城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 161.189.239.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49643
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;161.189.239.144. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012900 1800 900 604800 86400
;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 16:49:41 CST 2025
;; MSG SIZE rcvd: 108
144.239.189.161.in-addr.arpa domain name pointer ec2-161-189-239-144.cn-northwest-1.compute.amazonaws.com.cn.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
144.239.189.161.in-addr.arpa name = ec2-161-189-239-144.cn-northwest-1.compute.amazonaws.com.cn.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 5.200.63.190 | attackspambots | Oct 26 23:34:44 hurricane sshd[10265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.200.63.190 user=r.r Oct 26 23:34:45 hurricane sshd[10265]: Failed password for r.r from 5.200.63.190 port 37382 ssh2 Oct 26 23:34:46 hurricane sshd[10265]: Received disconnect from 5.200.63.190 port 37382:11: Bye Bye [preauth] Oct 26 23:34:46 hurricane sshd[10265]: Disconnected from 5.200.63.190 port 37382 [preauth] Oct 26 23:41:51 hurricane sshd[10365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.200.63.190 user=r.r Oct 26 23:41:53 hurricane sshd[10365]: Failed password for r.r from 5.200.63.190 port 33706 ssh2 Oct 26 23:41:53 hurricane sshd[10365]: Received disconnect from 5.200.63.190 port 33706:11: Bye Bye [preauth] Oct 26 23:41:53 hurricane sshd[10365]: Disconnected from 5.200.63.190 port 33706 [preauth] Oct 26 23:45:55 hurricane sshd[10377]: pam_unix(sshd:auth): authentication failure; logn........ ------------------------------- |
2019-10-27 16:52:20 |
| 109.91.37.227 | attackspam | Looking for resource vulnerabilities |
2019-10-27 16:42:19 |
| 212.237.53.169 | attackbots | 2019-10-27T07:05:08.078190abusebot-6.cloudsearch.cf sshd\[19527\]: Invalid user blanca from 212.237.53.169 port 53592 |
2019-10-27 16:45:32 |
| 211.35.76.241 | attackbots | Invalid user test from 211.35.76.241 port 45540 |
2019-10-27 16:31:56 |
| 175.210.238.141 | attackspambots | firewall-block, port(s): 23/tcp |
2019-10-27 16:54:48 |
| 112.85.42.195 | attackspambots | Oct 27 04:12:14 game-panel sshd[3928]: Failed password for root from 112.85.42.195 port 24671 ssh2 Oct 27 04:12:43 game-panel sshd[3937]: Failed password for root from 112.85.42.195 port 52646 ssh2 |
2019-10-27 16:50:01 |
| 200.149.1.106 | attackbotsspam | (From webuydomains@bigwidewebpro.com) Dear owner for bafilefamilychiro.com, We came across your site and wanted to see are you considering selling your domain and website? If you have considered it could you let us know by going to bigwidewebpro.com for additional info on what we would like to buy. We would just have a few questions to help us make a proper offer for your site, look forward to hearing! Thanks James Harrison bigwidewebpro.com |
2019-10-27 16:33:05 |
| 69.162.68.54 | attack | Oct 27 07:25:40 MK-Soft-Root2 sshd[27069]: Failed password for root from 69.162.68.54 port 42202 ssh2 ... |
2019-10-27 16:58:07 |
| 54.39.98.253 | attack | Oct 27 05:55:36 localhost sshd\[28584\]: Invalid user koes from 54.39.98.253 port 51158 Oct 27 05:55:36 localhost sshd\[28584\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.98.253 Oct 27 05:55:38 localhost sshd\[28584\]: Failed password for invalid user koes from 54.39.98.253 port 51158 ssh2 ... |
2019-10-27 16:30:21 |
| 169.197.108.6 | attack | T: f2b 404 5x |
2019-10-27 16:28:45 |
| 45.136.109.215 | attackbotsspam | Oct 27 09:06:17 h2177944 kernel: \[5039370.970101\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.215 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=40130 PROTO=TCP SPT=43015 DPT=1505 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 09:12:17 h2177944 kernel: \[5039730.863213\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.215 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=10470 PROTO=TCP SPT=43015 DPT=7432 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 09:21:55 h2177944 kernel: \[5040309.156082\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.215 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=54805 PROTO=TCP SPT=43015 DPT=1647 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 09:25:22 h2177944 kernel: \[5040515.542765\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.215 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=28892 PROTO=TCP SPT=43015 DPT=7691 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 09:27:17 h2177944 kernel: \[5040630.622900\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.215 DST=85.214. |
2019-10-27 16:30:52 |
| 185.199.87.243 | attack | (From webuydomains@bigwidewebpro.com) Dear owner for bafilefamilychiro.com, We came across your site and wanted to see are you considering selling your domain and website? If you have considered it could you let us know by going to bigwidewebpro.com for additional info on what we would like to buy. We would just have a few questions to help us make a proper offer for your site, look forward to hearing! Thanks James Harrison bigwidewebpro.com |
2019-10-27 16:27:40 |
| 150.95.24.185 | attackspambots | Oct 27 09:49:53 vps01 sshd[23407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.24.185 Oct 27 09:49:55 vps01 sshd[23407]: Failed password for invalid user art1 from 150.95.24.185 port 56845 ssh2 |
2019-10-27 17:00:53 |
| 221.3.52.73 | attackspam | 23/tcp [2019-10-27]1pkt |
2019-10-27 16:47:17 |
| 156.208.17.6 | attackspambots | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/156.208.17.6/ EG - 1H : (31) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : EG NAME ASN : ASN8452 IP : 156.208.17.6 CIDR : 156.208.0.0/18 PREFIX COUNT : 833 UNIQUE IP COUNT : 7610368 ATTACKS DETECTED ASN8452 : 1H - 12 3H - 23 6H - 23 12H - 27 24H - 27 DateTime : 2019-10-27 04:50:32 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-27 16:38:06 |