城市(city): unknown
省份(region): unknown
国家(country): South Africa
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 41.144.130.110 | attackspambots | Jul 6 08:26:08 vps647732 sshd[22012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.144.130.110 Jul 6 08:26:10 vps647732 sshd[22012]: Failed password for invalid user cs from 41.144.130.110 port 54330 ssh2 ... |
2020-07-06 15:24:58 |
| 41.144.130.110 | attack | Lines containing failures of 41.144.130.110 Jul 4 12:30:52 kmh-mb-001 sshd[12501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.144.130.110 user=r.r Jul 4 12:30:55 kmh-mb-001 sshd[12501]: Failed password for r.r from 41.144.130.110 port 54813 ssh2 Jul 4 12:30:57 kmh-mb-001 sshd[12501]: Received disconnect from 41.144.130.110 port 54813:11: Bye Bye [preauth] Jul 4 12:30:57 kmh-mb-001 sshd[12501]: Disconnected from authenticating user r.r 41.144.130.110 port 54813 [preauth] Jul 4 12:41:10 kmh-mb-001 sshd[12950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.144.130.110 user=r.r Jul 4 12:41:12 kmh-mb-001 sshd[12950]: Failed password for r.r from 41.144.130.110 port 47866 ssh2 Jul 4 12:41:12 kmh-mb-001 sshd[12950]: Received disconnect from 41.144.130.110 port 47866:11: Bye Bye [preauth] Jul 4 12:41:12 kmh-mb-001 sshd[12950]: Disconnected from authenticating user r.r 41.144.13........ ------------------------------ |
2020-07-05 04:58:27 |
| 41.144.137.69 | attack | DATE:2020-06-17 14:01:54, IP:41.144.137.69, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-06-18 00:17:15 |
| 41.144.138.164 | attackspam | [portscan] tcp/23 [TELNET] *(RWIN=14600)(04301449) |
2020-05-01 02:40:41 |
| 41.144.136.182 | attackspam | Mar 19 13:46:37 pl2server sshd[18488]: reveeclipse mapping checking getaddrinfo for dsl-144-136-182.telkomadsl.co.za [41.144.136.182] failed - POSSIBLE BREAK-IN ATTEMPT! Mar 19 13:46:37 pl2server sshd[18488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.144.136.182 user=r.r Mar 19 13:46:39 pl2server sshd[18488]: Failed password for r.r from 41.144.136.182 port 32735 ssh2 Mar 19 13:46:40 pl2server sshd[18488]: Connection closed by 41.144.136.182 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.144.136.182 |
2020-03-19 22:07:42 |
| 41.144.137.88 | attack | 2019-11-20 06:00:14 H=(dsl-144-137-88.telkomadsl.co.za) [41.144.137.88]:12672 I=[10.100.18.21]:25 F= |
2019-11-20 20:18:31 |
| 41.144.137.63 | attackspambots | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/41.144.137.63/ ZA - 1H : (14) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ZA NAME ASN : ASN5713 IP : 41.144.137.63 CIDR : 41.144.0.0/13 PREFIX COUNT : 117 UNIQUE IP COUNT : 1794304 WYKRYTE ATAKI Z ASN5713 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 2 INFO : SERVER - ABB - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery |
2019-09-22 02:05:37 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.144.13.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23050
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;41.144.13.145. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022600 1800 900 604800 86400
;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 26 18:28:01 CST 2025
;; MSG SIZE rcvd: 106145.13.144.41.in-addr.arpa domain name pointer dsl-144-13-145.telkomadsl.co.za.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
145.13.144.41.in-addr.arpa name = dsl-144-13-145.telkomadsl.co.za.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 147.139.132.146 | attack | Oct 12 16:47:00 venus sshd\[21309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 user=root Oct 12 16:47:02 venus sshd\[21309\]: Failed password for root from 147.139.132.146 port 45628 ssh2 Oct 12 16:57:00 venus sshd\[21430\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 user=root ... |
2019-10-13 03:22:19 |
| 197.44.174.49 | attackbots | Automatic report - Port Scan Attack |
2019-10-13 03:04:25 |
| 60.12.104.157 | attackbots | firewall-block, port(s): 1433/tcp |
2019-10-13 03:36:11 |
| 106.13.52.234 | attackbotsspam | Oct 12 17:59:36 legacy sshd[18005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Oct 12 17:59:39 legacy sshd[18005]: Failed password for invalid user T3st@1234 from 106.13.52.234 port 49630 ssh2 Oct 12 18:05:07 legacy sshd[18198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 ... |
2019-10-13 03:07:08 |
| 149.202.56.194 | attack | Oct 12 20:17:41 v22018076622670303 sshd\[26495\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.56.194 user=root Oct 12 20:17:43 v22018076622670303 sshd\[26495\]: Failed password for root from 149.202.56.194 port 47916 ssh2 Oct 12 20:21:33 v22018076622670303 sshd\[26549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.56.194 user=root ... |
2019-10-13 03:44:32 |
| 185.53.91.150 | attackspambots | " " |
2019-10-13 03:21:03 |
| 185.186.143.179 | attackspam | firewall-block, port(s): 3391/tcp |
2019-10-13 03:16:49 |
| 5.135.108.140 | attackspambots | Oct 12 21:03:12 SilenceServices sshd[26873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.108.140 Oct 12 21:03:14 SilenceServices sshd[26873]: Failed password for invalid user Hell2017 from 5.135.108.140 port 50863 ssh2 Oct 12 21:06:41 SilenceServices sshd[27815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.108.140 |
2019-10-13 03:26:13 |
| 209.177.94.56 | attackspam | 2019-10-10T14:34:11.576000shiva sshd[13954]: Unable to negotiate whostnameh 209.177.94.56 port 64540: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2019-10-10T14:34:14.876242shiva sshd[13956]: Unable to negotiate whostnameh 209.177.94.56 port 49932: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2019-10-10T14:34:18.284267shiva sshd[13958]: Unable to negotiate whostnameh 209.177.94.56 port 51617: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2019-10-10T14:34:21.598907shiva sshd[13974]: Unable to negotiate whostnameh 209.177.94.56 port 53264: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie........ ------------------------------ |
2019-10-13 03:13:36 |
| 216.218.206.83 | attack | firewall-block, port(s): 8443/tcp |
2019-10-13 03:07:58 |
| 182.23.45.132 | attackspam | Oct 12 21:10:35 localhost sshd\[25332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.45.132 user=root Oct 12 21:10:38 localhost sshd\[25332\]: Failed password for root from 182.23.45.132 port 38174 ssh2 Oct 12 21:14:44 localhost sshd\[25766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.45.132 user=root |
2019-10-13 03:24:29 |
| 218.150.220.234 | attackbots | Oct 12 20:25:10 XXX sshd[1221]: Invalid user ofsaa from 218.150.220.234 port 43672 |
2019-10-13 03:06:35 |
| 37.139.2.218 | attackbots | SSH Brute-Force reported by Fail2Ban |
2019-10-13 03:32:10 |
| 49.88.112.70 | attackspam | Oct 12 20:14:50 MK-Soft-VM7 sshd[14281]: Failed password for root from 49.88.112.70 port 58777 ssh2 Oct 12 20:14:53 MK-Soft-VM7 sshd[14281]: Failed password for root from 49.88.112.70 port 58777 ssh2 ... |
2019-10-13 03:03:34 |
| 67.222.7.109 | attackbotsspam | Unsolicited bulk porn & phishing - varying ISPs (primarily Chinanet); spam volume up to 15/day. Spam series change: shift from repetitive redirects from blacklisted IP 92.63.192.124 & .151 to malicious attachments. Unsolicited bulk spam - panotetsu.com, CHINANET hebei province network - 106.115.39.239 Permitted sender domain jmramosmejia.com.ar = 67.222.7.109 PrivateSystems Networks Repetitive reply to: Reply-To: nanikarige@yahoo.com = 72.30.35.9 Oath Holdings Inc. Repetitive Apple mail: - boundary=" Apple-Mail-B7687EC7-712A-D2F6-E174-B1707B9FFC68" - X-Mailer: iPad Mail (13E238) Spam series change: no phishing redirect spam link. Malicious attachment - Outlook blocked access to unsafe attachment: 22.jpg |
2019-10-13 03:25:54 |