城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 129.204.91.220 | attack | Event 'Ataque de red detectado' has occurred on device SRV-EXPLOTACION in Windows domain KAURKI on Thursday, July 16, 2020 9:39:47 PM (GMT+00:00) Tipo de evento: Ataque de red detectado Aplicación: Kaspersky Endpoint Security para Windows Aplicación\Ruta: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\ Usuario: NT AUTHORITY\SYSTEM (Usuario del sistema) Componente: Protección frente a amenazas en la red Resultado\Descripción: Bloqueado Resultado\Nombre: Intrusion.Generic.CVE-2018-1273.exploit Objeto: TCP de 129.204.91.220 at 192.168.0.80:8080 |
2020-07-21 01:32:26 |
| 129.204.91.47 | attackspam | Lines containing failures of 129.204.91.47 Jun 1 00:27:44 kopano sshd[9143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.91.47 user=r.r Jun 1 00:27:46 kopano sshd[9143]: Failed password for r.r from 129.204.91.47 port 33046 ssh2 Jun 1 00:27:46 kopano sshd[9143]: Received disconnect from 129.204.91.47 port 33046:11: Bye Bye [preauth] Jun 1 00:27:46 kopano sshd[9143]: Disconnected from authenticating user r.r 129.204.91.47 port 33046 [preauth] Jun 1 00:39:59 kopano sshd[9894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.91.47 user=r.r Jun 1 00:40:00 kopano sshd[9894]: Failed password for r.r from 129.204.91.47 port 33586 ssh2 Jun 1 00:40:00 kopano sshd[9894]: Received disconnect from 129.204.91.47 port 33586:11: Bye Bye [preauth] Jun 1 00:40:00 kopano sshd[9894]: Disconnected from authenticating user r.r 129.204.91.47 port 33586 [preauth] Jun 1 00:45:56 kopano........ ------------------------------ |
2020-06-01 21:58:42 |
| 129.204.91.47 | attackspam | May 10 06:30:36 web01 sshd[28473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.91.47 May 10 06:30:38 web01 sshd[28473]: Failed password for invalid user bbz from 129.204.91.47 port 59438 ssh2 ... |
2020-05-10 13:53:15 |
| 129.204.91.220 | attack | Unauthorized connection attempt detected from IP address 129.204.91.220 to port 7001 [T] |
2020-04-15 01:16:20 |
| 129.204.91.238 | attackspam | port scan and connect, tcp 80 (http) |
2019-07-16 11:37:18 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.204.91.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39228
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;129.204.91.242. IN A
;; AUTHORITY SECTION:
. 273 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022030802 1800 900 604800 86400
;; Query time: 127 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 04:45:39 CST 2022
;; MSG SIZE rcvd: 107Host 242.91.204.129.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 242.91.204.129.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 162.243.232.174 | attackspam | *Port Scan* detected from 162.243.232.174 (US/United States/New York/New York/-). 4 hits in the last 10 seconds |
2020-08-06 00:37:00 |
| 67.205.162.223 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 69 - port: 22593 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-06 00:46:02 |
| 103.12.242.130 | attackbots | Aug 5 17:46:31 v22019038103785759 sshd\[18083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.12.242.130 user=root Aug 5 17:46:34 v22019038103785759 sshd\[18083\]: Failed password for root from 103.12.242.130 port 53426 ssh2 Aug 5 17:51:36 v22019038103785759 sshd\[18313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.12.242.130 user=root Aug 5 17:51:37 v22019038103785759 sshd\[18313\]: Failed password for root from 103.12.242.130 port 37074 ssh2 Aug 5 17:56:31 v22019038103785759 sshd\[18456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.12.242.130 user=root ... |
2020-08-06 00:42:44 |
| 112.216.3.211 | attackspam | 2020-08-05T19:16:15.335012hostname sshd[130189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.216.3.211 user=root 2020-08-05T19:16:17.132902hostname sshd[130189]: Failed password for root from 112.216.3.211 port 45519 ssh2 ... |
2020-08-06 00:19:39 |
| 103.106.195.155 | attackspambots | Unauthorized connection attempt from IP address 103.106.195.155 on Port 445(SMB) |
2020-08-06 00:20:42 |
| 62.215.132.169 | attackbots | Unauthorized connection attempt from IP address 62.215.132.169 on Port 445(SMB) |
2020-08-06 00:29:32 |
| 106.79.201.133 | attackbotsspam | Unauthorized connection attempt from IP address 106.79.201.133 on Port 445(SMB) |
2020-08-06 00:15:58 |
| 112.19.94.19 | attackbots | Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root |
2020-08-06 00:14:06 |
| 180.76.163.33 | attackbotsspam | Aug 5 09:09:50 ws12vmsma01 sshd[969]: Failed password for root from 180.76.163.33 port 36134 ssh2 Aug 5 09:14:06 ws12vmsma01 sshd[1638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.163.33 user=root Aug 5 09:14:08 ws12vmsma01 sshd[1638]: Failed password for root from 180.76.163.33 port 60740 ssh2 ... |
2020-08-06 00:46:37 |
| 196.216.247.41 | attack | Icarus honeypot on github |
2020-08-06 00:48:33 |
| 31.145.131.202 | attack | Unauthorized connection attempt from IP address 31.145.131.202 on Port 445(SMB) |
2020-08-06 00:23:25 |
| 143.137.144.82 | attackbotsspam | Unauthorized connection attempt from IP address 143.137.144.82 on Port 445(SMB) |
2020-08-06 00:31:11 |
| 202.130.122.50 | attackbotsspam | Unauthorized connection attempt from IP address 202.130.122.50 on Port 445(SMB) |
2020-08-06 00:32:57 |
| 106.241.33.158 | attackspambots | Aug 5 10:19:41 mail sshd\[42044\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.241.33.158 user=root ... |
2020-08-06 00:54:39 |
| 166.111.68.25 | attackspam | Aug 5 19:14:13 gw1 sshd[21454]: Failed password for root from 166.111.68.25 port 36224 ssh2 ... |
2020-08-06 00:15:30 |