城市(city): unknown
省份(region): unknown
国家(country): Australia
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 164.97.66.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39755
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;164.97.66.0. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021200 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 01:19:53 CST 2025
;; MSG SIZE rcvd: 104Host 0.66.97.164.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 0.66.97.164.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 218.92.0.154 | attack | Nov 27 09:13:51 v22018086721571380 sshd[21490]: error: maximum authentication attempts exceeded for root from 218.92.0.154 port 23444 ssh2 [preauth] Nov 27 11:11:19 v22018086721571380 sshd[28586]: error: maximum authentication attempts exceeded for root from 218.92.0.154 port 35856 ssh2 [preauth] |
2019-11-27 18:14:49 |
| 210.245.26.142 | attack | Nov 27 10:46:25 mc1 kernel: \[6134213.684443\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=202 PROTO=TCP SPT=41610 DPT=2535 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 27 10:54:18 mc1 kernel: \[6134687.205330\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=26589 PROTO=TCP SPT=41610 DPT=3119 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 27 10:54:51 mc1 kernel: \[6134719.485117\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=11629 PROTO=TCP SPT=41610 DPT=2497 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-11-27 18:27:39 |
| 60.250.164.169 | attack | Nov 27 08:30:56 sso sshd[25138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.164.169 Nov 27 08:30:58 sso sshd[25138]: Failed password for invalid user ia@123 from 60.250.164.169 port 38860 ssh2 ... |
2019-11-27 17:55:35 |
| 223.190.125.206 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 27-11-2019 10:05:33. |
2019-11-27 18:33:39 |
| 122.51.68.196 | attack | Nov 27 08:20:45 dedicated sshd[8654]: Invalid user lidelsur from 122.51.68.196 port 51038 |
2019-11-27 18:14:07 |
| 157.230.235.233 | attack | Nov 27 06:38:03 ldap01vmsma01 sshd[39776]: Failed password for root from 157.230.235.233 port 40288 ssh2 ... |
2019-11-27 18:32:21 |
| 109.109.34.204 | attack | Nov 27 07:15:28 roadrisk sshd[27124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.109.34.204 user=r.r Nov 27 07:15:29 roadrisk sshd[27124]: Failed password for r.r from 109.109.34.204 port 46083 ssh2 Nov 27 07:15:31 roadrisk sshd[27124]: Failed password for r.r from 109.109.34.204 port 46083 ssh2 Nov 27 07:15:33 roadrisk sshd[27124]: Failed password for r.r from 109.109.34.204 port 46083 ssh2 Nov 27 07:15:35 roadrisk sshd[27124]: Failed password for r.r from 109.109.34.204 port 46083 ssh2 Nov 27 07:15:38 roadrisk sshd[27124]: Failed password for r.r from 109.109.34.204 port 46083 ssh2 Nov 27 07:15:40 roadrisk sshd[27124]: Failed password for r.r from 109.109.34.204 port 46083 ssh2 Nov 27 07:15:40 roadrisk sshd[27124]: Disconnecting: Too many authentication failures for r.r from 109.109.34.204 port 46083 ssh2 [preauth] Nov 27 07:15:40 roadrisk sshd[27124]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh r........ ------------------------------- |
2019-11-27 18:34:12 |
| 185.209.0.89 | attackbotsspam | 11/27/2019-10:37:30.574764 185.209.0.89 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-11-27 18:19:08 |
| 140.143.193.52 | attackbotsspam | 2019-11-27T09:57:24.952769 sshd[32514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.52 user=root 2019-11-27T09:57:27.272329 sshd[32514]: Failed password for root from 140.143.193.52 port 60636 ssh2 2019-11-27T10:13:08.041689 sshd[32693]: Invalid user katsuyama from 140.143.193.52 port 45964 2019-11-27T10:13:08.055687 sshd[32693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.52 2019-11-27T10:13:08.041689 sshd[32693]: Invalid user katsuyama from 140.143.193.52 port 45964 2019-11-27T10:13:10.300374 sshd[32693]: Failed password for invalid user katsuyama from 140.143.193.52 port 45964 ssh2 ... |
2019-11-27 18:01:21 |
| 203.130.192.242 | attackspam | Nov 26 21:40:04 web1 sshd\[28503\]: Invalid user www from 203.130.192.242 Nov 26 21:40:04 web1 sshd\[28503\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.192.242 Nov 26 21:40:06 web1 sshd\[28503\]: Failed password for invalid user www from 203.130.192.242 port 50520 ssh2 Nov 26 21:46:54 web1 sshd\[29106\]: Invalid user nexus from 203.130.192.242 Nov 26 21:46:54 web1 sshd\[29106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.192.242 |
2019-11-27 17:53:30 |
| 121.228.166.200 | attack | Nov 27 08:10:45 nopemail postfix/smtpd[20555]: disconnect from unknown[121.228.166.200] ehlo=1 auth=0/1 quit=1 commands=2/3 ... |
2019-11-27 18:20:19 |
| 175.153.72.55 | attackbotsspam | Nov 27 16:32:40 our-server-hostname postfix/smtpd[24883]: connect from unknown[175.153.72.55] Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=175.153.72.55 |
2019-11-27 18:26:17 |
| 198.50.197.216 | attackspam | Nov 26 23:35:20 kapalua sshd\[31226\]: Invalid user web from 198.50.197.216 Nov 26 23:35:20 kapalua sshd\[31226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip216.ip-198-50-197.net Nov 26 23:35:22 kapalua sshd\[31226\]: Failed password for invalid user web from 198.50.197.216 port 36560 ssh2 Nov 26 23:41:24 kapalua sshd\[31863\]: Invalid user systempilot from 198.50.197.216 Nov 26 23:41:24 kapalua sshd\[31863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip216.ip-198-50-197.net |
2019-11-27 17:56:04 |
| 170.83.115.4 | attack | postfix |
2019-11-27 18:11:06 |
| 110.42.4.3 | attackbotsspam | Nov 26 23:48:47 php1 sshd\[26360\]: Invalid user ftp from 110.42.4.3 Nov 26 23:48:47 php1 sshd\[26360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.42.4.3 Nov 26 23:48:49 php1 sshd\[26360\]: Failed password for invalid user ftp from 110.42.4.3 port 46572 ssh2 Nov 26 23:57:11 php1 sshd\[27300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.42.4.3 user=root Nov 26 23:57:13 php1 sshd\[27300\]: Failed password for root from 110.42.4.3 port 53344 ssh2 |
2019-11-27 17:57:42 |