城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 113.107.139.68 | attackspambots | " " |
2020-08-11 12:17:03 |
| 113.107.139.68 | attack | [portscan] tcp/3389 [MS RDP] *(RWIN=1024)(08061028) |
2020-08-06 18:37:58 |
| 113.107.139.68 | attackspam |
|
2020-08-03 18:30:58 |
| 113.107.139.68 | attackbotsspam |
|
2020-06-22 03:11:21 |
| 113.107.139.68 | attackspam | Unauthorized connection attempt from IP address 113.107.139.68 on Port 3389(RDP) |
2020-06-17 22:33:59 |
| 113.107.139.68 | attackbots | Jun 12 18:44:46 debian-2gb-nbg1-2 kernel: \[14239006.798119\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=113.107.139.68 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=35611 PROTO=TCP SPT=55021 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-06-13 04:43:52 |
| 113.107.139.68 | attackspambots | " " |
2020-04-19 23:21:02 |
| 113.107.139.68 | attackspambots | [portscan] tcp/3389 [MS RDP] *(RWIN=1024)(04131106) |
2020-04-13 18:24:29 |
| 113.107.139.68 | attackbotsspam | Port 3389 (MS RDP) access denied |
2020-03-28 20:03:20 |
| 113.107.139.68 | attackbotsspam | 13390/tcp 3393/tcp 3385/tcp... [2020-01-04/02-15]215pkt,30pt.(tcp) |
2020-02-16 10:03:05 |
| 113.107.139.68 | attack | Portscan or hack attempt detected by psad/fwsnort |
2020-02-10 06:19:16 |
| 113.107.139.68 | attackspam | TCP 3389 (RDP) |
2020-01-15 01:07:21 |
| 113.107.139.68 | attackbotsspam | Jan 12 22:51:02 debian-2gb-nbg1-2 kernel: \[1125166.800037\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=113.107.139.68 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=17075 PROTO=TCP SPT=41870 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-01-13 07:24:22 |
| 113.107.139.68 | attackspambots | Unauthorised access (Jan 9) SRC=113.107.139.68 LEN=40 TTL=243 ID=5197 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 9) SRC=113.107.139.68 LEN=40 TTL=243 ID=53105 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 7) SRC=113.107.139.68 LEN=40 TTL=243 ID=54263 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 6) SRC=113.107.139.68 LEN=40 TTL=243 ID=7503 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 6) SRC=113.107.139.68 LEN=40 TTL=243 ID=57307 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 5) SRC=113.107.139.68 LEN=40 TTL=243 ID=12131 TCP DPT=3389 WINDOW=1024 SYN |
2020-01-10 05:36:31 |
| 113.107.139.68 | attack | Port scan on 6 port(s): 2222 9009 10001 20002 30003 60006 |
2019-09-21 03:43:59 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.107.139.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44481
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;113.107.139.199. IN A
;; AUTHORITY SECTION:
. 433 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400
;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 09:10:35 CST 2022
;; MSG SIZE rcvd: 108Host 199.139.107.113.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 199.139.107.113.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 58.69.17.2 | attackspambots | Unauthorized connection attempt from IP address 58.69.17.2 on Port 445(SMB) |
2020-06-04 22:02:29 |
| 159.65.62.216 | attackbotsspam | Jun 4 21:59:52 web1 sshd[7915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.62.216 user=root Jun 4 21:59:54 web1 sshd[7915]: Failed password for root from 159.65.62.216 port 39400 ssh2 Jun 4 22:06:32 web1 sshd[9888]: Invalid user \r from 159.65.62.216 port 36978 Jun 4 22:06:32 web1 sshd[9888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.62.216 Jun 4 22:06:32 web1 sshd[9888]: Invalid user \r from 159.65.62.216 port 36978 Jun 4 22:06:34 web1 sshd[9888]: Failed password for invalid user \r from 159.65.62.216 port 36978 ssh2 Jun 4 22:08:34 web1 sshd[10344]: Invalid user geri\r from 159.65.62.216 port 60274 Jun 4 22:08:34 web1 sshd[10344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.62.216 Jun 4 22:08:34 web1 sshd[10344]: Invalid user geri\r from 159.65.62.216 port 60274 Jun 4 22:08:36 web1 sshd[10344]: Failed password for invali ... |
2020-06-04 21:34:11 |
| 159.65.154.48 | attack | Jun 4 15:12:33 minden010 sshd[3411]: Failed password for root from 159.65.154.48 port 40622 ssh2 Jun 4 15:16:36 minden010 sshd[4990]: Failed password for root from 159.65.154.48 port 43564 ssh2 ... |
2020-06-04 21:33:00 |
| 49.233.88.50 | attackbots | 3x Failed Password |
2020-06-04 22:04:35 |
| 183.234.11.43 | attackspambots | 2020-06-04T06:07:58.747330linuxbox-skyline sshd[132557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.234.11.43 user=root 2020-06-04T06:08:00.975456linuxbox-skyline sshd[132557]: Failed password for root from 183.234.11.43 port 43502 ssh2 ... |
2020-06-04 22:03:50 |
| 200.98.139.219 | attackbotsspam | 2020-06-04T11:59:08.110726shield sshd\[10845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-98-139-219.clouduol.com.br user=root 2020-06-04T11:59:10.586853shield sshd\[10845\]: Failed password for root from 200.98.139.219 port 56082 ssh2 2020-06-04T12:03:30.945418shield sshd\[12416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-98-139-219.clouduol.com.br user=root 2020-06-04T12:03:33.055293shield sshd\[12416\]: Failed password for root from 200.98.139.219 port 56276 ssh2 2020-06-04T12:08:00.101713shield sshd\[13868\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-98-139-219.clouduol.com.br user=root |
2020-06-04 22:04:06 |
| 31.13.33.36 | attackbots | Port probing on unauthorized port 445 |
2020-06-04 21:55:12 |
| 113.110.234.56 | attackbotsspam | Lines containing failures of 113.110.234.56 Jun 2 15:58:43 shared03 sshd[23643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.110.234.56 user=r.r Jun 2 15:58:45 shared03 sshd[23643]: Failed password for r.r from 113.110.234.56 port 39785 ssh2 Jun 2 15:58:45 shared03 sshd[23643]: Received disconnect from 113.110.234.56 port 39785:11: Bye Bye [preauth] Jun 2 15:58:45 shared03 sshd[23643]: Disconnected from authenticating user r.r 113.110.234.56 port 39785 [preauth] Jun 2 16:02:10 shared03 sshd[25242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.110.234.56 user=r.r Jun 2 16:02:12 shared03 sshd[25242]: Failed password for r.r from 113.110.234.56 port 39171 ssh2 Jun 2 16:02:12 shared03 sshd[25242]: Received disconnect from 113.110.234.56 port 39171:11: Bye Bye [preauth] Jun 2 16:02:12 shared03 sshd[25242]: Disconnected from authenticating user r.r 113.110.234.56 port 39171........ ------------------------------ |
2020-06-04 21:58:48 |
| 93.108.247.101 | attack | Unauthorised access (Jun 4) SRC=93.108.247.101 LEN=40 TTL=246 ID=20033 TCP DPT=445 WINDOW=1024 SYN |
2020-06-04 21:20:58 |
| 220.134.174.17 | attackspambots | Jun 4 14:08:25 debian-2gb-nbg1-2 kernel: \[13531263.548383\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=220.134.174.17 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=966 DF PROTO=TCP SPT=14150 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0 |
2020-06-04 21:43:27 |
| 140.246.218.162 | attackbots | Jun 4 11:52:15 ws25vmsma01 sshd[93191]: Failed password for root from 140.246.218.162 port 58830 ssh2 ... |
2020-06-04 21:42:19 |
| 184.22.139.26 | attackbotsspam | Jun 2 18:17:53 HOST sshd[31965]: Address 184.22.139.26 maps to 184-22-139-0.24.myaisfibre.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 2 18:17:53 HOST sshd[31965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.22.139.26 user=r.r Jun 2 18:17:54 HOST sshd[31965]: Failed password for r.r from 184.22.139.26 port 46388 ssh2 Jun 2 18:17:55 HOST sshd[31965]: Received disconnect from 184.22.139.26: 11: Bye Bye [preauth] Jun 2 18:20:52 HOST sshd[32065]: Address 184.22.139.26 maps to 184-22-139-0.24.myaisfibre.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 2 18:20:52 HOST sshd[32065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.22.139.26 user=r.r Jun 2 18:20:55 HOST sshd[32065]: Failed password for r.r from 184.22.139.26 port 27594 ssh2 Jun 2 18:20:55 HOST sshd[32065]: Received disconnect from 184.22.139.26: 11........ ------------------------------- |
2020-06-04 22:05:23 |
| 116.196.93.81 | attackbots | Jun 4 18:21:44 gw1 sshd[6775]: Failed password for root from 116.196.93.81 port 35720 ssh2 ... |
2020-06-04 21:38:45 |
| 87.246.7.74 | attack | 2020-06-04 16:11:48 auth_plain authenticator failed for (User) [87.246.7.74]: 535 Incorrect authentication data (set_id=iam@com.ua) 2020-06-04 16:14:57 auth_plain authenticator failed for (User) [87.246.7.74]: 535 Incorrect authentication data (set_id=ews@com.ua) ... |
2020-06-04 21:26:27 |
| 106.13.93.199 | attackbots | Jun 4 15:41:11 legacy sshd[25257]: Failed password for root from 106.13.93.199 port 43966 ssh2 Jun 4 15:45:41 legacy sshd[25390]: Failed password for root from 106.13.93.199 port 39556 ssh2 ... |
2020-06-04 21:51:48 |