城市(city): unknown
省份(region): unknown
国家(country): Norway
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.100.75.101
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5241
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;20.100.75.101. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020901 1800 900 604800 86400
;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 10 06:55:01 CST 2025
;; MSG SIZE rcvd: 106Host 101.75.100.20.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 101.75.100.20.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 117.4.247.152 | attack | [portscan] tcp/1433 [MsSQL] in sorbs:'listed [spam]' *(RWIN=8192)(11190859) |
2019-11-19 17:05:46 |
| 196.52.43.127 | attackspambots | [portscan] udp/1900 [ssdp] *(RWIN=-)(11190859) |
2019-11-19 17:02:12 |
| 109.132.228.147 | attackbots | [portscan] tcp/23 [TELNET] *(RWIN=63609)(11190859) |
2019-11-19 17:07:43 |
| 138.68.247.104 | attackspambots | [Tue Nov 19 05:52:32.892620 2019] [:error] [pid 64127] [client 138.68.247.104:61000] [client 138.68.247.104] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ws24vmsma01.ufn.edu.br"] [uri "/"] [unique_id "XdOtUJkLc2ov4Xuep0hqgAAAAAY"] ... |
2019-11-19 16:57:19 |
| 106.75.134.239 | attack | Nov 19 07:39:38 meumeu sshd[5566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239 Nov 19 07:39:40 meumeu sshd[5566]: Failed password for invalid user noah123 from 106.75.134.239 port 44114 ssh2 Nov 19 07:44:11 meumeu sshd[6112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239 ... |
2019-11-19 16:54:18 |
| 158.69.75.110 | attackspam | 2019-11-16T10:35:45.086171ns547587 sshd\[25972\]: Invalid user oakes from 158.69.75.110 port 52650 2019-11-16T10:35:45.091677ns547587 sshd\[25972\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.75.110 2019-11-16T10:35:47.233799ns547587 sshd\[25972\]: Failed password for invalid user oakes from 158.69.75.110 port 52650 ssh2 2019-11-16T10:39:16.506488ns547587 sshd\[31389\]: Invalid user hollis from 158.69.75.110 port 34180 2019-11-16T10:39:16.510804ns547587 sshd\[31389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.75.110 2019-11-16T10:39:18.953802ns547587 sshd\[31389\]: Failed password for invalid user hollis from 158.69.75.110 port 34180 ssh2 2019-11-16T10:42:55.334672ns547587 sshd\[4724\]: Invalid user guest from 158.69.75.110 port 43950 2019-11-16T10:42:55.340259ns547587 sshd\[4724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158. ... |
2019-11-19 16:37:34 |
| 113.170.141.183 | attack | [portscan] tcp/81 [alter-web/web-proxy] *(RWIN=1765)(11190859) |
2019-11-19 17:07:12 |
| 202.84.45.250 | attackbotsspam | Nov 19 02:50:38 linuxvps sshd\[11273\]: Invalid user 123g from 202.84.45.250 Nov 19 02:50:38 linuxvps sshd\[11273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.84.45.250 Nov 19 02:50:41 linuxvps sshd\[11273\]: Failed password for invalid user 123g from 202.84.45.250 port 46502 ssh2 Nov 19 02:56:41 linuxvps sshd\[15040\]: Invalid user ilyess from 202.84.45.250 Nov 19 02:56:41 linuxvps sshd\[15040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.84.45.250 |
2019-11-19 16:38:57 |
| 37.49.231.121 | attackbots | MultiHost/MultiPort Probe, Scan, Hack - |
2019-11-19 17:12:13 |
| 219.85.144.12 | attackspambots | [portscan] tcp/81 [alter-web/web-proxy] *(RWIN=14600)(11190859) |
2019-11-19 17:01:08 |
| 139.59.59.187 | attackspambots | Nov 19 07:25:56 jane sshd[2977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.187 Nov 19 07:25:57 jane sshd[2977]: Failed password for invalid user support from 139.59.59.187 port 52500 ssh2 ... |
2019-11-19 17:00:06 |
| 45.55.47.149 | attack | Nov 19 07:48:52 124388 sshd[13533]: Invalid user hank from 45.55.47.149 port 36055 Nov 19 07:48:52 124388 sshd[13533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.47.149 Nov 19 07:48:52 124388 sshd[13533]: Invalid user hank from 45.55.47.149 port 36055 Nov 19 07:48:54 124388 sshd[13533]: Failed password for invalid user hank from 45.55.47.149 port 36055 ssh2 Nov 19 07:53:50 124388 sshd[13547]: Invalid user syncg from 45.55.47.149 port 54566 |
2019-11-19 16:39:22 |
| 73.17.111.34 | attackspam | [portscan] tcp/22 [SSH] in blocklist.de:'listed [ssh]' *(RWIN=65535)(11190859) |
2019-11-19 17:09:51 |
| 94.191.50.114 | attackspam | Nov 19 09:33:53 h2177944 sshd\[5154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.50.114 user=root Nov 19 09:33:55 h2177944 sshd\[5154\]: Failed password for root from 94.191.50.114 port 41148 ssh2 Nov 19 09:38:29 h2177944 sshd\[5252\]: Invalid user skogly from 94.191.50.114 port 47536 Nov 19 09:38:29 h2177944 sshd\[5252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.50.114 ... |
2019-11-19 16:54:38 |
| 49.88.112.74 | attackbotsspam | 2019-11-19T08:30:36.992282abusebot-7.cloudsearch.cf sshd\[20904\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.74 user=root |
2019-11-19 16:59:49 |