City: unknown
Region: unknown
Country: New Zealand
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.45.243.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51180
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;103.45.243.142. IN A
;; AUTHORITY SECTION:
. 128 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400
;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 18:09:34 CST 2022
;; MSG SIZE rcvd: 107
142.243.45.103.in-addr.arpa domain name pointer default.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
142.243.45.103.in-addr.arpa name = default.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 193.187.173.88 | attack | Aug 30 06:55:21 server6 sshd[29828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.187.173.88 user=r.r Aug 30 06:55:23 server6 sshd[29828]: Failed password for r.r from 193.187.173.88 port 45487 ssh2 Aug 30 06:55:23 server6 sshd[29828]: Received disconnect from 193.187.173.88: 11: Bye Bye [preauth] Aug 30 07:05:27 server6 sshd[5796]: Failed password for invalid user lire from 193.187.173.88 port 54819 ssh2 Aug 30 07:05:27 server6 sshd[5796]: Received disconnect from 193.187.173.88: 11: Bye Bye [preauth] Aug 30 07:12:20 server6 sshd[14029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.187.173.88 user=r.r Aug 30 07:12:22 server6 sshd[14029]: Failed password for r.r from 193.187.173.88 port 50930 ssh2 Aug 30 07:12:22 server6 sshd[14029]: Received disconnect from 193.187.173.88: 11: Bye Bye [preauth] Aug 30 07:18:49 server6 sshd[20992]: Failed password for invalid user ncmdbuser f........ ------------------------------- |
2019-08-30 15:45:09 |
| 49.232.37.191 | attack | Aug 30 08:48:08 tux-35-217 sshd\[30927\]: Invalid user tomas from 49.232.37.191 port 40146 Aug 30 08:48:08 tux-35-217 sshd\[30927\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.37.191 Aug 30 08:48:10 tux-35-217 sshd\[30927\]: Failed password for invalid user tomas from 49.232.37.191 port 40146 ssh2 Aug 30 08:50:35 tux-35-217 sshd\[30945\]: Invalid user vagrant from 49.232.37.191 port 58958 Aug 30 08:50:35 tux-35-217 sshd\[30945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.37.191 ... |
2019-08-30 15:50:15 |
| 153.36.242.143 | attack | Aug 30 02:50:17 aat-srv002 sshd[4696]: Failed password for root from 153.36.242.143 port 31325 ssh2 Aug 30 02:50:28 aat-srv002 sshd[4699]: Failed password for root from 153.36.242.143 port 13735 ssh2 Aug 30 02:50:30 aat-srv002 sshd[4699]: Failed password for root from 153.36.242.143 port 13735 ssh2 Aug 30 02:50:34 aat-srv002 sshd[4699]: Failed password for root from 153.36.242.143 port 13735 ssh2 ... |
2019-08-30 15:52:13 |
| 92.118.37.74 | attackspam | Aug 30 06:56:44 mail kernel: [2229820.646797] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.74 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=4292 PROTO=TCP SPT=46525 DPT=44585 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 30 06:58:43 mail kernel: [2229940.079214] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.74 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=35456 PROTO=TCP SPT=46525 DPT=19356 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 30 06:59:17 mail kernel: [2229973.983221] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.74 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=64305 PROTO=TCP SPT=46525 DPT=17352 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 30 06:59:35 mail kernel: [2229992.029826] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.74 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=22117 PROTO=TCP SPT=46525 DPT=31506 WINDOW=1024 RES=0x00 SYN U |
2019-08-30 15:31:10 |
| 138.68.212.180 | attack | Honeypot hit. |
2019-08-30 15:08:00 |
| 5.132.115.161 | attackspam | Aug 30 07:47:43 tuxlinux sshd[9714]: Invalid user eric from 5.132.115.161 port 39494 Aug 30 07:47:43 tuxlinux sshd[9714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.132.115.161 Aug 30 07:47:43 tuxlinux sshd[9714]: Invalid user eric from 5.132.115.161 port 39494 Aug 30 07:47:43 tuxlinux sshd[9714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.132.115.161 Aug 30 07:47:43 tuxlinux sshd[9714]: Invalid user eric from 5.132.115.161 port 39494 Aug 30 07:47:43 tuxlinux sshd[9714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.132.115.161 Aug 30 07:47:45 tuxlinux sshd[9714]: Failed password for invalid user eric from 5.132.115.161 port 39494 ssh2 ... |
2019-08-30 15:46:41 |
| 101.227.90.169 | attack | Aug 29 21:17:21 web9 sshd\[19891\]: Invalid user dv from 101.227.90.169 Aug 29 21:17:21 web9 sshd\[19891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.227.90.169 Aug 29 21:17:23 web9 sshd\[19891\]: Failed password for invalid user dv from 101.227.90.169 port 43573 ssh2 Aug 29 21:24:19 web9 sshd\[21284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.227.90.169 user=root Aug 29 21:24:21 web9 sshd\[21284\]: Failed password for root from 101.227.90.169 port 38086 ssh2 |
2019-08-30 15:37:36 |
| 61.171.244.72 | attackspam | Aug 30 08:00:03 OPSO sshd\[31997\]: Invalid user 000000 from 61.171.244.72 port 8608 Aug 30 08:00:03 OPSO sshd\[31997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.171.244.72 Aug 30 08:00:05 OPSO sshd\[31997\]: Failed password for invalid user 000000 from 61.171.244.72 port 8608 ssh2 Aug 30 08:04:08 OPSO sshd\[32584\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.171.244.72 user=nginx Aug 30 08:04:11 OPSO sshd\[32584\]: Failed password for nginx from 61.171.244.72 port 48483 ssh2 |
2019-08-30 15:33:27 |
| 47.254.89.228 | attackbotsspam | \[Fri Aug 30 07:48:32.997737 2019\] \[access_compat:error\] \[pid 5311:tid 140516674979584\] \[client 47.254.89.228:40252\] AH01797: client denied by server configuration: /var/www/lug/xmlrpc.php ... |
2019-08-30 15:08:20 |
| 113.140.85.76 | attackspambots | Aug 30 09:19:36 [host] sshd[10254]: Invalid user dev from 113.140.85.76 Aug 30 09:19:36 [host] sshd[10254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.140.85.76 Aug 30 09:19:39 [host] sshd[10254]: Failed password for invalid user dev from 113.140.85.76 port 51962 ssh2 |
2019-08-30 15:24:01 |
| 59.3.71.222 | attackbotsspam | Automatic report - Banned IP Access |
2019-08-30 15:22:50 |
| 128.199.154.60 | attackspam | Aug 30 03:46:00 plusreed sshd[17020]: Invalid user rupesh from 128.199.154.60 ... |
2019-08-30 15:54:58 |
| 115.134.11.199 | attack | Automatic report - Port Scan Attack |
2019-08-30 15:10:09 |
| 189.204.49.40 | attackspambots | POST /xmlrpc.php |
2019-08-30 15:31:57 |
| 185.220.102.6 | attackbotsspam | Automated report - ssh fail2ban: Aug 30 08:59:57 wrong password, user=root, port=40935, ssh2 Aug 30 09:00:00 wrong password, user=root, port=40935, ssh2 Aug 30 09:00:04 wrong password, user=root, port=40935, ssh2 Aug 30 09:00:08 wrong password, user=root, port=40935, ssh2 |
2019-08-30 15:25:47 |