城市(city): unknown
省份(region): unknown
国家(country): Thailand
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 61.91.14.151 | attackspambots | (sshd) Failed SSH login from 61.91.14.151 (TH/Thailand/61-91-14-151.static.asianet.co.th): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 1 22:01:18 ubnt-55d23 sshd[5455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.91.14.151 user=root Apr 1 22:01:20 ubnt-55d23 sshd[5455]: Failed password for root from 61.91.14.151 port 47141 ssh2 |
2020-04-02 04:17:52 |
| 61.91.14.151 | attack | Apr 1 02:06:29 Tower sshd[5480]: Connection from 61.91.14.151 port 52668 on 192.168.10.220 port 22 rdomain "" Apr 1 02:06:36 Tower sshd[5480]: Invalid user iu from 61.91.14.151 port 52668 Apr 1 02:06:36 Tower sshd[5480]: error: Could not get shadow information for NOUSER Apr 1 02:06:36 Tower sshd[5480]: Failed password for invalid user iu from 61.91.14.151 port 52668 ssh2 Apr 1 02:06:37 Tower sshd[5480]: Received disconnect from 61.91.14.151 port 52668:11: Bye Bye [preauth] Apr 1 02:06:37 Tower sshd[5480]: Disconnected from invalid user iu 61.91.14.151 port 52668 [preauth] |
2020-04-01 18:56:19 |
| 61.91.14.151 | attack | Lines containing failures of 61.91.14.151 Mar 30 16:18:08 newdogma sshd[6624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.91.14.151 user=r.r Mar 30 16:18:09 newdogma sshd[6624]: Failed password for r.r from 61.91.14.151 port 40057 ssh2 Mar 30 16:18:10 newdogma sshd[6624]: Received disconnect from 61.91.14.151 port 40057:11: Bye Bye [preauth] Mar 30 16:18:10 newdogma sshd[6624]: Disconnected from authenticating user r.r 61.91.14.151 port 40057 [preauth] Mar 30 16:33:31 newdogma sshd[6954]: Invalid user bd from 61.91.14.151 port 43333 Mar 30 16:33:31 newdogma sshd[6954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.91.14.151 Mar 30 16:33:34 newdogma sshd[6954]: Failed password for invalid user bd from 61.91.14.151 port 43333 ssh2 Mar 30 16:33:36 newdogma sshd[6954]: Received disconnect from 61.91.14.151 port 43333:11: Bye Bye [preauth] Mar 30 16:33:36 newdogma sshd[6954]: Discon........ ------------------------------ |
2020-03-31 19:27:27 |
| 61.91.14.170 | attackbots | Dec 20 17:59:49 vpn sshd[15984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.91.14.170 Dec 20 17:59:51 vpn sshd[15984]: Failed password for invalid user test from 61.91.14.170 port 34589 ssh2 Dec 20 18:00:58 vpn sshd[16025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.91.14.170 |
2020-01-05 19:56:16 |
| 61.91.14.172 | attackspam | Jan 16 09:47:42 vpn sshd[18230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.91.14.172 Jan 16 09:47:44 vpn sshd[18230]: Failed password for invalid user user from 61.91.14.172 port 50884 ssh2 Jan 16 09:51:28 vpn sshd[18235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.91.14.172 |
2020-01-05 19:53:22 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.91.14.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55239
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;61.91.14.139. IN A
;; AUTHORITY SECTION:
. 347 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022091502 1800 900 604800 86400
;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 16 07:29:14 CST 2022
;; MSG SIZE rcvd: 105139.14.91.61.in-addr.arpa domain name pointer 61-91-14-139.static.asianet.co.th.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
139.14.91.61.in-addr.arpa name = 61-91-14-139.static.asianet.co.th.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 165.22.248.215 | attack | Aug 28 22:07:21 Ubuntu-1404-trusty-64-minimal sshd\[8278\]: Invalid user willy from 165.22.248.215 Aug 28 22:07:21 Ubuntu-1404-trusty-64-minimal sshd\[8278\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.248.215 Aug 28 22:07:22 Ubuntu-1404-trusty-64-minimal sshd\[8278\]: Failed password for invalid user willy from 165.22.248.215 port 44878 ssh2 Aug 28 22:28:45 Ubuntu-1404-trusty-64-minimal sshd\[25163\]: Invalid user mktg2 from 165.22.248.215 Aug 28 22:28:45 Ubuntu-1404-trusty-64-minimal sshd\[25163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.248.215 |
2019-08-29 04:31:07 |
| 185.220.100.253 | attackbotsspam | WordPress login Brute force / Web App Attack on client site. |
2019-08-29 04:28:32 |
| 27.0.141.4 | attackspam | Aug 28 20:58:19 srv206 sshd[14688]: Invalid user undernet from 27.0.141.4 ... |
2019-08-29 04:18:09 |
| 191.53.253.30 | attackbots | failed_logins |
2019-08-29 04:10:29 |
| 178.32.218.192 | attackspambots | Aug 28 12:56:11 ny01 sshd[3529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.218.192 Aug 28 12:56:13 ny01 sshd[3529]: Failed password for invalid user alvaro from 178.32.218.192 port 46223 ssh2 Aug 28 12:59:50 ny01 sshd[4269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.218.192 |
2019-08-29 04:46:00 |
| 129.213.117.53 | attackbots | Aug 28 21:10:15 itv-usvr-01 sshd[10613]: Invalid user baldwin from 129.213.117.53 Aug 28 21:10:15 itv-usvr-01 sshd[10613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.117.53 Aug 28 21:10:15 itv-usvr-01 sshd[10613]: Invalid user baldwin from 129.213.117.53 Aug 28 21:10:17 itv-usvr-01 sshd[10613]: Failed password for invalid user baldwin from 129.213.117.53 port 38248 ssh2 Aug 28 21:15:22 itv-usvr-01 sshd[10779]: Invalid user sn from 129.213.117.53 |
2019-08-29 04:03:45 |
| 34.93.44.102 | attackbots | 34.93.44.102 - - [28/Aug/2019:18:31:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.93.44.102 - - [28/Aug/2019:18:31:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.93.44.102 - - [28/Aug/2019:18:31:57 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.93.44.102 - - [28/Aug/2019:18:31:58 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.93.44.102 - - [28/Aug/2019:18:31:59 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.93.44.102 - - [28/Aug/2019:18:32:00 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2019-08-29 04:22:11 |
| 187.87.13.110 | attackspambots | failed_logins |
2019-08-29 04:07:54 |
| 39.107.70.13 | attackbots | 39.107.70.13 - - [28/Aug/2019:16:14:58 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.107.70.13 - - [28/Aug/2019:16:15:00 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.107.70.13 - - [28/Aug/2019:16:15:02 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.107.70.13 - - [28/Aug/2019:16:15:06 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.107.70.13 - - [28/Aug/2019:16:15:06 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.107.70.13 - - [28/Aug/2019:16:15:11 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2019-08-29 04:12:51 |
| 111.230.157.219 | attackspambots | Aug 28 16:15:23 www sshd\[11115\]: Invalid user rootkit from 111.230.157.219 port 39548 ... |
2019-08-29 04:01:10 |
| 103.107.17.134 | attackbots | 2019-08-28T20:01:42.287615abusebot-8.cloudsearch.cf sshd\[7960\]: Invalid user zanni from 103.107.17.134 port 34008 |
2019-08-29 04:11:02 |
| 182.140.221.199 | attackbots | Aug 28 04:05:31 friendsofhawaii sshd\[4793\]: Invalid user rlombardo from 182.140.221.199 Aug 28 04:05:31 friendsofhawaii sshd\[4793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.140.221.199 Aug 28 04:05:34 friendsofhawaii sshd\[4793\]: Failed password for invalid user rlombardo from 182.140.221.199 port 52694 ssh2 Aug 28 04:14:53 friendsofhawaii sshd\[5631\]: Invalid user xh from 182.140.221.199 Aug 28 04:14:53 friendsofhawaii sshd\[5631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.140.221.199 |
2019-08-29 04:29:44 |
| 185.92.73.172 | attackbots | 185.92.73.172 - - [28/Aug/2019:10:15:15 -0400] "GET /?page=category&categoryID=395&EifJ%3D3743%20AND%201%3D1%20UNION%20ALL%20SELECT%201%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name%20FROM%20information_schema.tables%20WHERE%202%3E1--%2F%2A%2A%2F%3B%20EXEC%20xp_cmdshell%28%27cat%20..%2F..%2F..%2Fetc%2Fpasswd%27%29%23 HTTP/1.1" 200 17979 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/3.0.195.6 Safari/532.0" ... |
2019-08-29 04:02:04 |
| 5.226.138.5 | attackspambots | 08/28/2019-10:15:20.773212 5.226.138.5 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2019-08-29 04:07:02 |
| 213.158.10.101 | attack | Aug 28 09:54:45 tdfoods sshd\[31674\]: Invalid user war from 213.158.10.101 Aug 28 09:54:45 tdfoods sshd\[31674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101ppp10.telegraph.spb.ru Aug 28 09:54:47 tdfoods sshd\[31674\]: Failed password for invalid user war from 213.158.10.101 port 56849 ssh2 Aug 28 09:58:48 tdfoods sshd\[31990\]: Invalid user gnu from 213.158.10.101 Aug 28 09:58:48 tdfoods sshd\[31990\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101ppp10.telegraph.spb.ru |
2019-08-29 04:00:13 |