城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.139.210.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38888
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.139.210.142. IN A
;; AUTHORITY SECTION:
. 566 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022010901 1800 900 604800 86400
;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 10 13:07:18 CST 2022
;; MSG SIZE rcvd: 108
Host 142.210.139.104.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 142.210.139.104.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 14.6.202.237 | attackbotsspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/14.6.202.237/ KR - 1H : (13) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KR NAME ASN : ASN17858 IP : 14.6.202.237 CIDR : 14.6.0.0/15 PREFIX COUNT : 40 UNIQUE IP COUNT : 9928704 ATTACKS DETECTED ASN17858 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-20 15:40:58 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-11-21 03:00:38 |
| 49.88.112.114 | attack | Nov 20 09:06:13 php1 sshd\[30738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Nov 20 09:06:15 php1 sshd\[30738\]: Failed password for root from 49.88.112.114 port 60268 ssh2 Nov 20 09:07:15 php1 sshd\[30829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Nov 20 09:07:16 php1 sshd\[30829\]: Failed password for root from 49.88.112.114 port 23184 ssh2 Nov 20 09:10:50 php1 sshd\[31242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root |
2019-11-21 03:15:59 |
| 63.88.23.147 | attackbotsspam | 63.88.23.147 was recorded 10 times by 8 hosts attempting to connect to the following ports: 80. Incident counter (4h, 24h, all-time): 10, 83, 405 |
2019-11-21 02:53:35 |
| 192.99.36.76 | attackspam | Nov 20 17:43:43 server sshd\[10370\]: Invalid user parts from 192.99.36.76 Nov 20 17:43:43 server sshd\[10370\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ssd2.htm-mbs.com Nov 20 17:43:45 server sshd\[10370\]: Failed password for invalid user parts from 192.99.36.76 port 43094 ssh2 Nov 20 17:58:23 server sshd\[13890\]: Invalid user morgan from 192.99.36.76 Nov 20 17:58:23 server sshd\[13890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ssd2.htm-mbs.com ... |
2019-11-21 03:09:42 |
| 118.193.31.19 | attackbotsspam | Nov 20 15:40:53 vmanager6029 sshd\[30117\]: Invalid user ailar from 118.193.31.19 port 47132 Nov 20 15:40:53 vmanager6029 sshd\[30117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.193.31.19 Nov 20 15:40:55 vmanager6029 sshd\[30117\]: Failed password for invalid user ailar from 118.193.31.19 port 47132 ssh2 |
2019-11-21 03:03:35 |
| 71.6.167.142 | attackbotsspam | RDP brute force attack detected by fail2ban |
2019-11-21 02:54:30 |
| 220.130.247.118 | attackbots | 3389BruteforceFW23 |
2019-11-21 03:11:50 |
| 213.186.150.216 | attackbots | php WP PHPmyadamin ABUSE blocked for 12h |
2019-11-21 02:56:10 |
| 45.227.253.211 | attackbotsspam | Nov 20 19:51:34 relay postfix/smtpd\[8360\]: warning: unknown\[45.227.253.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 20 19:51:41 relay postfix/smtpd\[1453\]: warning: unknown\[45.227.253.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 20 19:52:01 relay postfix/smtpd\[31611\]: warning: unknown\[45.227.253.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 20 19:52:08 relay postfix/smtpd\[8360\]: warning: unknown\[45.227.253.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 20 19:55:07 relay postfix/smtpd\[30570\]: warning: unknown\[45.227.253.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2019-11-21 03:00:11 |
| 190.151.105.182 | attack | Nov 20 23:29:42 areeb-Workstation sshd[14128]: Failed password for root from 190.151.105.182 port 59562 ssh2 ... |
2019-11-21 03:18:27 |
| 190.144.135.118 | attack | Nov 20 09:11:46 auw2 sshd\[21834\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.144.135.118 user=root Nov 20 09:11:47 auw2 sshd\[21834\]: Failed password for root from 190.144.135.118 port 37060 ssh2 Nov 20 09:15:17 auw2 sshd\[22163\]: Invalid user shellz from 190.144.135.118 Nov 20 09:15:17 auw2 sshd\[22163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.144.135.118 Nov 20 09:15:19 auw2 sshd\[22163\]: Failed password for invalid user shellz from 190.144.135.118 port 55167 ssh2 |
2019-11-21 03:20:13 |
| 171.229.228.193 | attackbots | php WP PHPmyadamin ABUSE blocked for 12h |
2019-11-21 02:58:28 |
| 122.116.140.193 | attack | firewall-block, port(s): 23/tcp |
2019-11-21 03:22:09 |
| 144.217.80.190 | attack | WordPress login Brute force / Web App Attack on client site. |
2019-11-21 02:47:15 |
| 132.248.88.75 | attackbotsspam | Invalid user com from 132.248.88.75 port 41046 |
2019-11-21 02:45:31 |