城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 166.98.134.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33641
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;166.98.134.16. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020601 1800 900 604800 86400
;; Query time: 46 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 04:47:36 CST 2025
;; MSG SIZE rcvd: 106Host 16.134.98.166.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 16.134.98.166.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 139.99.8.3 | attackbots | php WP PHPmyadamin ABUSE blocked for 12h |
2019-11-17 01:31:18 |
| 41.142.60.137 | attackspam | 41.142.60.137 - \[asDomaincom\] \[16/Nov/2019:06:35:44 -0800\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 2541.142.60.137 - ateprotools \[16/Nov/2019:06:54:23 -0800\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 2541.142.60.137 - ateprotools \[16/Nov/2019:07:17:06 -0800\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 25 ... |
2019-11-17 01:34:58 |
| 118.173.101.94 | attack | 5555/tcp [2019-11-16]1pkt |
2019-11-17 01:45:44 |
| 45.136.109.173 | attack | 45.136.109.173 was recorded 12 times by 3 hosts attempting to connect to the following ports: 7744,33555,55888,101,63063,4494,4473,27872,2305,5389,29029. Incident counter (4h, 24h, all-time): 12, 57, 923 |
2019-11-17 01:34:06 |
| 139.9.225.150 | attack | 139.9.225.150 - - [16/Nov/2019:09:50:24 -0500] "GET /webdav/ HTTP/1.1" 301 185 "-" "Mozilla/5.0" 139.9.225.150 - - [16/Nov/2019:09:50:48 -0500] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 185 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 139.9.225.150 - - [16/Nov/2019:09:50:48 -0500] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 185 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 139.9.225.150 - - [16/Nov/2019:09:50:48 -0500] "GET /phpmyadmin/scripts/db___.init.php HTTP/1.1" 301 185 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 139.9.225.150 - - [16/Nov/2019:09:50:50 -0500] "GET /pma/scripts/setup.php HTTP/1.1" 301 185 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" ... |
2019-11-17 01:55:30 |
| 144.217.214.25 | attackspambots | Nov 16 17:50:57 server sshd\[17900\]: Invalid user test from 144.217.214.25 Nov 16 17:50:58 server sshd\[17900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip25.ip-144-217-214.net Nov 16 17:51:00 server sshd\[17900\]: Failed password for invalid user test from 144.217.214.25 port 59210 ssh2 Nov 16 18:11:40 server sshd\[23575\]: Invalid user lilian from 144.217.214.25 Nov 16 18:11:40 server sshd\[23575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip25.ip-144-217-214.net ... |
2019-11-17 01:44:19 |
| 42.114.216.64 | attackspambots | 23/tcp [2019-11-16]1pkt |
2019-11-17 02:09:34 |
| 91.195.178.91 | attack | Chat Spam |
2019-11-17 01:47:14 |
| 200.115.150.210 | attack | port scan and connect, tcp 23 (telnet) |
2019-11-17 01:58:20 |
| 185.176.221.147 | attackbots | firewall-block, port(s): 3390/tcp |
2019-11-17 02:02:50 |
| 106.54.102.94 | attack | 106.54.102.94 was recorded 5 times by 2 hosts attempting to connect to the following ports: 22. Incident counter (4h, 24h, all-time): 5, 5, 9 |
2019-11-17 01:39:38 |
| 182.254.227.147 | attack | Nov 16 18:47:26 minden010 sshd[23135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.227.147 Nov 16 18:47:28 minden010 sshd[23135]: Failed password for invalid user lturpin from 182.254.227.147 port 27077 ssh2 Nov 16 18:52:09 minden010 sshd[24691]: Failed password for root from 182.254.227.147 port 60373 ssh2 ... |
2019-11-17 02:07:36 |
| 82.79.59.75 | attackbotsspam | Session abuse GET /index.php/component/users |
2019-11-17 01:49:13 |
| 78.189.139.129 | attack | 1433/tcp [2019-11-16]1pkt |
2019-11-17 01:50:59 |
| 200.59.121.36 | attackbotsspam | Nov 16 14:50:50 system,error,critical: login failure for user admin from 200.59.121.36 via telnet Nov 16 14:50:51 system,error,critical: login failure for user root from 200.59.121.36 via telnet Nov 16 14:50:53 system,error,critical: login failure for user root from 200.59.121.36 via telnet Nov 16 14:50:59 system,error,critical: login failure for user admin from 200.59.121.36 via telnet Nov 16 14:51:01 system,error,critical: login failure for user root from 200.59.121.36 via telnet Nov 16 14:51:03 system,error,critical: login failure for user admin from 200.59.121.36 via telnet Nov 16 14:51:09 system,error,critical: login failure for user root from 200.59.121.36 via telnet Nov 16 14:51:11 system,error,critical: login failure for user admin from 200.59.121.36 via telnet Nov 16 14:51:13 system,error,critical: login failure for user root from 200.59.121.36 via telnet Nov 16 14:51:18 system,error,critical: login failure for user root from 200.59.121.36 via telnet |
2019-11-17 01:36:56 |