城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 19.197.159.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9804
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;19.197.159.212. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2024121202 1800 900 604800 86400
;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 13 10:14:24 CST 2024
;; MSG SIZE rcvd: 107
Host 212.159.197.19.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 212.159.197.19.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 58.233.240.94 | attack | 58.233.240.94 (KR/South Korea/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 21 01:11:37 jbs1 sshd[1136]: Failed password for root from 107.170.104.125 port 48998 ssh2 Sep 21 01:12:06 jbs1 sshd[1531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.233.240.94 user=root Sep 21 01:12:02 jbs1 sshd[1484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.111.192.13 user=root Sep 21 01:12:03 jbs1 sshd[1501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.167.85 user=root Sep 21 01:12:05 jbs1 sshd[1501]: Failed password for root from 187.12.167.85 port 43954 ssh2 Sep 21 01:12:05 jbs1 sshd[1484]: Failed password for root from 187.111.192.13 port 43662 ssh2 IP Addresses Blocked: 107.170.104.125 (US/United States/-) |
2020-09-21 13:24:45 |
| 79.124.62.74 | attack | Port scan on 32 port(s): 50 228 415 701 1593 2988 3326 3360 4485 7003 7010 7017 7099 7117 7655 7791 7987 8800 9700 9981 10051 12530 15333 20025 20111 21888 30000 33880 33922 37777 39011 60000 |
2020-09-21 13:09:14 |
| 212.64.66.135 | attackbotsspam | 2020-09-20T22:46:32.475013snf-827550 sshd[26300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.66.135 2020-09-20T22:46:32.460808snf-827550 sshd[26300]: Invalid user prueba1 from 212.64.66.135 port 37392 2020-09-20T22:46:34.470531snf-827550 sshd[26300]: Failed password for invalid user prueba1 from 212.64.66.135 port 37392 ssh2 ... |
2020-09-21 13:14:29 |
| 78.139.195.45 | attack | Port probing on unauthorized port 445 |
2020-09-21 13:37:57 |
| 167.114.185.237 | attackbotsspam | Sep 21 02:37:42 scw-6657dc sshd[22970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.185.237 user=root Sep 21 02:37:42 scw-6657dc sshd[22970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.185.237 user=root Sep 21 02:37:44 scw-6657dc sshd[22970]: Failed password for root from 167.114.185.237 port 44582 ssh2 ... |
2020-09-21 13:37:29 |
| 182.114.202.46 | attackspambots | Tried our host z. |
2020-09-21 13:45:00 |
| 139.198.120.226 | attack | Sep 21 02:28:58 www sshd[11471]: Invalid user cloud from 139.198.120.226 Sep 21 02:28:58 www sshd[11471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.120.226 Sep 21 02:29:00 www sshd[11471]: Failed password for invalid user cloud from 139.198.120.226 port 36580 ssh2 Sep 21 02:29:01 www sshd[11471]: Received disconnect from 139.198.120.226: 11: Bye Bye [preauth] Sep 21 02:33:40 www sshd[11539]: Invalid user user from 139.198.120.226 Sep 21 02:33:40 www sshd[11539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.120.226 Sep 21 02:33:43 www sshd[11539]: Failed password for invalid user user from 139.198.120.226 port 59698 ssh2 Sep 21 02:33:44 www sshd[11539]: Received disconnect from 139.198.120.226: 11: Bye Bye [preauth] Sep 21 02:36:38 www sshd[11557]: Invalid user ftpuser from 139.198.120.226 Sep 21 02:36:38 www sshd[11557]: pam_unix(sshd:auth): authentication failure;........ ------------------------------- |
2020-09-21 13:42:36 |
| 106.124.130.114 | attack | SSH brute-force attempt |
2020-09-21 13:16:29 |
| 104.225.153.191 | attackbots | Lines containing failures of 104.225.153.191 Sep 21 02:29:36 nemesis sshd[25028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.225.153.191 user=r.r Sep 21 02:29:38 nemesis sshd[25028]: Failed password for r.r from 104.225.153.191 port 48164 ssh2 Sep 21 02:29:39 nemesis sshd[25028]: Received disconnect from 104.225.153.191 port 48164:11: Bye Bye [preauth] Sep 21 02:29:39 nemesis sshd[25028]: Disconnected from authenticating user r.r 104.225.153.191 port 48164 [preauth] Sep 21 02:58:13 nemesis sshd[2303]: Invalid user oracle from 104.225.153.191 port 41824 Sep 21 02:58:13 nemesis sshd[2303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.225.153.191 Sep 21 02:58:15 nemesis sshd[2303]: Failed password for invalid user oracle from 104.225.153.191 port 41824 ssh2 Sep 21 02:58:15 nemesis sshd[2303]: Received disconnect from 104.225.153.191 port 41824:11: Bye Bye [preauth] Sep 21 02:58........ ------------------------------ |
2020-09-21 13:34:54 |
| 68.111.252.150 | attackspambots | (sshd) Failed SSH login from 68.111.252.150 (US/United States/California/San Diego/ip68-111-252-150.sd.sd.cox.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 13:02:20 atlas sshd[16837]: Invalid user admin from 68.111.252.150 port 41475 Sep 20 13:02:21 atlas sshd[16837]: Failed password for invalid user admin from 68.111.252.150 port 41475 ssh2 Sep 20 13:02:22 atlas sshd[16842]: Invalid user admin from 68.111.252.150 port 41543 Sep 20 13:02:23 atlas sshd[16842]: Failed password for invalid user admin from 68.111.252.150 port 41543 ssh2 Sep 20 13:02:24 atlas sshd[16854]: Invalid user admin from 68.111.252.150 port 41585 |
2020-09-21 13:35:55 |
| 65.33.162.9 | attackbots | SSH/22 MH Probe, BF, Hack - |
2020-09-21 13:29:17 |
| 95.105.225.76 | attackspam | [Sun Sep 20 22:47:55 2020 GMT] Bill & Melinda Gates Foundation |
2020-09-21 13:10:00 |
| 123.206.174.21 | attackbots | SSH Login Bruteforce |
2020-09-21 13:18:34 |
| 222.186.173.226 | attack | Sep 21 07:20:42 sd-69548 sshd[2480595]: Unable to negotiate with 222.186.173.226 port 23930: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Sep 21 07:24:12 sd-69548 sshd[2480860]: Unable to negotiate with 222.186.173.226 port 41852: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ... |
2020-09-21 13:27:24 |
| 179.125.216.137 | attackbotsspam | Sep 20 20:02:38 root sshd[6910]: Invalid user user from 179.125.216.137 ... |
2020-09-21 13:19:19 |