城市(city): unknown
省份(region): unknown
国家(country): Korea (the Republic of)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.0.126.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25891
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;14.0.126.85. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020400 1800 900 604800 86400
;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 16:47:13 CST 2025
;; MSG SIZE rcvd: 104Host 85.126.0.14.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 85.126.0.14.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 185.90.116.29 | attackspambots | 10/14/2019-15:04:02.632023 185.90.116.29 Protocol: 6 ET SCAN Potential SSH Scan |
2019-10-15 03:05:37 |
| 73.24.157.246 | attackspambots | Automatic report - Port Scan |
2019-10-15 02:53:34 |
| 68.183.134.134 | attackspambots | 68.183.134.134 - - [14/Oct/2019:13:42:35 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.134.134 - - [14/Oct/2019:13:42:41 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.134.134 - - [14/Oct/2019:13:42:46 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.134.134 - - [14/Oct/2019:13:42:46 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.134.134 - - [14/Oct/2019:13:42:46 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.134.134 - - [14/Oct/2019:13:42:47 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2019-10-15 03:12:56 |
| 159.65.24.7 | attackbots | $f2bV_matches |
2019-10-15 02:59:01 |
| 185.90.118.52 | attack | Port scan |
2019-10-15 03:14:21 |
| 85.68.17.125 | attackbotsspam | MYH,DEF GET /wp-login.php |
2019-10-15 03:10:05 |
| 111.230.13.11 | attack | SSH bruteforce (Triggered fail2ban) |
2019-10-15 02:47:39 |
| 221.214.5.163 | attack | Oct 14 13:31:59 host sshd[23332]: User r.r from 221.214.5.163 not allowed because none of user's groups are listed in AllowGroups Oct 14 13:31:59 host sshd[23332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.214.5.163 user=r.r Oct 14 13:32:02 host sshd[23332]: Failed password for invalid user r.r from 221.214.5.163 port 49301 ssh2 Oct 14 13:32:03 host sshd[23332]: Received disconnect from 221.214.5.163 port 49301:11: Bye Bye [preauth] Oct 14 13:32:03 host sshd[23332]: Disconnected from invalid user r.r 221.214.5.163 port 49301 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=221.214.5.163 |
2019-10-15 03:22:09 |
| 62.157.0.243 | attackbotsspam | Oct 14 16:16:30 shared-1 sshd\[15423\]: Invalid user pi from 62.157.0.243Oct 14 16:16:30 shared-1 sshd\[15425\]: Invalid user pi from 62.157.0.243 ... |
2019-10-15 03:02:51 |
| 122.55.212.211 | attack | 2 pkts, ports: TCP:1433 |
2019-10-15 03:09:19 |
| 167.114.226.137 | attack | Oct 14 16:10:08 SilenceServices sshd[6368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.226.137 Oct 14 16:10:10 SilenceServices sshd[6368]: Failed password for invalid user Algoritm_123 from 167.114.226.137 port 46998 ssh2 Oct 14 16:14:00 SilenceServices sshd[7493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.226.137 |
2019-10-15 02:55:19 |
| 188.247.207.89 | attack | Port 1433 Scan |
2019-10-15 03:20:00 |
| 96.243.113.135 | attack | Automatic report - Port Scan Attack |
2019-10-15 03:07:09 |
| 114.5.12.186 | attack | Oct 9 19:20:20 heissa sshd\[15943\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.5.12.186 user=root Oct 9 19:20:23 heissa sshd\[15943\]: Failed password for root from 114.5.12.186 port 51753 ssh2 Oct 9 19:24:44 heissa sshd\[16590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.5.12.186 user=root Oct 9 19:24:46 heissa sshd\[16590\]: Failed password for root from 114.5.12.186 port 42795 ssh2 Oct 9 19:29:11 heissa sshd\[17241\]: Invalid user 123 from 114.5.12.186 port 33835 Oct 9 19:29:11 heissa sshd\[17241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.5.12.186 |
2019-10-15 02:50:45 |
| 78.46.228.220 | attackbotsspam | *Port Scan* detected from 78.46.228.220 (DE/Germany/static.220.228.46.78.clients.your-server.de). 4 hits in the last 105 seconds |
2019-10-15 03:10:24 |