城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 161.189.161.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39880
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;161.189.161.94. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020401 1800 900 604800 86400
;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 02:20:51 CST 2025
;; MSG SIZE rcvd: 107
94.161.189.161.in-addr.arpa domain name pointer ec2-161-189-161-94.cn-northwest-1.compute.amazonaws.com.cn.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
94.161.189.161.in-addr.arpa name = ec2-161-189-161-94.cn-northwest-1.compute.amazonaws.com.cn.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 152.136.131.171 | attack | "fail2ban match" |
2020-10-06 05:06:46 |
| 5.160.52.130 | attack | Failed password for root from 5.160.52.130 port 52910 ssh2 |
2020-10-06 05:10:51 |
| 140.238.95.47 | attackbotsspam | [N1.H1.VM1] Bad Bot Blocked by UFW |
2020-10-06 04:54:56 |
| 101.100.238.197 | attack | CMS (WordPress or Joomla) login attempt. |
2020-10-06 05:23:10 |
| 176.100.102.150 | attackspam | 20/10/5@05:17:40: FAIL: Alarm-Intrusion address from=176.100.102.150 ... |
2020-10-06 05:04:38 |
| 112.85.42.229 | attack | Oct 5 16:27:43 abendstille sshd\[28902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Oct 5 16:27:45 abendstille sshd\[28902\]: Failed password for root from 112.85.42.229 port 60475 ssh2 Oct 5 16:27:47 abendstille sshd\[28902\]: Failed password for root from 112.85.42.229 port 60475 ssh2 Oct 5 16:27:49 abendstille sshd\[28902\]: Failed password for root from 112.85.42.229 port 60475 ssh2 Oct 5 16:28:45 abendstille sshd\[29857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root ... |
2020-10-06 05:11:53 |
| 45.141.84.35 | attackspam | RDP Bruteforce |
2020-10-06 05:01:58 |
| 81.68.106.155 | attackspambots | Oct 6 05:19:29 web1 sshd[1915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.106.155 user=root Oct 6 05:19:31 web1 sshd[1915]: Failed password for root from 81.68.106.155 port 54188 ssh2 Oct 6 05:32:55 web1 sshd[6380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.106.155 user=root Oct 6 05:32:57 web1 sshd[6380]: Failed password for root from 81.68.106.155 port 32976 ssh2 Oct 6 05:38:57 web1 sshd[8414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.106.155 user=root Oct 6 05:38:59 web1 sshd[8414]: Failed password for root from 81.68.106.155 port 40380 ssh2 Oct 6 05:45:02 web1 sshd[10370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.106.155 user=root Oct 6 05:45:04 web1 sshd[10370]: Failed password for root from 81.68.106.155 port 47788 ssh2 Oct 6 05:51:01 web1 sshd[12447]: pam_unix ... |
2020-10-06 05:09:38 |
| 110.80.142.84 | attack | Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-05T20:57:08Z |
2020-10-06 05:09:19 |
| 107.204.217.126 | attackspam | Lines containing failures of 107.204.217.126 (max 1000) Oct 4 22:38:48 server sshd[24860]: Connection from 107.204.217.126 port 57354 on 62.116.165.82 port 22 Oct 4 22:38:48 server sshd[24860]: Did not receive identification string from 107.204.217.126 port 57354 Oct 4 22:38:51 server sshd[24863]: Connection from 107.204.217.126 port 57811 on 62.116.165.82 port 22 Oct 4 22:38:54 server sshd[24863]: Invalid user service from 107.204.217.126 port 57811 Oct 4 22:38:54 server sshd[24863]: Connection closed by 107.204.217.126 port 57811 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=107.204.217.126 |
2020-10-06 05:21:22 |
| 5.101.151.41 | attackspam | Oct 5 04:21:26 web9 sshd\[13345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.101.151.41 user=root Oct 5 04:21:28 web9 sshd\[13345\]: Failed password for root from 5.101.151.41 port 31244 ssh2 Oct 5 04:24:46 web9 sshd\[13808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.101.151.41 user=root Oct 5 04:24:48 web9 sshd\[13808\]: Failed password for root from 5.101.151.41 port 29400 ssh2 Oct 5 04:28:15 web9 sshd\[14246\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.101.151.41 user=root |
2020-10-06 05:12:45 |
| 212.70.149.36 | attackbots | 2020-10-06 00:18:14 auth_plain authenticator failed for (User) [212.70.149.36]: 535 Incorrect authentication data (set_id=cl@lavrinenko.info) 2020-10-06 00:18:31 auth_plain authenticator failed for (User) [212.70.149.36]: 535 Incorrect authentication data (set_id=ns100@lavrinenko.info) ... |
2020-10-06 05:24:33 |
| 120.196.181.230 | attackbots | 1433/tcp 1433/tcp 1433/tcp [2020-09-29/10-04]3pkt |
2020-10-06 04:56:52 |
| 58.64.155.142 | attackspam | 445/tcp 445/tcp [2020-10-04]2pkt |
2020-10-06 05:20:14 |
| 81.213.219.95 | attackbots | 20/10/4@16:40:59: FAIL: Alarm-Intrusion address from=81.213.219.95 ... |
2020-10-06 05:18:18 |