城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 4.142.192.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23741
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;4.142.192.149. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021102 1800 900 604800 86400
;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 06:33:23 CST 2025
;; MSG SIZE rcvd: 106Host 149.192.142.4.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 149.192.142.4.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 144.76.96.236 | attack | 20 attempts against mh-misbehave-ban on twig |
2020-04-29 07:29:16 |
| 164.132.192.5 | attackbots | [Aegis] @ 2019-06-02 16:46:34 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack |
2020-04-29 07:28:57 |
| 211.104.171.239 | attack | Apr 28 20:44:47 firewall sshd[15229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.104.171.239 Apr 28 20:44:47 firewall sshd[15229]: Invalid user testi from 211.104.171.239 Apr 28 20:44:49 firewall sshd[15229]: Failed password for invalid user testi from 211.104.171.239 port 56866 ssh2 ... |
2020-04-29 08:04:25 |
| 23.249.164.16 | attackbotsspam | [2020-04-28 19:28:39] NOTICE[1170][C-00007d74] chan_sip.c: Call from '' (23.249.164.16:53261) to extension '881110442870878530' rejected because extension not found in context 'public'. [2020-04-28 19:28:39] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-28T19:28:39.842-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="881110442870878530",SessionID="0x7f6c086a7518",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/23.249.164.16/53261",ACLName="no_extension_match" [2020-04-28 19:29:41] NOTICE[1170][C-00007d77] chan_sip.c: Call from '' (23.249.164.16:64362) to extension '881120442870878530' rejected because extension not found in context 'public'. [2020-04-28 19:29:41] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-28T19:29:41.922-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="881120442870878530",SessionID="0x7f6c0825b8a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddres ... |
2020-04-29 07:41:12 |
| 185.202.1.240 | attackbotsspam | 2020-04-28T06:40:12.1236341495-001 sshd[662]: Failed password for root from 185.202.1.240 port 33476 ssh2 2020-04-28T06:40:13.1133121495-001 sshd[669]: Invalid user admin from 185.202.1.240 port 39890 2020-04-28T06:40:13.2294561495-001 sshd[669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.202.1.240 2020-04-28T06:40:13.1133121495-001 sshd[669]: Invalid user admin from 185.202.1.240 port 39890 2020-04-28T06:40:15.3684501495-001 sshd[669]: Failed password for invalid user admin from 185.202.1.240 port 39890 ssh2 2020-04-28T17:49:44.1736051495-001 sshd[44022]: Invalid user admin from 185.202.1.240 port 4631 ... |
2020-04-29 07:50:24 |
| 185.200.118.55 | attack | 185.200.118.55 was recorded 7 times by 7 hosts attempting to connect to the following ports: 1194. Incident counter (4h, 24h, all-time): 7, 7, 335 |
2020-04-29 07:30:30 |
| 106.13.228.21 | attack | Apr 29 01:03:18 minden010 sshd[10848]: Failed password for root from 106.13.228.21 port 57040 ssh2 Apr 29 01:09:02 minden010 sshd[13396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.228.21 Apr 29 01:09:05 minden010 sshd[13396]: Failed password for invalid user cogan from 106.13.228.21 port 51278 ssh2 ... |
2020-04-29 07:36:40 |
| 42.119.47.206 | attack | Unauthorized connection attempt from IP address 42.119.47.206 on Port 445(SMB) |
2020-04-29 07:44:36 |
| 37.195.205.135 | attack | [Aegis] @ 2019-06-02 16:10:43 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack |
2020-04-29 07:46:23 |
| 181.119.69.14 | attackbotsspam | www.fahrschule-mihm.de 181.119.69.14 [28/Apr/2020:22:45:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4281 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" www.fahrschule-mihm.de 181.119.69.14 [28/Apr/2020:22:45:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4281 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" |
2020-04-29 07:48:47 |
| 159.203.27.98 | attackbots | Invalid user qian from 159.203.27.98 port 34376 |
2020-04-29 07:46:59 |
| 37.252.75.80 | attackspam | Unauthorized connection attempt from IP address 37.252.75.80 on Port 445(SMB) |
2020-04-29 07:52:01 |
| 42.236.75.198 | attackspambots | Port probing on unauthorized port 1433 |
2020-04-29 08:03:01 |
| 1.163.24.41 | attackbotsspam | Unauthorized connection attempt from IP address 1.163.24.41 on Port 445(SMB) |
2020-04-29 07:27:10 |
| 222.186.180.8 | attackbots | [ssh] SSH attack |
2020-04-29 07:57:33 |