城市(city): unknown
省份(region): unknown
国家(country): Ghana
运营商(isp): Teledata Network for Internet Use in Tamale
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Fixed Line ISP
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackbotsspam | Sep 15 00:14:14 mail.srvfarm.net postfix/smtps/smtpd[2201905]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: Sep 15 00:14:14 mail.srvfarm.net postfix/smtps/smtpd[2201905]: lost connection after AUTH from unknown[41.139.0.34] Sep 15 00:14:57 mail.srvfarm.net postfix/smtps/smtpd[2203408]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: Sep 15 00:14:57 mail.srvfarm.net postfix/smtps/smtpd[2203408]: lost connection after AUTH from unknown[41.139.0.34] Sep 15 00:21:37 mail.srvfarm.net postfix/smtpd[2240874]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: |
2020-09-15 23:26:58 |
| attackspam | Sep 15 00:14:14 mail.srvfarm.net postfix/smtps/smtpd[2201905]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: Sep 15 00:14:14 mail.srvfarm.net postfix/smtps/smtpd[2201905]: lost connection after AUTH from unknown[41.139.0.34] Sep 15 00:14:57 mail.srvfarm.net postfix/smtps/smtpd[2203408]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: Sep 15 00:14:57 mail.srvfarm.net postfix/smtps/smtpd[2203408]: lost connection after AUTH from unknown[41.139.0.34] Sep 15 00:21:37 mail.srvfarm.net postfix/smtpd[2240874]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: |
2020-09-15 15:20:07 |
| attackspam | Sep 15 00:14:14 mail.srvfarm.net postfix/smtps/smtpd[2201905]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: Sep 15 00:14:14 mail.srvfarm.net postfix/smtps/smtpd[2201905]: lost connection after AUTH from unknown[41.139.0.34] Sep 15 00:14:57 mail.srvfarm.net postfix/smtps/smtpd[2203408]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: Sep 15 00:14:57 mail.srvfarm.net postfix/smtps/smtpd[2203408]: lost connection after AUTH from unknown[41.139.0.34] Sep 15 00:21:37 mail.srvfarm.net postfix/smtpd[2240874]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: |
2020-09-15 07:26:34 |
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 41.139.0.64 | attack | Sep 17 18:06:09 mail.srvfarm.net postfix/smtps/smtpd[137568]: warning: unknown[41.139.0.64]: SASL PLAIN authentication failed: Sep 17 18:06:09 mail.srvfarm.net postfix/smtps/smtpd[137568]: lost connection after AUTH from unknown[41.139.0.64] Sep 17 18:10:27 mail.srvfarm.net postfix/smtps/smtpd[155678]: warning: unknown[41.139.0.64]: SASL PLAIN authentication failed: Sep 17 18:10:27 mail.srvfarm.net postfix/smtps/smtpd[155678]: lost connection after AUTH from unknown[41.139.0.64] Sep 17 18:14:06 mail.srvfarm.net postfix/smtpd[143203]: warning: unknown[41.139.0.64]: SASL PLAIN authentication failed: |
2020-09-19 02:18:37 |
| 41.139.0.64 | attack | Sep 17 18:06:09 mail.srvfarm.net postfix/smtps/smtpd[137568]: warning: unknown[41.139.0.64]: SASL PLAIN authentication failed: Sep 17 18:06:09 mail.srvfarm.net postfix/smtps/smtpd[137568]: lost connection after AUTH from unknown[41.139.0.64] Sep 17 18:10:27 mail.srvfarm.net postfix/smtps/smtpd[155678]: warning: unknown[41.139.0.64]: SASL PLAIN authentication failed: Sep 17 18:10:27 mail.srvfarm.net postfix/smtps/smtpd[155678]: lost connection after AUTH from unknown[41.139.0.64] Sep 17 18:14:06 mail.srvfarm.net postfix/smtpd[143203]: warning: unknown[41.139.0.64]: SASL PLAIN authentication failed: |
2020-09-18 18:16:39 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.139.0.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8604
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.139.0.34. IN A
;; AUTHORITY SECTION:
. 411 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020091402 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 15 07:26:29 CST 2020
;; MSG SIZE rcvd: 115Host 34.0.139.41.in-addr.arpa not found: 2(SERVFAIL)
;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.136, trying next server
Server: 100.100.2.138
Address: 100.100.2.138#53
** server can't find 34.0.139.41.in-addr.arpa: SERVFAIL
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 94.76.97.127 | attackspam | May 9 16:53:28 lamijardin sshd[6181]: Invalid user shashank from 94.76.97.127 May 9 16:53:28 lamijardin sshd[6181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.76.97.127 May 9 16:53:30 lamijardin sshd[6181]: Failed password for invalid user shashank from 94.76.97.127 port 57071 ssh2 May 9 16:53:30 lamijardin sshd[6181]: Received disconnect from 94.76.97.127 port 57071:11: Bye Bye [preauth] May 9 16:53:30 lamijardin sshd[6181]: Disconnected from 94.76.97.127 port 57071 [preauth] May 9 17:04:18 lamijardin sshd[6270]: Invalid user jcq from 94.76.97.127 May 9 17:04:19 lamijardin sshd[6270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.76.97.127 May 9 17:04:20 lamijardin sshd[6270]: Failed password for invalid user jcq from 94.76.97.127 port 44291 ssh2 May 9 17:04:21 lamijardin sshd[6270]: Received disconnect from 94.76.97.127 port 44291:11: Bye Bye [preauth] May 9 17:04:21........ ------------------------------- |
2020-05-10 20:06:36 |
| 220.135.42.216 | attack | Attempted connection to port 80. |
2020-05-10 20:17:08 |
| 162.243.139.59 | attackbots | firewall-block, port(s): 161/udp |
2020-05-10 20:38:19 |
| 113.96.134.183 | attackspambots | 445/tcp [2020-05-10]1pkt |
2020-05-10 20:06:20 |
| 1.192.94.61 | attack | (sshd) Failed SSH login from 1.192.94.61 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 10 13:21:38 amsweb01 sshd[30000]: Invalid user fauro from 1.192.94.61 port 44818 May 10 13:21:40 amsweb01 sshd[30000]: Failed password for invalid user fauro from 1.192.94.61 port 44818 ssh2 May 10 13:29:27 amsweb01 sshd[31099]: Invalid user vnc from 1.192.94.61 port 50476 May 10 13:29:28 amsweb01 sshd[31099]: Failed password for invalid user vnc from 1.192.94.61 port 50476 ssh2 May 10 13:32:51 amsweb01 sshd[31673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.192.94.61 user=root |
2020-05-10 20:05:37 |
| 13.71.21.167 | attackspambots | May 10 13:09:44 mail sshd[12356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.71.21.167 May 10 13:09:46 mail sshd[12356]: Failed password for invalid user cqschemauser from 13.71.21.167 port 51674 ssh2 ... |
2020-05-10 20:03:44 |
| 188.209.21.198 | attackspambots | Cluster member 67.227.229.95 (US/United States/saathoff.geek) said, DENY 188.209.21.198, Reason:[(sshd) Failed SSH login from 188.209.21.198 (IR/Iran/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs: |
2020-05-10 20:19:35 |
| 51.15.226.137 | attackspam | May 10 09:15:39 vps46666688 sshd[11168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.226.137 May 10 09:15:41 vps46666688 sshd[11168]: Failed password for invalid user sysop from 51.15.226.137 port 45616 ssh2 ... |
2020-05-10 20:35:56 |
| 95.110.235.145 | attackbots | Port probing on unauthorized port 10000 |
2020-05-10 20:01:05 |
| 119.254.7.114 | attackbotsspam | May 10 08:49:51 plex sshd[3927]: Invalid user cynthia from 119.254.7.114 port 43612 |
2020-05-10 19:58:35 |
| 46.98.123.50 | attack | 2020-05-09T20:45:53.644379-07:00 suse-nuc sshd[22231]: Invalid user admin1 from 46.98.123.50 port 6928 ... |
2020-05-10 20:13:25 |
| 162.243.253.67 | attackspambots | May 10 14:15:47 ns381471 sshd[23927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.253.67 May 10 14:15:48 ns381471 sshd[23927]: Failed password for invalid user bt from 162.243.253.67 port 48401 ssh2 |
2020-05-10 20:28:52 |
| 140.206.148.78 | attackspambots | Sun May 10 14:15:27 2020 [pid 28939] [www] FAIL LOGIN: Client "140.206.148.78" Sun May 10 14:15:31 2020 [pid 28941] [www] FAIL LOGIN: Client "140.206.148.78" Sun May 10 14:15:35 2020 [pid 28943] [www] FAIL LOGIN: Client "140.206.148.78" Sun May 10 14:15:39 2020 [pid 28945] [www] FAIL LOGIN: Client "140.206.148.78" Sun May 10 14:15:44 2020 [pid 28947] [www] FAIL LOGIN: Client "140.206.148.78" |
2020-05-10 20:33:12 |
| 51.68.94.177 | attackbots | May 10 08:01:39 Invalid user pp from 51.68.94.177 port 49792 |
2020-05-10 19:56:05 |
| 94.230.121.148 | attack | Attempted connection to port 445. |
2020-05-10 20:12:59 |