城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 160.43.38.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45712
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;160.43.38.252. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021100 1800 900 604800 86400
;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 01:33:31 CST 2025
;; MSG SIZE rcvd: 106
Host 252.38.43.160.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 252.38.43.160.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 121.142.111.114 | attackspambots | Sep 30 21:38:53 thevastnessof sshd[11505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.142.111.114 ... |
2019-10-01 07:40:37 |
| 187.149.43.167 | attackspambots | Automatic report - Port Scan Attack |
2019-10-01 08:08:44 |
| 142.93.238.162 | attack | Sep 30 13:49:23 friendsofhawaii sshd\[11419\]: Invalid user admin from 142.93.238.162 Sep 30 13:49:23 friendsofhawaii sshd\[11419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.238.162 Sep 30 13:49:26 friendsofhawaii sshd\[11419\]: Failed password for invalid user admin from 142.93.238.162 port 34418 ssh2 Sep 30 13:53:31 friendsofhawaii sshd\[11790\]: Invalid user iy from 142.93.238.162 Sep 30 13:53:31 friendsofhawaii sshd\[11790\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.238.162 |
2019-10-01 08:00:13 |
| 1.193.108.90 | attackspambots | Sep 30 22:55:47 pornomens sshd\[19886\]: Invalid user apache from 1.193.108.90 port 49680 Sep 30 22:55:47 pornomens sshd\[19886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.193.108.90 Sep 30 22:55:49 pornomens sshd\[19886\]: Failed password for invalid user apache from 1.193.108.90 port 49680 ssh2 ... |
2019-10-01 08:01:42 |
| 220.120.106.254 | attack | Oct 1 01:46:47 dedicated sshd[3198]: Failed password for invalid user test from 220.120.106.254 port 40210 ssh2 Oct 1 01:46:44 dedicated sshd[3198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.120.106.254 Oct 1 01:46:44 dedicated sshd[3198]: Invalid user test from 220.120.106.254 port 40210 Oct 1 01:46:47 dedicated sshd[3198]: Failed password for invalid user test from 220.120.106.254 port 40210 ssh2 Oct 1 01:50:46 dedicated sshd[3800]: Invalid user qg from 220.120.106.254 port 55696 |
2019-10-01 07:53:34 |
| 130.61.83.71 | attackspam | $f2bV_matches |
2019-10-01 08:10:15 |
| 139.155.118.190 | attack | Oct 1 04:56:54 gw1 sshd[21538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.118.190 Oct 1 04:56:56 gw1 sshd[21538]: Failed password for invalid user den from 139.155.118.190 port 33369 ssh2 ... |
2019-10-01 08:05:33 |
| 51.254.79.235 | attackspam | *Port Scan* detected from 51.254.79.235 (FR/France/-). 4 hits in the last 150 seconds |
2019-10-01 08:17:36 |
| 203.244.166.78 | attackbots | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/203.244.166.78/ KR - 1H : (161) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KR NAME ASN : ASN18401 IP : 203.244.166.78 CIDR : 203.244.128.0/18 PREFIX COUNT : 23 UNIQUE IP COUNT : 27136 WYKRYTE ATAKI Z ASN18401 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 INFO : SERVER - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery |
2019-10-01 07:45:38 |
| 2.139.215.255 | attackbots | SSH bruteforce |
2019-10-01 07:52:15 |
| 106.12.90.250 | attack | Sep 30 13:56:56 hpm sshd\[14713\]: Invalid user test321 from 106.12.90.250 Sep 30 13:56:56 hpm sshd\[14713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.90.250 Sep 30 13:56:58 hpm sshd\[14713\]: Failed password for invalid user test321 from 106.12.90.250 port 33698 ssh2 Sep 30 14:01:34 hpm sshd\[15171\]: Invalid user psswd from 106.12.90.250 Sep 30 14:01:34 hpm sshd\[15171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.90.250 |
2019-10-01 08:05:13 |
| 78.136.105.149 | attack | 2019-09-30 15:55:01 dovecot_login authenticator failed for (Zo93Ci6Zr3) [78.136.105.149]:55379 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=uhclem@lerctr.org) 2019-09-30 15:55:19 dovecot_login authenticator failed for (1gNTVLdY) [78.136.105.149]:56725 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=uhclem@lerctr.org) 2019-09-30 15:55:34 dovecot_login authenticator failed for (acCe5OvYvS) [78.136.105.149]:57794 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=uhclem@lerctr.org) ... |
2019-10-01 08:07:16 |
| 142.93.240.79 | attackspambots | Sep 30 13:55:55 hanapaa sshd\[13237\]: Invalid user pass from 142.93.240.79 Sep 30 13:55:55 hanapaa sshd\[13237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.240.79 Sep 30 13:55:57 hanapaa sshd\[13237\]: Failed password for invalid user pass from 142.93.240.79 port 59900 ssh2 Sep 30 14:00:32 hanapaa sshd\[13616\]: Invalid user passwd from 142.93.240.79 Sep 30 14:00:32 hanapaa sshd\[13616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.240.79 |
2019-10-01 08:15:12 |
| 27.37.80.217 | attack | Unauthorised access (Sep 30) SRC=27.37.80.217 LEN=40 TTL=49 ID=40768 TCP DPT=8080 WINDOW=45473 SYN Unauthorised access (Sep 30) SRC=27.37.80.217 LEN=40 TTL=49 ID=35142 TCP DPT=8080 WINDOW=4714 SYN |
2019-10-01 07:51:04 |
| 117.196.140.152 | attackspambots | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/117.196.140.152/ US - 1H : (543) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN9829 IP : 117.196.140.152 CIDR : 117.196.128.0/20 PREFIX COUNT : 2668 UNIQUE IP COUNT : 6122240 WYKRYTE ATAKI Z ASN9829 : 1H - 2 3H - 4 6H - 7 12H - 13 24H - 19 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-01 08:16:29 |