城市(city): unknown
省份(region): unknown
国家(country): unknown
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
bb'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 2001:67c:d8:e400::8c
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10867
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;2001:67c:d8:e400::8c. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Feb 18 23:46:17 CST 2022
;; MSG SIZE rcvd: 49
'c.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.e.8.d.0.0.c.7.6.0.1.0.0.2.ip6.arpa domain name pointer extsexweb.sr.se.
c.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.e.8.d.0.0.c.7.6.0.1.0.0.2.ip6.arpa domain name pointer www.sr.se.
c.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.e.8.d.0.0.c.7.6.0.1.0.0.2.ip6.arpa domain name pointer sr.se.
c.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.e.8.d.0.0.c.7.6.0.1.0.0.2.ip6.arpa domain name pointer sverigesradio.se.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
c.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.e.8.d.0.0.c.7.6.0.1.0.0.2.ip6.arpa name = sverigesradio.se.
c.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.e.8.d.0.0.c.7.6.0.1.0.0.2.ip6.arpa name = extsexweb.sr.se.
c.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.e.8.d.0.0.c.7.6.0.1.0.0.2.ip6.arpa name = www.sr.se.
c.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.e.8.d.0.0.c.7.6.0.1.0.0.2.ip6.arpa name = sr.se.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 185.143.223.81 | attackbots | Jan 8 15:07:23 h2177944 kernel: \[1690970.393263\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=64971 PROTO=TCP SPT=42818 DPT=60586 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 8 15:07:23 h2177944 kernel: \[1690970.393277\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=64971 PROTO=TCP SPT=42818 DPT=60586 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 8 15:15:24 h2177944 kernel: \[1691451.784106\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=51968 PROTO=TCP SPT=42818 DPT=19343 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 8 15:20:59 h2177944 kernel: \[1691786.200195\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=30534 PROTO=TCP SPT=42818 DPT=54613 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 8 15:20:59 h2177944 kernel: \[1691786.200209\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85. |
2020-01-08 22:24:34 |
| 118.69.64.250 | attackbots | " " |
2020-01-08 22:25:23 |
| 113.181.85.68 | attackbotsspam | 1578488741 - 01/08/2020 14:05:41 Host: 113.181.85.68/113.181.85.68 Port: 445 TCP Blocked |
2020-01-08 22:14:15 |
| 139.219.0.20 | attackspam | Jan 8 13:13:41 server sshd\[1869\]: Invalid user user10 from 139.219.0.20 Jan 8 13:13:41 server sshd\[1869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.20 Jan 8 13:13:43 server sshd\[1869\]: Failed password for invalid user user10 from 139.219.0.20 port 40544 ssh2 Jan 8 16:06:12 server sshd\[9356\]: Invalid user nanamiya from 139.219.0.20 Jan 8 16:06:12 server sshd\[9356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.20 ... |
2020-01-08 21:50:11 |
| 114.112.72.130 | attackspam | firewall-block, port(s): 23/tcp |
2020-01-08 21:59:03 |
| 201.99.120.13 | attack | Jan 8 14:43:12 ns381471 sshd[23022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.99.120.13 Jan 8 14:43:14 ns381471 sshd[23022]: Failed password for invalid user admin from 201.99.120.13 port 60762 ssh2 |
2020-01-08 21:49:50 |
| 146.255.152.251 | attackspam | PHP backdoor scan attempt |
2020-01-08 22:16:22 |
| 217.160.75.184 | attack | Jan 8 09:50:03 alonganon sshd[3392]: Did not receive identification string from 217.160.75.184 Jan 8 09:52:49 alonganon sshd[3423]: Did not receive identification string from 217.160.75.184 Jan 8 09:55:18 alonganon sshd[3453]: Received disconnect from 217.160.75.184 port 58678:11: Normal Shutdown, Thank you for playing [preauth] Jan 8 09:55:18 alonganon sshd[3453]: Disconnected from 217.160.75.184 port 58678 [preauth] Jan 8 09:57:07 alonganon sshd[3487]: Received disconnect from 217.160.75.184 port 37860:11: Normal Shutdown, Thank you for playing [preauth] Jan 8 09:57:07 alonganon sshd[3487]: Disconnected from 217.160.75.184 port 37860 [preauth] Jan 8 09:58:58 alonganon sshd[3516]: Invalid user test from 217.160.75.184 Jan 8 09:58:58 alonganon sshd[3516]: Received disconnect from 217.160.75.184 port 45344:11: Normal Shutdown, Thank you for playing [preauth] Jan 8 09:58:58 alonganon sshd[3516]: Disconnected from 217.160.75.184 port 45344 [preauth] Jan 8 10:01:2........ ------------------------------- |
2020-01-08 22:11:12 |
| 35.199.154.128 | attackspambots | Jan 8 03:54:44 web9 sshd\[24065\]: Invalid user fu from 35.199.154.128 Jan 8 03:54:44 web9 sshd\[24065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.199.154.128 Jan 8 03:54:45 web9 sshd\[24065\]: Failed password for invalid user fu from 35.199.154.128 port 47614 ssh2 Jan 8 03:56:23 web9 sshd\[24317\]: Invalid user anh from 35.199.154.128 Jan 8 03:56:23 web9 sshd\[24317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.199.154.128 |
2020-01-08 22:05:37 |
| 67.205.172.40 | attack | [munged]::443 67.205.172.40 - - [08/Jan/2020:14:03:27 +0100] "POST /[munged]: HTTP/1.1" 200 5569 "-" "-" [munged]::443 67.205.172.40 - - [08/Jan/2020:14:03:43 +0100] "POST /[munged]: HTTP/1.1" 200 5569 "-" "-" [munged]::443 67.205.172.40 - - [08/Jan/2020:14:03:59 +0100] "POST /[munged]: HTTP/1.1" 200 5569 "-" "-" [munged]::443 67.205.172.40 - - [08/Jan/2020:14:04:15 +0100] "POST /[munged]: HTTP/1.1" 200 5569 "-" "-" [munged]::443 67.205.172.40 - - [08/Jan/2020:14:04:31 +0100] "POST /[munged]: HTTP/1.1" 200 5569 "-" "-" [munged]::443 67.205.172.40 - - [08/Jan/2020:14:04:47 +0100] "POST /[munged]: HTTP/1.1" 200 5569 "-" "-" [munged]::443 67.205.172.40 - - [08/Jan/2020:14:05:03 +0100] "POST /[munged]: HTTP/1.1" 200 5569 "-" "-" [munged]::443 67.205.172.40 - - [08/Jan/2020:14:05:19 +0100] "POST /[munged]: HTTP/1.1" 200 5569 "-" "-" [munged]::443 67.205.172.40 - - [08/Jan/2020:14:05:35 +0100] "POST /[munged]: HTTP/1.1" 200 5569 "-" "-" [munged]::443 67.205.172.40 - - [08/Jan/2020:14:05:51 +0100] "POST /[munged]: H |
2020-01-08 22:06:27 |
| 54.196.250.66 | attackbots | Received: from o22.delivery.raremsv.com (o22.delivery.raremsv.com [167.89.16.13]) by m0117089.mta.everyone.net (EON-INBOUND) with ESMTP id m0117089.5e0ea4c5.20dcd9 for <@antihotmail.com>; Wed, 8 Jan 2020 04:54:14 -0800 Received: from NDY4MjczMw (ec2-54-196-250-66.compute-1.amazonaws.com [54.196.250.66]) by ismtpd0010p1iad1.sendgrid.net (SG) with HTTP id IEcDOpOcR8a_8ibXcfws9w Wed, 08 Jan 2020 12:54:13.881 +0000 (UTC) Subject: Mesage important |
2020-01-08 22:07:22 |
| 190.180.73.46 | attack | 1578488751 - 01/08/2020 14:05:51 Host: 190.180.73.46/190.180.73.46 Port: 445 TCP Blocked |
2020-01-08 22:05:58 |
| 178.128.18.231 | attack | Automatic report - Banned IP Access |
2020-01-08 22:15:10 |
| 94.158.37.229 | attackspambots | port scan and connect, tcp 22 (ssh) |
2020-01-08 22:09:53 |
| 195.96.231.128 | attack | Jan 8 13:41:06 ip-172-31-62-245 sshd\[21046\]: Invalid user gik from 195.96.231.128\ Jan 8 13:41:08 ip-172-31-62-245 sshd\[21046\]: Failed password for invalid user gik from 195.96.231.128 port 56494 ssh2\ Jan 8 13:44:36 ip-172-31-62-245 sshd\[21071\]: Invalid user finger from 195.96.231.128\ Jan 8 13:44:38 ip-172-31-62-245 sshd\[21071\]: Failed password for invalid user finger from 195.96.231.128 port 33230 ssh2\ Jan 8 13:48:06 ip-172-31-62-245 sshd\[21087\]: Invalid user staff from 195.96.231.128\ |
2020-01-08 22:04:53 |