城市(city): unknown
省份(region): unknown
国家(country): Korea (the Republic of)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.46.81.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60778
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;42.46.81.75. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020601 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 04:38:41 CST 2025
;; MSG SIZE rcvd: 104Host 75.81.46.42.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 75.81.46.42.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 37.59.224.39 | attack | Jun 7 19:18:32 jane sshd[14156]: Failed password for root from 37.59.224.39 port 44233 ssh2 ... |
2020-06-08 01:42:00 |
| 140.246.156.179 | attack | Jun 7 17:03:00 vpn01 sshd[18963]: Failed password for root from 140.246.156.179 port 39220 ssh2 ... |
2020-06-08 02:04:51 |
| 222.124.17.227 | attackbotsspam | (sshd) Failed SSH login from 222.124.17.227 (227.subnet222-124-17.astinet.telkom.net.id): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 7 19:46:18 ubnt-55d23 sshd[6003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.124.17.227 user=root Jun 7 19:46:20 ubnt-55d23 sshd[6003]: Failed password for root from 222.124.17.227 port 50188 ssh2 |
2020-06-08 01:48:06 |
| 178.33.12.237 | attackbots | Jun 7 19:12:34 pve1 sshd[8270]: Failed password for root from 178.33.12.237 port 46812 ssh2 ... |
2020-06-08 01:50:10 |
| 42.123.77.214 | attackspambots | Jun 7 15:24:30 home sshd[32144]: Failed password for root from 42.123.77.214 port 40367 ssh2 Jun 7 15:29:18 home sshd[32609]: Failed password for root from 42.123.77.214 port 36332 ssh2 ... |
2020-06-08 01:44:14 |
| 149.202.68.111 | attack | #27350 - [149.202.68.111] Error: 550 5.7.1 Forged HELO hostname detected #27350 - [149.202.68.111] Error: 550 5.7.1 Forged HELO hostname detected #27350 - [149.202.68.111] Error: 550 5.7.1 Forged HELO hostname detected #27350 - [149.202.68.111] Error: 550 5.7.1 Forged HELO hostname detected ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=149.202.68.111 |
2020-06-08 01:37:32 |
| 218.92.0.212 | attackspambots | 2020-06-07T19:29:16+0200 Failed SSH Authentication/Brute Force Attack. (Server 10) |
2020-06-08 01:56:06 |
| 211.253.10.96 | attackbots | Jun 7 17:37:23 jumpserver sshd[109796]: Failed password for root from 211.253.10.96 port 34142 ssh2 Jun 7 17:37:44 jumpserver sshd[109801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.253.10.96 user=root Jun 7 17:37:45 jumpserver sshd[109801]: Failed password for root from 211.253.10.96 port 37500 ssh2 ... |
2020-06-08 02:07:28 |
| 104.131.218.208 | attackspam | Jun 7 17:40:07 *** sshd[29360]: User root from 104.131.218.208 not allowed because not listed in AllowUsers |
2020-06-08 01:45:15 |
| 39.64.164.138 | attackbots | detected by Fail2Ban |
2020-06-08 01:47:53 |
| 187.94.7.37 | attack | Lines containing failures of 187.94.7.37 Jun 7 13:54:13 shared04 sshd[16344]: Invalid user admin from 187.94.7.37 port 50472 Jun 7 13:54:13 shared04 sshd[16344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.94.7.37 Jun 7 13:54:15 shared04 sshd[16344]: Failed password for invalid user admin from 187.94.7.37 port 50472 ssh2 Jun 7 13:54:15 shared04 sshd[16344]: Connection closed by invalid user admin 187.94.7.37 port 50472 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=187.94.7.37 |
2020-06-08 01:42:48 |
| 103.61.37.231 | attackbotsspam | (sshd) Failed SSH login from 103.61.37.231 (HK/Hong Kong/-): 5 in the last 3600 secs |
2020-06-08 02:14:41 |
| 193.112.123.100 | attackbots | Jun 7 11:15:07 Host-KEWR-E sshd[23520]: User root from 193.112.123.100 not allowed because not listed in AllowUsers ... |
2020-06-08 01:39:09 |
| 85.13.91.209 | attackspam | Lines containing failures of 85.13.91.209 (max 1000) Jun 7 11:57:49 jomu postfix/smtpd[8089]: connect from host-85-13-91-209.lidos.cz[85.13.91.209] Jun 7 11:57:53 jomu postfix/smtpd[8089]: warning: host-85-13-91-209.lidos.cz[85.13.91.209]: SASL PLAIN authentication failed: Jun 7 11:57:53 jomu postfix/smtpd[8089]: lost connection after AUTH from host-85-13-91-209.lidos.cz[85.13.91.209] Jun 7 11:57:53 jomu postfix/smtpd[8089]: disconnect from host-85-13-91-209.lidos.cz[85.13.91.209] ehlo=1 auth=0/1 commands=1/2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=85.13.91.209 |
2020-06-08 01:57:11 |
| 41.216.161.250 | attackspam | 41.216.161.250 - - [07/Jun/2020:14:04:31 +0200] "GET /awstats.pl?lang=en&output=main HTTP/1.0" 404 280 "https://oraux.pnzone.net/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.86 Safari/537.36 Slimjet/15.1.6.0" |
2020-06-08 01:47:17 |