城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 144.31.21.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51662
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;144.31.21.155. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025121700 1800 900 604800 86400
;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 17 15:03:27 CST 2025
;; MSG SIZE rcvd: 106
Host 155.21.31.144.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 155.21.31.144.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 218.75.151.45 | attackbots | Feb 17 23:09:01 grey postfix/smtpd\[14967\]: NOQUEUE: reject: RCPT from unknown\[218.75.151.45\]: 554 5.7.1 Service unavailable\; Client host \[218.75.151.45\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[218.75.151.45\]\; from=\ |
2020-02-18 09:27:59 |
| 200.97.244.125 | attackspam | Feb 17 23:52:56 server sshd\[24807\]: Invalid user admin from 200.97.244.125 Feb 17 23:52:57 server sshd\[24807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-97-244-125.user.veloxzone.com.br Feb 17 23:52:58 server sshd\[24807\]: Failed password for invalid user admin from 200.97.244.125 port 15791 ssh2 Feb 18 01:21:07 server sshd\[9077\]: Invalid user admin from 200.97.244.125 Feb 18 01:21:07 server sshd\[9077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-97-244-125.user.veloxzone.com.br ... |
2020-02-18 10:06:41 |
| 49.88.112.55 | attackbots | Feb 18 01:45:01 hcbbdb sshd\[4462\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root Feb 18 01:45:03 hcbbdb sshd\[4462\]: Failed password for root from 49.88.112.55 port 54067 ssh2 Feb 18 01:45:12 hcbbdb sshd\[4462\]: Failed password for root from 49.88.112.55 port 54067 ssh2 Feb 18 01:45:15 hcbbdb sshd\[4462\]: Failed password for root from 49.88.112.55 port 54067 ssh2 Feb 18 01:45:20 hcbbdb sshd\[4509\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root |
2020-02-18 09:56:14 |
| 72.94.181.219 | attack | Feb 17 14:09:12 hpm sshd\[19595\]: Invalid user nagios from 72.94.181.219 Feb 17 14:09:12 hpm sshd\[19595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-72-94-181-219.phlapa.fios.verizon.net Feb 17 14:09:14 hpm sshd\[19595\]: Failed password for invalid user nagios from 72.94.181.219 port 9670 ssh2 Feb 17 14:12:07 hpm sshd\[19924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-72-94-181-219.phlapa.fios.verizon.net user=www-data Feb 17 14:12:09 hpm sshd\[19924\]: Failed password for www-data from 72.94.181.219 port 9673 ssh2 |
2020-02-18 09:48:22 |
| 162.220.52.195 | attackspambots | Feb 17 12:54:50 hpm sshd\[10667\]: Invalid user teamspeak3 from 162.220.52.195 Feb 17 12:54:50 hpm sshd\[10667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.220.52.195 Feb 17 12:54:52 hpm sshd\[10667\]: Failed password for invalid user teamspeak3 from 162.220.52.195 port 38712 ssh2 Feb 17 12:58:09 hpm sshd\[11062\]: Invalid user adm from 162.220.52.195 Feb 17 12:58:09 hpm sshd\[11062\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.220.52.195 |
2020-02-18 09:46:17 |
| 73.249.238.254 | attackspambots | 2020-02-05T17:23:25.261115suse-nuc sshd[8494]: Invalid user zri from 73.249.238.254 port 44526 ... |
2020-02-18 09:29:01 |
| 203.78.118.79 | attackspam | [Tue Feb 18 05:08:42.256743 2020] [:error] [pid 3006:tid 140024745875200] [client 203.78.118.79:35904] [client 203.78.118.79] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-musim/prakiraan-musim-kemarau/prakiraan-curah-hujan-musim-kemarau"] [unique_id "XksO6v9hjXUAE8jSj6R-hAAAAKg"]
... |
2020-02-18 09:52:31 |
| 123.21.80.69 | attackspam | Feb 17 16:08:56 mailman postfix/smtpd[26273]: warning: unknown[123.21.80.69]: SASL PLAIN authentication failed: authentication failure |
2020-02-18 09:37:10 |
| 216.238.174.92 | attackbots | Port probing on unauthorized port 23 |
2020-02-18 10:04:00 |
| 73.124.236.66 | attackspam | 2019-12-10T12:06:39.265562suse-nuc sshd[4446]: Invalid user siefert from 73.124.236.66 port 42942 ... |
2020-02-18 09:45:54 |
| 72.43.141.7 | attackbots | 2019-12-24T22:43:59.589919suse-nuc sshd[12805]: Invalid user caponi from 72.43.141.7 port 24406 ... |
2020-02-18 09:54:20 |
| 122.228.19.80 | attackspam | 122.228.19.80 was recorded 17 times by 6 hosts attempting to connect to the following ports: 2152,5060,28015,32400,5007,3790,10001,465,8006,10554,9100,5672,45554,1443,5432,84. Incident counter (4h, 24h, all-time): 17, 91, 25809 |
2020-02-18 10:06:55 |
| 73.100.211.143 | attackbotsspam | 2019-12-14T13:16:13.504463suse-nuc sshd[4223]: Invalid user named from 73.100.211.143 port 58093 ... |
2020-02-18 09:47:58 |
| 71.46.255.70 | attackspam | 2020-01-13T18:27:25.568145suse-nuc sshd[26339]: Invalid user josh from 71.46.255.70 port 35084 ... |
2020-02-18 10:04:38 |
| 72.48.214.68 | attack | 2019-12-01T09:27:55.297438suse-nuc sshd[25410]: Invalid user user from 72.48.214.68 port 36442 ... |
2020-02-18 09:50:37 |