城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 214.124.41.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59975
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;214.124.41.158. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022000 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 18:49:59 CST 2025
;; MSG SIZE rcvd: 107Host 158.41.124.214.in-addr.arpa. not found: 3(NXDOMAIN)
server can't find 214.124.41.158.in-addr.arpa: SERVFAIL| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 128.201.232.100 | attackspam | Sep 1 13:20:12 mail1 sshd\[26612\]: Invalid user tomcat from 128.201.232.100 port 57512 Sep 1 13:20:12 mail1 sshd\[26612\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.201.232.100 Sep 1 13:20:13 mail1 sshd\[26612\]: Failed password for invalid user tomcat from 128.201.232.100 port 57512 ssh2 Sep 1 13:30:00 mail1 sshd\[31083\]: Invalid user alix from 128.201.232.100 port 48210 Sep 1 13:30:00 mail1 sshd\[31083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.201.232.100 ... |
2019-09-01 20:21:35 |
| 37.59.38.137 | attack | Sep 1 13:19:02 nextcloud sshd\[8534\]: Invalid user lire from 37.59.38.137 Sep 1 13:19:02 nextcloud sshd\[8534\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.38.137 Sep 1 13:19:04 nextcloud sshd\[8534\]: Failed password for invalid user lire from 37.59.38.137 port 36747 ssh2 ... |
2019-09-01 20:15:05 |
| 185.85.36.34 | attackspam | [Aegis] @ 2019-09-01 08:08:48 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack |
2019-09-01 20:49:56 |
| 122.70.153.228 | attackbots | Automatic report - Banned IP Access |
2019-09-01 20:31:22 |
| 153.36.242.143 | attackbots | Sep 1 15:40:24 server2 sshd\[16805\]: User root from 153.36.242.143 not allowed because not listed in AllowUsers Sep 1 15:40:24 server2 sshd\[16809\]: User root from 153.36.242.143 not allowed because not listed in AllowUsers Sep 1 15:40:24 server2 sshd\[16812\]: User root from 153.36.242.143 not allowed because not listed in AllowUsers Sep 1 15:40:24 server2 sshd\[16808\]: User root from 153.36.242.143 not allowed because not listed in AllowUsers Sep 1 15:40:24 server2 sshd\[16804\]: User root from 153.36.242.143 not allowed because not listed in AllowUsers Sep 1 15:44:13 server2 sshd\[16936\]: User root from 153.36.242.143 not allowed because not listed in AllowUsers |
2019-09-01 20:44:30 |
| 124.124.57.130 | attackbotsspam | DATE:2019-09-01 10:33:08,IP:124.124.57.130,MATCHES:10,PORT:ssh |
2019-09-01 20:47:50 |
| 47.254.131.234 | attackbotsspam | Aug 31 22:24:40 hcbb sshd\[28392\]: Invalid user hill from 47.254.131.234 Aug 31 22:24:40 hcbb sshd\[28392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.254.131.234 Aug 31 22:24:42 hcbb sshd\[28392\]: Failed password for invalid user hill from 47.254.131.234 port 48994 ssh2 Aug 31 22:28:45 hcbb sshd\[28719\]: Invalid user test from 47.254.131.234 Aug 31 22:28:45 hcbb sshd\[28719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.254.131.234 |
2019-09-01 20:55:09 |
| 79.172.3.78 | attackspam | [portscan] Port scan |
2019-09-01 20:50:22 |
| 175.197.77.3 | attack | Sep 1 14:47:48 yabzik sshd[18110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.197.77.3 Sep 1 14:47:49 yabzik sshd[18110]: Failed password for invalid user prova from 175.197.77.3 port 33362 ssh2 Sep 1 14:54:49 yabzik sshd[21538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.197.77.3 |
2019-09-01 20:17:12 |
| 186.42.103.181 | attack | DATE:2019-09-01 12:21:22,IP:186.42.103.181,MATCHES:10,PORT:ssh |
2019-09-01 21:05:06 |
| 196.45.48.59 | attackspambots | Aug 31 21:42:36 web9 sshd\[6738\]: Invalid user malcom from 196.45.48.59 Aug 31 21:42:36 web9 sshd\[6738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.45.48.59 Aug 31 21:42:38 web9 sshd\[6738\]: Failed password for invalid user malcom from 196.45.48.59 port 37732 ssh2 Aug 31 21:47:24 web9 sshd\[7724\]: Invalid user class2004 from 196.45.48.59 Aug 31 21:47:24 web9 sshd\[7724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.45.48.59 |
2019-09-01 20:34:21 |
| 103.232.123.93 | attackbotsspam | [SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(09011312) |
2019-09-01 20:29:56 |
| 27.71.225.122 | attackspambots | 3389BruteforceIDS |
2019-09-01 20:40:19 |
| 129.211.10.228 | attack | Unauthorized SSH login attempts |
2019-09-01 20:17:38 |
| 142.11.205.214 | attackspambots | DATE:2019-09-01 10:02:13, IP:142.11.205.214, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2019-09-01 21:02:12 |