城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.148.13.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53732
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;18.148.13.16. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022001 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 21 05:21:50 CST 2025
;; MSG SIZE rcvd: 105Host 16.13.148.18.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 16.13.148.18.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 123.206.226.149 | attackbotsspam | Aug 6 10:39:31 aragorn sshd[25099]: Invalid user es2 from 123.206.226.149 Aug 6 10:39:32 aragorn sshd[25104]: Invalid user es2 from 123.206.226.149 Aug 6 10:39:33 aragorn sshd[25100]: Invalid user es2 from 123.206.226.149 ... |
2020-08-07 00:02:47 |
| 183.109.124.137 | attack | ... |
2020-08-06 23:36:03 |
| 167.114.23.125 | attack | Lines containing failures of 167.114.23.125 Aug 4 04:29:00 neweola postfix/smtpd[24429]: connect from ip125.ip-167-114-23.net[167.114.23.125] Aug 4 04:29:00 neweola postfix/smtpd[24429]: lost connection after AUTH from ip125.ip-167-114-23.net[167.114.23.125] Aug 4 04:29:00 neweola postfix/smtpd[24429]: disconnect from ip125.ip-167-114-23.net[167.114.23.125] ehlo=1 auth=0/1 commands=1/2 Aug 4 04:29:01 neweola postfix/smtpd[24429]: connect from ip125.ip-167-114-23.net[167.114.23.125] Aug 4 04:29:01 neweola postfix/smtpd[24429]: lost connection after AUTH from ip125.ip-167-114-23.net[167.114.23.125] Aug 4 04:29:01 neweola postfix/smtpd[24429]: disconnect from ip125.ip-167-114-23.net[167.114.23.125] ehlo=1 auth=0/1 commands=1/2 Aug 4 04:29:01 neweola postfix/smtpd[24429]: connect from ip125.ip-167-114-23.net[167.114.23.125] Aug 4 04:29:01 neweola postfix/smtpd[24429]: lost connection after AUTH from ip125.ip-167-114-23.net[167.114.23.125] Aug 4 04:29:01 neweola post........ ------------------------------ |
2020-08-06 23:56:44 |
| 206.189.123.250 | attack | Aug 6 14:00:11 localhost sshd[113408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.123.250 user=root Aug 6 14:00:13 localhost sshd[113408]: Failed password for root from 206.189.123.250 port 49660 ssh2 Aug 6 14:04:20 localhost sshd[113945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.123.250 user=root Aug 6 14:04:22 localhost sshd[113945]: Failed password for root from 206.189.123.250 port 47690 ssh2 Aug 6 14:08:26 localhost sshd[114389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.123.250 user=root Aug 6 14:08:28 localhost sshd[114389]: Failed password for root from 206.189.123.250 port 58324 ssh2 ... |
2020-08-06 23:59:10 |
| 49.235.64.227 | attackbotsspam | Aug 4 14:41:58 pl3server sshd[29923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.64.227 user=r.r Aug 4 14:42:00 pl3server sshd[29923]: Failed password for r.r from 49.235.64.227 port 60526 ssh2 Aug 4 14:42:00 pl3server sshd[29923]: Received disconnect from 49.235.64.227 port 60526:11: Bye Bye [preauth] Aug 4 14:42:00 pl3server sshd[29923]: Disconnected from 49.235.64.227 port 60526 [preauth] Aug 4 15:00:28 pl3server sshd[10059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.64.227 user=r.r Aug 4 15:00:30 pl3server sshd[10059]: Failed password for r.r from 49.235.64.227 port 42108 ssh2 Aug 4 15:00:30 pl3server sshd[10059]: Received disconnect from 49.235.64.227 port 42108:11: Bye Bye [preauth] Aug 4 15:00:30 pl3server sshd[10059]: Disconnected from 49.235.64.227 port 42108 [preauth] Aug 4 15:05:37 pl3server sshd[15231]: pam_unix(sshd:auth): authentication failu........ ------------------------------- |
2020-08-07 00:01:46 |
| 112.85.42.195 | attackbots | Aug 6 15:50:01 game-panel sshd[13069]: Failed password for root from 112.85.42.195 port 47362 ssh2 Aug 6 15:50:03 game-panel sshd[13069]: Failed password for root from 112.85.42.195 port 47362 ssh2 Aug 6 15:50:06 game-panel sshd[13069]: Failed password for root from 112.85.42.195 port 47362 ssh2 |
2020-08-07 00:07:42 |
| 183.61.109.23 | attackspam | Aug 6 15:18:53 [host] sshd[26045]: pam_unix(sshd: Aug 6 15:18:54 [host] sshd[26045]: Failed passwor Aug 6 15:24:20 [host] sshd[26250]: pam_unix(sshd: |
2020-08-06 23:56:12 |
| 119.45.5.237 | attackbots | Banned for a week because repeated abuses, for example SSH, but not only |
2020-08-06 23:30:04 |
| 124.160.96.249 | attackbots | Aug 6 15:08:24 *** sshd[12454]: User root from 124.160.96.249 not allowed because not listed in AllowUsers |
2020-08-06 23:43:01 |
| 128.199.143.19 | attackbotsspam | prod11 ... |
2020-08-06 23:59:42 |
| 168.128.70.151 | attackbots | Aug 6 15:55:50 marvibiene sshd[11797]: Failed password for root from 168.128.70.151 port 52570 ssh2 Aug 6 16:05:05 marvibiene sshd[12252]: Failed password for root from 168.128.70.151 port 37938 ssh2 |
2020-08-06 23:28:25 |
| 90.176.150.123 | attack | Aug 6 15:55:31 nextcloud sshd\[17662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.176.150.123 user=root Aug 6 15:55:33 nextcloud sshd\[17662\]: Failed password for root from 90.176.150.123 port 57229 ssh2 Aug 6 15:59:39 nextcloud sshd\[22571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.176.150.123 user=root |
2020-08-07 00:10:25 |
| 212.70.149.19 | attackspam | (smtpauth) Failed SMTP AUTH login from 212.70.149.19 (BG/Bulgaria/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-06 20:38:39 login authenticator failed for (User) [212.70.149.19]: 535 Incorrect authentication data (set_id=entropy@farasunict.com) |
2020-08-07 00:11:22 |
| 185.86.164.104 | attack | CMS (WordPress or Joomla) login attempt. |
2020-08-06 23:46:42 |
| 183.109.79.253 | attack | Aug 6 22:18:36 itv-usvr-02 sshd[8010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.109.79.253 user=root Aug 6 22:18:39 itv-usvr-02 sshd[8010]: Failed password for root from 183.109.79.253 port 63615 ssh2 Aug 6 22:25:26 itv-usvr-02 sshd[8557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.109.79.253 user=root Aug 6 22:25:28 itv-usvr-02 sshd[8557]: Failed password for root from 183.109.79.253 port 62864 ssh2 Aug 6 22:28:37 itv-usvr-02 sshd[8862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.109.79.253 user=root Aug 6 22:28:39 itv-usvr-02 sshd[8862]: Failed password for root from 183.109.79.253 port 63390 ssh2 |
2020-08-07 00:10:42 |