城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 161.127.238.38
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9492
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;161.127.238.38. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020500 1800 900 604800 86400
;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 16:22:48 CST 2025
;; MSG SIZE rcvd: 107Host 38.238.127.161.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 38.238.127.161.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 14.115.29.138 | attackspam | Apr 12 07:13:48 www4 sshd\[43082\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.115.29.138 user=root Apr 12 07:13:50 www4 sshd\[43082\]: Failed password for root from 14.115.29.138 port 46106 ssh2 Apr 12 07:16:06 www4 sshd\[43562\]: Invalid user gt from 14.115.29.138 ... |
2020-04-12 18:50:32 |
| 103.145.12.46 | attackbots | [2020-04-12 00:10:17] NOTICE[12114][C-00004b66] chan_sip.c: Call from '' (103.145.12.46:57812) to extension '388001148914258002' rejected because extension not found in context 'public'. [2020-04-12 00:10:17] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-12T00:10:17.033-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="388001148914258002",SessionID="0x7f020c088288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.46/57812",ACLName="no_extension_match" [2020-04-12 00:10:34] NOTICE[12114][C-00004b69] chan_sip.c: Call from '' (103.145.12.46:60655) to extension '2199801148566101003' rejected because extension not found in context 'public'. [2020-04-12 00:10:34] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-12T00:10:34.384-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="2199801148566101003",SessionID="0x7f020c0f0ff8",LocalAddress="IPV4/UDP/192.168.244.6/5060",Remote ... |
2020-04-12 18:33:44 |
| 106.12.186.121 | attackspam | Apr 12 12:34:10 legacy sshd[26653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.121 Apr 12 12:34:12 legacy sshd[26653]: Failed password for invalid user webmaster from 106.12.186.121 port 19376 ssh2 Apr 12 12:39:02 legacy sshd[26779]: Failed password for root from 106.12.186.121 port 19685 ssh2 ... |
2020-04-12 18:54:58 |
| 173.252.87.39 | attack | [Sun Apr 12 10:50:12.075241 2020] [:error] [pid 3625:tid 140295004800768] [client 173.252.87.39:49662] [client 173.252.87.39] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-dasarian/prakiraan-dasarian-daerah-potensi-banjir/555557973-prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur-untuk-bulan-april-dasarian-iii-tanggal-21-30-tahun-2020-update-10-april-2020"] [unique_id "XpKP9KLL@8cf6BWsPUlIZgAAAAE"] ... |
2020-04-12 18:11:43 |
| 181.192.27.14 | attackbots | Port probing on unauthorized port 8080 |
2020-04-12 18:51:20 |
| 162.248.92.84 | attack | Brute force attack against VPN service |
2020-04-12 18:23:57 |
| 148.228.19.2 | attack | Apr 12 12:24:40 prod4 sshd\[2560\]: Invalid user ftp_user from 148.228.19.2 Apr 12 12:24:43 prod4 sshd\[2560\]: Failed password for invalid user ftp_user from 148.228.19.2 port 38834 ssh2 Apr 12 12:29:14 prod4 sshd\[3853\]: Failed password for root from 148.228.19.2 port 46698 ssh2 ... |
2020-04-12 18:34:28 |
| 45.227.255.119 | attack | Apr 12 12:16:18 cvbnet sshd[3708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.227.255.119 Apr 12 12:16:19 cvbnet sshd[3708]: Failed password for invalid user admin from 45.227.255.119 port 13459 ssh2 ... |
2020-04-12 18:39:34 |
| 114.67.70.94 | attackspambots | Apr 12 13:32:08 itv-usvr-01 sshd[28027]: Invalid user poney from 114.67.70.94 Apr 12 13:32:08 itv-usvr-01 sshd[28027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.70.94 Apr 12 13:32:08 itv-usvr-01 sshd[28027]: Invalid user poney from 114.67.70.94 Apr 12 13:32:10 itv-usvr-01 sshd[28027]: Failed password for invalid user poney from 114.67.70.94 port 50500 ssh2 Apr 12 13:34:33 itv-usvr-01 sshd[28085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.70.94 user=root Apr 12 13:34:36 itv-usvr-01 sshd[28085]: Failed password for root from 114.67.70.94 port 49180 ssh2 |
2020-04-12 18:13:17 |
| 27.123.4.222 | attack | Telnet Server BruteForce Attack |
2020-04-12 18:18:12 |
| 45.127.101.246 | attackbots | Apr 12 09:51:08 jane sshd[28204]: Failed password for root from 45.127.101.246 port 47427 ssh2 ... |
2020-04-12 18:48:04 |
| 49.145.227.117 | attack | scamming impersonating piece of useless 30 virgin. only thing can do is hack steam accounts and steal people's items. |
2020-04-12 18:13:34 |
| 106.54.163.106 | attack | $f2bV_matches |
2020-04-12 18:18:36 |
| 69.28.235.203 | attackbotsspam | Apr 12 11:08:44 |
2020-04-12 18:28:13 |
| 43.226.35.67 | attack | SSH Brute-Force reported by Fail2Ban |
2020-04-12 18:43:11 |