城市(city): unknown
省份(region): unknown
国家(country): Denmark
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): Tele Danmark
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 87.50.103.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49438
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;87.50.103.42. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019083101 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 01 00:57:45 CST 2019
;; MSG SIZE rcvd: 11642.103.50.87.in-addr.arpa domain name pointer 87-50-103-42-dynamic.dk.customer.tdc.net.
42.103.50.87.in-addr.arpa domain name pointer 87-50-103-42-static.109.dk.customer.tdc.net.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
42.103.50.87.in-addr.arpa name = 87-50-103-42-dynamic.dk.customer.tdc.net.
42.103.50.87.in-addr.arpa name = 87-50-103-42-static.109.dk.customer.tdc.net.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 212.156.90.202 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 19-09-2019 12:25:28. |
2019-09-20 00:53:15 |
| 92.118.37.74 | attack | Sep 19 18:28:13 mc1 kernel: \[196955.904359\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.74 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=43818 PROTO=TCP SPT=46525 DPT=54730 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 19 18:34:10 mc1 kernel: \[197311.947850\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.74 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=41252 PROTO=TCP SPT=46525 DPT=44294 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 19 18:34:32 mc1 kernel: \[197334.236089\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.74 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=60973 PROTO=TCP SPT=46525 DPT=64435 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-09-20 00:49:33 |
| 115.186.146.80 | attackspam | Unauthorised access (Sep 19) SRC=115.186.146.80 LEN=40 TOS=0x10 PREC=0x40 TTL=241 ID=9219 TCP DPT=445 WINDOW=1024 SYN |
2019-09-20 01:09:36 |
| 212.237.63.28 | attack | SSH Brute Force, server-1 sshd[9536]: Failed password for invalid user newuser from 212.237.63.28 port 37080 ssh2 |
2019-09-20 01:07:50 |
| 139.194.103.117 | attackbots | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/139.194.103.117/ ID - 1H : (39) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ID NAME ASN : ASN23700 IP : 139.194.103.117 CIDR : 139.194.96.0/19 PREFIX COUNT : 110 UNIQUE IP COUNT : 765440 WYKRYTE ATAKI Z ASN23700 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 3 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery |
2019-09-20 00:46:35 |
| 188.216.184.246 | attackspambots | php WP PHPmyadamin ABUSE blocked for 12h |
2019-09-20 00:36:53 |
| 163.172.207.104 | attackspambots | \[2019-09-19 12:10:59\] SECURITY\[2283\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-19T12:10:59.250-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9149011972592277524",SessionID="0x7fcd8c0e1918",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/63860",ACLName="no_extension_match" \[2019-09-19 12:15:04\] SECURITY\[2283\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-19T12:15:04.734-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9150011972592277524",SessionID="0x7fcd8c1c4788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/60266",ACLName="no_extension_match" \[2019-09-19 12:19:10\] SECURITY\[2283\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-19T12:19:10.801-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9151011972592277524",SessionID="0x7fcd8c1c4788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/6402 |
2019-09-20 00:27:47 |
| 41.77.129.110 | attack | 2019-09-19T11:50:52.807514+01:00 suse sshd[19307]: Invalid user admin from 41.77.129.110 port 43564 2019-09-19T11:50:56.251987+01:00 suse sshd[19307]: error: PAM: User not known to the underlying authentication module for illegal user admin from 41.77.129.110 2019-09-19T11:50:52.807514+01:00 suse sshd[19307]: Invalid user admin from 41.77.129.110 port 43564 2019-09-19T11:50:56.251987+01:00 suse sshd[19307]: error: PAM: User not known to the underlying authentication module for illegal user admin from 41.77.129.110 2019-09-19T11:50:52.807514+01:00 suse sshd[19307]: Invalid user admin from 41.77.129.110 port 43564 2019-09-19T11:50:56.251987+01:00 suse sshd[19307]: error: PAM: User not known to the underlying authentication module for illegal user admin from 41.77.129.110 2019-09-19T11:50:56.253450+01:00 suse sshd[19307]: Failed keyboard-interactive/pam for invalid user admin from 41.77.129.110 port 43564 ssh2 ... |
2019-09-20 00:38:54 |
| 202.77.48.250 | attack | Sep 19 11:31:04 aat-srv002 sshd[17428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.77.48.250 Sep 19 11:31:06 aat-srv002 sshd[17428]: Failed password for invalid user nv from 202.77.48.250 port 45254 ssh2 Sep 19 11:35:04 aat-srv002 sshd[17521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.77.48.250 Sep 19 11:35:06 aat-srv002 sshd[17521]: Failed password for invalid user admin from 202.77.48.250 port 35476 ssh2 ... |
2019-09-20 00:42:23 |
| 45.136.109.50 | attack | Sep 19 17:49:51 mc1 kernel: \[194653.709007\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=37591 PROTO=TCP SPT=48372 DPT=9696 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 19 17:56:00 mc1 kernel: \[195022.090116\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=34475 PROTO=TCP SPT=48372 DPT=9536 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 19 17:56:02 mc1 kernel: \[195024.079515\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=46547 PROTO=TCP SPT=48372 DPT=9158 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-09-20 01:02:03 |
| 188.166.31.205 | attackspam | Sep 19 15:31:36 lnxweb61 sshd[31453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.31.205 |
2019-09-20 00:27:27 |
| 206.189.76.64 | attack | 2019-09-19T19:18:39.110837tmaserv sshd\[26590\]: Invalid user wc from 206.189.76.64 port 58428 2019-09-19T19:18:39.115302tmaserv sshd\[26590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.76.64 2019-09-19T19:18:41.473690tmaserv sshd\[26590\]: Failed password for invalid user wc from 206.189.76.64 port 58428 ssh2 2019-09-19T19:25:42.130759tmaserv sshd\[27012\]: Invalid user clouderauser from 206.189.76.64 port 39986 2019-09-19T19:25:42.134548tmaserv sshd\[27012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.76.64 2019-09-19T19:25:43.896736tmaserv sshd\[27012\]: Failed password for invalid user clouderauser from 206.189.76.64 port 39986 ssh2 ... |
2019-09-20 00:42:01 |
| 106.47.30.182 | attack | firewall-block, port(s): 80/tcp, 8080/tcp |
2019-09-20 00:38:21 |
| 119.188.246.51 | attack | Sep 19 18:10:52 lnxweb62 sshd[19293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.188.246.51 Sep 19 18:10:52 lnxweb62 sshd[19293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.188.246.51 |
2019-09-20 00:29:11 |
| 118.70.215.62 | attackbots | Attempt to attack host OS, exploiting network vulnerabilities, on 19-09-2019 11:50:38. |
2019-09-20 00:59:35 |