城市(city): unknown
省份(region): unknown
国家(country): Indonesia
运营商(isp): Satnetcom Balikpapan
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Fixed Line ISP
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackspam | ID_MNT-APJII-ID_<177>1579120315 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 203.80.13.214:52984 |
2020-01-16 05:19:43 |
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 203.80.13.234 | attackspambots | RDP Brute-Force (Grieskirchen RZ1) |
2020-02-22 23:25:54 |
| 203.80.136.133 | attack | ICMP MH Probe, Scan /Distributed - |
2019-11-16 04:33:03 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.80.13.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64350
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.80.13.214. IN A
;; AUTHORITY SECTION:
. 233 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020011501 1800 900 604800 86400
;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 16 05:19:41 CST 2020
;; MSG SIZE rcvd: 117214.13.80.203.in-addr.arpa domain name pointer snc-office.satnetcom.net.id.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
214.13.80.203.in-addr.arpa name = snc-office.satnetcom.net.id.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 83.246.93.211 | attackspam | Sep 9 15:55:31 hb sshd\[16392\]: Invalid user user1 from 83.246.93.211 Sep 9 15:55:31 hb sshd\[16392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=db1.fos2.thuecom-medien.de Sep 9 15:55:33 hb sshd\[16392\]: Failed password for invalid user user1 from 83.246.93.211 port 48073 ssh2 Sep 9 16:01:56 hb sshd\[16991\]: Invalid user user from 83.246.93.211 Sep 9 16:01:56 hb sshd\[16991\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=db1.fos2.thuecom-medien.de |
2019-09-10 00:04:24 |
| 192.227.252.11 | attack | Sep 9 06:57:02 php1 sshd\[15513\]: Invalid user admin from 192.227.252.11 Sep 9 06:57:02 php1 sshd\[15513\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.227.252.11 Sep 9 06:57:04 php1 sshd\[15513\]: Failed password for invalid user admin from 192.227.252.11 port 56034 ssh2 Sep 9 07:05:17 php1 sshd\[16523\]: Invalid user temp from 192.227.252.11 Sep 9 07:05:17 php1 sshd\[16523\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.227.252.11 |
2019-09-10 01:27:29 |
| 189.6.45.130 | attack | Sep 9 18:08:45 SilenceServices sshd[15583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.6.45.130 Sep 9 18:08:47 SilenceServices sshd[15583]: Failed password for invalid user admin from 189.6.45.130 port 57813 ssh2 Sep 9 18:16:36 SilenceServices sshd[18587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.6.45.130 |
2019-09-10 00:24:53 |
| 106.75.216.98 | attackspam | Sep 9 19:08:29 localhost sshd\[3096\]: Invalid user changeme from 106.75.216.98 port 39636 Sep 9 19:08:29 localhost sshd\[3096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.216.98 Sep 9 19:08:30 localhost sshd\[3096\]: Failed password for invalid user changeme from 106.75.216.98 port 39636 ssh2 |
2019-09-10 01:30:13 |
| 201.52.45.218 | attack | Sep 9 06:09:20 hiderm sshd\[24018\]: Invalid user testuser1 from 201.52.45.218 Sep 9 06:09:20 hiderm sshd\[24018\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.52.45.218 Sep 9 06:09:21 hiderm sshd\[24018\]: Failed password for invalid user testuser1 from 201.52.45.218 port 42612 ssh2 Sep 9 06:17:18 hiderm sshd\[24684\]: Invalid user postgres from 201.52.45.218 Sep 9 06:17:18 hiderm sshd\[24684\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.52.45.218 |
2019-09-10 00:39:32 |
| 218.98.26.168 | attackbotsspam | Sep 9 04:57:57 debian sshd[26313]: Unable to negotiate with 218.98.26.168 port 34937: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] Sep 9 11:41:03 debian sshd[12753]: Unable to negotiate with 218.98.26.168 port 44238: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] ... |
2019-09-10 00:25:58 |
| 128.199.230.56 | attackspambots | 2019-09-09T16:49:14.825277abusebot.cloudsearch.cf sshd\[6358\]: Invalid user www-upload from 128.199.230.56 port 60052 |
2019-09-10 01:08:04 |
| 80.211.137.127 | attack | Sep 9 07:26:08 web1 sshd\[23851\]: Invalid user ftpadmin from 80.211.137.127 Sep 9 07:26:08 web1 sshd\[23851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.137.127 Sep 9 07:26:10 web1 sshd\[23851\]: Failed password for invalid user ftpadmin from 80.211.137.127 port 47092 ssh2 Sep 9 07:32:53 web1 sshd\[24955\]: Invalid user oracle from 80.211.137.127 Sep 9 07:32:53 web1 sshd\[24955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.137.127 |
2019-09-10 01:34:43 |
| 43.241.146.71 | attack | Sep 9 13:04:59 plusreed sshd[17604]: Invalid user ts from 43.241.146.71 ... |
2019-09-10 01:11:47 |
| 191.13.241.167 | attack | Unauthorized connection attempt from IP address 191.13.241.167 on Port 445(SMB) |
2019-09-10 01:06:22 |
| 14.227.40.96 | attack | Unauthorized connection attempt from IP address 14.227.40.96 on Port 445(SMB) |
2019-09-10 01:28:07 |
| 217.182.165.158 | attackbotsspam | Sep 9 19:20:30 SilenceServices sshd[10748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.165.158 Sep 9 19:20:31 SilenceServices sshd[10748]: Failed password for invalid user admin from 217.182.165.158 port 46046 ssh2 Sep 9 19:26:05 SilenceServices sshd[13761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.165.158 |
2019-09-10 01:28:57 |
| 141.98.9.205 | attackbotsspam | Sep 9 18:05:38 mail postfix/smtpd\[24555\]: warning: unknown\[141.98.9.205\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 9 18:06:24 mail postfix/smtpd\[24803\]: warning: unknown\[141.98.9.205\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 9 18:07:16 mail postfix/smtpd\[24803\]: warning: unknown\[141.98.9.205\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 9 18:37:30 mail postfix/smtpd\[26711\]: warning: unknown\[141.98.9.205\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ |
2019-09-10 00:42:12 |
| 159.89.93.96 | attack | Wordpress Admin Login attack |
2019-09-10 01:00:03 |
| 222.210.0.82 | attackbots | Unauthorized connection attempt from IP address 222.210.0.82 on Port 445(SMB) |
2019-09-10 00:17:50 |