城市(city): unknown
省份(region): unknown
国家(country): Brazil
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.104.14.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36411
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;189.104.14.113. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025013100 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 31 22:12:33 CST 2025
;; MSG SIZE rcvd: 107
113.14.104.189.in-addr.arpa domain name pointer 189-104-14-113.user3g.veloxzone.com.br.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
113.14.104.189.in-addr.arpa name = 189-104-14-113.user3g.veloxzone.com.br.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 40.76.61.96 | attack | [munged]::80 40.76.61.96 - - [22/Dec/2019:07:27:54 +0100] "POST /[munged]: HTTP/1.1" 200 5565 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" [munged]::80 40.76.61.96 - - [22/Dec/2019:07:27:54 +0100] "POST /[munged]: HTTP/1.1" 200 5564 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" [munged]::80 40.76.61.96 - - [22/Dec/2019:07:27:55 +0100] "POST /[munged]: HTTP/1.1" 200 5564 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" [munged]::80 40.76.61.96 - - [22/Dec/2019:07:27:55 +0100] "POST /[munged]: HTTP/1.1" 200 5564 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" [munged]::80 40.76.61.96 - - [22/Dec/2019:07:27:55 +0100] "P |
2019-12-22 17:24:00 |
| 104.248.181.156 | attackbotsspam | [ssh] SSH attack |
2019-12-22 17:37:59 |
| 51.161.12.231 | attackbotsspam | Dec 22 09:59:43 debian-2gb-nbg1-2 kernel: \[657935.180100\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=51.161.12.231 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=10978 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0 |
2019-12-22 17:36:31 |
| 190.8.170.15 | attackbotsspam | Unauthorized connection attempt detected from IP address 190.8.170.15 to port 445 |
2019-12-22 17:36:05 |
| 27.73.20.238 | attackbots | 1576996075 - 12/22/2019 07:27:55 Host: 27.73.20.238/27.73.20.238 Port: 445 TCP Blocked |
2019-12-22 17:26:03 |
| 122.180.48.29 | attackspambots | Dec 22 09:42:52 vps647732 sshd[1380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.180.48.29 Dec 22 09:42:53 vps647732 sshd[1380]: Failed password for invalid user xm from 122.180.48.29 port 57172 ssh2 ... |
2019-12-22 17:15:52 |
| 138.68.237.12 | attack | Dec 22 08:16:34 unicornsoft sshd\[12336\]: Invalid user lihui from 138.68.237.12 Dec 22 08:16:34 unicornsoft sshd\[12336\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.237.12 Dec 22 08:16:36 unicornsoft sshd\[12336\]: Failed password for invalid user lihui from 138.68.237.12 port 36710 ssh2 |
2019-12-22 17:31:38 |
| 104.236.142.89 | attack | k+ssh-bruteforce |
2019-12-22 17:32:27 |
| 162.243.61.72 | attack | Dec 22 08:11:44 unicornsoft sshd\[12165\]: Invalid user toyooka from 162.243.61.72 Dec 22 08:11:44 unicornsoft sshd\[12165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.61.72 Dec 22 08:11:46 unicornsoft sshd\[12165\]: Failed password for invalid user toyooka from 162.243.61.72 port 36646 ssh2 |
2019-12-22 17:13:54 |
| 222.186.180.8 | attack | pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.8 user=root Failed password for root from 222.186.180.8 port 8456 ssh2 Failed password for root from 222.186.180.8 port 8456 ssh2 Failed password for root from 222.186.180.8 port 8456 ssh2 Failed password for root from 222.186.180.8 port 8456 ssh2 |
2019-12-22 17:49:25 |
| 185.176.27.6 | attack | Dec 22 09:27:51 h2177944 kernel: \[202063.438727\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=9198 PROTO=TCP SPT=43570 DPT=23130 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 22 09:27:51 h2177944 kernel: \[202063.438741\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=9198 PROTO=TCP SPT=43570 DPT=23130 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 22 09:28:26 h2177944 kernel: \[202098.500319\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=53590 PROTO=TCP SPT=43570 DPT=21548 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 22 09:28:26 h2177944 kernel: \[202098.500333\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=53590 PROTO=TCP SPT=43570 DPT=21548 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 22 09:39:39 h2177944 kernel: \[202771.409483\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 |
2019-12-22 17:17:00 |
| 49.235.104.204 | attackbotsspam | Dec 22 10:27:17 localhost sshd\[16542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.104.204 user=root Dec 22 10:27:19 localhost sshd\[16542\]: Failed password for root from 49.235.104.204 port 50558 ssh2 Dec 22 10:34:19 localhost sshd\[17208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.104.204 user=root |
2019-12-22 17:41:17 |
| 27.14.37.214 | attackspam | Port Scan |
2019-12-22 17:12:22 |
| 112.215.172.154 | attackbots | Host Scan |
2019-12-22 17:42:44 |
| 50.239.143.100 | attackbots | Dec 22 10:12:54 ns381471 sshd[22829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.239.143.100 Dec 22 10:12:56 ns381471 sshd[22829]: Failed password for invalid user mylinnux from 50.239.143.100 port 53746 ssh2 |
2019-12-22 17:41:05 |