160.16.119.126

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Japan

运营商(isp): Sakura Internet Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Lines containing failures of 160.16.119.126 Jan 14 04:32:39 nxxxxxxx sshd[11502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.16.119.126 user=r.r Jan 14 04:32:41 nxxxxxxx sshd[11502]: Failed password for r.r from 160.16.119.126 port 59554 ssh2 Jan 14 04:32:41 nxxxxxxx sshd[11502]: Received disconnect from 160.16.119.126 port 59554:11: Bye Bye [preauth] Jan 14 04:32:41 nxxxxxxx sshd[11502]: Disconnected from authenticating user r.r 160.16.119.126 port 59554 [preauth] Jan 14 04:44:34 nxxxxxxx sshd[12915]: Invalid user samba from 160.16.119.126 port 38228 Jan 14 04:44:34 nxxxxxxx sshd[12915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.16.119.126 Jan 14 04:44:36 nxxxxxxx sshd[12915]: Failed password for invalid user samba from 160.16.119.126 port 38228 ssh2 Jan 14 04:44:37 nxxxxxxx sshd[12915]: Received disconnect from 160.16.119.126 port 38228:11: Bye Bye [preauth] Jan 14 04:44........ ------------------------------	2020-01-16 19:12:57

类型

评论内容

时间

attack

Lines containing failures of 160.16.119.126
Jan 14 04:32:39 nxxxxxxx sshd[11502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.16.119.126  user=r.r
Jan 14 04:32:41 nxxxxxxx sshd[11502]: Failed password for r.r from 160.16.119.126 port 59554 ssh2
Jan 14 04:32:41 nxxxxxxx sshd[11502]: Received disconnect from 160.16.119.126 port 59554:11: Bye Bye [preauth]
Jan 14 04:32:41 nxxxxxxx sshd[11502]: Disconnected from authenticating user r.r 160.16.119.126 port 59554 [preauth]
Jan 14 04:44:34 nxxxxxxx sshd[12915]: Invalid user samba from 160.16.119.126 port 38228
Jan 14 04:44:34 nxxxxxxx sshd[12915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.16.119.126
Jan 14 04:44:36 nxxxxxxx sshd[12915]: Failed password for invalid user samba from 160.16.119.126 port 38228 ssh2
Jan 14 04:44:37 nxxxxxxx sshd[12915]: Received disconnect from 160.16.119.126 port 38228:11: Bye Bye [preauth]
Jan 14 04:44........
------------------------------

2020-01-16 19:12:57

相同子网IP讨论:

IP	类型	评论内容	时间
160.16.119.99	attack	Invalid user fix from 160.16.119.99 port 47030	2019-06-30 00:27:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 160.16.119.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40109
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;160.16.119.126.			IN	A

;; AUTHORITY SECTION:
.			479	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011600 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 16 19:12:54 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

126.119.16.160.in-addr.arpa domain name pointer tk2-235-27372.vs.sakura.ne.jp.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
126.119.16.160.in-addr.arpa	name = tk2-235-27372.vs.sakura.ne.jp.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
5.189.202.59	attack	B: Magento admin pass test (wrong country)	2019-08-25 12:36:42
187.176.100.34	attackspam	Unauthorized connection attempt from IP address 187.176.100.34 on Port 445(SMB)	2019-08-25 13:18:30
183.224.78.176	attackspam	firewall-block, port(s): 23/tcp	2019-08-25 12:46:31
69.70.254.18	attack	RDP Brute-Force (Grieskirchen RZ2)	2019-08-25 12:55:28
103.87.123.162	attackbotsspam	Unauthorized connection attempt from IP address 103.87.123.162 on Port 445(SMB)	2019-08-25 12:56:35
157.34.140.195	attackbotsspam	Unauthorized connection attempt from IP address 157.34.140.195 on Port 445(SMB)	2019-08-25 13:14:08
31.13.63.70	attackbots	Aug 24 15:17:24 sachi sshd\[15228\]: Invalid user jenkins from 31.13.63.70 Aug 24 15:17:24 sachi sshd\[15228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.13.63.70 Aug 24 15:17:27 sachi sshd\[15228\]: Failed password for invalid user jenkins from 31.13.63.70 port 37638 ssh2 Aug 24 15:21:49 sachi sshd\[15757\]: Invalid user ftpuser from 31.13.63.70 Aug 24 15:21:49 sachi sshd\[15757\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.13.63.70	2019-08-25 13:29:07
111.231.114.79	attackspambots	Aug 25 00:02:21 aat-srv002 sshd[12021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.114.79 Aug 25 00:02:23 aat-srv002 sshd[12021]: Failed password for invalid user remotos from 111.231.114.79 port 44844 ssh2 Aug 25 00:05:47 aat-srv002 sshd[12087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.114.79 Aug 25 00:05:49 aat-srv002 sshd[12087]: Failed password for invalid user marcio from 111.231.114.79 port 47568 ssh2 ...	2019-08-25 13:24:04
139.155.19.146	attackspam	Aug 24 22:45:09 smtp sshd[5285]: Invalid user nameserver from 139.155.19.146 port 50148 Aug 24 22:45:09 smtp sshd[5285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.19.146 Aug 24 22:45:09 smtp sshd[5285]: Invalid user nameserver from 139.155.19.146 port 50148 Aug 24 22:45:11 smtp sshd[5285]: Failed password for invalid user nameserver from 139.155.19.146 port 50148 ssh2 Aug 24 22:50:12 smtp sshd[5313]: Invalid user db from 139.155.19.146 port 37344 ...	2019-08-25 12:24:14
138.68.110.115	attackbots	Aug 25 04:27:12 localhost sshd\[37178\]: Invalid user appman from 138.68.110.115 port 33792 Aug 25 04:27:12 localhost sshd\[37178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.110.115 Aug 25 04:27:14 localhost sshd\[37178\]: Failed password for invalid user appman from 138.68.110.115 port 33792 ssh2 Aug 25 04:31:17 localhost sshd\[37295\]: Invalid user lsj from 138.68.110.115 port 49736 Aug 25 04:31:17 localhost sshd\[37295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.110.115 ...	2019-08-25 13:40:59
125.234.112.42	attack	Unauthorized connection attempt from IP address 125.234.112.42 on Port 445(SMB)	2019-08-25 12:58:23
106.52.35.207	attack	Aug 24 16:03:41 eddieflores sshd\[4516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.35.207 user=root Aug 24 16:03:42 eddieflores sshd\[4516\]: Failed password for root from 106.52.35.207 port 35902 ssh2 Aug 24 16:06:47 eddieflores sshd\[4797\]: Invalid user brent from 106.52.35.207 Aug 24 16:06:47 eddieflores sshd\[4797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.35.207 Aug 24 16:06:49 eddieflores sshd\[4797\]: Failed password for invalid user brent from 106.52.35.207 port 33536 ssh2	2019-08-25 12:22:54
180.250.124.227	attackbots	Aug 25 05:14:54 MK-Soft-VM5 sshd\[10606\]: Invalid user emmy from 180.250.124.227 port 38792 Aug 25 05:14:54 MK-Soft-VM5 sshd\[10606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.124.227 Aug 25 05:14:56 MK-Soft-VM5 sshd\[10606\]: Failed password for invalid user emmy from 180.250.124.227 port 38792 ssh2 ...	2019-08-25 13:19:18
92.38.101.35	attack	Unauthorized connection attempt from IP address 92.38.101.35 on Port 445(SMB)	2019-08-25 13:16:15
60.11.68.180	attackspam	Unauthorised access (Aug 25) SRC=60.11.68.180 LEN=40 TTL=49 ID=2883 TCP DPT=8080 WINDOW=38739 SYN Unauthorised access (Aug 24) SRC=60.11.68.180 LEN=40 TTL=49 ID=42334 TCP DPT=8080 WINDOW=23484 SYN	2019-08-25 12:36:02

最近上报的IP列表

165.22.73.156	106.54.41.114	45.125.119.47	171.241.29.247
117.26.3.184	113.166.128.107	54.202.172.151	118.25.53.138
113.190.231.220	240.73.232.107	13.229.126.64	89.191.105.5
15.196.243.172	109.56.15.215	202.201.200.147	208.210.61.25
50.14.10.110	93.62.253.231	184.207.201.110	86.164.171.193