City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.92.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14141
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.131.92.4. IN A
;; AUTHORITY SECTION:
. 600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400
;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 03:19:30 CST 2022
;; MSG SIZE rcvd: 105
4.92.131.104.in-addr.arpa domain name pointer monitoring.internet-measurement.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
4.92.131.104.in-addr.arpa name = monitoring.internet-measurement.com.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 52.244.200.75 | attackbots | <6 unauthorized SSH connections |
2020-07-16 15:53:00 |
| 54.38.139.210 | attackbots | Jul 16 10:28:14 ift sshd\[65375\]: Invalid user demo from 54.38.139.210Jul 16 10:28:15 ift sshd\[65375\]: Failed password for invalid user demo from 54.38.139.210 port 34782 ssh2Jul 16 10:32:24 ift sshd\[1316\]: Invalid user mariann from 54.38.139.210Jul 16 10:32:26 ift sshd\[1316\]: Failed password for invalid user mariann from 54.38.139.210 port 48516 ssh2Jul 16 10:36:41 ift sshd\[2246\]: Invalid user angelina from 54.38.139.210 ... |
2020-07-16 15:52:36 |
| 185.220.100.249 | attack | 2020/07/16 05:32:27 [error] 20617#20617: *8579445 open() "/usr/share/nginx/html/cgi-bin/php" failed (2: No such file or directory), client: 185.220.100.249, server: _, request: "POST /cgi-bin/php?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E HTTP/1.1", host: "hot-mod.de" 2020/07/16 05:32:27 [error] 20617#20617: *8579445 open() "/usr/share/nginx/html/cgi-bin/php4" failed (2: No such file or directory), client: 185.220.100.249, server: _, request: "POST /cgi-bin/php4?%2D%64+%61%6C%6C%6F%77%5F%75%72%6 |
2020-07-16 15:56:06 |
| 149.56.44.101 | attack | 2020-07-16T07:34:46.589507shield sshd\[13796\]: Invalid user oracle from 149.56.44.101 port 56922 2020-07-16T07:34:46.601039shield sshd\[13796\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.ip-149-56-44.net 2020-07-16T07:34:48.875950shield sshd\[13796\]: Failed password for invalid user oracle from 149.56.44.101 port 56922 ssh2 2020-07-16T07:36:47.137013shield sshd\[14100\]: Invalid user jacky from 149.56.44.101 port 33386 2020-07-16T07:36:47.147431shield sshd\[14100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.ip-149-56-44.net |
2020-07-16 15:38:24 |
| 45.183.192.14 | attackbotsspam | Jul 16 07:44:08 vps sshd[4313]: Failed password for invalid user ima from 45.183.192.14 port 56262 ssh2 Jul 16 07:48:57 vps sshd[27197]: Invalid user admin from 45.183.192.14 port 42504 Jul 16 07:48:57 vps sshd[27197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.183.192.14 Jul 16 07:48:59 vps sshd[27197]: Failed password for invalid user admin from 45.183.192.14 port 42504 ssh2 Jul 16 07:53:57 vps sshd[50717]: Invalid user ubuntu from 45.183.192.14 port 56978 ... |
2020-07-16 15:26:15 |
| 222.186.180.130 | attack | Jul 16 09:50:08 vps647732 sshd[19145]: Failed password for root from 222.186.180.130 port 40062 ssh2 ... |
2020-07-16 15:51:09 |
| 177.11.139.114 | attackspam | $f2bV_matches |
2020-07-16 15:43:48 |
| 122.51.45.200 | attack | SSH Brute-Force attacks |
2020-07-16 15:40:58 |
| 40.76.91.70 | attack | Jul 16 09:34:10 lvps178-77-74-153 sshd[6039]: User root from 40.76.91.70 not allowed because none of user's groups are listed in AllowGroups ... |
2020-07-16 15:40:15 |
| 198.46.152.196 | attackbots | Jul 16 06:59:21 *** sshd[27204]: Invalid user starbound from 198.46.152.196 |
2020-07-16 15:35:00 |
| 200.114.236.19 | attackspambots | Jul 16 07:31:03 nextcloud sshd\[13310\]: Invalid user cic from 200.114.236.19 Jul 16 07:31:03 nextcloud sshd\[13310\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.114.236.19 Jul 16 07:31:06 nextcloud sshd\[13310\]: Failed password for invalid user cic from 200.114.236.19 port 52518 ssh2 |
2020-07-16 15:52:04 |
| 137.59.57.68 | attack | Jul 16 05:22:47 mail.srvfarm.net postfix/smtps/smtpd[701931]: warning: unknown[137.59.57.68]: SASL PLAIN authentication failed: Jul 16 05:22:47 mail.srvfarm.net postfix/smtps/smtpd[701931]: lost connection after AUTH from unknown[137.59.57.68] Jul 16 05:27:12 mail.srvfarm.net postfix/smtps/smtpd[703163]: warning: unknown[137.59.57.68]: SASL PLAIN authentication failed: Jul 16 05:27:13 mail.srvfarm.net postfix/smtps/smtpd[703163]: lost connection after AUTH from unknown[137.59.57.68] Jul 16 05:28:16 mail.srvfarm.net postfix/smtps/smtpd[702670]: warning: unknown[137.59.57.68]: SASL PLAIN authentication failed: |
2020-07-16 16:01:35 |
| 190.145.192.106 | attackbotsspam | Jul 16 05:19:17 hcbbdb sshd\[26879\]: Invalid user web from 190.145.192.106 Jul 16 05:19:17 hcbbdb sshd\[26879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.192.106 Jul 16 05:19:18 hcbbdb sshd\[26879\]: Failed password for invalid user web from 190.145.192.106 port 58514 ssh2 Jul 16 05:23:41 hcbbdb sshd\[27368\]: Invalid user pw from 190.145.192.106 Jul 16 05:23:41 hcbbdb sshd\[27368\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.192.106 |
2020-07-16 15:47:01 |
| 131.100.78.188 | attackbots | Jul 16 05:29:17 mail.srvfarm.net postfix/smtpd[699501]: warning: 188-78-100-131.internetcentral.com.br[131.100.78.188]: SASL PLAIN authentication failed: Jul 16 05:29:17 mail.srvfarm.net postfix/smtpd[699501]: lost connection after AUTH from 188-78-100-131.internetcentral.com.br[131.100.78.188] Jul 16 05:29:32 mail.srvfarm.net postfix/smtpd[699494]: warning: 188-78-100-131.internetcentral.com.br[131.100.78.188]: SASL PLAIN authentication failed: Jul 16 05:29:32 mail.srvfarm.net postfix/smtpd[699494]: lost connection after AUTH from 188-78-100-131.internetcentral.com.br[131.100.78.188] Jul 16 05:31:12 mail.srvfarm.net postfix/smtpd[700170]: warning: 188-78-100-131.internetcentral.com.br[131.100.78.188]: SASL PLAIN authentication failed: |
2020-07-16 16:02:07 |
| 106.13.41.25 | attackspambots |
|
2020-07-16 15:40:02 |