城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): AT&T
主机名(hostname): unknown
机构(organization): AT&T Services, Inc.
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 99.139.58.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23831
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;99.139.58.103. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019071000 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 11 02:43:07 CST 2019
;; MSG SIZE rcvd: 117103.58.139.99.in-addr.arpa domain name pointer adsl-99-139-58-103.dsl.irvnca.sbcglobal.net.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
103.58.139.99.in-addr.arpa name = adsl-99-139-58-103.dsl.irvnca.sbcglobal.net.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 193.202.80.126 | attackbotsspam | 193.202.80.126 - - [20/Oct/2019:08:01:00 -0400] "GET /?page=..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 16399 "https://newportbrassfaucets.com/?page=..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ... |
2019-10-21 00:08:42 |
| 68.183.94.194 | attack | Unauthorized SSH login attempts |
2019-10-21 00:47:15 |
| 78.29.28.166 | attack | Unauthorized connection attempt from IP address 78.29.28.166 on Port 445(SMB) |
2019-10-21 00:33:42 |
| 212.83.147.11 | attackspam | Automatic report - Port Scan Attack |
2019-10-21 00:54:52 |
| 211.147.216.19 | attackbotsspam | Oct 20 17:54:51 vps647732 sshd[20548]: Failed password for root from 211.147.216.19 port 51482 ssh2 ... |
2019-10-21 00:55:09 |
| 159.203.201.32 | attackspambots | Portscan or hack attempt detected by psad/fwsnort |
2019-10-21 00:57:44 |
| 145.239.76.62 | attackspam | Oct 20 18:15:01 SilenceServices sshd[30215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.76.62 Oct 20 18:15:03 SilenceServices sshd[30215]: Failed password for invalid user eldwin from 145.239.76.62 port 57071 ssh2 Oct 20 18:15:39 SilenceServices sshd[30384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.76.62 |
2019-10-21 00:22:28 |
| 201.234.81.181 | attack | postfix (unknown user, SPF fail or relay access denied) |
2019-10-20 23:59:53 |
| 200.75.4.7 | attackbots | Unauthorized connection attempt from IP address 200.75.4.7 on Port 445(SMB) |
2019-10-21 00:10:09 |
| 110.231.45.218 | attackspam | (Oct 20) LEN=40 TTL=48 ID=17985 TCP DPT=8080 WINDOW=15279 SYN (Oct 20) LEN=40 TTL=48 ID=671 TCP DPT=8080 WINDOW=40474 SYN (Oct 20) LEN=40 TTL=48 ID=50146 TCP DPT=8080 WINDOW=15279 SYN (Oct 20) LEN=40 TTL=48 ID=24457 TCP DPT=8080 WINDOW=32487 SYN (Oct 19) LEN=40 TTL=48 ID=19289 TCP DPT=8080 WINDOW=15279 SYN (Oct 19) LEN=40 TTL=48 ID=900 TCP DPT=8080 WINDOW=1910 SYN (Oct 18) LEN=40 TTL=48 ID=16352 TCP DPT=8080 WINDOW=1910 SYN (Oct 17) LEN=40 TTL=48 ID=38216 TCP DPT=8080 WINDOW=61031 SYN (Oct 16) LEN=40 TTL=48 ID=6828 TCP DPT=8080 WINDOW=38175 SYN (Oct 16) LEN=40 TTL=48 ID=15284 TCP DPT=8080 WINDOW=42274 SYN (Oct 16) LEN=40 TTL=48 ID=58309 TCP DPT=8080 WINDOW=1910 SYN (Oct 15) LEN=40 TTL=48 ID=31270 TCP DPT=8080 WINDOW=35236 SYN (Oct 15) LEN=40 TTL=48 ID=61348 TCP DPT=8080 WINDOW=35236 SYN (Oct 15) LEN=40 TTL=48 ID=51828 TCP DPT=8080 WINDOW=40474 SYN (Oct 15) LEN=40 TTL=48 ID=29274 TCP DPT=8080 WINDOW=53484 SYN (Oct 15) LEN=40 TTL=48 ID=56363... |
2019-10-21 00:25:32 |
| 185.189.196.76 | attackspam | Portscan or hack attempt detected by psad/fwsnort |
2019-10-21 00:11:06 |
| 210.217.24.230 | attackspam | Oct 20 13:15:19 XXX sshd[46859]: Invalid user ofsaa from 210.217.24.230 port 52192 |
2019-10-21 00:55:25 |
| 95.138.173.220 | attackspambots | firewall-block, port(s): 445/tcp |
2019-10-21 00:24:25 |
| 45.148.233.229 | attackspam | 45.148.233.229 - - [20/Oct/2019:08:00:03 -0400] "GET /?page=..%2f..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 16398 "https://newportbrassfaucets.com/?page=..%2f..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ... |
2019-10-21 01:01:57 |
| 45.82.33.121 | attackbots | postfix |
2019-10-21 00:42:42 |