City: Taichung
Region: Taichung
Country: Taiwan, China
Internet Service Provider: Chunghwa
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.41.64.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54049
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;114.41.64.2. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025080601 1800 900 604800 86400
;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 07 12:16:54 CST 2025
;; MSG SIZE rcvd: 104b'2.64.41.114.in-addr.arpa domain name pointer 114-41-64-2.dynamic-ip.hinet.net.
'b'2.64.41.114.in-addr.arpa name = 114-41-64-2.dynamic-ip.hinet.net.
Authoritative answers can be found from:
'| IP | Type | Details | Datetime |
|---|---|---|---|
| 52.66.187.171 | attack | 52.66.187.171 - - [15/Jul/2019:14:35:47 +0200] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.66.187.171 - - [15/Jul/2019:14:35:47 +0200] "POST /wp-login.php HTTP/1.1" 200 1651 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.66.187.171 - - [15/Jul/2019:14:35:48 +0200] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.66.187.171 - - [15/Jul/2019:14:35:48 +0200] "POST /wp-login.php HTTP/1.1" 200 1629 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.66.187.171 - - [15/Jul/2019:14:35:49 +0200] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.66.187.171 - - [15/Jul/2019:14:35:49 +0200] "POST /wp-login.php HTTP/1.1" 200 1626 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2019-07-15 21:48:48 |
| 92.208.83.222 | attackspambots | NAME : VFDE-IP-SERVICE-01 CIDR : 92.208.0.0/15 SYN Flood DDoS Attack Germany - block certain countries :) IP: 92.208.83.222 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl |
2019-07-15 22:21:00 |
| 113.118.159.169 | attack | Jul 15 11:45:37 yesfletchmain sshd\[6908\]: Invalid user sistemas2 from 113.118.159.169 port 45712 Jul 15 11:45:37 yesfletchmain sshd\[6908\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.118.159.169 Jul 15 11:45:38 yesfletchmain sshd\[6908\]: Failed password for invalid user sistemas2 from 113.118.159.169 port 45712 ssh2 Jul 15 11:51:17 yesfletchmain sshd\[7043\]: Invalid user admin from 113.118.159.169 port 40360 Jul 15 11:51:17 yesfletchmain sshd\[7043\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.118.159.169 ... |
2019-07-15 21:33:09 |
| 170.0.128.10 | attack | Invalid user teamspeak3 from 170.0.128.10 port 38227 |
2019-07-15 21:57:05 |
| 114.41.0.6 | attackspambots | Jul 14 20:00:01 localhost kernel: [14392994.734729] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=114.41.0.6 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=14401 PROTO=TCP SPT=20286 DPT=37215 WINDOW=30465 RES=0x00 SYN URGP=0 Jul 14 20:00:01 localhost kernel: [14392994.734750] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=114.41.0.6 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=14401 PROTO=TCP SPT=20286 DPT=37215 SEQ=758669438 ACK=0 WINDOW=30465 RES=0x00 SYN URGP=0 Jul 15 02:19:23 localhost kernel: [14415756.514325] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=114.41.0.6 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=47835 PROTO=TCP SPT=20286 DPT=37215 WINDOW=30465 RES=0x00 SYN URGP=0 Jul 15 02:19:23 localhost kernel: [14415756.514354] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=114.41.0.6 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 |
2019-07-15 22:06:44 |
| 139.99.9.2 | attack | 190 attacks over the last 10 minutes. Below is a sample of these recent attacks: July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for Newspaper Premium Theme <= 6.7.1 - Privilege Escalation July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for Yellow Pencil Visual Theme Customizer <= 7.1.9 Arbitrary Options Update in query string: yp_remote_get=test July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for Yellow Pencil Visual Theme Customizer <= 7.1.9 Arbitrary Options Update in query string: yp_remote_get=test July 15, 2019 1:21am 139.99.9.2 (Singapore) Blocked for WP GDPR Compliance <= 1.4.2 - Update Any Option / Call Any Action in POST body: action=wpgdprc_process_action |
2019-07-15 22:00:37 |
| 178.128.201.224 | attackbotsspam | SSH Brute-Force reported by Fail2Ban |
2019-07-15 22:03:38 |
| 185.12.109.102 | attackbots | Automatic report - Banned IP Access |
2019-07-15 22:10:15 |
| 111.231.217.253 | attackspam | Jul 15 09:23:02 tux-35-217 sshd\[29661\]: Invalid user putty from 111.231.217.253 port 17616 Jul 15 09:23:02 tux-35-217 sshd\[29661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.217.253 Jul 15 09:23:04 tux-35-217 sshd\[29661\]: Failed password for invalid user putty from 111.231.217.253 port 17616 ssh2 Jul 15 09:27:19 tux-35-217 sshd\[29680\]: Invalid user jessica from 111.231.217.253 port 52036 Jul 15 09:27:19 tux-35-217 sshd\[29680\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.217.253 ... |
2019-07-15 21:38:48 |
| 128.199.96.234 | attackspam | Jul 15 14:53:52 root sshd[25549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.96.234 Jul 15 14:53:53 root sshd[25549]: Failed password for invalid user ares from 128.199.96.234 port 50370 ssh2 Jul 15 14:59:13 root sshd[3322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.96.234 ... |
2019-07-15 22:02:39 |
| 191.102.91.210 | attackbotsspam | Looking for resource vulnerabilities |
2019-07-15 21:41:17 |
| 51.38.83.164 | attackbotsspam | Jul 15 09:38:28 microserver sshd[43163]: Invalid user data from 51.38.83.164 port 38438 Jul 15 09:38:28 microserver sshd[43163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.83.164 Jul 15 09:38:30 microserver sshd[43163]: Failed password for invalid user data from 51.38.83.164 port 38438 ssh2 Jul 15 09:42:58 microserver sshd[43839]: Invalid user test1 from 51.38.83.164 port 35660 Jul 15 09:42:58 microserver sshd[43839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.83.164 Jul 15 09:56:29 microserver sshd[45829]: Invalid user tester from 51.38.83.164 port 55560 Jul 15 09:56:29 microserver sshd[45829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.83.164 Jul 15 09:56:30 microserver sshd[45829]: Failed password for invalid user tester from 51.38.83.164 port 55560 ssh2 Jul 15 10:01:05 microserver sshd[46454]: Invalid user minecraft from 51.38.83.164 port 52780 Jul 15 10: |
2019-07-15 22:16:01 |
| 98.235.171.156 | attackbotsspam | Invalid user ivan from 98.235.171.156 port 38556 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.235.171.156 Failed password for invalid user ivan from 98.235.171.156 port 38556 ssh2 Invalid user praful from 98.235.171.156 port 35506 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.235.171.156 |
2019-07-15 22:21:31 |
| 14.187.36.45 | attack | 14.187.36.45 has been banned for [spam] ... |
2019-07-15 21:31:29 |
| 37.187.115.201 | attack | Unauthorized SSH login attempts |
2019-07-15 22:22:19 |