城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.21.89.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49134
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.21.89.134. IN A
;; AUTHORITY SECTION:
. 597 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021701 1800 900 604800 86400
;; Query time: 46 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 03:11:26 CST 2022
;; MSG SIZE rcvd: 106
Host 134.89.21.104.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 134.89.21.104.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 94.23.179.199 | attackbotsspam | DATE:2020-09-29 21:25:01,IP:94.23.179.199,MATCHES:10,PORT:ssh |
2020-09-30 04:56:08 |
| 106.13.8.46 | attack | Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-29T20:24:22Z and 2020-09-29T20:31:42Z |
2020-09-30 04:49:03 |
| 94.102.50.155 | attack | 22622/tcp 22522/tcp 22422/tcp... [2020-08-20/09-29]675pkt,229pt.(tcp) |
2020-09-30 04:39:30 |
| 128.199.85.141 | attackbotsspam | Time: Tue Sep 29 19:14:02 2020 +0000 IP: 128.199.85.141 (-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 29 19:09:52 18-1 sshd[15781]: Invalid user cyrus from 128.199.85.141 port 53196 Sep 29 19:09:54 18-1 sshd[15781]: Failed password for invalid user cyrus from 128.199.85.141 port 53196 ssh2 Sep 29 19:12:36 18-1 sshd[16093]: Invalid user olivia from 128.199.85.141 port 56090 Sep 29 19:12:38 18-1 sshd[16093]: Failed password for invalid user olivia from 128.199.85.141 port 56090 ssh2 Sep 29 19:14:00 18-1 sshd[16241]: Invalid user mailman from 128.199.85.141 port 46856 |
2020-09-30 05:01:58 |
| 180.76.174.39 | attackbotsspam | $f2bV_matches |
2020-09-30 04:41:51 |
| 106.3.130.99 | attack | SSH Honeypot -> SSH Bruteforce / Login |
2020-09-30 04:32:21 |
| 111.72.194.102 | attack | Sep 29 00:22:52 srv01 postfix/smtpd\[19604\]: warning: unknown\[111.72.194.102\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 00:33:09 srv01 postfix/smtpd\[19604\]: warning: unknown\[111.72.194.102\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 00:36:35 srv01 postfix/smtpd\[22584\]: warning: unknown\[111.72.194.102\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 00:36:47 srv01 postfix/smtpd\[22584\]: warning: unknown\[111.72.194.102\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 00:37:03 srv01 postfix/smtpd\[22584\]: warning: unknown\[111.72.194.102\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-09-30 04:35:15 |
| 222.186.42.213 | attackspambots | Sep 29 20:37:37 game-panel sshd[15920]: Failed password for root from 222.186.42.213 port 23967 ssh2 Sep 29 20:37:45 game-panel sshd[15922]: Failed password for root from 222.186.42.213 port 10073 ssh2 Sep 29 20:37:47 game-panel sshd[15922]: Failed password for root from 222.186.42.213 port 10073 ssh2 |
2020-09-30 04:41:16 |
| 196.43.196.30 | attackbots | TCP port : 14710 |
2020-09-30 04:41:40 |
| 213.14.191.94 | attackspam | Automatic report - Port Scan Attack |
2020-09-30 04:58:43 |
| 36.112.104.194 | attackbotsspam | (sshd) Failed SSH login from 36.112.104.194 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 29 07:40:22 jbs1 sshd[21654]: Invalid user db1inst1 from 36.112.104.194 Sep 29 07:40:22 jbs1 sshd[21654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.112.104.194 Sep 29 07:40:24 jbs1 sshd[21654]: Failed password for invalid user db1inst1 from 36.112.104.194 port 15105 ssh2 Sep 29 07:49:40 jbs1 sshd[24958]: Invalid user solr from 36.112.104.194 Sep 29 07:49:40 jbs1 sshd[24958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.112.104.194 |
2020-09-30 04:54:57 |
| 200.170.250.54 | attackspam | Invalid user monitoring from 200.170.250.54 port 60844 |
2020-09-30 04:39:57 |
| 62.112.11.81 | attack | Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-29T16:08:37Z and 2020-09-29T16:44:41Z |
2020-09-30 04:28:41 |
| 42.194.142.143 | attackspambots | Sep 29 17:02:50 prox sshd[5057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.194.142.143 Sep 29 17:02:52 prox sshd[5057]: Failed password for invalid user ruby from 42.194.142.143 port 39928 ssh2 |
2020-09-30 04:47:06 |
| 89.248.171.97 | attack | Port scan denied |
2020-09-30 04:56:50 |