城市(city): unknown
省份(region): unknown
国家(country): Netherlands (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.25.161.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41254
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;145.25.161.136. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012900 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 22:47:01 CST 2025
;; MSG SIZE rcvd: 107b'Host 136.161.25.145.in-addr.arpa not found: 2(SERVFAIL)
';; Got SERVFAIL reply from 183.60.82.98, trying next server
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 136.161.25.145.in-addr.arpa: SERVFAIL
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 122.53.122.163 | attackspambots | SIP Server BruteForce Attack |
2020-04-11 14:03:03 |
| 115.198.139.152 | attackbots | 115.198.139.152 - - \[11/Apr/2020:07:39:23 +0200\] "GET http://api.gxout.com/proxy/check.aspx HTTP/1.1" 400 666 "http://api.gxout.com/proxy/check.aspx" "Mozilla/4.0 \(compatible\; MSIE 6.0\; Windows NT 5.1\)" ... |
2020-04-11 13:49:00 |
| 178.128.218.56 | attack | Invalid user ubuntu from 178.128.218.56 port 52140 |
2020-04-11 14:21:41 |
| 58.57.8.198 | attack | Apr 11 06:52:00 pve sshd[28077]: Failed password for root from 58.57.8.198 port 45838 ssh2 Apr 11 06:54:43 pve sshd[32624]: Failed password for root from 58.57.8.198 port 47610 ssh2 |
2020-04-11 14:22:31 |
| 185.173.35.21 | attack | " " |
2020-04-11 13:58:56 |
| 104.248.169.127 | attackbotsspam | Apr 11 07:19:54 v22019058497090703 sshd[13282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.169.127 Apr 11 07:19:56 v22019058497090703 sshd[13282]: Failed password for invalid user smb from 104.248.169.127 port 39718 ssh2 ... |
2020-04-11 13:52:10 |
| 185.53.168.96 | attackbots | 2020-04-11T01:54:12.328973sorsha.thespaminator.com sshd[32196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.53.168.96 user=root 2020-04-11T01:54:14.233891sorsha.thespaminator.com sshd[32196]: Failed password for root from 185.53.168.96 port 44028 ssh2 ... |
2020-04-11 13:59:15 |
| 180.168.36.2 | attackspambots | Apr 11 08:18:00 pve sshd[17614]: Failed password for root from 180.168.36.2 port 50265 ssh2 Apr 11 08:21:20 pve sshd[23424]: Failed password for root from 180.168.36.2 port 37026 ssh2 |
2020-04-11 14:26:11 |
| 218.92.0.138 | attackspambots | Apr 11 07:55:25 server sshd[46117]: Failed none for root from 218.92.0.138 port 51529 ssh2 Apr 11 07:55:28 server sshd[46117]: Failed password for root from 218.92.0.138 port 51529 ssh2 Apr 11 07:55:31 server sshd[46117]: Failed password for root from 218.92.0.138 port 51529 ssh2 |
2020-04-11 14:02:08 |
| 51.77.151.175 | attackbots | Apr 11 07:54:30 minden010 sshd[18491]: Failed password for root from 51.77.151.175 port 50614 ssh2 Apr 11 07:57:13 minden010 sshd[19414]: Failed password for root from 51.77.151.175 port 42708 ssh2 Apr 11 08:00:02 minden010 sshd[20053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.151.175 ... |
2020-04-11 14:09:15 |
| 132.148.28.20 | attack | WordPress wp-login brute force :: 132.148.28.20 0.092 BYPASS [11/Apr/2020:03:53:46 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-04-11 14:25:26 |
| 101.71.22.56 | attackspambots | Lines containing failures of 101.71.22.56 Apr 11 02:28:00 kmh-vmh-002-fsn07 sshd[23585]: Invalid user fake from 101.71.22.56 port 51909 Apr 11 02:28:00 kmh-vmh-002-fsn07 sshd[23585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.71.22.56 Apr 11 02:28:02 kmh-vmh-002-fsn07 sshd[23585]: Failed password for invalid user fake from 101.71.22.56 port 51909 ssh2 Apr 11 02:28:04 kmh-vmh-002-fsn07 sshd[23585]: Received disconnect from 101.71.22.56 port 51909:11: Bye Bye [preauth] Apr 11 02:28:04 kmh-vmh-002-fsn07 sshd[23585]: Disconnected from invalid user fake 101.71.22.56 port 51909 [preauth] Apr 11 02:42:30 kmh-vmh-002-fsn07 sshd[13953]: Invalid user tester from 101.71.22.56 port 52376 Apr 11 02:42:30 kmh-vmh-002-fsn07 sshd[13953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.71.22.56 Apr 11 02:42:32 kmh-vmh-002-fsn07 sshd[13953]: Failed password for invalid user tester from 101.71.22........ ------------------------------ |
2020-04-11 14:29:34 |
| 116.1.180.22 | attackbotsspam | 2020-04-11T05:04:27.581806shield sshd\[17010\]: Invalid user password12345678 from 116.1.180.22 port 34846 2020-04-11T05:04:27.586012shield sshd\[17010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.180.22 2020-04-11T05:04:29.706456shield sshd\[17010\]: Failed password for invalid user password12345678 from 116.1.180.22 port 34846 ssh2 2020-04-11T05:07:45.777883shield sshd\[17367\]: Invalid user matt2006 from 116.1.180.22 port 43822 2020-04-11T05:07:45.782643shield sshd\[17367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.180.22 |
2020-04-11 14:31:05 |
| 122.14.228.229 | attackbots | $f2bV_matches |
2020-04-11 13:55:47 |
| 173.252.127.30 | attackbots | [Sat Apr 11 10:54:06.117130 2020] [:error] [pid 12544:tid 140248685823744] [client 173.252.127.30:56606] [client 173.252.127.30] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/favicon-96-96.png"] [unique_id "XpE-Xh7qnPfM2sYQQe5eTAAAAAE"] ... |
2020-04-11 14:08:32 |