城市(city): unknown
省份(region): unknown
国家(country): Thailand
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.108.251.174
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15527
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;158.108.251.174. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020602 1800 900 604800 86400
;; Query time: 40 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 08:32:30 CST 2025
;; MSG SIZE rcvd: 108174.251.108.158.in-addr.arpa has no PTR recordServer: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
*** Can't find 174.251.108.158.in-addr.arpa.: No answer
Authoritative answers can be found from:
108.158.in-addr.arpa
origin = ns.ku.ac.th
mail addr = abuse.ku.ac.th
serial = 1738886033
refresh = 1800
retry = 600
expire = 1209600
minimum = 3600| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 77.247.109.30 | attackspambots | Jul 29 15:15:16 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=77.247.109.30 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=39965 PROTO=TCP SPT=55665 DPT=3390 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-07-29 22:17:06 |
| 140.143.67.146 | attackspam | Jul 29 02:22:45 hostnameproxy sshd[7909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.67.146 user=r.r Jul 29 02:22:47 hostnameproxy sshd[7909]: Failed password for r.r from 140.143.67.146 port 53666 ssh2 Jul 29 02:25:57 hostnameproxy sshd[7952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.67.146 user=r.r Jul 29 02:25:59 hostnameproxy sshd[7952]: Failed password for r.r from 140.143.67.146 port 56804 ssh2 Jul 29 02:27:21 hostnameproxy sshd[7965]: Invalid user 1234 from 140.143.67.146 port 43642 Jul 29 02:27:21 hostnameproxy sshd[7965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.67.146 Jul 29 02:27:22 hostnameproxy sshd[7965]: Failed password for invalid user 1234 from 140.143.67.146 port 43642 ssh2 Jul 29 02:28:39 hostnameproxy sshd[7983]: Invalid user test123+ from 140.143.67.146 port 58680 Jul 29 02:28:39 hostname........ ------------------------------ |
2019-07-29 22:49:23 |
| 181.48.116.50 | attackspambots | Jul 29 16:08:18 v22019058497090703 sshd[10085]: Failed password for root from 181.48.116.50 port 50622 ssh2 Jul 29 16:12:52 v22019058497090703 sshd[10473]: Failed password for root from 181.48.116.50 port 57250 ssh2 ... |
2019-07-29 22:53:36 |
| 66.240.236.119 | attack | Portscan or hack attempt detected by psad/fwsnort |
2019-07-29 22:18:10 |
| 201.93.81.227 | attack | Jul 29 09:18:30 aat-srv002 sshd[11457]: Failed password for root from 201.93.81.227 port 57266 ssh2 Jul 29 09:24:01 aat-srv002 sshd[11609]: Failed password for root from 201.93.81.227 port 54121 ssh2 Jul 29 09:29:38 aat-srv002 sshd[11687]: Failed password for root from 201.93.81.227 port 50974 ssh2 ... |
2019-07-29 22:48:15 |
| 120.52.9.102 | attack | Invalid user hawkwind from 120.52.9.102 port 58496 |
2019-07-29 22:49:57 |
| 61.10.164.114 | attack | Trying to (more than 3 packets) bruteforce (not open) SSH port 22 |
2019-07-29 22:37:35 |
| 124.207.103.148 | attack | Trying to (more than 3 packets) bruteforce (not open) SSH port 22 |
2019-07-29 22:31:53 |
| 115.164.45.96 | attackbotsspam | PHI,WP GET /wp-login.php |
2019-07-29 23:06:18 |
| 189.134.31.34 | attack | Jul 29 06:23:57 netserv300 sshd[29385]: Connection from 189.134.31.34 port 61870 on 178.63.236.18 port 22 Jul 29 06:23:57 netserv300 sshd[29387]: Connection from 189.134.31.34 port 1978 on 178.63.236.16 port 22 Jul 29 06:23:57 netserv300 sshd[29386]: Connection from 189.134.31.34 port 24699 on 178.63.236.19 port 22 Jul 29 06:23:57 netserv300 sshd[29388]: Connection from 189.134.31.34 port 59971 on 178.63.236.20 port 22 Jul 29 06:23:57 netserv300 sshd[29389]: Connection from 189.134.31.34 port 54648 on 178.63.236.17 port 22 Jul 29 06:23:57 netserv300 sshd[29390]: Connection from 189.134.31.34 port 5931 on 178.63.236.21 port 22 Jul 29 06:23:57 netserv300 sshd[29391]: Connection from 189.134.31.34 port 18292 on 178.63.236.22 port 22 Jul 29 06:24:05 netserv300 sshd[29392]: Connection from 189.134.31.34 port 12354 on 178.63.236.19 port 22 Jul 29 06:24:05 netserv300 sshd[29393]: Connection from 189.134.31.34 port 32419 on 178.63.236.16 port 22 Jul 29 06:24:05 netserv300 sshd[2........ ------------------------------ |
2019-07-29 23:15:20 |
| 180.126.237.128 | attack | Honeypot hit. |
2019-07-29 22:27:25 |
| 213.147.113.131 | attack | Port scan: Attack repeated for 24 hours |
2019-07-29 23:26:01 |
| 118.68.74.71 | attackbots | Trying to (more than 3 packets) bruteforce (not open) telnet port 23 |
2019-07-29 22:33:09 |
| 177.220.252.45 | attack | SSH Bruteforce Attack |
2019-07-29 22:45:41 |
| 82.94.246.31 | attackbots | blocked by firewall for SQL Injection in query string: id=29%22%20or%20(1%2C2)%3D(select*from(select%20name_const(CHAR(111%2C108%2C111%2C108%2C111%2C115%2C104… |
2019-07-29 22:53:13 |