City: Somerset East
Region: Eastern Cape
Country: South Africa
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.66.239.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58434
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;102.66.239.68. IN A
;; AUTHORITY SECTION:
. 455 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022040402 1800 900 604800 86400
;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 05 17:46:20 CST 2022
;; MSG SIZE rcvd: 106
Host 68.239.66.102.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 68.239.66.102.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 220.165.9.187 | attack | WEB server attack. |
2020-06-25 17:51:06 |
| 156.96.59.29 | attackspam | Jun 25 10:56:09 v22019058497090703 postfix/smtpd[31521]: warning: unknown[156.96.59.29]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 10:56:15 v22019058497090703 postfix/smtpd[31521]: warning: unknown[156.96.59.29]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 10:56:25 v22019058497090703 postfix/smtpd[31521]: warning: unknown[156.96.59.29]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-06-25 17:45:51 |
| 77.210.180.9 | attackspam | Jun 25 06:18:55 vps1 sshd[1889788]: Invalid user kshitij from 77.210.180.9 port 46526 Jun 25 06:18:57 vps1 sshd[1889788]: Failed password for invalid user kshitij from 77.210.180.9 port 46526 ssh2 ... |
2020-06-25 18:23:51 |
| 40.121.58.88 | attackbots | Jun 25 09:24:52 *** sshd[16733]: User root from 40.121.58.88 not allowed because not listed in AllowUsers |
2020-06-25 17:47:29 |
| 168.0.130.143 | attackspambots | Automatic report - Port Scan Attack |
2020-06-25 17:59:32 |
| 191.234.182.6 | attackbots | SSH Brute-Force. Ports scanning. |
2020-06-25 18:03:01 |
| 139.59.254.93 | attack | Jun 25 11:51:19 eventyay sshd[28828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 Jun 25 11:51:22 eventyay sshd[28828]: Failed password for invalid user shreya1 from 139.59.254.93 port 35411 ssh2 Jun 25 11:54:39 eventyay sshd[28915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.254.93 ... |
2020-06-25 18:15:16 |
| 13.74.179.179 | attackbots | Jun 25 09:51:12 *** sshd[16756]: User root from 13.74.179.179 not allowed because not listed in AllowUsers |
2020-06-25 18:12:58 |
| 185.176.27.42 | attackspambots | [H1.VM7] Blocked by UFW |
2020-06-25 18:22:56 |
| 167.172.121.115 | attackbots | Jun 24 22:17:36 server1 sshd\[12802\]: Invalid user ggarcia from 167.172.121.115 Jun 24 22:17:36 server1 sshd\[12802\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.121.115 Jun 24 22:17:38 server1 sshd\[12802\]: Failed password for invalid user ggarcia from 167.172.121.115 port 56960 ssh2 Jun 24 22:19:19 server1 sshd\[13968\]: Invalid user ucp from 167.172.121.115 Jun 24 22:19:19 server1 sshd\[13968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.121.115 Jun 24 22:19:22 server1 sshd\[13968\]: Failed password for invalid user ucp from 167.172.121.115 port 58494 ssh2 Jun 24 22:21:06 server1 sshd\[15172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.121.115 user=root Jun 24 22:21:08 server1 sshd\[15172\]: Failed password for root from 167.172.121.115 port 60030 ssh2 ... |
2020-06-25 18:09:59 |
| 40.117.117.166 | attackspam | Jun 25 00:53:43 uapps sshd[30612]: User r.r from 40.117.117.166 not allowed because not listed in AllowUsers Jun 25 00:53:43 uapps sshd[30612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.117.166 user=r.r Jun 25 00:53:43 uapps sshd[30614]: User r.r from 40.117.117.166 not allowed because not listed in AllowUsers Jun 25 00:53:43 uapps sshd[30614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.117.166 user=r.r Jun 25 00:53:44 uapps sshd[30612]: Failed password for invalid user r.r from 40.117.117.166 port 35173 ssh2 Jun 25 00:53:45 uapps sshd[30614]: Failed password for invalid user r.r from 40.117.117.166 port 35203 ssh2 Jun 25 00:53:45 uapps sshd[30612]: Received disconnect from 40.117.117.166: 11: Client disconnecting normally [preauth] Jun 25 00:53:45 uapps sshd[30614]: Received disconnect from 40.117.117.166: 11: Client disconnecting normally [preauth] ........ ------------------------------------------- |
2020-06-25 17:52:45 |
| 170.106.33.194 | attackspambots | SSH_attack |
2020-06-25 18:12:16 |
| 140.203.204.59 | attackspambots | Jun 25 10:35:18 gestao sshd[5922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.203.204.59 Jun 25 10:35:20 gestao sshd[5922]: Failed password for invalid user cy from 140.203.204.59 port 48372 ssh2 Jun 25 10:38:04 gestao sshd[5990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.203.204.59 ... |
2020-06-25 17:59:56 |
| 185.143.75.81 | attack | Jun 25 11:59:45 websrv1.derweidener.de postfix/smtpd[3529292]: warning: unknown[185.143.75.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 12:00:33 websrv1.derweidener.de postfix/smtpd[3541918]: warning: unknown[185.143.75.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 12:01:22 websrv1.derweidener.de postfix/smtpd[3541918]: warning: unknown[185.143.75.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 12:02:12 websrv1.derweidener.de postfix/smtpd[3541918]: warning: unknown[185.143.75.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 12:03:02 websrv1.derweidener.de postfix/smtpd[3541918]: warning: unknown[185.143.75.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-06-25 18:05:58 |
| 52.172.53.254 | attackspam | port scan and connect, tcp 22 (ssh) |
2020-06-25 17:55:51 |