城市(city): Nijmegen
省份(region): Gelderland
国家(country): The Netherlands
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.138.145.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51915
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;145.138.145.6. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022000 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 17:56:50 CST 2025
;; MSG SIZE rcvd: 106
Host 6.145.138.145.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 6.145.138.145.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 185.143.223.121 | attackspambots | 2019-12-08T10:10:40.182190+01:00 lumpi kernel: [1086189.363962] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.223.121 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=63227 PROTO=TCP SPT=41668 DPT=8526 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-12-08 17:34:05 |
| 167.99.64.120 | attackspam | Automatic report - XMLRPC Attack |
2019-12-08 17:51:44 |
| 142.44.240.12 | attackspam | Dec 8 14:35:09 gw1 sshd[23596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.240.12 Dec 8 14:35:11 gw1 sshd[23596]: Failed password for invalid user 123456789 from 142.44.240.12 port 57234 ssh2 ... |
2019-12-08 17:40:42 |
| 154.221.31.118 | attackbots | Fail2Ban - SSH Bruteforce Attempt |
2019-12-08 17:20:01 |
| 45.67.14.153 | attackspam | Automatic report - Banned IP Access |
2019-12-08 17:23:40 |
| 139.162.122.110 | attack | SSHD brute force attack detected by fail2ban |
2019-12-08 17:34:21 |
| 218.92.0.134 | attackbots | Dec 8 10:35:12 nextcloud sshd\[30281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.134 user=root Dec 8 10:35:13 nextcloud sshd\[30281\]: Failed password for root from 218.92.0.134 port 6348 ssh2 Dec 8 10:35:17 nextcloud sshd\[30281\]: Failed password for root from 218.92.0.134 port 6348 ssh2 ... |
2019-12-08 17:41:59 |
| 217.115.10.132 | attackspam | Automatic report - Banned IP Access |
2019-12-08 17:40:06 |
| 138.94.114.238 | attackspambots | Dec 8 10:46:48 microserver sshd[50587]: Invalid user pico from 138.94.114.238 port 46878 Dec 8 10:46:48 microserver sshd[50587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.114.238 Dec 8 10:46:50 microserver sshd[50587]: Failed password for invalid user pico from 138.94.114.238 port 46878 ssh2 Dec 8 10:53:05 microserver sshd[51502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.114.238 user=uucp Dec 8 10:53:07 microserver sshd[51502]: Failed password for uucp from 138.94.114.238 port 45000 ssh2 Dec 8 11:05:42 microserver sshd[53695]: Invalid user hay from 138.94.114.238 port 41250 Dec 8 11:05:42 microserver sshd[53695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.114.238 Dec 8 11:05:44 microserver sshd[53695]: Failed password for invalid user hay from 138.94.114.238 port 41250 ssh2 Dec 8 11:11:58 microserver sshd[54518]: pam_unix(sshd:auth): authentic |
2019-12-08 17:58:20 |
| 115.94.204.156 | attackbots | Dec 8 10:17:58 MK-Soft-VM3 sshd[13269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.204.156 Dec 8 10:17:59 MK-Soft-VM3 sshd[13269]: Failed password for invalid user rh from 115.94.204.156 port 35526 ssh2 ... |
2019-12-08 17:24:01 |
| 112.20.179.106 | attackspambots | Dec 8 07:27:49 ns3367391 proftpd[24431]: 127.0.0.1 (112.20.179.106[112.20.179.106]) - USER anonymous: no such user found from 112.20.179.106 [112.20.179.106] to 37.187.78.186:21 Dec 8 07:27:52 ns3367391 proftpd[24453]: 127.0.0.1 (112.20.179.106[112.20.179.106]) - USER yourdailypornvideos: no such user found from 112.20.179.106 [112.20.179.106] to 37.187.78.186:21 ... |
2019-12-08 17:59:57 |
| 203.196.24.22 | attackbotsspam | Dec 7 23:12:58 php1 sshd\[17471\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.196.24.22 user=root Dec 7 23:13:00 php1 sshd\[17471\]: Failed password for root from 203.196.24.22 port 58780 ssh2 Dec 7 23:20:09 php1 sshd\[18126\]: Invalid user test from 203.196.24.22 Dec 7 23:20:09 php1 sshd\[18126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.196.24.22 Dec 7 23:20:11 php1 sshd\[18126\]: Failed password for invalid user test from 203.196.24.22 port 40130 ssh2 |
2019-12-08 17:34:48 |
| 125.124.70.22 | attack | Dec 7 22:57:29 home sshd[29918]: Invalid user oneto from 125.124.70.22 port 50074 Dec 7 22:57:29 home sshd[29918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.70.22 Dec 7 22:57:29 home sshd[29918]: Invalid user oneto from 125.124.70.22 port 50074 Dec 7 22:57:31 home sshd[29918]: Failed password for invalid user oneto from 125.124.70.22 port 50074 ssh2 Dec 7 23:06:30 home sshd[29977]: Invalid user brear from 125.124.70.22 port 37654 Dec 7 23:06:30 home sshd[29977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.70.22 Dec 7 23:06:30 home sshd[29977]: Invalid user brear from 125.124.70.22 port 37654 Dec 7 23:06:32 home sshd[29977]: Failed password for invalid user brear from 125.124.70.22 port 37654 ssh2 Dec 7 23:13:36 home sshd[30033]: Invalid user brad.bishop from 125.124.70.22 port 41188 Dec 7 23:13:36 home sshd[30033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= |
2019-12-08 17:54:23 |
| 193.106.31.130 | attackspam | [Sun Dec 08 13:27:55.687057 2019] [:error] [pid 3145:tid 140218334148352] [client 193.106.31.130:63701] [client 193.106.31.130] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/administrator/index.php"] [unique_id "XeyX63kf9NG@cobJeqWM8gAAAAg"]
... |
2019-12-08 17:55:36 |
| 46.146.202.132 | attack | Honeypot attack, port: 23, PTR: net202-132.perm.ertelecom.ru. |
2019-12-08 17:25:22 |