城市(city): unknown
省份(region): unknown
国家(country): None
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.241.197.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39095
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;125.241.197.45. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021901 1800 900 604800 86400
;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 04:18:20 CST 2025
;; MSG SIZE rcvd: 107
Host 45.197.241.125.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 45.197.241.125.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 193.32.160.145 | attackspam | Sep 10 01:43:37 relay postfix/smtpd\[14786\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.145\]: 554 5.7.1 \ |
2019-09-10 08:35:58 |
| 180.125.254.42 | attack | [Aegis] @ 2019-09-09 15:54:32 0100 -> Sendmail rejected message. |
2019-09-10 08:19:33 |
| 49.236.203.163 | attackspam | Sep 9 18:53:05 yabzik sshd[14864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.236.203.163 Sep 9 18:53:07 yabzik sshd[14864]: Failed password for invalid user newuser from 49.236.203.163 port 44262 ssh2 Sep 9 19:00:32 yabzik sshd[17665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.236.203.163 |
2019-09-10 08:32:50 |
| 67.218.96.156 | attackbotsspam | Sep 9 13:50:43 hpm sshd\[12336\]: Invalid user db2admin from 67.218.96.156 Sep 9 13:50:43 hpm sshd\[12336\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.218.96.156 Sep 9 13:50:44 hpm sshd\[12336\]: Failed password for invalid user db2admin from 67.218.96.156 port 42006 ssh2 Sep 9 13:56:55 hpm sshd\[13048\]: Invalid user qwerty from 67.218.96.156 Sep 9 13:56:55 hpm sshd\[13048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.218.96.156 |
2019-09-10 08:22:17 |
| 45.77.16.231 | attackbotsspam | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-09 18:34:24,461 INFO [amun_request_handler] PortScan Detected on Port: 139 (45.77.16.231) |
2019-09-10 09:05:35 |
| 81.169.238.109 | attack | Sep 10 02:55:55 legacy sshd[3720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.169.238.109 Sep 10 02:55:57 legacy sshd[3720]: Failed password for invalid user ts3server from 81.169.238.109 port 43342 ssh2 Sep 10 03:01:06 legacy sshd[3864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.169.238.109 ... |
2019-09-10 09:03:04 |
| 139.59.105.141 | attackbots | Sep 9 21:03:48 nextcloud sshd\[1058\]: Invalid user test from 139.59.105.141 Sep 9 21:03:48 nextcloud sshd\[1058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.105.141 Sep 9 21:03:50 nextcloud sshd\[1058\]: Failed password for invalid user test from 139.59.105.141 port 54578 ssh2 ... |
2019-09-10 08:47:28 |
| 45.136.109.37 | attackspambots | Sep 10 02:37:04 h2177944 kernel: \[952359.369596\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.37 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=54776 PROTO=TCP SPT=55143 DPT=5422 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 10 02:48:07 h2177944 kernel: \[953022.765394\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.37 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=52373 PROTO=TCP SPT=55143 DPT=5121 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 10 02:51:46 h2177944 kernel: \[953241.334964\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.37 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46090 PROTO=TCP SPT=55143 DPT=5689 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 10 02:52:28 h2177944 kernel: \[953283.630803\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.37 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=55237 PROTO=TCP SPT=55143 DPT=5163 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 10 02:59:48 h2177944 kernel: \[953723.393801\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.37 DST=85.214.117.9 LEN= |
2019-09-10 09:06:31 |
| 59.0.75.71 | attack | Telnet Server BruteForce Attack |
2019-09-10 08:31:37 |
| 78.189.92.117 | attackspambots | Unauthorized connection attempt from IP address 78.189.92.117 on Port 445(SMB) |
2019-09-10 09:03:32 |
| 117.63.246.194 | attackbots | Sep 9 20:54:45 *** sshd[1859877]: refused connect from 117.63.246.194 = (117.63.246.194) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.63.246.194 |
2019-09-10 08:46:34 |
| 130.176.10.86 | attackspam | Automatic report generated by Wazuh |
2019-09-10 08:54:18 |
| 185.73.113.89 | attack | Sep 9 14:48:42 php1 sshd\[17442\]: Invalid user teamspeak from 185.73.113.89 Sep 9 14:48:42 php1 sshd\[17442\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185-73-113-89.nrp.co Sep 9 14:48:44 php1 sshd\[17442\]: Failed password for invalid user teamspeak from 185.73.113.89 port 38646 ssh2 Sep 9 14:54:01 php1 sshd\[18078\]: Invalid user ftp_user from 185.73.113.89 Sep 9 14:54:01 php1 sshd\[18078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185-73-113-89.nrp.co |
2019-09-10 09:06:13 |
| 54.39.138.251 | attackspambots | Sep 9 14:49:06 web1 sshd\[19651\]: Invalid user ubuntu from 54.39.138.251 Sep 9 14:49:06 web1 sshd\[19651\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251 Sep 9 14:49:08 web1 sshd\[19651\]: Failed password for invalid user ubuntu from 54.39.138.251 port 43506 ssh2 Sep 9 14:54:12 web1 sshd\[20168\]: Invalid user deploy from 54.39.138.251 Sep 9 14:54:12 web1 sshd\[20168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251 |
2019-09-10 08:58:36 |
| 185.176.27.102 | attack | 09/09/2019-19:44:15.187234 185.176.27.102 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-09-10 08:24:45 |