; AUTHORITY SECTION:
. 590 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020060202 1800 900 604800 86400
;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 03 06:57:10 CST 2020
;; MSG SIZE rcvd: 11892.193.169.136.in-addr.arpa domain name pointer 136.169.193.92.dynamic.neft.ufanet.ru.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
92.193.169.136.in-addr.arpa name = 136.169.193.92.dynamic.neft.ufanet.ru.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 219.239.47.66 | attackbotsspam | Sep 8 13:20:15 sso sshd[19196]: Failed password for root from 219.239.47.66 port 41414 ssh2 ... |
2020-09-08 19:33:35 |
| 79.127.36.98 | attack | Sep 7 18:13:53 v26 sshd[334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.127.36.98 user=r.r Sep 7 18:13:56 v26 sshd[334]: Failed password for r.r from 79.127.36.98 port 46904 ssh2 Sep 7 18:13:56 v26 sshd[334]: Received disconnect from 79.127.36.98 port 46904:11: Bye Bye [preauth] Sep 7 18:13:56 v26 sshd[334]: Disconnected from 79.127.36.98 port 46904 [preauth] Sep 7 18:19:57 v26 sshd[1136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.127.36.98 user=r.r Sep 7 18:19:59 v26 sshd[1136]: Failed password for r.r from 79.127.36.98 port 47400 ssh2 Sep 7 18:20:00 v26 sshd[1136]: Received disconnect from 79.127.36.98 port 47400:11: Bye Bye [preauth] Sep 7 18:20:00 v26 sshd[1136]: Disconnected from 79.127.36.98 port 47400 [preauth] Sep 7 18:21:14 v26 sshd[1386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.127.36.98 user=r.r ........ ---------------------------------- |
2020-09-08 19:00:06 |
| 139.199.228.133 | attack | Sep 8 09:22:58 prox sshd[16697]: Failed password for root from 139.199.228.133 port 9016 ssh2 |
2020-09-08 19:14:22 |
| 200.93.102.106 | attackspambots | Unauthorized connection attempt from IP address 200.93.102.106 on Port 445(SMB) |
2020-09-08 19:27:22 |
| 185.38.175.71 | attackbots | 2020-09-08T12:51[Censored Hostname] sshd[16667]: Failed password for root from 185.38.175.71 port 42880 ssh2 2020-09-08T12:51[Censored Hostname] sshd[16667]: Failed password for root from 185.38.175.71 port 42880 ssh2 2020-09-08T12:51[Censored Hostname] sshd[16667]: Failed password for root from 185.38.175.71 port 42880 ssh2[...] |
2020-09-08 19:28:59 |
| 94.102.56.210 | attackspambots | srvr2: (mod_security) mod_security (id:920350) triggered by 94.102.56.210 (NL/-/-): 1 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/08 11:19:09 [error] 548013#0: *316003 [client 94.102.56.210] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/vendor/phpunit/phpunit/phpunit.xml"] [unique_id "159955674994.545393"] [ref "o0,13v55,13"], client: 94.102.56.210, [redacted] request: "GET /vendor/phpunit/phpunit/phpunit.xml HTTP/1.1" [redacted] |
2020-09-08 19:18:57 |
| 151.224.96.135 | attackspambots | Wordpress File Manager Plugin Remote Code Execution Vulnerability, PTR: 97e06087.skybroadband.com. |
2020-09-08 19:29:16 |
| 129.28.177.29 | attack | Sep 8 15:31:46 webhost01 sshd[15412]: Failed password for root from 129.28.177.29 port 54482 ssh2 ... |
2020-09-08 19:26:39 |
| 193.56.28.220 | attackbots | Feb 6 02:28:44 server postfix/smtpd[32521]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 6 02:29:10 server postfix/smtpd[32521]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: Connection lost to authentication server Feb 6 02:30:28 server postfix/smtpd[32521]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-09-08 19:25:52 |
| 157.230.33.158 | attack | 2020-09-08 12:18:54,872 fail2ban.actions: WARNING [ssh] Ban 157.230.33.158 |
2020-09-08 19:23:12 |
| 194.180.224.103 | attackspam | Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-08T11:11:14Z and 2020-09-08T11:13:34Z |
2020-09-08 19:22:05 |
| 106.12.175.86 | attackbotsspam | Sep 8 09:44:25 home sshd[1241152]: Failed password for root from 106.12.175.86 port 42978 ssh2 Sep 8 09:48:42 home sshd[1241604]: Invalid user smmsp from 106.12.175.86 port 38395 Sep 8 09:48:42 home sshd[1241604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.175.86 Sep 8 09:48:42 home sshd[1241604]: Invalid user smmsp from 106.12.175.86 port 38395 Sep 8 09:48:43 home sshd[1241604]: Failed password for invalid user smmsp from 106.12.175.86 port 38395 ssh2 ... |
2020-09-08 19:23:35 |
| 113.161.85.92 | attackbotsspam | Unauthorized connection attempt from IP address 113.161.85.92 on Port 445(SMB) |
2020-09-08 19:31:37 |
| 102.47.39.121 | attackspambots | Mirai and Reaper Exploitation Traffic , PTR: host-102.47.39.121.tedata.net. |
2020-09-08 19:27:02 |
| 106.12.205.137 | attack | Sep 8 11:46:40 fhem-rasp sshd[27719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.205.137 Sep 8 11:46:41 fhem-rasp sshd[27719]: Failed password for invalid user admin from 106.12.205.137 port 53122 ssh2 ... |
2020-09-08 19:09:10 |