城市(city): Beucha
省份(region): Saxony
国家(country): Germany
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.18.19.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42724
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.18.19.14. IN A
;; AUTHORITY SECTION:
. 353 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020102801 1800 900 604800 86400
;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 29 05:18:31 CST 2020
;; MSG SIZE rcvd: 116Host 14.19.18.139.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 14.19.18.139.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 114.221.102.212 | attack | Jun 23 11:59:07 mail kernel: \[329492.723946\] \[UFW BLOCK\] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=114.221.102.212 DST=91.205.173.180 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=5457 DF PROTO=TCP SPT=62696 DPT=65530 WINDOW=8192 RES=0x00 SYN URGP=0 Jun 23 11:59:10 mail kernel: \[329495.778483\] \[UFW BLOCK\] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=114.221.102.212 DST=91.205.173.180 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=17673 DF PROTO=TCP SPT=62696 DPT=65530 WINDOW=8192 RES=0x00 SYN URGP=0 Jun 23 11:59:16 mail kernel: \[329501.778308\] \[UFW BLOCK\] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=114.221.102.212 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=28442 DF PROTO=TCP SPT=62696 DPT=65530 WINDOW=65535 RES=0x00 SYN URGP=0 |
2019-06-23 21:06:05 |
| 87.135.45.207 | attack | Automatic report - Web App Attack |
2019-06-23 21:07:03 |
| 218.108.73.60 | attackspambots | port scan and connect, tcp 3306 (mysql) |
2019-06-23 20:17:16 |
| 64.188.17.98 | attack | Joomla HTTP User Agent Object Injection Vulnerability |
2019-06-23 20:44:09 |
| 37.252.185.227 | attackbots | 2019-06-23T11:21:59.602710abusebot-8.cloudsearch.cf sshd\[17967\]: Invalid user rabbitmq from 37.252.185.227 port 46242 |
2019-06-23 20:58:45 |
| 185.220.101.24 | attackbotsspam | Automatic report - Web App Attack |
2019-06-23 20:19:29 |
| 42.99.180.167 | attackbotsspam | SSH/22 MH Probe, BF, Hack - |
2019-06-23 20:22:07 |
| 185.220.101.25 | attack | Automatic report - Web App Attack |
2019-06-23 20:33:07 |
| 123.20.225.230 | attackspambots | Jun 17 14:19:02 sanyalnet-cloud-vps2 sshd[31655]: Connection from 123.20.225.230 port 55940 on 45.62.253.138 port 22 Jun 17 14:19:04 sanyalnet-cloud-vps2 sshd[31655]: User r.r from 123.20.225.230 not allowed because not listed in AllowUsers Jun 17 14:19:04 sanyalnet-cloud-vps2 sshd[31655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.20.225.230 user=r.r Jun 17 14:19:07 sanyalnet-cloud-vps2 sshd[31655]: Failed password for invalid user r.r from 123.20.225.230 port 55940 ssh2 Jun 17 14:19:08 sanyalnet-cloud-vps2 sshd[31655]: Received disconnect from 123.20.225.230 port 55940:11: Bye Bye [preauth] Jun 17 14:19:08 sanyalnet-cloud-vps2 sshd[31655]: Disconnected from 123.20.225.230 port 55940 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=123.20.225.230 |
2019-06-23 20:38:38 |
| 83.55.220.88 | attackbots | SSH-Bruteforce |
2019-06-23 20:42:29 |
| 58.242.82.6 | attackbots | Jun 23 12:15:07 mail sshd\[27603\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.242.82.6 user=root Jun 23 12:15:08 mail sshd\[27603\]: Failed password for root from 58.242.82.6 port 54282 ssh2 Jun 23 12:15:27 mail sshd\[27644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.242.82.6 user=root Jun 23 12:15:28 mail sshd\[27644\]: Failed password for root from 58.242.82.6 port 14970 ssh2 Jun 23 12:15:31 mail sshd\[27644\]: Failed password for root from 58.242.82.6 port 14970 ssh2 |
2019-06-23 20:12:39 |
| 132.232.40.86 | attack | 2019-06-23T10:31:06.236703abusebot-5.cloudsearch.cf sshd\[8810\]: Invalid user admin from 132.232.40.86 port 41992 |
2019-06-23 20:50:41 |
| 51.38.176.147 | attack | Jun 23 14:19:32 icinga sshd[39158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.176.147 Jun 23 14:19:34 icinga sshd[39158]: Failed password for invalid user elephant from 51.38.176.147 port 55469 ssh2 Jun 23 14:22:14 icinga sshd[41165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.176.147 ... |
2019-06-23 20:58:05 |
| 104.244.76.13 | attackbots | Automatic report - Web App Attack |
2019-06-23 21:06:35 |
| 185.176.27.58 | attack | firewall-block, port(s): 7317/tcp |
2019-06-23 20:18:24 |