城市(city): St Petersburg
省份(region): St.-Petersburg
国家(country): Russia
运营商(isp): JSC ER-Telecom Holding
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Fixed Line ISP
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attack | [Fri Feb 21 21:35:40 2020] - Syn Flood From IP: 5.19.139.168 Port: 6000 |
2020-03-23 22:49:55 |
| attackspam | Port scan detected on ports: 1433[TCP], 6433[TCP], 5433[TCP] |
2020-02-25 06:11:23 |
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 5.19.139.101 | attack | 1597438475 - 08/15/2020 03:54:35 Host: 5x19x139x101.static-customer.spb.ertelecom.ru/5.19.139.101 Port: 23 TCP Blocked ... |
2020-08-15 07:31:19 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.19.139.168
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20241
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.19.139.168. IN A
;; AUTHORITY SECTION:
. 192 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020022401 1800 900 604800 86400
;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 25 06:11:19 CST 2020
;; MSG SIZE rcvd: 116168.139.19.5.in-addr.arpa domain name pointer 5x19x139x168.static-customer.spb.ertelecom.ru.Server: 100.100.2.138
Address: 100.100.2.138#53
Non-authoritative answer:
168.139.19.5.in-addr.arpa name = 5x19x139x168.static-customer.spb.ertelecom.ru.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 188.168.27.71 | attackbots | email spam |
2020-04-15 14:35:36 |
| 202.1.169.40 | attack | Lines containing failures of 202.1.169.40 Apr 13 22:44:31 shared01 sshd[29662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.1.169.40 user=r.r Apr 13 22:44:34 shared01 sshd[29662]: Failed password for r.r from 202.1.169.40 port 53708 ssh2 Apr 13 22:44:34 shared01 sshd[29662]: Received disconnect from 202.1.169.40 port 53708:11: Bye Bye [preauth] Apr 13 22:44:34 shared01 sshd[29662]: Disconnected from authenticating user r.r 202.1.169.40 port 53708 [preauth] Apr 13 22:48:07 shared01 sshd[30561]: Invalid user webmaster from 202.1.169.40 port 49006 Apr 13 22:48:07 shared01 sshd[30561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.1.169.40 Apr 13 22:48:09 shared01 sshd[30561]: Failed password for invalid user webmaster from 202.1.169.40 port 49006 ssh2 Apr 13 22:48:09 shared01 sshd[30561]: Received disconnect from 202.1.169.40 port 49006:11: Bye Bye [preauth] Apr 13 22:48:09 shared........ ------------------------------ |
2020-04-15 14:37:33 |
| 89.210.34.58 | attackbots | Telnet Server BruteForce Attack |
2020-04-15 14:52:16 |
| 51.254.143.190 | attackspam | SSH Brute-Force reported by Fail2Ban |
2020-04-15 15:07:32 |
| 86.183.200.55 | attackspam | Invalid user wonmoo from 86.183.200.55 port 42226 |
2020-04-15 15:11:35 |
| 176.37.177.78 | attackbotsspam | $f2bV_matches |
2020-04-15 14:33:27 |
| 181.129.165.139 | attackspambots | sshd jail - ssh hack attempt |
2020-04-15 15:01:36 |
| 159.138.65.33 | attackspam | Apr 15 07:39:59 ncomp sshd[15954]: User syslog from 159.138.65.33 not allowed because none of user's groups are listed in AllowGroups Apr 15 07:39:59 ncomp sshd[15954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.65.33 user=syslog Apr 15 07:39:59 ncomp sshd[15954]: User syslog from 159.138.65.33 not allowed because none of user's groups are listed in AllowGroups Apr 15 07:40:00 ncomp sshd[15954]: Failed password for invalid user syslog from 159.138.65.33 port 34258 ssh2 |
2020-04-15 14:54:50 |
| 94.180.58.238 | attackbots | $f2bV_matches |
2020-04-15 14:57:49 |
| 202.77.105.100 | attackbotsspam | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-04-15 15:00:18 |
| 112.85.42.178 | attackbots | Apr 15 08:36:56 * sshd[22207]: Failed password for root from 112.85.42.178 port 59879 ssh2 Apr 15 08:37:06 * sshd[22207]: Failed password for root from 112.85.42.178 port 59879 ssh2 |
2020-04-15 14:40:33 |
| 128.71.68.19 | attack | Apr 15 07:39:27 srv206 sshd[7391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128-71-68-19.broadband.corbina.ru user=root Apr 15 07:39:29 srv206 sshd[7391]: Failed password for root from 128.71.68.19 port 36506 ssh2 ... |
2020-04-15 15:07:15 |
| 59.63.213.32 | attack | postfix |
2020-04-15 14:57:23 |
| 190.156.231.245 | attackspam | Apr 15 09:38:59 lukav-desktop sshd\[9499\]: Invalid user ttf from 190.156.231.245 Apr 15 09:38:59 lukav-desktop sshd\[9499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.156.231.245 Apr 15 09:39:01 lukav-desktop sshd\[9499\]: Failed password for invalid user ttf from 190.156.231.245 port 56803 ssh2 Apr 15 09:44:55 lukav-desktop sshd\[9808\]: Invalid user asecruc from 190.156.231.245 Apr 15 09:44:55 lukav-desktop sshd\[9808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.156.231.245 |
2020-04-15 14:52:32 |
| 95.217.178.69 | attack | Wordpress malicious attack:[sshd] |
2020-04-15 14:59:52 |