城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 6.19.12.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24228
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;6.19.12.20. IN A
;; AUTHORITY SECTION:
. 6 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023052400 1800 900 604800 86400
;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 24 14:51:18 CST 2023
;; MSG SIZE rcvd: 103
b'Host 20.12.19.6.in-addr.arpa not found: 2(SERVFAIL)
'
server can't find 6.19.12.20.in-addr.arpa: SERVFAIL
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 165.22.186.18 | attackspambots | 165.22.186.18 - - [21/Sep/2020:11:05:53 +0100] "POST /wp-login.php HTTP/1.1" 200 2223 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.186.18 - - [21/Sep/2020:11:05:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2159 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.186.18 - - [21/Sep/2020:11:06:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2204 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-09-21 18:31:14 |
| 93.43.216.241 | attackbots | Port Scan: TCP/443 |
2020-09-21 18:51:24 |
| 167.99.12.47 | attackspam | Sep 21 12:06:51 10.23.102.230 wordpress(www.ruhnke.cloud)[41059]: Blocked authentication attempt for admin from 167.99.12.47 ... |
2020-09-21 18:37:16 |
| 86.247.118.135 | attack | Sep 21 11:46:39 vmd26974 sshd[26159]: Failed password for root from 86.247.118.135 port 37132 ssh2 ... |
2020-09-21 18:24:59 |
| 112.254.55.131 | attack | [Sun Sep 20 23:58:02.153212 2020] [:error] [pid 23423:tid 140118059661056] [client 112.254.55.131:39665] [client 112.254.55.131] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/coreruleset-3.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1041"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/setup.cgi"] [unique_id "AAAAAKyLvmllluV-tW9b4QAAAC0"]
... |
2020-09-21 18:45:11 |
| 45.174.163.130 | attackbots | Listed on zen-spamhaus also abuseat.org / proto=6 . srcport=39451 . dstport=80 . (2295) |
2020-09-21 18:42:52 |
| 183.134.74.53 | attack | Sep 20 20:48:59 sso sshd[32166]: Failed password for root from 183.134.74.53 port 45070 ssh2 ... |
2020-09-21 18:18:40 |
| 39.48.8.246 | attackspambots | Sep 20 12:58:05 v sshd\[16046\]: Invalid user tit0nich from 39.48.8.246 port 57555 Sep 20 12:58:05 v sshd\[16046\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.48.8.246 Sep 20 12:58:07 v sshd\[16046\]: Failed password for invalid user tit0nich from 39.48.8.246 port 57555 ssh2 ... |
2020-09-21 18:42:00 |
| 128.199.169.90 | attack | trying to access non-authorized port |
2020-09-21 18:50:17 |
| 139.199.119.76 | attackbotsspam | Sep 21 07:40:55 vlre-nyc-1 sshd\[20602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.119.76 user=root Sep 21 07:40:58 vlre-nyc-1 sshd\[20602\]: Failed password for root from 139.199.119.76 port 53472 ssh2 Sep 21 07:42:56 vlre-nyc-1 sshd\[20645\]: Invalid user minecraft from 139.199.119.76 Sep 21 07:42:56 vlre-nyc-1 sshd\[20645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.119.76 Sep 21 07:42:58 vlre-nyc-1 sshd\[20645\]: Failed password for invalid user minecraft from 139.199.119.76 port 51590 ssh2 ... |
2020-09-21 18:24:43 |
| 42.235.96.246 | attackbots | Automatic report - Port Scan Attack |
2020-09-21 18:26:47 |
| 106.13.167.77 | attack | Port scan denied |
2020-09-21 18:33:42 |
| 158.222.38.241 | attackspam | Brute forcing email accounts |
2020-09-21 18:21:10 |
| 218.92.0.211 | attackspam | detected by Fail2Ban |
2020-09-21 18:16:30 |
| 51.75.126.115 | attackbots | 2020-09-21T03:55:49.326999server.mjenks.net sshd[2329456]: Failed password for invalid user jts from 51.75.126.115 port 54814 ssh2 2020-09-21T03:59:40.981834server.mjenks.net sshd[2329938]: Invalid user hadoop2 from 51.75.126.115 port 37628 2020-09-21T03:59:40.989053server.mjenks.net sshd[2329938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.126.115 2020-09-21T03:59:40.981834server.mjenks.net sshd[2329938]: Invalid user hadoop2 from 51.75.126.115 port 37628 2020-09-21T03:59:42.986545server.mjenks.net sshd[2329938]: Failed password for invalid user hadoop2 from 51.75.126.115 port 37628 ssh2 ... |
2020-09-21 18:35:54 |