City: unknown
Region: unknown
Country: South Africa
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.218.241.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10814
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;102.218.241.2. IN A
;; AUTHORITY SECTION:
. 344 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022041102 1800 900 604800 86400
;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 12 08:54:36 CST 2022
;; MSG SIZE rcvd: 1062.241.218.102.in-addr.arpa domain name pointer 102-218-241-2.level-7.co.za.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
2.241.218.102.in-addr.arpa name = 102-218-241-2.level-7.co.za.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 144.217.60.239 | attackbotsspam | 2020-09-05 02:33:10.462321-0500 localhost sshd[98943]: Failed password for root from 144.217.60.239 port 39466 ssh2 |
2020-09-05 20:21:43 |
| 36.156.155.192 | attack | Sep 5 12:57:08 web-main sshd[764284]: Failed password for invalid user ubuntu from 36.156.155.192 port 12142 ssh2 Sep 5 12:58:58 web-main sshd[764518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.156.155.192 user=root Sep 5 12:59:00 web-main sshd[764518]: Failed password for root from 36.156.155.192 port 18921 ssh2 |
2020-09-05 20:30:45 |
| 185.216.32.130 | attack | $f2bV_matches |
2020-09-05 20:50:35 |
| 117.7.226.226 | attackbotsspam | [FriSep0418:53:38.1302952020][:error][pid9148:tid46926317901568][client117.7.226.226:54180][client117.7.226.226]ModSecurity:Accessdeniedwithcode403\(phase2\).File"/tmp/20200904-185337-X1JxEW3XpgJgBgJ@UMJztQAAAEM-file-Aw7S1z"rejectedbytheapproverscript"/etc/cxs/cxscgi.sh":0[file"/etc/apache2/conf.d/modsec_vendor_configs/configserver/00_configserver.conf"][line"7"][id"1010101"][msg"ConfigServerExploitScanner\(cxs\)triggered"][severity"CRITICAL"][hostname"gruppobalu.com"][uri"/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"][unique_id"X1JxEW3XpgJgBgJ@UMJztQAAAEM"]\,referer:https://gruppobalu.com/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php |
2020-09-05 20:27:27 |
| 191.31.91.156 | attack | Automatic report - Port Scan Attack |
2020-09-05 20:49:29 |
| 82.221.131.5 | attackspambots | Sep 5 11:48:37 nextcloud sshd\[18426\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.221.131.5 user=root Sep 5 11:48:39 nextcloud sshd\[18426\]: Failed password for root from 82.221.131.5 port 39326 ssh2 Sep 5 11:48:42 nextcloud sshd\[18426\]: Failed password for root from 82.221.131.5 port 39326 ssh2 |
2020-09-05 20:32:09 |
| 185.86.164.99 | attackspambots | CMS (WordPress or Joomla) login attempt. |
2020-09-05 20:26:09 |
| 171.248.55.212 | attackspam | Honeypot attack, port: 81, PTR: dynamic-ip-adsl.viettel.vn. |
2020-09-05 20:47:09 |
| 51.89.68.142 | attackbots | Invalid user odoo from 51.89.68.142 port 53066 |
2020-09-05 20:20:12 |
| 51.83.45.65 | attackspambots | Sep 5 13:35:24 srv-ubuntu-dev3 sshd[86655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.45.65 user=root Sep 5 13:35:27 srv-ubuntu-dev3 sshd[86655]: Failed password for root from 51.83.45.65 port 37332 ssh2 Sep 5 13:38:45 srv-ubuntu-dev3 sshd[87236]: Invalid user git from 51.83.45.65 Sep 5 13:38:45 srv-ubuntu-dev3 sshd[87236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.45.65 Sep 5 13:38:45 srv-ubuntu-dev3 sshd[87236]: Invalid user git from 51.83.45.65 Sep 5 13:38:46 srv-ubuntu-dev3 sshd[87236]: Failed password for invalid user git from 51.83.45.65 port 42516 ssh2 Sep 5 13:42:09 srv-ubuntu-dev3 sshd[87586]: Invalid user postgres from 51.83.45.65 Sep 5 13:42:09 srv-ubuntu-dev3 sshd[87586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.45.65 Sep 5 13:42:09 srv-ubuntu-dev3 sshd[87586]: Invalid user postgres from 51.83.45.65 Sep 5 13: ... |
2020-09-05 20:22:53 |
| 194.26.27.32 | attackbotsspam | Sep 5 14:05:44 [host] kernel: [4974141.251609] [U Sep 5 14:07:02 [host] kernel: [4974219.898612] [U Sep 5 14:09:18 [host] kernel: [4974355.837220] [U Sep 5 14:09:31 [host] kernel: [4974368.702324] [U Sep 5 14:15:38 [host] kernel: [4974736.043753] [U Sep 5 14:15:49 [host] kernel: [4974746.989950] [U |
2020-09-05 20:30:21 |
| 209.17.96.162 | attackbotsspam | TCP ports : 3000 / 4567 / 8443 / 8888 |
2020-09-05 20:29:59 |
| 51.178.52.245 | attackbotsspam | 2020-09-05T12:04:18.443603shield sshd\[24176\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tor-exit-node.neowutran.ovh user=root 2020-09-05T12:04:20.157145shield sshd\[24176\]: Failed password for root from 51.178.52.245 port 45390 ssh2 2020-09-05T12:04:22.085301shield sshd\[24176\]: Failed password for root from 51.178.52.245 port 45390 ssh2 2020-09-05T12:04:24.502905shield sshd\[24176\]: Failed password for root from 51.178.52.245 port 45390 ssh2 2020-09-05T12:04:27.296754shield sshd\[24176\]: Failed password for root from 51.178.52.245 port 45390 ssh2 |
2020-09-05 20:39:52 |
| 200.146.246.196 | attackbotsspam | 1599238433 - 09/04/2020 18:53:53 Host: 200.146.246.196/200.146.246.196 Port: 445 TCP Blocked |
2020-09-05 20:17:38 |
| 51.68.139.151 | attack | 2020-09-05T12:14:48.868861shield sshd\[25425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.ip-51-68-139.eu user=root 2020-09-05T12:14:51.150876shield sshd\[25425\]: Failed password for root from 51.68.139.151 port 50406 ssh2 2020-09-05T12:14:54.436420shield sshd\[25425\]: Failed password for root from 51.68.139.151 port 50406 ssh2 2020-09-05T12:14:56.928298shield sshd\[25425\]: Failed password for root from 51.68.139.151 port 50406 ssh2 2020-09-05T12:14:59.971247shield sshd\[25425\]: Failed password for root from 51.68.139.151 port 50406 ssh2 |
2020-09-05 20:16:50 |