城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): China Unicom
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.239.6.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22393
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;42.239.6.194. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025030701 1800 900 604800 86400
;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 08 04:49:25 CST 2025
;; MSG SIZE rcvd: 105
194.6.239.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
194.6.239.42.in-addr.arpa name = hn.kd.ny.adsl.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 52.191.23.78 | attackspam |
|
2020-08-13 19:15:58 |
| 185.108.106.215 | attackspambots | query suspecte, attemp SQL injection log:/tourisme/ski/stations_de_ski.php?id=/etc/passwd |
2020-08-13 18:37:26 |
| 129.82.138.44 | attack | srv02 Mass scanning activity detected Target: - .. |
2020-08-13 18:46:19 |
| 201.148.166.9 | attackbots | port scan and connect, tcp 23 (telnet) |
2020-08-13 18:42:47 |
| 138.197.164.222 | attackspam | Aug 13 07:50:06 rancher-0 sshd[1036529]: Invalid user sa12345! from 138.197.164.222 port 40368 ... |
2020-08-13 19:09:25 |
| 114.67.104.35 | attackbotsspam | Aug 13 05:54:37 scw-tender-jepsen sshd[1507]: Failed password for root from 114.67.104.35 port 60883 ssh2 |
2020-08-13 18:48:30 |
| 98.143.148.45 | attackspam | Aug 13 08:53:22 serwer sshd\[645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.143.148.45 user=root Aug 13 08:53:24 serwer sshd\[645\]: Failed password for root from 98.143.148.45 port 38704 ssh2 Aug 13 08:59:12 serwer sshd\[1183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.143.148.45 user=root ... |
2020-08-13 19:07:28 |
| 142.90.1.45 | attack | Lines containing failures of 142.90.1.45 Aug 13 04:53:42 dns01 sshd[16981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.90.1.45 user=r.r Aug 13 04:53:44 dns01 sshd[16981]: Failed password for r.r from 142.90.1.45 port 50084 ssh2 Aug 13 04:53:44 dns01 sshd[16981]: Received disconnect from 142.90.1.45 port 50084:11: Bye Bye [preauth] Aug 13 04:53:44 dns01 sshd[16981]: Disconnected from authenticating user r.r 142.90.1.45 port 50084 [preauth] Aug 13 05:08:36 dns01 sshd[19972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.90.1.45 user=r.r Aug 13 05:08:38 dns01 sshd[19972]: Failed password for r.r from 142.90.1.45 port 58744 ssh2 Aug 13 05:08:38 dns01 sshd[19972]: Received disconnect from 142.90.1.45 port 58744:11: Bye Bye [preauth] Aug 13 05:08:38 dns01 sshd[19972]: Disconnected from authenticating user r.r 142.90.1.45 port 58744 [preauth] Aug 13 05:12:41 dns01 sshd[21296]: pam_u........ ------------------------------ |
2020-08-13 19:14:47 |
| 114.79.19.223 | attackbots | [Thu Aug 13 10:47:47.880065 2020] [:error] [pid 6782:tid 140397710505728] [client 114.79.19.223:45013] [client 114.79.19.223] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php"] [unique_id "XzS34702rmmayZvC0xQrTgABaAM"], referer: https://www.google.com/
... |
2020-08-13 18:55:48 |
| 128.14.230.200 | attackbotsspam | Aug 13 08:04:13 fhem-rasp sshd[9983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.14.230.200 user=root Aug 13 08:04:15 fhem-rasp sshd[9983]: Failed password for root from 128.14.230.200 port 52526 ssh2 ... |
2020-08-13 19:14:05 |
| 106.52.197.21 | attackspam | Aug 13 12:22:00 abendstille sshd\[12257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.197.21 user=root Aug 13 12:22:02 abendstille sshd\[12257\]: Failed password for root from 106.52.197.21 port 40272 ssh2 Aug 13 12:24:58 abendstille sshd\[15246\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.197.21 user=root Aug 13 12:25:00 abendstille sshd\[15246\]: Failed password for root from 106.52.197.21 port 43380 ssh2 Aug 13 12:28:01 abendstille sshd\[18109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.197.21 user=root ... |
2020-08-13 18:42:08 |
| 165.22.33.32 | attackspambots | Aug 13 09:29:38 icinga sshd[27716]: Failed password for root from 165.22.33.32 port 51144 ssh2 Aug 13 09:53:10 icinga sshd[63802]: Failed password for root from 165.22.33.32 port 57730 ssh2 ... |
2020-08-13 19:11:17 |
| 103.126.244.26 | attack | (eximsyntax) Exim syntax errors from 103.126.244.26 (NP/Nepal/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-13 08:18:26 SMTP call from [103.126.244.26] dropped: too many syntax or protocol errors (last command was "?\034?\032?\027?\031?\034?\033?\030?\032?\026?\016?\r?\v?\f? ?") |
2020-08-13 18:31:57 |
| 162.212.13.60 | attack | 1433/tcp 445/tcp... [2020-06-20/08-13]7pkt,2pt.(tcp) |
2020-08-13 19:06:07 |
| 191.241.242.91 | attackbots | 1597290462 - 08/13/2020 05:47:42 Host: 191.241.242.91/191.241.242.91 Port: 445 TCP Blocked |
2020-08-13 19:01:00 |