城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 48.120.34.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42009
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;48.120.34.14. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2024120901 1800 900 604800 86400
;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 10 10:14:58 CST 2024
;; MSG SIZE rcvd: 105
Host 14.34.120.48.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 14.34.120.48.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 61.3.117.160 | attack | 20/1/29@08:33:52: FAIL: Alarm-Network address from=61.3.117.160 ... |
2020-01-30 00:32:57 |
| 59.42.37.132 | attackspambots | Jan 29 17:39:14 MK-Soft-VM8 sshd[20688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.42.37.132 Jan 29 17:39:16 MK-Soft-VM8 sshd[20688]: Failed password for invalid user dvaraka from 59.42.37.132 port 3193 ssh2 ... |
2020-01-30 00:57:28 |
| 200.30.209.195 | attack | 2020-01-25 04:37:07 1ivCFu-0007rN-FB SMTP connection from pc-195-209-30-200.cm.vtr.net \[200.30.209.195\]:17670 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-01-25 04:37:25 1ivCGB-0007rr-9V SMTP connection from pc-195-209-30-200.cm.vtr.net \[200.30.209.195\]:17787 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-01-25 04:37:38 1ivCGO-0007sF-O8 SMTP connection from pc-195-209-30-200.cm.vtr.net \[200.30.209.195\]:17865 I=\[193.107.88.166\]:25 closed by DROP in ACL ... |
2020-01-30 00:22:53 |
| 65.49.212.67 | attack | Unauthorized connection attempt detected from IP address 65.49.212.67 to port 2220 [J] |
2020-01-30 00:25:36 |
| 200.188.155.226 | attackbots | 2019-10-24 05:49:36 1iNU7z-0004L7-Lm SMTP connection from \(CableLink-200-188-155-226.Hosts.Cablevision.com.mx\) \[200.188.155.226\]:15892 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-10-24 05:49:49 1iNU8C-0004LU-Ct SMTP connection from \(CableLink-200-188-155-226.Hosts.Cablevision.com.mx\) \[200.188.155.226\]:16007 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-10-24 05:49:56 1iNU8I-0004La-LI SMTP connection from \(CableLink-200-188-155-226.Hosts.Cablevision.com.mx\) \[200.188.155.226\]:16060 I=\[193.107.88.166\]:25 closed by DROP in ACL ... |
2020-01-30 00:30:43 |
| 51.89.99.60 | attackbots | scan z |
2020-01-30 00:42:46 |
| 159.203.201.8 | attackspam | 28587/tcp 55735/tcp 27107/tcp... [2019-12-01/2020-01-29]35pkt,30pt.(tcp),3pt.(udp) |
2020-01-30 00:21:48 |
| 104.206.128.38 | attackspam | [portscan] tcp/21 [FTP] [portscan] tcp/3389 [MS RDP] [scan/connect: 2 time(s)] *(RWIN=1024,65535)(01291848) |
2020-01-30 00:34:52 |
| 109.75.216.201 | attack | 2020-01-29T16:09:29.630471abusebot-3.cloudsearch.cf sshd[1892]: Invalid user shrestha from 109.75.216.201 port 45660 2020-01-29T16:09:29.637586abusebot-3.cloudsearch.cf sshd[1892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=www.velometrik.eu 2020-01-29T16:09:29.630471abusebot-3.cloudsearch.cf sshd[1892]: Invalid user shrestha from 109.75.216.201 port 45660 2020-01-29T16:09:31.575130abusebot-3.cloudsearch.cf sshd[1892]: Failed password for invalid user shrestha from 109.75.216.201 port 45660 ssh2 2020-01-29T16:13:59.108793abusebot-3.cloudsearch.cf sshd[2153]: Invalid user truti from 109.75.216.201 port 53178 2020-01-29T16:13:59.117066abusebot-3.cloudsearch.cf sshd[2153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=www.velometrik.eu 2020-01-29T16:13:59.108793abusebot-3.cloudsearch.cf sshd[2153]: Invalid user truti from 109.75.216.201 port 53178 2020-01-29T16:14:00.778958abusebot-3.cloudsearch.cf sshd ... |
2020-01-30 00:48:38 |
| 200.121.151.133 | attackspambots | 2019-06-22 06:31:38 1heXgd-0002b4-15 SMTP connection from \(client-200.121.151.133.speedy.net.pe\) \[200.121.151.133\]:25100 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-06-22 06:32:27 1heXhM-0002bc-Jm SMTP connection from \(client-200.121.151.133.speedy.net.pe\) \[200.121.151.133\]:25257 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-06-22 06:33:30 1heXhy-0002c7-GH SMTP connection from \(client-200.121.151.133.speedy.net.pe\) \[200.121.151.133\]:25359 I=\[193.107.88.166\]:25 closed by DROP in ACL ... |
2020-01-30 00:40:31 |
| 35.180.187.102 | attack | [Wed Jan 29 10:33:57.483154 2020] [:error] [pid 150863] [client 35.180.187.102:41990] [client 35.180.187.102] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "200.132.59.212"] [uri "/.git/HEAD"] [unique_id "XjGJwAHYzfuz7JtgUCzbVwAAAAU"] ... |
2020-01-30 00:20:36 |
| 167.99.46.145 | attackbotsspam | Unauthorized connection attempt detected from IP address 167.99.46.145 to port 2220 [J] |
2020-01-30 00:21:19 |
| 182.74.16.99 | attackspambots | 445/tcp 445/tcp [2020-01-22/29]2pkt |
2020-01-30 00:39:26 |
| 106.13.46.123 | attackbots | Unauthorized connection attempt detected from IP address 106.13.46.123 to port 2220 [J] |
2020-01-30 00:29:37 |
| 152.32.251.49 | attackspambots | Unauthorized connection attempt detected from IP address 152.32.251.49 to port 2220 [J] |
2020-01-30 00:39:49 |