城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.217.169.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12591
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;172.217.169.138. IN A
;; AUTHORITY SECTION:
. 427 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022030501 1800 900 604800 86400
;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 06 03:30:51 CST 2022
;; MSG SIZE rcvd: 108138.169.217.172.in-addr.arpa domain name pointer sof02s32-in-f10.1e100.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
138.169.217.172.in-addr.arpa name = sof02s32-in-f10.1e100.net.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 213.174.21.163 | attackspam | 20/2/4@02:40:44: FAIL: Alarm-Network address from=213.174.21.163 ... |
2020-02-04 20:11:41 |
| 42.6.110.197 | attackspambots | Unauthorized connection attempt detected from IP address 42.6.110.197 to port 23 [J] |
2020-02-04 20:45:12 |
| 198.108.67.86 | attack | " " |
2020-02-04 20:24:40 |
| 222.186.42.155 | attack | Feb 4 13:53:16 dcd-gentoo sshd[19601]: User root from 222.186.42.155 not allowed because none of user's groups are listed in AllowGroups Feb 4 13:53:21 dcd-gentoo sshd[19601]: error: PAM: Authentication failure for illegal user root from 222.186.42.155 Feb 4 13:53:16 dcd-gentoo sshd[19601]: User root from 222.186.42.155 not allowed because none of user's groups are listed in AllowGroups Feb 4 13:53:21 dcd-gentoo sshd[19601]: error: PAM: Authentication failure for illegal user root from 222.186.42.155 Feb 4 13:53:16 dcd-gentoo sshd[19601]: User root from 222.186.42.155 not allowed because none of user's groups are listed in AllowGroups Feb 4 13:53:21 dcd-gentoo sshd[19601]: error: PAM: Authentication failure for illegal user root from 222.186.42.155 Feb 4 13:53:21 dcd-gentoo sshd[19601]: Failed keyboard-interactive/pam for invalid user root from 222.186.42.155 port 58651 ssh2 ... |
2020-02-04 20:53:50 |
| 222.186.175.216 | attack | Feb 4 02:15:12 web9 sshd\[7284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.216 user=root Feb 4 02:15:13 web9 sshd\[7284\]: Failed password for root from 222.186.175.216 port 48620 ssh2 Feb 4 02:15:16 web9 sshd\[7284\]: Failed password for root from 222.186.175.216 port 48620 ssh2 Feb 4 02:15:29 web9 sshd\[7316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.216 user=root Feb 4 02:15:32 web9 sshd\[7316\]: Failed password for root from 222.186.175.216 port 57684 ssh2 |
2020-02-04 20:19:15 |
| 51.68.123.192 | attackbotsspam | Unauthorized connection attempt detected from IP address 51.68.123.192 to port 2220 [J] |
2020-02-04 20:25:07 |
| 173.252.127.42 | attackbotsspam | [Tue Feb 04 11:53:50.529461 2020] [:error] [pid 9378:tid 139908140226304] [client 173.252.127.42:36518] [client 173.252.127.42] ModSecurity: Access denied with code 403 (phase 2). Found 3 byte(s) in REQUEST_URI outside range: 32-36,38-126. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1304"] [id "920272"] [msg "Invalid character in request (outside of printable chars below ascii 127)"] [data "REQUEST_URI=/images/Klimatologi/Analisis/02-Analisis_Dasarian/Dinamika/2020/01_Januari_2020/Das-III/Analisis_Dinamika_Atmosfer\\xe2\\x80\\x93Laut_Dan_Prediksi_Curah_Hujan_Update_Dasarian_III_Januari_2020.jpg"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [tag "paranoia-level/3"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Analisis/02-Analisis_Dasarian/Dinamik ... |
2020-02-04 20:31:09 |
| 132.148.129.180 | attack | Feb 4 09:08:41 firewall sshd[14522]: Invalid user ftpuser from 132.148.129.180 Feb 4 09:08:43 firewall sshd[14522]: Failed password for invalid user ftpuser from 132.148.129.180 port 38110 ssh2 Feb 4 09:10:16 firewall sshd[14591]: Invalid user sybase from 132.148.129.180 ... |
2020-02-04 20:47:05 |
| 42.113.89.198 | attackbots | Unauthorized connection attempt detected from IP address 42.113.89.198 to port 80 [J] |
2020-02-04 20:30:08 |
| 222.186.31.135 | attackspam | Feb 4 07:52:33 plusreed sshd[28599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.135 user=root Feb 4 07:52:35 plusreed sshd[28599]: Failed password for root from 222.186.31.135 port 19153 ssh2 ... |
2020-02-04 20:53:00 |
| 103.233.123.179 | attackspambots | port scan and connect, tcp 23 (telnet) |
2020-02-04 20:23:19 |
| 218.92.0.171 | attackspam | pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root Failed password for root from 218.92.0.171 port 8993 ssh2 Failed password for root from 218.92.0.171 port 8993 ssh2 Failed password for root from 218.92.0.171 port 8993 ssh2 Failed password for root from 218.92.0.171 port 8993 ssh2 |
2020-02-04 20:38:21 |
| 77.55.213.148 | attackspam | Unauthorized connection attempt detected from IP address 77.55.213.148 to port 2220 [J] |
2020-02-04 20:23:38 |
| 114.67.100.245 | attackbotsspam | Unauthorized connection attempt detected from IP address 114.67.100.245 to port 2220 [J] |
2020-02-04 20:16:37 |
| 123.114.103.142 | attackspam | Automatic report - SSH Brute-Force Attack |
2020-02-04 20:34:36 |