城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): Zhengzhou Giant Computer Network Technology Co. Ltd
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Data Center/Web Hosting/Transit
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackspam | Unauthorized connection attempt from IP address 122.114.42.9 on Port 445(SMB) |
2020-01-02 04:03:19 |
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 122.114.42.212 | attack | 6433/tcp 31433/tcp 139/tcp... [2020-02-07/03-23]17pkt,11pt.(tcp) |
2020-03-24 07:35:03 |
| 122.114.42.212 | attackbots | firewall-block, port(s): 445/tcp |
2020-03-03 03:20:54 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.114.42.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35322
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.114.42.9. IN A
;; AUTHORITY SECTION:
. 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020010102 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: Thu Jan 02 04:06:12 CST 2020
;; MSG SIZE rcvd: 116
Host 9.42.114.122.in-addr.arpa not found: 2(SERVFAIL);; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 9.42.114.122.in-addr.arpa: SERVFAIL| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 104.243.41.97 | attackbots | Dec 31 10:12:54 mout sshd[17229]: Invalid user ftpuser1 from 104.243.41.97 port 44998 |
2019-12-31 19:25:20 |
| 111.229.168.229 | attack | Dec 31 09:23:10 server sshd\[9415\]: Invalid user zhangyan from 111.229.168.229 Dec 31 09:23:10 server sshd\[9415\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.168.229 Dec 31 09:23:13 server sshd\[9415\]: Failed password for invalid user zhangyan from 111.229.168.229 port 42708 ssh2 Dec 31 09:23:15 server sshd\[9435\]: Invalid user dff from 111.229.168.229 Dec 31 09:23:15 server sshd\[9435\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.168.229 ... |
2019-12-31 19:06:59 |
| 157.119.168.21 | attackspam | Automatic report - Port Scan Attack |
2019-12-31 18:56:59 |
| 189.190.92.211 | attackspambots | Honeypot attack, port: 81, PTR: dsl-189-190-92-211-dyn.prod-infinitum.com.mx. |
2019-12-31 18:59:57 |
| 114.219.56.124 | attackbotsspam | 1577773392 - 12/31/2019 07:23:12 Host: 114.219.56.124/114.219.56.124 Port: 22 TCP Blocked |
2019-12-31 19:11:44 |
| 106.54.141.45 | attackbots | Dec 31 06:29:36 server2101 sshd[2126]: Invalid user pick from 106.54.141.45 port 52102 Dec 31 06:29:36 server2101 sshd[2126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.141.45 Dec 31 06:29:38 server2101 sshd[2126]: Failed password for invalid user pick from 106.54.141.45 port 52102 ssh2 Dec 31 06:29:38 server2101 sshd[2126]: Received disconnect from 106.54.141.45 port 52102:11: Bye Bye [preauth] Dec 31 06:29:38 server2101 sshd[2126]: Disconnected from 106.54.141.45 port 52102 [preauth] Dec 31 06:49:18 server2101 sshd[11743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.141.45 user=r.r Dec 31 06:49:21 server2101 sshd[11743]: Failed password for r.r from 106.54.141.45 port 38250 ssh2 Dec 31 06:49:21 server2101 sshd[11743]: Received disconnect from 106.54.141.45 port 38250:11: Bye Bye [preauth] Dec 31 06:49:21 server2101 sshd[11743]: Disconnected from 106.54.141.45 port 3........ ------------------------------- |
2019-12-31 19:09:22 |
| 167.99.203.202 | attack | firewall-block, port(s): 9239/tcp |
2019-12-31 19:20:28 |
| 89.216.124.253 | attack | C1,WP GET /suche/wp-login.php |
2019-12-31 19:22:30 |
| 93.116.91.161 | attackbotsspam | Honeypot attack, port: 23, PTR: host-static-93-116-91-161.moldtelecom.md. |
2019-12-31 19:21:07 |
| 148.255.200.125 | attack | firewall-block, port(s): 445/tcp |
2019-12-31 19:18:51 |
| 171.90.230.14 | attackspambots | Scanning |
2019-12-31 19:03:08 |
| 207.236.200.70 | attack | Dec 31 11:31:27 sd-53420 sshd\[26111\]: User root from 207.236.200.70 not allowed because none of user's groups are listed in AllowGroups Dec 31 11:31:27 sd-53420 sshd\[26111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.236.200.70 user=root Dec 31 11:31:29 sd-53420 sshd\[26111\]: Failed password for invalid user root from 207.236.200.70 port 46346 ssh2 Dec 31 11:33:27 sd-53420 sshd\[26793\]: Invalid user yoyo from 207.236.200.70 Dec 31 11:33:27 sd-53420 sshd\[26793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.236.200.70 ... |
2019-12-31 19:15:46 |
| 185.176.27.170 | attack | Dec 31 10:43:06 mail kernel: [9165480.283695] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=185.176.27.170 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=31265 PROTO=TCP SPT=45121 DPT=27367 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 31 10:45:19 mail kernel: [9165613.936830] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=185.176.27.170 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54047 PROTO=TCP SPT=45121 DPT=62004 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 31 10:47:13 mail kernel: [9165728.040513] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=185.176.27.170 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=23334 PROTO=TCP SPT=45121 DPT=31443 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 31 10:47:31 mail kernel: [9165745.681412] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=185.176.27.170 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=50880 PROTO=TCP SPT=45121 DPT=46113 WINDOW=1024 RES=0 |
2019-12-31 19:06:02 |
| 72.204.21.192 | attack | " " |
2019-12-31 19:19:04 |
| 85.132.100.24 | attackspam | Invalid user sapphira from 85.132.100.24 port 55520 |
2019-12-31 19:10:41 |