城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 214.232.93.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15340
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;214.232.93.136. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012400 1800 900 604800 86400
;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 24 23:58:49 CST 2025
;; MSG SIZE rcvd: 107Host 136.93.232.214.in-addr.arpa not found: 2(SERVFAIL)
;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 136.93.232.214.in-addr.arpa: SERVFAIL
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 167.99.90.240 | attackbots | 167.99.90.240 - - [21/Aug/2020:12:43:42 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.99.90.240 - - [21/Aug/2020:13:02:27 +0100] "POST /wp-login.php HTTP/1.1" 200 2329 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.99.90.240 - - [21/Aug/2020:13:02:27 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-08-22 02:17:16 |
| 190.74.116.189 | attackspambots | 1598011337 - 08/21/2020 14:02:17 Host: 190.74.116.189/190.74.116.189 Port: 445 TCP Blocked |
2020-08-22 02:27:07 |
| 61.177.172.142 | attackbots | [MK-Root1] SSH login failed |
2020-08-22 02:04:35 |
| 168.128.70.151 | attackspam | Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-21T13:57:44Z and 2020-08-21T14:05:49Z |
2020-08-22 02:24:11 |
| 172.105.159.6 | attackspam | xmlrpc attack |
2020-08-22 02:18:49 |
| 42.177.53.126 | attack | Unauthorised access (Aug 21) SRC=42.177.53.126 LEN=40 TTL=46 ID=47852 TCP DPT=8080 WINDOW=53910 SYN Unauthorised access (Aug 21) SRC=42.177.53.126 LEN=40 TTL=46 ID=17808 TCP DPT=8080 WINDOW=53910 SYN |
2020-08-22 01:57:45 |
| 170.130.165.205 | attackspambots | Mass spam with malicious links 170.130.165.205 |
2020-08-22 02:10:04 |
| 218.92.0.168 | attack | Aug 21 19:43:17 minden010 sshd[7050]: Failed password for root from 218.92.0.168 port 8815 ssh2 Aug 21 19:43:21 minden010 sshd[7050]: Failed password for root from 218.92.0.168 port 8815 ssh2 Aug 21 19:43:24 minden010 sshd[7050]: Failed password for root from 218.92.0.168 port 8815 ssh2 Aug 21 19:43:28 minden010 sshd[7050]: Failed password for root from 218.92.0.168 port 8815 ssh2 ... |
2020-08-22 01:46:18 |
| 178.128.72.84 | attackspam | Aug 21 17:11:22 localhost sshd\[23281\]: Invalid user tb from 178.128.72.84 port 50220 Aug 21 17:11:22 localhost sshd\[23281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.72.84 Aug 21 17:11:24 localhost sshd\[23281\]: Failed password for invalid user tb from 178.128.72.84 port 50220 ssh2 ... |
2020-08-22 02:03:25 |
| 217.10.204.238 | attack | srvr1: (mod_security) mod_security (id:942100) triggered by 217.10.204.238 (RO/-/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:02:49 [error] 482759#0: *840210 [client 217.10.204.238] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801136962.038378"] [ref ""], client: 217.10.204.238, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27+OR+++%274041%27+%3D+%270 HTTP/1.1" [redacted] |
2020-08-22 01:48:37 |
| 170.210.214.50 | attackbots | 2020-08-21 17:43:16,316 fail2ban.actions [937]: NOTICE [sshd] Ban 170.210.214.50 2020-08-21 18:14:40,398 fail2ban.actions [937]: NOTICE [sshd] Ban 170.210.214.50 2020-08-21 18:46:42,560 fail2ban.actions [937]: NOTICE [sshd] Ban 170.210.214.50 2020-08-21 19:19:00,032 fail2ban.actions [937]: NOTICE [sshd] Ban 170.210.214.50 2020-08-21 19:50:54,635 fail2ban.actions [937]: NOTICE [sshd] Ban 170.210.214.50 ... |
2020-08-22 02:22:17 |
| 62.76.12.233 | attackspambots | Unauthorized connection attempt from IP address 62.76.12.233 on Port 445(SMB) |
2020-08-22 02:13:01 |
| 139.217.218.93 | attackspam | Aug 21 06:35:57 propaganda sshd[20377]: Connection from 139.217.218.93 port 55844 on 10.0.0.161 port 22 rdomain "" Aug 21 06:35:57 propaganda sshd[20377]: Connection closed by 139.217.218.93 port 55844 [preauth] |
2020-08-22 02:19:28 |
| 192.241.239.146 | attack | Port Scan detected! ... |
2020-08-22 02:23:05 |
| 170.254.231.114 | attackspam | Unauthorized connection attempt from IP address 170.254.231.114 on Port 445(SMB) |
2020-08-22 02:02:23 |