City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.21.55.115
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44348
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.21.55.115. IN A
;; AUTHORITY SECTION:
. 244 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021700 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 00:11:16 CST 2022
;; MSG SIZE rcvd: 106Host 115.55.21.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 115.55.21.104.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 62.234.95.148 | attackspambots | Oct 9 18:58:35 auw2 sshd\[21481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.95.148 user=root Oct 9 18:58:37 auw2 sshd\[21481\]: Failed password for root from 62.234.95.148 port 60102 ssh2 Oct 9 19:03:16 auw2 sshd\[21893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.95.148 user=root Oct 9 19:03:18 auw2 sshd\[21893\]: Failed password for root from 62.234.95.148 port 48688 ssh2 Oct 9 19:07:56 auw2 sshd\[22243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.95.148 user=root |
2019-10-10 13:23:22 |
| 192.227.252.23 | attackspambots | [Aegis] @ 2019-10-10 05:07:24 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack |
2019-10-10 12:54:07 |
| 80.211.113.144 | attackbotsspam | Oct 10 06:49:08 tuotantolaitos sshd[16170]: Failed password for root from 80.211.113.144 port 47934 ssh2 ... |
2019-10-10 12:49:53 |
| 95.245.106.35 | attack | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/95.245.106.35/ IT - 1H : (69) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IT NAME ASN : ASN3269 IP : 95.245.106.35 CIDR : 95.245.0.0/16 PREFIX COUNT : 550 UNIQUE IP COUNT : 19507712 WYKRYTE ATAKI Z ASN3269 : 1H - 4 3H - 7 6H - 12 12H - 21 24H - 34 DateTime : 2019-10-10 05:54:30 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-10 13:08:28 |
| 80.211.171.195 | attack | Oct 10 07:51:09 sauna sshd[70095]: Failed password for root from 80.211.171.195 port 34888 ssh2 ... |
2019-10-10 13:19:30 |
| 41.79.224.105 | attack | Oct 10 07:31:12 tuotantolaitos sshd[17686]: Failed password for root from 41.79.224.105 port 44278 ssh2 ... |
2019-10-10 13:20:57 |
| 222.186.175.202 | attackspam | Oct 9 19:23:58 debian sshd[782]: Unable to negotiate with 222.186.175.202 port 64000: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Oct 10 01:11:59 debian sshd[17046]: Unable to negotiate with 222.186.175.202 port 37276: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ... |
2019-10-10 13:18:38 |
| 181.48.116.50 | attackbotsspam | Oct 9 18:50:26 hanapaa sshd\[3404\]: Invalid user 123Empire from 181.48.116.50 Oct 9 18:50:26 hanapaa sshd\[3404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.116.50 Oct 9 18:50:27 hanapaa sshd\[3404\]: Failed password for invalid user 123Empire from 181.48.116.50 port 33860 ssh2 Oct 9 18:54:17 hanapaa sshd\[3734\]: Invalid user Qwert123456 from 181.48.116.50 Oct 9 18:54:17 hanapaa sshd\[3734\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.116.50 |
2019-10-10 12:59:44 |
| 187.1.57.210 | attackspam | Oct 10 10:36:48 areeb-Workstation sshd[4642]: Failed password for root from 187.1.57.210 port 45664 ssh2 ... |
2019-10-10 13:12:22 |
| 51.254.131.137 | attack | $f2bV_matches |
2019-10-10 13:29:52 |
| 45.55.65.92 | attackspambots | ssh failed login |
2019-10-10 13:20:28 |
| 150.107.213.168 | attackspambots | Oct 10 04:29:20 web8 sshd\[19220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.107.213.168 user=root Oct 10 04:29:22 web8 sshd\[19220\]: Failed password for root from 150.107.213.168 port 43445 ssh2 Oct 10 04:33:40 web8 sshd\[21498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.107.213.168 user=root Oct 10 04:33:42 web8 sshd\[21498\]: Failed password for root from 150.107.213.168 port 34922 ssh2 Oct 10 04:38:06 web8 sshd\[23683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.107.213.168 user=root |
2019-10-10 12:53:41 |
| 187.0.221.222 | attack | Oct 10 07:07:11 vps647732 sshd[28394]: Failed password for root from 187.0.221.222 port 29144 ssh2 ... |
2019-10-10 13:23:49 |
| 104.215.62.205 | attack | 3389BruteforceFW22 |
2019-10-10 13:06:49 |
| 122.116.174.239 | attackspam | Oct 10 06:46:45 server sshd\[10159\]: User root from 122.116.174.239 not allowed because listed in DenyUsers Oct 10 06:46:45 server sshd\[10159\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.116.174.239 user=root Oct 10 06:46:47 server sshd\[10159\]: Failed password for invalid user root from 122.116.174.239 port 58494 ssh2 Oct 10 06:53:51 server sshd\[20321\]: User root from 122.116.174.239 not allowed because listed in DenyUsers Oct 10 06:53:51 server sshd\[20321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.116.174.239 user=root |
2019-10-10 13:29:20 |