城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.92.204.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42375
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;52.92.204.96. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022201 1800 900 604800 86400
;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 23 04:43:32 CST 2025
;; MSG SIZE rcvd: 105
96.204.92.52.in-addr.arpa domain name pointer s3-us-west-2.amazonaws.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
96.204.92.52.in-addr.arpa name = s3-us-west-2.amazonaws.com.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 132.232.108.149 | attack | Aug 9 10:44:18 localhost sshd\[109438\]: Invalid user fauzi from 132.232.108.149 port 53863 Aug 9 10:44:18 localhost sshd\[109438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.108.149 Aug 9 10:44:19 localhost sshd\[109438\]: Failed password for invalid user fauzi from 132.232.108.149 port 53863 ssh2 Aug 9 10:49:59 localhost sshd\[109615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.108.149 user=lp Aug 9 10:50:01 localhost sshd\[109615\]: Failed password for lp from 132.232.108.149 port 50372 ssh2 ... |
2019-08-09 19:48:42 |
| 73.95.0.82 | attackbotsspam | port scan and connect, tcp 22 (ssh) |
2019-08-09 19:54:22 |
| 107.180.123.15 | attackbotsspam | xmlrpc attack |
2019-08-09 19:36:43 |
| 87.96.139.69 | attack | 23/tcp [2019-08-09]1pkt |
2019-08-09 20:08:18 |
| 218.92.0.145 | attackbotsspam | Triggered by Fail2Ban at Vostok web server |
2019-08-09 20:08:52 |
| 89.44.138.250 | attackspambots | xmlrpc attack |
2019-08-09 20:11:17 |
| 49.232.57.116 | attack | 5984/tcp [2019-08-09]1pkt |
2019-08-09 20:20:35 |
| 89.46.196.34 | attack | Aug 9 17:16:54 vibhu-HP-Z238-Microtower-Workstation sshd\[19767\]: Invalid user admin from 89.46.196.34 Aug 9 17:16:54 vibhu-HP-Z238-Microtower-Workstation sshd\[19767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.46.196.34 Aug 9 17:16:56 vibhu-HP-Z238-Microtower-Workstation sshd\[19767\]: Failed password for invalid user admin from 89.46.196.34 port 57634 ssh2 Aug 9 17:21:14 vibhu-HP-Z238-Microtower-Workstation sshd\[19889\]: Invalid user chu from 89.46.196.34 Aug 9 17:21:14 vibhu-HP-Z238-Microtower-Workstation sshd\[19889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.46.196.34 ... |
2019-08-09 20:05:35 |
| 54.213.159.205 | attack | Lines containing failures of 54.213.159.205 auth.log:Aug 9 01:07:05 omfg sshd[9529]: Connection from 54.213.159.205 port 36718 on 78.46.60.40 port 22 auth.log:Aug 9 01:07:26 omfg sshd[9529]: Connection closed by 54.213.159.205 port 36718 [preauth] auth.log:Aug 9 01:07:26 omfg sshd[9537]: Connection from 54.213.159.205 port 34402 on 78.46.60.40 port 22 auth.log:Aug 9 01:07:41 omfg sshd[9537]: fatal: Unable to negotiate whostnameh 54.213.159.205 port 34402: no matching host key type found. Their offer: ecdsa-sha2-nistp384 [preauth] auth.log:Aug 9 01:07:48 omfg sshd[9611]: Connection from 54.213.159.205 port 45866 on 78.46.60.40 port 22 auth.log:Aug 9 01:07:56 omfg sshd[9611]: fatal: Unable to negotiate whostnameh 54.213.159.205 port 45866: no matching host key type found. Their offer: ecdsa-sha2-nistp521 [preauth] auth.log:Aug 9 01:08:03 omfg sshd[9684]: Connection from 54.213.159.205 port 54380 on 78.46.60.40 port 22 auth.log:Aug 9 01:08:11 omfg sshd[9684]: Connec........ ------------------------------ |
2019-08-09 20:00:23 |
| 189.8.1.50 | attackbotsspam | Aug 9 05:56:34 xtremcommunity sshd\[10555\]: Invalid user prueba1 from 189.8.1.50 port 44800 Aug 9 05:56:34 xtremcommunity sshd\[10555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.1.50 Aug 9 05:56:36 xtremcommunity sshd\[10555\]: Failed password for invalid user prueba1 from 189.8.1.50 port 44800 ssh2 Aug 9 06:02:06 xtremcommunity sshd\[10703\]: Invalid user blu from 189.8.1.50 port 39710 Aug 9 06:02:06 xtremcommunity sshd\[10703\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.1.50 ... |
2019-08-09 20:04:33 |
| 59.167.247.94 | attack | 59.167.247.94 - - [09/Aug/2019:08:02:55 +0200] "GET /mysql/admin/index.php?lang=en HTTP/1.1" 404 219 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" |
2019-08-09 19:39:33 |
| 121.1.38.228 | attackspambots | Attack: D-Link DSL 2750B Arbitrary Command Execution Web Attack: Remote OS Command Injection Attack: Remote Command Injection Activity 2 |
2019-08-09 20:00:47 |
| 13.75.95.112 | attackspambots | Aug 9 12:21:29 mout sshd[16843]: Connection closed by 13.75.95.112 port 26386 [preauth] |
2019-08-09 19:45:31 |
| 66.240.205.34 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2019-08-09 19:41:38 |
| 5.54.174.44 | attackspambots | Telnet Server BruteForce Attack |
2019-08-09 19:47:00 |