城市(city): unknown
省份(region): unknown
国家(country): Germany
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.208.27.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23344
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.208.27.93. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022702 1800 900 604800 86400
;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 03:57:41 CST 2025
;; MSG SIZE rcvd: 104
93.27.208.2.in-addr.arpa domain name pointer dynamic-002-208-027-093.2.208.pool.telefonica.de.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
93.27.208.2.in-addr.arpa name = dynamic-002-208-027-093.2.208.pool.telefonica.de.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 27.74.192.168 | attack | Automatic report - Port Scan Attack |
2020-03-16 20:13:49 |
| 199.115.129.42 | attackbots | Unauthorized connection attempt detected from IP address 199.115.129.42 to port 1433 [T] |
2020-03-16 19:38:00 |
| 5.183.92.32 | attackbotsspam | POST /index.php/napisat-nam.html HTTP/1.0 303 - index.phpMozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 OPR/55.0.2994.44 |
2020-03-16 19:51:11 |
| 200.201.187.98 | attackbots | Mar 16 13:16:10 www1 sshd\[22992\]: Invalid user hblee from 200.201.187.98Mar 16 13:16:12 www1 sshd\[22992\]: Failed password for invalid user hblee from 200.201.187.98 port 55408 ssh2Mar 16 13:17:32 www1 sshd\[23115\]: Failed password for root from 200.201.187.98 port 36490 ssh2Mar 16 13:20:09 www1 sshd\[23573\]: Invalid user opensource from 200.201.187.98Mar 16 13:20:12 www1 sshd\[23573\]: Failed password for invalid user opensource from 200.201.187.98 port 55122 ssh2Mar 16 13:22:46 www1 sshd\[23741\]: Failed password for root from 200.201.187.98 port 45510 ssh2 ... |
2020-03-16 20:06:09 |
| 165.154.93.125 | attack | Automatic report - Port Scan Attack |
2020-03-16 19:57:58 |
| 222.186.42.155 | attackspambots | 2020-03-16T13:06:45.101828scmdmz1 sshd[11496]: Failed password for root from 222.186.42.155 port 13540 ssh2 2020-03-16T13:06:47.653798scmdmz1 sshd[11496]: Failed password for root from 222.186.42.155 port 13540 ssh2 2020-03-16T13:06:50.442404scmdmz1 sshd[11496]: Failed password for root from 222.186.42.155 port 13540 ssh2 ... |
2020-03-16 20:09:59 |
| 45.125.65.112 | attackbotsspam | POST /index.php/component/users/?task=user.login HTTP/1.0 303 - index.phpMozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36 Kinza/4.8.2 |
2020-03-16 20:11:47 |
| 80.20.125.243 | attack | $f2bV_matches |
2020-03-16 20:00:16 |
| 200.60.60.84 | attack | Automatic report - Port Scan |
2020-03-16 20:02:32 |
| 222.186.173.142 | attackbots | pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Failed password for root from 222.186.173.142 port 36300 ssh2 Failed password for root from 222.186.173.142 port 36300 ssh2 Failed password for root from 222.186.173.142 port 36300 ssh2 Failed password for root from 222.186.173.142 port 36300 ssh2 |
2020-03-16 20:16:46 |
| 170.76.182.251 | attackbots | Unauthorized connection attempt detected from IP address 170.76.182.251 to port 445 |
2020-03-16 20:07:09 |
| 112.35.27.97 | attackspambots | pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.35.27.97 user=root Failed password for root from 112.35.27.97 port 47940 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.35.27.97 user=root Failed password for root from 112.35.27.97 port 34808 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.35.27.97 user=root Failed password for root from 112.35.27.97 port 49950 ssh2 |
2020-03-16 19:55:00 |
| 173.252.95.21 | attackspambots | [Mon Mar 16 12:11:03.473520 2020] [:error] [pid 24460:tid 140077925463808] [client 173.252.95.21:62714] [client 173.252.95.21] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/02-Prakiraan-Dasarian/Potensi_Banjir/Provinsi_Jawa_Timur/2020/03_Maret_2020/Das-I/01-Prakiraan_Dasarian_Daerah_Potensi_Banjir_di_Provinsi_Jawa_Timur_DASARIAN-II-Bulan-MARET-Tahun-2020_update_10_Maret_2020.webp"] [unique_id "Xm8KZ0mSGE@N2IIak8L-oAAAAAE"] ... |
2020-03-16 19:38:56 |
| 188.166.60.138 | attackspam | 188.166.60.138 - - \[16/Mar/2020:12:04:58 +0100\] "POST /wp-login.php HTTP/1.0" 200 7427 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 188.166.60.138 - - \[16/Mar/2020:12:05:04 +0100\] "POST /wp-login.php HTTP/1.0" 200 7242 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 188.166.60.138 - - \[16/Mar/2020:12:05:10 +0100\] "POST /wp-login.php HTTP/1.0" 200 7239 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-03-16 19:48:50 |
| 178.174.172.177 | attackbots | Telnet/23 MH Probe, Scan, BF, Hack - |
2020-03-16 19:43:09 |