城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.42.236.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41082
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;125.42.236.139. IN A
;; AUTHORITY SECTION:
. 571 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021301 1800 900 604800 86400
;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 07:04:16 CST 2022
;; MSG SIZE rcvd: 107
139.236.42.125.in-addr.arpa domain name pointer hn.kd.ny.adsl.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
139.236.42.125.in-addr.arpa name = hn.kd.ny.adsl.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 192.144.239.96 | attack | Jul 9 14:25:30 vps sshd[136305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.239.96 Jul 9 14:25:32 vps sshd[136305]: Failed password for invalid user john from 192.144.239.96 port 56222 ssh2 Jul 9 14:29:22 vps sshd[151533]: Invalid user user from 192.144.239.96 port 52246 Jul 9 14:29:22 vps sshd[151533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.239.96 Jul 9 14:29:24 vps sshd[151533]: Failed password for invalid user user from 192.144.239.96 port 52246 ssh2 ... |
2020-07-09 23:09:27 |
| 122.114.183.18 | attack | Jul 9 16:52:40 server sshd[29009]: Failed password for invalid user xumingke from 122.114.183.18 port 58116 ssh2 Jul 9 16:58:53 server sshd[6698]: Failed password for invalid user dmuchalsky from 122.114.183.18 port 55016 ssh2 Jul 9 17:03:24 server sshd[13751]: Failed password for invalid user ace from 122.114.183.18 port 40666 ssh2 |
2020-07-09 23:08:16 |
| 118.24.90.64 | attackbots | Jul 9 14:52:32 eventyay sshd[31717]: Failed password for gnats from 118.24.90.64 port 36958 ssh2 Jul 9 14:55:50 eventyay sshd[31819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.90.64 Jul 9 14:55:53 eventyay sshd[31819]: Failed password for invalid user svn_root from 118.24.90.64 port 44116 ssh2 ... |
2020-07-09 23:27:21 |
| 114.67.64.210 | attackbotsspam | Jul 9 09:22:11 ny01 sshd[1538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.64.210 Jul 9 09:22:13 ny01 sshd[1538]: Failed password for invalid user hue from 114.67.64.210 port 59398 ssh2 Jul 9 09:25:54 ny01 sshd[2366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.64.210 |
2020-07-09 23:32:23 |
| 111.67.193.204 | attack | Jul 9 14:30:00 inter-technics sshd[24215]: Invalid user jorge from 111.67.193.204 port 34334 Jul 9 14:30:00 inter-technics sshd[24215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.193.204 Jul 9 14:30:00 inter-technics sshd[24215]: Invalid user jorge from 111.67.193.204 port 34334 Jul 9 14:30:02 inter-technics sshd[24215]: Failed password for invalid user jorge from 111.67.193.204 port 34334 ssh2 Jul 9 14:32:08 inter-technics sshd[24368]: Invalid user ossex from 111.67.193.204 port 33504 ... |
2020-07-09 23:39:28 |
| 129.213.101.176 | attack | $f2bV_matches |
2020-07-09 23:38:03 |
| 148.72.210.140 | attackspam | 148.72.210.140 - - [09/Jul/2020:15:26:45 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.210.140 - - [09/Jul/2020:15:26:47 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.210.140 - - [09/Jul/2020:15:26:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-07-09 22:56:51 |
| 104.42.76.121 | attackspambots | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-07-09 23:15:57 |
| 185.143.73.134 | attack | Jul 9 17:11:58 srv01 postfix/smtpd\[17526\]: warning: unknown\[185.143.73.134\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 9 17:12:37 srv01 postfix/smtpd\[17666\]: warning: unknown\[185.143.73.134\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 9 17:13:15 srv01 postfix/smtpd\[17527\]: warning: unknown\[185.143.73.134\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 9 17:13:52 srv01 postfix/smtpd\[17526\]: warning: unknown\[185.143.73.134\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 9 17:14:26 srv01 postfix/smtpd\[31574\]: warning: unknown\[185.143.73.134\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-07-09 23:21:20 |
| 217.21.218.23 | attackbots | Jul 9 16:28:52 vpn01 sshd[28191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.21.218.23 Jul 9 16:28:54 vpn01 sshd[28191]: Failed password for invalid user Aida from 217.21.218.23 port 45518 ssh2 ... |
2020-07-09 23:25:00 |
| 182.76.160.138 | attack | Jul 9 15:52:43 mintao sshd\[19778\]: Address 182.76.160.138 maps to nsg-static-138.160.76.182-airtel.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!\ Jul 9 15:52:43 mintao sshd\[19778\]: Invalid user molly from 182.76.160.138\ |
2020-07-09 23:23:54 |
| 192.241.185.120 | attackbots | (sshd) Failed SSH login from 192.241.185.120 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 9 13:57:36 amsweb01 sshd[21674]: Invalid user mingfu from 192.241.185.120 port 46318 Jul 9 13:57:39 amsweb01 sshd[21674]: Failed password for invalid user mingfu from 192.241.185.120 port 46318 ssh2 Jul 9 14:03:53 amsweb01 sshd[22883]: Invalid user fedosei from 192.241.185.120 port 49323 Jul 9 14:03:55 amsweb01 sshd[22883]: Failed password for invalid user fedosei from 192.241.185.120 port 49323 ssh2 Jul 9 14:07:35 amsweb01 sshd[23430]: Invalid user ayano from 192.241.185.120 port 36131 |
2020-07-09 22:58:12 |
| 185.10.68.175 | attackbots | [portscan] tcp/23 [TELNET] [scan/connect: 2 time(s)] *(RWIN=65535)(07091136) |
2020-07-09 23:03:54 |
| 64.225.70.13 | attackspambots | Jul 9 15:28:02 l03 sshd[5457]: Invalid user dino from 64.225.70.13 port 49954 ... |
2020-07-09 22:57:05 |
| 218.92.0.249 | attack | Jul 9 12:15:10 firewall sshd[22714]: Failed password for root from 218.92.0.249 port 52102 ssh2 Jul 9 12:15:13 firewall sshd[22714]: Failed password for root from 218.92.0.249 port 52102 ssh2 Jul 9 12:15:17 firewall sshd[22714]: Failed password for root from 218.92.0.249 port 52102 ssh2 ... |
2020-07-09 23:23:09 |