城市(city): unknown
省份(region): unknown
国家(country): Italy
运营商(isp): Fastweb SpA
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Fixed Line ISP
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackspam | Dec 24 18:30:25 server sshd\[16222\]: Invalid user pi from 93.50.125.249 Dec 24 18:30:26 server sshd\[16224\]: Invalid user pi from 93.50.125.249 Dec 24 18:30:26 server sshd\[16222\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-50-125-249.ip152.fastwebnet.it Dec 24 18:30:26 server sshd\[16224\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-50-125-249.ip152.fastwebnet.it Dec 24 18:30:27 server sshd\[16222\]: Failed password for invalid user pi from 93.50.125.249 port 52109 ssh2 ... |
2019-12-25 04:26:36 |
| attackspam | Nov 8 15:40:11 icecube sshd[64860]: Invalid user pi from 93.50.125.249 port 64521 Nov 8 15:40:11 icecube sshd[64860]: Failed password for invalid user pi from 93.50.125.249 port 64521 ssh2 |
2019-11-09 00:07:20 |
| attackspam | Invalid user pi from 93.50.125.249 port 51349 |
2019-10-27 04:26:15 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.50.125.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8008
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.50.125.249. IN A
;; AUTHORITY SECTION:
. 200 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019102400 1800 900 604800 86400
;; Query time: 188 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 24 22:19:39 CST 2019
;; MSG SIZE rcvd: 117249.125.50.93.in-addr.arpa domain name pointer 93-50-125-249.ip152.fastwebnet.it.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
249.125.50.93.in-addr.arpa name = 93-50-125-249.ip152.fastwebnet.it.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 157.230.235.233 | attackbots | Invalid user jayadatta from 157.230.235.233 port 55860 |
2020-02-01 10:22:41 |
| 111.93.246.171 | attackbotsspam | Invalid user kavya from 111.93.246.171 port 49466 |
2020-02-01 10:16:35 |
| 147.234.55.175 | attack | Unauthorized connection attempt detected from IP address 147.234.55.175 to port 2323 [J] |
2020-02-01 10:27:01 |
| 52.47.177.142 | attackspambots | [FriJan3121:39:24.2165312020][:error][pid12190:tid47392810362624][client52.47.177.142:58302][client52.47.177.142]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"falegnameriamanea.ch"][uri"/.env"][unique_id"XjSQfBZ2LVVmbSpBd99lywAAABg"][FriJan3122:30:39.3131062020][:error][pid12204:tid47392770438912][client52.47.177.142:52310][client52.47.177.142]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\ |
2020-02-01 10:29:25 |
| 187.95.125.228 | attack | 2020-02-01T01:26:52.312198host3.slimhost.com.ua sshd[3063884]: Invalid user ts2 from 187.95.125.228 port 33070 2020-02-01T01:26:52.319324host3.slimhost.com.ua sshd[3063884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.95.125.228 2020-02-01T01:26:52.312198host3.slimhost.com.ua sshd[3063884]: Invalid user ts2 from 187.95.125.228 port 33070 2020-02-01T01:26:54.601169host3.slimhost.com.ua sshd[3063884]: Failed password for invalid user ts2 from 187.95.125.228 port 33070 ssh2 2020-02-01T01:29:29.088186host3.slimhost.com.ua sshd[3065259]: Invalid user admin from 187.95.125.228 port 54420 2020-02-01T01:29:29.094809host3.slimhost.com.ua sshd[3065259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.95.125.228 2020-02-01T01:29:29.088186host3.slimhost.com.ua sshd[3065259]: Invalid user admin from 187.95.125.228 port 54420 2020-02-01T01:29:31.597420host3.slimhost.com.ua sshd[3065259]: Failed password for i ... |
2020-02-01 10:31:57 |
| 37.146.182.38 | attack | Unauthorized connection attempt from IP address 37.146.182.38 on Port 445(SMB) |
2020-02-01 10:50:51 |
| 198.108.66.216 | attack | firewall-block, port(s): 5632/udp |
2020-02-01 10:41:43 |
| 13.73.159.163 | attack | [SatFeb0101:09:42.6533802020][:error][pid32360:tid47092635195136][client13.73.159.163:59998][client13.73.159.163]ModSecurity:Accessdeniedwithcode403\(phase2\).File"/tmp/20200201-010942-XjTBxewwATcLkB3zyHf4MgAAAQs-file-x2Pryc"rejectedbytheapproverscript"/etc/cxs/cxscgi.sh":0[file"/etc/apache2/conf.d/modsec_vendor_configs/configserver/00_configserver.conf"][line"7"][id"1010101"][msg"ConfigServerExploitScanner\(cxs\)triggered"][severity"CRITICAL"][hostname"ponzellini.ch"][uri"/wp-admin/admin-post.php"][unique_id"XjTBxewwATcLkB3zyHf4MgAAAQs"] |
2020-02-01 10:53:01 |
| 103.221.254.73 | attackbots | B: f2b postfix aggressive 3x |
2020-02-01 10:50:32 |
| 68.183.176.131 | attackbots | Feb 1 03:19:51 legacy sshd[24198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.176.131 Feb 1 03:19:53 legacy sshd[24198]: Failed password for invalid user admin from 68.183.176.131 port 55176 ssh2 Feb 1 03:23:17 legacy sshd[24350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.176.131 ... |
2020-02-01 10:24:43 |
| 54.206.19.43 | attackspam | [FriJan3121:49:49.7055332020][:error][pid12190:tid47392766236416][client54.206.19.43:40910][client54.206.19.43]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"www.casaplusticino.ch"][uri"/.env"][unique_id"XjSS7RZ2LVVmbSpBd99nHQAAAAM"][FriJan3122:30:10.5819102020][:error][pid12039:tid47392787248896][client54.206.19.43:46606][client54.206.19.43]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\ |
2020-02-01 10:55:39 |
| 186.3.234.169 | attackspam | Unauthorized connection attempt detected from IP address 186.3.234.169 to port 2220 [J] |
2020-02-01 10:37:28 |
| 169.1.252.192 | attack | Automatic report - Port Scan Attack |
2020-02-01 10:34:50 |
| 222.186.175.217 | attackbots | Feb 1 03:27:25 dedicated sshd[28126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Feb 1 03:27:26 dedicated sshd[28126]: Failed password for root from 222.186.175.217 port 36156 ssh2 |
2020-02-01 10:29:46 |
| 106.52.107.81 | attack | Unauthorized connection attempt detected from IP address 106.52.107.81 to port 80 [J] |
2020-02-01 10:50:19 |