城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 74.21.50.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13061
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;74.21.50.166. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021301 1800 900 604800 86400
;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 14 02:32:50 CST 2025
;; MSG SIZE rcvd: 105Host 166.50.21.74.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 166.50.21.74.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 37.59.47.80 | attackbotsspam | WordPress (CMS) attack attempts. Date: 2019 Jul 30. 23:15:32 Source IP: 37.59.47.80 Portion of the log(s): 37.59.47.80 - [30/Jul/2019:23:15:31 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.47.80 - [30/Jul/2019:23:15:30 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.47.80 - [30/Jul/2019:23:15:30 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.47.80 - [30/Jul/2019:23:15:30 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.47.80 - [30/Jul/2019:23:15:30 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.47.80 - [30/Jul/2019:23:15:30 +0200] "GET /wp-login.php |
2019-07-31 07:55:05 |
| 95.58.194.143 | attack | Jul 31 01:36:53 localhost sshd\[13416\]: Invalid user rpc from 95.58.194.143 port 34828 Jul 31 01:36:53 localhost sshd\[13416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.143 Jul 31 01:36:55 localhost sshd\[13416\]: Failed password for invalid user rpc from 95.58.194.143 port 34828 ssh2 |
2019-07-31 07:37:08 |
| 113.194.131.234 | attack | 2019-07-31T00:42:45.706075stark.klein-stark.info sshd\[15135\]: Invalid user admin from 113.194.131.234 port 53483 2019-07-31T00:42:45.711817stark.klein-stark.info sshd\[15135\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.194.131.234 2019-07-31T00:42:47.243595stark.klein-stark.info sshd\[15135\]: Failed password for invalid user admin from 113.194.131.234 port 53483 ssh2 ... |
2019-07-31 07:34:38 |
| 185.220.101.34 | attackspambots | Jul 31 00:42:11 nginx sshd[50675]: Connection from 185.220.101.34 port 44251 on 10.23.102.80 port 22 Jul 31 00:42:12 nginx sshd[50675]: Received disconnect from 185.220.101.34 port 44251:11: bye [preauth] |
2019-07-31 07:51:51 |
| 222.161.56.248 | attackspambots | Jul 31 02:44:23 server sshd\[8979\]: Invalid user uftp from 222.161.56.248 port 50767 Jul 31 02:44:23 server sshd\[8979\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.161.56.248 Jul 31 02:44:25 server sshd\[8979\]: Failed password for invalid user uftp from 222.161.56.248 port 50767 ssh2 Jul 31 02:47:47 server sshd\[18944\]: Invalid user test2 from 222.161.56.248 port 39878 Jul 31 02:47:47 server sshd\[18944\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.161.56.248 |
2019-07-31 08:08:04 |
| 60.12.18.6 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2019-07-31 07:38:29 |
| 72.11.168.29 | attack | 30.07.2019 23:47:36 SSH access blocked by firewall |
2019-07-31 07:48:41 |
| 51.68.231.147 | attackspam | Reported by AbuseIPDB proxy server. |
2019-07-31 07:34:15 |
| 168.228.149.185 | attack | failed_logins |
2019-07-31 08:05:56 |
| 114.224.75.7 | attack | firewall-block, port(s): 23/tcp |
2019-07-31 08:11:27 |
| 193.169.255.102 | attack | Jul 31 00:42:54 MainVPS sshd[26805]: Invalid user amx from 193.169.255.102 port 35182 Jul 31 00:42:54 MainVPS sshd[26805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.169.255.102 Jul 31 00:42:54 MainVPS sshd[26805]: Invalid user amx from 193.169.255.102 port 35182 Jul 31 00:42:56 MainVPS sshd[26805]: Failed password for invalid user amx from 193.169.255.102 port 35182 ssh2 Jul 31 00:42:54 MainVPS sshd[26805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.169.255.102 Jul 31 00:42:54 MainVPS sshd[26805]: Invalid user amx from 193.169.255.102 port 35182 Jul 31 00:42:56 MainVPS sshd[26805]: Failed password for invalid user amx from 193.169.255.102 port 35182 ssh2 Jul 31 00:42:58 MainVPS sshd[26805]: Failed password for invalid user amx from 193.169.255.102 port 35182 ssh2 ... |
2019-07-31 07:32:08 |
| 91.206.15.221 | attackspambots | MultiHost/MultiPort Probe, Scan, Hack - |
2019-07-31 07:28:03 |
| 94.191.50.165 | attackbotsspam | Jul 31 00:42:08 [munged] sshd[2884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.50.165 |
2019-07-31 07:58:56 |
| 109.202.68.90 | attack | NAME : CZ-TETANET-20100215 CIDR : 109.202.64.0/19 SYN Flood DDoS Attack Czech Republic - block certain countries :) IP: 109.202.68.90 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl |
2019-07-31 07:52:08 |
| 88.249.248.81 | attack | Automatic report - Port Scan Attack |
2019-07-31 07:25:37 |