城市(city): Shymkent
省份(region): Shymkent
国家(country): Kazakhstan
运营商(isp): Kcell
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.27.171.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54146
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;149.27.171.242. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021301 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 14 12:39:20 CST 2025
;; MSG SIZE rcvd: 107
242.171.27.149.in-addr.arpa domain name pointer 149-27-171-242.kcell.kz.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
242.171.27.149.in-addr.arpa name = 149-27-171-242.kcell.kz.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 223.71.167.166 | attackbots | Apr 24 15:42:31 debian-2gb-nbg1-2 kernel: \[9994695.378482\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=223.71.167.166 DST=195.201.40.59 LEN=44 TOS=0x04 PREC=0x00 TTL=114 ID=21643 PROTO=TCP SPT=28227 DPT=5555 WINDOW=29200 RES=0x00 SYN URGP=0 |
2020-04-24 22:22:22 |
| 40.71.192.47 | attack | Automatic report - SSH Brute-Force Attack |
2020-04-24 22:39:25 |
| 129.28.58.6 | attackbots | (sshd) Failed SSH login from 129.28.58.6 (CN/China/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 24 11:51:09 andromeda sshd[6720]: Invalid user spy from 129.28.58.6 port 34394 Apr 24 11:51:12 andromeda sshd[6720]: Failed password for invalid user spy from 129.28.58.6 port 34394 ssh2 Apr 24 12:07:46 andromeda sshd[7243]: Invalid user Hely from 129.28.58.6 port 49672 |
2020-04-24 22:20:51 |
| 49.88.112.68 | attackspambots | Apr 24 16:41:02 v22018053744266470 sshd[17058]: Failed password for root from 49.88.112.68 port 37074 ssh2 Apr 24 16:41:04 v22018053744266470 sshd[17058]: Failed password for root from 49.88.112.68 port 37074 ssh2 Apr 24 16:41:06 v22018053744266470 sshd[17058]: Failed password for root from 49.88.112.68 port 37074 ssh2 ... |
2020-04-24 22:45:00 |
| 139.59.172.149 | attackspambots | Automatic report - XMLRPC Attack |
2020-04-24 22:32:09 |
| 94.177.232.23 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 89 proto: TCP cat: Misc Attack |
2020-04-24 22:51:43 |
| 87.246.7.12 | attack | IP reached maximum auth failures |
2020-04-24 22:38:03 |
| 2001:318:0:210:218:231:54:122 | attackspam | US Federal Reserve Bank Corporate Office 20th St. and Constitution Ave. N.W Mail Stop K300 Washington, D.C. 20551 Our Ref:USFRB/IRU/SFE/15.5/NY/011 United States of America Monday-Friday 8 a.m.-9 p.m. Eastern Daylight Time(EDT) Saturday and Sunday 8 a.m.-4 p.m. Eastern Daylight Time(EDT) Federal Reserve Bank Notification Of Your Compensation Funds 2020 Please read carefully before replying because i cant explain any thing else apart from these mail sent to you. Your payment files from three (3) different banks, Natwest Bank of London, Central Bank of Nigeria and Bank of America was compiled and submitted................. |
2020-04-24 22:50:57 |
| 222.186.173.201 | attack | (sshd) Failed SSH login from 222.186.173.201 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 24 16:29:43 amsweb01 sshd[13582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.201 user=root Apr 24 16:29:43 amsweb01 sshd[13584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.201 user=root Apr 24 16:29:45 amsweb01 sshd[13582]: Failed password for root from 222.186.173.201 port 39960 ssh2 Apr 24 16:29:46 amsweb01 sshd[13584]: Failed password for root from 222.186.173.201 port 18510 ssh2 Apr 24 16:29:48 amsweb01 sshd[13582]: Failed password for root from 222.186.173.201 port 39960 ssh2 |
2020-04-24 22:33:47 |
| 49.232.152.3 | attack | Apr 24 03:26:53 php1 sshd\[3472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.152.3 user=mysql Apr 24 03:26:56 php1 sshd\[3472\]: Failed password for mysql from 49.232.152.3 port 59376 ssh2 Apr 24 03:31:09 php1 sshd\[3945\]: Invalid user eillen from 49.232.152.3 Apr 24 03:31:09 php1 sshd\[3945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.152.3 Apr 24 03:31:11 php1 sshd\[3945\]: Failed password for invalid user eillen from 49.232.152.3 port 49074 ssh2 |
2020-04-24 22:14:38 |
| 107.172.225.13 | attackbots | 1,37-05/04 [bc02/m55] PostRequest-Spammer scoring: berlin |
2020-04-24 22:07:36 |
| 34.87.83.116 | attackbots | 2020-04-24T15:09:37.421164vps751288.ovh.net sshd\[12420\]: Invalid user teamspeak3 from 34.87.83.116 port 40088 2020-04-24T15:09:37.431908vps751288.ovh.net sshd\[12420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.83.87.34.bc.googleusercontent.com 2020-04-24T15:09:39.504321vps751288.ovh.net sshd\[12420\]: Failed password for invalid user teamspeak3 from 34.87.83.116 port 40088 ssh2 2020-04-24T15:12:20.753845vps751288.ovh.net sshd\[12448\]: Invalid user oracle from 34.87.83.116 port 52618 2020-04-24T15:12:20.759943vps751288.ovh.net sshd\[12448\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.83.87.34.bc.googleusercontent.com |
2020-04-24 22:10:39 |
| 139.59.13.53 | attackspambots | Apr 24 14:13:58 vps sshd[325511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.13.53 user=root Apr 24 14:14:01 vps sshd[325511]: Failed password for root from 139.59.13.53 port 51180 ssh2 Apr 24 14:18:40 vps sshd[351132]: Invalid user password from 139.59.13.53 port 34898 Apr 24 14:18:40 vps sshd[351132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.13.53 Apr 24 14:18:42 vps sshd[351132]: Failed password for invalid user password from 139.59.13.53 port 34898 ssh2 ... |
2020-04-24 22:46:48 |
| 37.59.236.128 | attack | Apr 24 15:45:23 nextcloud sshd\[10157\]: Invalid user hector from 37.59.236.128 Apr 24 15:45:23 nextcloud sshd\[10157\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.236.128 Apr 24 15:45:26 nextcloud sshd\[10157\]: Failed password for invalid user hector from 37.59.236.128 port 39884 ssh2 |
2020-04-24 22:12:45 |
| 186.33.211.69 | attackbots | 2020-04-24T12:40:01.618399shield sshd\[4648\]: Invalid user ajeet from 186.33.211.69 port 49371 2020-04-24T12:40:01.623213shield sshd\[4648\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.33.211.69 2020-04-24T12:40:03.688215shield sshd\[4648\]: Failed password for invalid user ajeet from 186.33.211.69 port 49371 ssh2 2020-04-24T12:44:39.423193shield sshd\[5307\]: Invalid user admin from 186.33.211.69 port 52792 2020-04-24T12:44:39.428118shield sshd\[5307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.33.211.69 |
2020-04-24 22:28:57 |