城市(city): unknown
省份(region): unknown
国家(country): Kazakhstan
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.134.30.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21146
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.134.30.40. IN A
;; AUTHORITY SECTION:
. 296 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022010200 1800 900 604800 86400
;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 02 23:24:25 CST 2022
;; MSG SIZE rcvd: 10440.30.134.2.in-addr.arpa domain name pointer 2.134.30.40.megaline.telecom.kz.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
40.30.134.2.in-addr.arpa name = 2.134.30.40.megaline.telecom.kz.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 5.183.93.156 | attack | Brute-Force |
2020-04-16 11:11:39 |
| 103.76.175.130 | attack | SSH login attempts. |
2020-04-16 12:24:10 |
| 222.186.31.166 | attack | SSH bruteforce more then 50 syn to 22 port per 10 seconds. |
2020-04-16 08:25:30 |
| 213.180.203.173 | attackbots | [Thu Apr 16 05:39:39.946927 2020] [:error] [pid 6111:tid 140689482336000] [client 213.180.203.173:43804] [client 213.180.203.173] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XpeNK0LHrILhzgme3dl9pwAAALQ"] ... |
2020-04-16 08:22:21 |
| 60.12.124.24 | attack | 20 attempts against mh-misbehave-ban on thorn |
2020-04-16 08:16:01 |
| 209.97.170.56 | attack | Apr 16 05:56:16 vpn01 sshd[17872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.170.56 Apr 16 05:56:18 vpn01 sshd[17872]: Failed password for invalid user user from 209.97.170.56 port 44012 ssh2 ... |
2020-04-16 12:17:19 |
| 23.108.46.117 | attack | (From eric@talkwithwebvisitor.com) Hi, my name is Eric and I’m betting you’d like your website grundychiropractic.com to generate more leads. Here’s how: Talk With Web Visitor is a software widget that’s works on your site, ready to capture any visitor’s Name, Email address and Phone Number. It signals you as soon as they say they’re interested – so that you can talk to that lead while they’re still there at grundychiropractic.com. Talk With Web Visitor – CLICK HERE http://www.talkwithwebvisitor.com for a live demo now. And now that you’ve got their phone number, our new SMS Text With Lead feature enables you to start a text (SMS) conversation – answer questions, provide more info, and close a deal that way. If they don’t take you up on your offer then, just follow up with text messages for new offers, content links, even just “how you doing?” notes to build a relationship. CLICK HERE http://www.talkwithwebvisitor.com to discover what Talk With Web Visitor can do for your business. The dif |
2020-04-16 12:18:26 |
| 190.103.202.7 | attack | Apr 15 19:24:11 lanister sshd[31853]: Failed password for invalid user nagios from 190.103.202.7 port 34634 ssh2 Apr 15 19:35:36 lanister sshd[31973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.103.202.7 user=root Apr 15 19:35:38 lanister sshd[31973]: Failed password for root from 190.103.202.7 port 53184 ssh2 Apr 15 19:41:12 lanister sshd[32092]: Invalid user pagina from 190.103.202.7 |
2020-04-16 08:26:38 |
| 200.201.199.74 | attackspam | Apr 16 05:56:12 * sshd[24679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.201.199.74 Apr 16 05:56:14 * sshd[24679]: Failed password for invalid user wwwroot from 200.201.199.74 port 26377 ssh2 |
2020-04-16 12:17:54 |
| 192.241.239.50 | attackspam | Port scan: Attack repeated for 24 hours |
2020-04-16 12:22:49 |
| 104.248.149.130 | attack | prod6 ... |
2020-04-16 12:03:09 |
| 222.186.173.180 | attackbots | Apr 16 06:10:20 ArkNodeAT sshd\[23943\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root Apr 16 06:10:22 ArkNodeAT sshd\[23943\]: Failed password for root from 222.186.173.180 port 31032 ssh2 Apr 16 06:10:32 ArkNodeAT sshd\[23943\]: Failed password for root from 222.186.173.180 port 31032 ssh2 |
2020-04-16 12:13:57 |
| 222.186.173.201 | attackspam | 2020-04-16T06:08:31.495697vps751288.ovh.net sshd\[22958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.201 user=root 2020-04-16T06:08:33.970589vps751288.ovh.net sshd\[22958\]: Failed password for root from 222.186.173.201 port 47722 ssh2 2020-04-16T06:08:37.227487vps751288.ovh.net sshd\[22958\]: Failed password for root from 222.186.173.201 port 47722 ssh2 2020-04-16T06:08:39.569222vps751288.ovh.net sshd\[22958\]: Failed password for root from 222.186.173.201 port 47722 ssh2 2020-04-16T06:08:42.179977vps751288.ovh.net sshd\[22958\]: Failed password for root from 222.186.173.201 port 47722 ssh2 |
2020-04-16 12:13:15 |
| 58.56.140.62 | attackspambots | Apr 15 19:30:08 firewall sshd[22339]: Invalid user ariaantje from 58.56.140.62 Apr 15 19:30:10 firewall sshd[22339]: Failed password for invalid user ariaantje from 58.56.140.62 port 16673 ssh2 Apr 15 19:34:09 firewall sshd[22583]: Invalid user donald from 58.56.140.62 ... |
2020-04-16 08:30:41 |
| 202.191.132.153 | attackbotsspam | Automatic report - Port Scan |
2020-04-16 12:16:16 |