城市(city): unknown
省份(region): unknown
国家(country): None
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 137.226.243.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46287
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;137.226.243.93. IN A
;; AUTHORITY SECTION:
. 232 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022061301 1800 900 604800 86400
;; Query time: 172 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 14 02:26:14 CST 2022
;; MSG SIZE rcvd: 107
Host 93.243.226.137.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 93.243.226.137.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 134.73.7.248 | attackspam | 2019-05-09 10:54:25 1hOeor-0002hI-4e SMTP connection from slope.sandyfadadu.com \(slope.justjustfencing.icu\) \[134.73.7.248\]:39968 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-05-09 10:54:31 1hOeox-0002hQ-B4 SMTP connection from slope.sandyfadadu.com \(slope.justjustfencing.icu\) \[134.73.7.248\]:59460 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-09 10:57:12 1hOerY-0002ly-4N SMTP connection from slope.sandyfadadu.com \(slope.justjustfencing.icu\) \[134.73.7.248\]:46103 I=\[193.107.88.166\]:25 closed by DROP in ACL ... |
2020-02-05 01:45:58 |
| 222.186.42.136 | attackspambots | Feb 4 18:19:38 legacy sshd[30518]: Failed password for root from 222.186.42.136 port 22931 ssh2 Feb 4 18:19:39 legacy sshd[30518]: Failed password for root from 222.186.42.136 port 22931 ssh2 Feb 4 18:19:42 legacy sshd[30518]: Failed password for root from 222.186.42.136 port 22931 ssh2 ... |
2020-02-05 01:26:02 |
| 134.73.7.242 | attackbotsspam | 2019-04-27 13:44:39 1hKLl1-0004Uj-Mw SMTP connection from roasted.sandyfadadu.com \(roasted.techfia.icu\) \[134.73.7.242\]:48704 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-27 13:44:46 1hKLl8-0004Um-5T SMTP connection from roasted.sandyfadadu.com \(roasted.techfia.icu\) \[134.73.7.242\]:48731 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-27 13:47:28 1hKLnk-0004Zb-6O SMTP connection from roasted.sandyfadadu.com \(roasted.techfia.icu\) \[134.73.7.242\]:46752 I=\[193.107.88.166\]:25 closed by DROP in ACL ... |
2020-02-05 01:52:56 |
| 106.13.95.27 | attackbotsspam | Feb 4 06:12:30 hpm sshd\[16798\]: Invalid user cameryn1 from 106.13.95.27 Feb 4 06:12:30 hpm sshd\[16798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.95.27 Feb 4 06:12:32 hpm sshd\[16798\]: Failed password for invalid user cameryn1 from 106.13.95.27 port 45588 ssh2 Feb 4 06:16:43 hpm sshd\[17819\]: Invalid user rost from 106.13.95.27 Feb 4 06:16:43 hpm sshd\[17819\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.95.27 |
2020-02-05 01:47:01 |
| 172.105.18.163 | attack | firewall-block, port(s): 69/udp |
2020-02-05 01:38:38 |
| 1.234.23.23 | attack | Feb 4 13:48:12 game-panel sshd[17801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.234.23.23 Feb 4 13:48:14 game-panel sshd[17801]: Failed password for invalid user angelyn from 1.234.23.23 port 49794 ssh2 Feb 4 13:49:54 game-panel sshd[17849]: Failed password for root from 1.234.23.23 port 33000 ssh2 |
2020-02-05 02:02:19 |
| 118.91.178.253 | attackbots | $f2bV_matches |
2020-02-05 01:29:49 |
| 49.51.242.225 | attackbotsspam | Unauthorized connection attempt detected from IP address 49.51.242.225 to port 8480 [J] |
2020-02-05 01:34:19 |
| 134.73.7.237 | attackspambots | 2019-05-04 22:25:07 1hN1DX-0001fn-Fg SMTP connection from sour.sandyfadadu.com \(sour.goyalpublishers.icu\) \[134.73.7.237\]:47928 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-05-04 22:27:27 1hN1Fn-0001i4-7y SMTP connection from sour.sandyfadadu.com \(sour.goyalpublishers.icu\) \[134.73.7.237\]:52960 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-04 22:27:45 1hN1G5-0001iL-Bl SMTP connection from sour.sandyfadadu.com \(sour.goyalpublishers.icu\) \[134.73.7.237\]:38797 I=\[193.107.88.166\]:25 closed by DROP in ACL ... |
2020-02-05 01:59:36 |
| 138.117.131.65 | attackspambots | Feb 4 17:40:58 grey postfix/smtpd\[15370\]: NOQUEUE: reject: RCPT from unknown\[138.117.131.65\]: 554 5.7.1 Service unavailable\; Client host \[138.117.131.65\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[138.117.131.65\]\; from=\ |
2020-02-05 01:22:21 |
| 162.243.130.180 | attackspambots | MultiHost/MultiPort Probe, Scan, Hack - |
2020-02-05 01:43:14 |
| 66.220.149.15 | attackspambots | [Tue Feb 04 20:50:11.983466 2020] [:error] [pid 2034:tid 140558491895552] [client 66.220.149.15:40430] [client 66.220.149.15] ModSecurity: Access denied with code 403 (phase 2). Found 3 byte(s) in REQUEST_URI outside range: 32-36,38-126. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1304"] [id "920272"] [msg "Invalid character in request (outside of printable chars below ascii 127)"] [data "REQUEST_URI=/images/Klimatologi/Analisis/02-Analisis_Dasarian/Dinamika/2020/01_Januari_2020/Das-III/Analisis_Dinamika_Atmosfer\\xe2\\x80\\x93Laut_Dan_Prediksi_Curah_Hujan_Update_Dasarian_III_Januari_2020.jpg"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [tag "paranoia-level/3"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Analisis/02-Analisis_Dasarian/Dinamika/ ... |
2020-02-05 01:39:46 |
| 116.214.56.11 | attackspam | Automatic report - Banned IP Access |
2020-02-05 01:41:20 |
| 213.216.48.9 | attack | B: f2b postfix aggressive 3x |
2020-02-05 01:44:17 |
| 172.105.13.100 | attack | firewall-block, port(s): 3283/udp |
2020-02-05 01:40:58 |