城市(city): unknown
省份(region): unknown
国家(country): unknown
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 142.93.209.251 | attackbotsspam | Oct 11 22:07:55 v2202009116398126984 sshd[2515868]: Invalid user elke from 142.93.209.251 port 44534 ... |
2020-10-12 06:24:15 |
| 142.93.209.251 | attack | Oct 11 16:26:57 sso sshd[30604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 Oct 11 16:26:59 sso sshd[30604]: Failed password for invalid user chris from 142.93.209.251 port 59794 ssh2 ... |
2020-10-11 22:34:31 |
| 142.93.209.251 | attackbots | (sshd) Failed SSH login from 142.93.209.251 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 00:54:24 optimus sshd[28004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 user=root Oct 11 00:54:27 optimus sshd[28004]: Failed password for root from 142.93.209.251 port 54930 ssh2 Oct 11 01:19:11 optimus sshd[6951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 user=root Oct 11 01:19:13 optimus sshd[6951]: Failed password for root from 142.93.209.251 port 56072 ssh2 Oct 11 01:24:49 optimus sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 user=root |
2020-10-11 14:29:57 |
| 142.93.209.251 | attackbots | Oct 10 20:33:38 firewall sshd[2219]: Failed password for invalid user upload from 142.93.209.251 port 34734 ssh2 Oct 10 20:41:29 firewall sshd[2382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 user=games Oct 10 20:41:31 firewall sshd[2382]: Failed password for games from 142.93.209.251 port 39358 ssh2 ... |
2020-10-11 07:53:49 |
| 142.93.200.252 | attackbotsspam | Invalid user mono from 142.93.200.252 port 52252 |
2020-08-23 13:03:22 |
| 142.93.200.252 | attack | 2020-08-17T07:09:02.270583correo.[domain] sshd[32079]: Invalid user arts from 142.93.200.252 port 43904 2020-08-17T07:09:04.361786correo.[domain] sshd[32079]: Failed password for invalid user arts from 142.93.200.252 port 43904 ssh2 2020-08-17T07:23:53.561727correo.[domain] sshd[33545]: Invalid user user from 142.93.200.252 port 38978 ... |
2020-08-18 06:37:00 |
| 142.93.205.81 | attackbotsspam | Aug 16 05:53:39 db sshd[21085]: User root from 142.93.205.81 not allowed because none of user's groups are listed in AllowGroups ... |
2020-08-16 15:33:10 |
| 142.93.200.252 | attack | 20 attempts against mh-ssh on echoip |
2020-08-14 18:04:17 |
| 142.93.200.252 | attackspam | prod6 ... |
2020-08-12 02:47:44 |
| 142.93.201.112 | attack | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-08-11 01:25:04 |
| 142.93.201.112 | attack |
|
2020-08-08 04:11:37 |
| 142.93.200.252 | attack | Aug 6 09:00:31 lnxded63 sshd[22114]: Failed password for root from 142.93.200.252 port 51810 ssh2 Aug 6 09:00:31 lnxded63 sshd[22114]: Failed password for root from 142.93.200.252 port 51810 ssh2 |
2020-08-06 15:10:53 |
| 142.93.204.221 | attackspam | Automatic report - Banned IP Access |
2020-07-27 23:32:54 |
| 142.93.200.252 | attack | Jul 27 00:15:58 jane sshd[2950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.200.252 Jul 27 00:16:00 jane sshd[2950]: Failed password for invalid user nisha from 142.93.200.252 port 47436 ssh2 ... |
2020-07-27 06:45:49 |
| 142.93.200.206 | attack | port scan and connect, tcp 10000 (snet-sensor-mgmt) |
2020-07-26 04:56:53 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.20.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48051
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;142.93.20.20. IN A
;; AUTHORITY SECTION:
. 141 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400
;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 09:44:56 CST 2022
;; MSG SIZE rcvd: 105Host 20.20.93.142.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 20.20.93.142.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 183.66.171.252 | attackspambots | port |
2020-03-21 16:34:59 |
| 51.159.59.241 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 34 - port: 389 proto: UDP cat: Misc Attack |
2020-03-21 16:48:23 |
| 177.135.93.227 | attackspam | $f2bV_matches |
2020-03-21 17:16:35 |
| 106.13.125.159 | attackbotsspam | Invalid user sanjay from 106.13.125.159 port 54336 |
2020-03-21 16:47:27 |
| 190.199.247.163 | attack | Automatic report - Port Scan Attack |
2020-03-21 16:56:22 |
| 61.102.147.227 | attackspambots | firewall-block, port(s): 8000/tcp |
2020-03-21 16:46:28 |
| 14.226.104.173 | attackspam | Attempt to attack host OS, exploiting network vulnerabilities, on 21-03-2020 03:50:15. |
2020-03-21 16:34:08 |
| 173.252.87.42 | attackbots | [Sat Mar 21 10:49:25.600737 2020] [:error] [pid 8596:tid 140035796674304] [client 173.252.87.42:38264] [client 173.252.87.42] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/arrow-up.webp"] [unique_id "XnWOxZWVC7EroWYu1cWKIQAAAAE"], referer: https://karangploso.jatim.bmkg.go.id/ ... |
2020-03-21 17:18:39 |
| 196.52.43.52 | attackspambots | Honeypot hit. |
2020-03-21 16:45:47 |
| 178.128.90.9 | attack | 178.128.90.9 - - [21/Mar/2020:09:06:23 +0100] "GET /wp-login.php HTTP/1.1" 200 6463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.90.9 - - [21/Mar/2020:09:06:26 +0100] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.90.9 - - [21/Mar/2020:09:06:28 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-03-21 16:58:50 |
| 45.77.171.13 | attack | Automatic report - WordPress Brute Force |
2020-03-21 17:11:28 |
| 192.241.239.53 | attackspam | firewall-block, port(s): 7474/tcp |
2020-03-21 17:06:34 |
| 222.186.15.166 | attackbots | Mar 21 05:20:53 firewall sshd[2265]: Failed password for root from 222.186.15.166 port 26505 ssh2 Mar 21 05:20:55 firewall sshd[2265]: Failed password for root from 222.186.15.166 port 26505 ssh2 Mar 21 05:20:57 firewall sshd[2265]: Failed password for root from 222.186.15.166 port 26505 ssh2 ... |
2020-03-21 16:29:08 |
| 199.187.251.224 | attackspambots | Brute forcing email accounts |
2020-03-21 17:16:16 |
| 37.72.187.2 | attackspambots | Mar 21 09:43:38 srv206 sshd[13658]: Invalid user megawati from 37.72.187.2 Mar 21 09:43:38 srv206 sshd[13658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.72.187.2 Mar 21 09:43:38 srv206 sshd[13658]: Invalid user megawati from 37.72.187.2 Mar 21 09:43:39 srv206 sshd[13658]: Failed password for invalid user megawati from 37.72.187.2 port 59936 ssh2 ... |
2020-03-21 16:44:44 |