城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 4.105.140.193
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59695
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;4.105.140.193. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022400 1800 900 604800 86400
;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 24 21:00:06 CST 2025
;; MSG SIZE rcvd: 106Host 193.140.105.4.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 193.140.105.4.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 39.90.97.170 | attackbots | 23/tcp [2019-06-21]1pkt |
2019-06-22 06:54:37 |
| 183.151.76.15 | attackbotsspam | Jun 21 13:17:43 localhost kernel: [12381657.078484] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.151.76.15 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=45 ID=31592 DF PROTO=TCP SPT=54278 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 Jun 21 13:17:43 localhost kernel: [12381657.078510] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.151.76.15 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=45 ID=31592 DF PROTO=TCP SPT=54278 DPT=445 SEQ=3013431421 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405840103030201010402) Jun 21 15:43:17 localhost kernel: [12390390.499936] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.151.76.15 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=45 ID=16364 DF PROTO=TCP SPT=56536 DPT=139 WINDOW=8192 RES=0x00 SYN URGP=0 Jun 21 15:43:17 localhost kernel: [12390390.499971] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.151.76.1 |
2019-06-22 06:53:58 |
| 71.6.135.131 | attack | Automatic report - Web App Attack |
2019-06-22 06:36:36 |
| 181.49.11.233 | attack | Request: "GET / HTTP/1.1" |
2019-06-22 06:35:09 |
| 201.1.81.21 | attack | Request: "GET / HTTP/1.1" Request: "GET / HTTP/1.1" |
2019-06-22 06:56:39 |
| 81.22.45.251 | attackspambots | 21.06.2019 22:18:03 Connection to port 5916 blocked by firewall |
2019-06-22 06:45:49 |
| 111.174.208.165 | attackspambots | Jun 20 23:38:02 HOST sshd[10048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.174.208.165 user=r.r Jun 20 23:38:03 HOST sshd[10048]: Failed password for r.r from 111.174.208.165 port 60324 ssh2 Jun 20 23:38:06 HOST sshd[10048]: Failed password for r.r from 111.174.208.165 port 60324 ssh2 Jun 20 23:38:08 HOST sshd[10048]: Failed password for r.r from 111.174.208.165 port 60324 ssh2 Jun 20 23:38:10 HOST sshd[10048]: Failed password for r.r from 111.174.208.165 port 60324 ssh2 Jun 20 23:38:13 HOST sshd[10048]: Failed password for r.r from 111.174.208.165 port 60324 ssh2 Jun 20 23:38:16 HOST sshd[10048]: Failed password for r.r from 111.174.208.165 port 60324 ssh2 Jun 20 23:38:16 HOST sshd[10048]: Disconnecting: Too many authentication failures for r.r from 111.174.208.165 port 60324 ssh2 [preauth] Jun 20 23:38:16 HOST sshd[10048]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.174.208.165 ........ ------------------------------- |
2019-06-22 06:27:37 |
| 5.77.215.146 | attackbots | 445/tcp 445/tcp [2019-06-21]2pkt |
2019-06-22 06:43:57 |
| 142.44.211.229 | attackbots | Jun 21 22:16:05 lnxweb61 sshd[19885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.211.229 Jun 21 22:16:05 lnxweb61 sshd[19885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.211.229 |
2019-06-22 06:26:51 |
| 69.25.27.115 | attackspam | 2019/06/21 12:42:11 -- [DOS][Block][trace_route][69.25.27.115->181.29.101.11][ICMP][HLen=20, TLen=44, Type=8, Code=0] 2019/06/21 12:42:13 -- [DOS][Block][trace_route][69.25.27.110->181.29.101.11][ICMP][HLen=20, TLen=44, Type=8, Code=0] |
2019-06-22 06:50:43 |
| 189.110.234.88 | attack | Request: "GET / HTTP/1.1" |
2019-06-22 06:49:32 |
| 176.59.110.99 | attackbotsspam | 445/tcp [2019-06-21]1pkt |
2019-06-22 06:40:42 |
| 176.124.138.105 | attackbotsspam | Request: "GET / HTTP/1.1" |
2019-06-22 07:01:51 |
| 104.129.58.202 | attackbots | NAME : QUADRANET-ATLANTA CIDR : 104.129.24.0/23 | STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack USA - Georgia - block certain countries :) IP: 104.129.58.202 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl |
2019-06-22 06:34:28 |
| 196.37.111.78 | attack | 445/tcp [2019-06-21]1pkt |
2019-06-22 07:04:05 |