City: unknown
Region: unknown
Country: France
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.158.161.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55118
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;134.158.161.136. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021400 1800 900 604800 86400
;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 14 22:39:13 CST 2025
;; MSG SIZE rcvd: 108
Host 136.161.158.134.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 136.161.158.134.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 218.92.0.145 | attackspambots | Sep 11 10:49:15 localhost sshd[691655]: Unable to negotiate with 218.92.0.145 port 62574: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ... |
2020-09-11 09:09:33 |
| 45.176.214.185 | attackspambots | Sep 7 13:30:43 mail.srvfarm.net postfix/smtpd[1072435]: warning: unknown[45.176.214.185]: SASL PLAIN authentication failed: Sep 7 13:30:43 mail.srvfarm.net postfix/smtpd[1072435]: lost connection after AUTH from unknown[45.176.214.185] Sep 7 13:32:31 mail.srvfarm.net postfix/smtps/smtpd[1073052]: warning: unknown[45.176.214.185]: SASL PLAIN authentication failed: Sep 7 13:32:32 mail.srvfarm.net postfix/smtps/smtpd[1073052]: lost connection after AUTH from unknown[45.176.214.185] Sep 7 13:33:31 mail.srvfarm.net postfix/smtps/smtpd[1075083]: warning: unknown[45.176.214.185]: SASL PLAIN authentication failed: |
2020-09-11 09:23:38 |
| 210.211.116.80 | attackbots | SSH brute force |
2020-09-11 09:13:27 |
| 110.37.220.102 | attack | Sep 10 18:38:55 smtp sshd[12364]: Failed password for r.r from 110.37.220.102 port 40876 ssh2 Sep 10 18:38:56 smtp sshd[12397]: Failed password for r.r from 110.37.220.102 port 40916 ssh2 Sep 10 18:38:58 smtp sshd[12406]: Failed password for r.r from 110.37.220.102 port 41046 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=110.37.220.102 |
2020-09-11 09:14:15 |
| 150.95.153.82 | attackbotsspam | Sep 10 22:20:58 nextcloud sshd\[19973\]: Invalid user elly from 150.95.153.82 Sep 10 22:20:58 nextcloud sshd\[19973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.153.82 Sep 10 22:21:00 nextcloud sshd\[19973\]: Failed password for invalid user elly from 150.95.153.82 port 34174 ssh2 |
2020-09-11 09:01:04 |
| 62.210.194.7 | attackbotsspam | Sep 8 13:36:55 mail.srvfarm.net postfix/smtpd[1775137]: lost connection after STARTTLS from r7.news.eu.rvca.com[62.210.194.7] Sep 8 13:37:09 mail.srvfarm.net postfix/smtpd[1775114]: lost connection after STARTTLS from r7.news.eu.rvca.com[62.210.194.7] Sep 8 13:39:15 mail.srvfarm.net postfix/smtpd[1794843]: lost connection after STARTTLS from r7.news.eu.rvca.com[62.210.194.7] Sep 8 13:39:25 mail.srvfarm.net postfix/smtpd[1794850]: lost connection after STARTTLS from r7.news.eu.rvca.com[62.210.194.7] Sep 8 13:41:42 mail.srvfarm.net postfix/smtpd[1794840]: lost connection after STARTTLS from r7.news.eu.rvca.com[62.210.194.7] |
2020-09-11 09:32:42 |
| 118.27.39.156 | attackbotsspam | Sep 8 01:35:49 cumulus sshd[2276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.39.156 user=r.r Sep 8 01:35:51 cumulus sshd[2276]: Failed password for r.r from 118.27.39.156 port 51786 ssh2 Sep 8 01:35:51 cumulus sshd[2276]: Received disconnect from 118.27.39.156 port 51786:11: Bye Bye [preauth] Sep 8 01:35:51 cumulus sshd[2276]: Disconnected from 118.27.39.156 port 51786 [preauth] Sep 8 01:39:46 cumulus sshd[2736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.39.156 user=r.r Sep 8 01:39:48 cumulus sshd[2736]: Failed password for r.r from 118.27.39.156 port 39230 ssh2 Sep 8 01:39:48 cumulus sshd[2736]: Received disconnect from 118.27.39.156 port 39230:11: Bye Bye [preauth] Sep 8 01:39:48 cumulus sshd[2736]: Disconnected from 118.27.39.156 port 39230 [preauth] Sep 8 01:40:57 cumulus sshd[2809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 t........ ------------------------------- |
2020-09-11 09:03:13 |
| 103.16.145.10 | attackspam | Sep 7 13:32:10 mail.srvfarm.net postfix/smtps/smtpd[1073013]: warning: unknown[103.16.145.10]: SASL PLAIN authentication failed: Sep 7 13:32:11 mail.srvfarm.net postfix/smtps/smtpd[1073013]: lost connection after AUTH from unknown[103.16.145.10] Sep 7 13:35:46 mail.srvfarm.net postfix/smtpd[1078720]: warning: unknown[103.16.145.10]: SASL PLAIN authentication failed: Sep 7 13:35:46 mail.srvfarm.net postfix/smtpd[1078720]: lost connection after AUTH from unknown[103.16.145.10] Sep 7 13:36:02 mail.srvfarm.net postfix/smtpd[1078718]: warning: unknown[103.16.145.10]: SASL PLAIN authentication failed: |
2020-09-11 09:22:03 |
| 68.183.82.166 | attackspambots | Time: Thu Sep 10 22:51:21 2020 +0000 IP: 68.183.82.166 (IN/India/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 10 22:30:12 ca-1-ams1 sshd[41890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.82.166 user=root Sep 10 22:30:14 ca-1-ams1 sshd[41890]: Failed password for root from 68.183.82.166 port 37344 ssh2 Sep 10 22:44:54 ca-1-ams1 sshd[42325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.82.166 user=root Sep 10 22:44:56 ca-1-ams1 sshd[42325]: Failed password for root from 68.183.82.166 port 38354 ssh2 Sep 10 22:51:18 ca-1-ams1 sshd[42596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.82.166 user=root |
2020-09-11 09:04:01 |
| 45.142.120.147 | attackbotsspam | Sep 8 14:21:45 websrv1.derweidener.de postfix/smtpd[2651650]: warning: unknown[45.142.120.147]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 14:22:23 websrv1.derweidener.de postfix/smtpd[2651650]: warning: unknown[45.142.120.147]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 14:23:02 websrv1.derweidener.de postfix/smtpd[2651650]: warning: unknown[45.142.120.147]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 14:23:40 websrv1.derweidener.de postfix/smtpd[2651384]: warning: unknown[45.142.120.147]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 14:24:23 websrv1.derweidener.de postfix/smtpd[2651650]: warning: unknown[45.142.120.147]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-09-11 09:34:01 |
| 98.150.250.138 | attackspambots | Lines containing failures of 98.150.250.138 Sep 10 19:48:48 shared07 sshd[16226]: Invalid user pi from 98.150.250.138 port 35430 Sep 10 19:48:49 shared07 sshd[16226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.150.250.138 Sep 10 19:48:51 shared07 sshd[16226]: Failed password for invalid user pi from 98.150.250.138 port 35430 ssh2 Sep 10 19:48:51 shared07 sshd[16226]: Connection closed by invalid user pi 98.150.250.138 port 35430 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=98.150.250.138 |
2020-09-11 09:11:11 |
| 172.82.239.22 | attack | Sep 8 13:08:10 mail.srvfarm.net postfix/smtpd[1775107]: lost connection after STARTTLS from r22.news.eu.rvca.com[172.82.239.22] Sep 8 13:09:11 mail.srvfarm.net postfix/smtpd[1775114]: lost connection after STARTTLS from r22.news.eu.rvca.com[172.82.239.22] Sep 8 13:11:22 mail.srvfarm.net postfix/smtpd[1775107]: lost connection after STARTTLS from r22.news.eu.rvca.com[172.82.239.22] Sep 8 13:11:41 mail.srvfarm.net postfix/smtpd[1775105]: lost connection after STARTTLS from r22.news.eu.rvca.com[172.82.239.22] Sep 8 13:12:25 mail.srvfarm.net postfix/smtpd[1775106]: lost connection after STARTTLS from r22.news.eu.rvca.com[172.82.239.22] |
2020-09-11 09:27:42 |
| 45.142.120.53 | attackbotsspam | Sep 8 13:35:49 web02.agentur-b-2.de postfix/smtpd[1187121]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 13:36:28 web02.agentur-b-2.de postfix/smtpd[1187121]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 13:37:06 web02.agentur-b-2.de postfix/smtpd[1186587]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 13:37:46 web02.agentur-b-2.de postfix/smtpd[1183817]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 13:38:24 web02.agentur-b-2.de postfix/smtpd[1187121]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-09-11 09:25:10 |
| 168.91.36.28 | attackspambots | 3,98-00/01 [bc01/m34] PostRequest-Spammer scoring: brussels |
2020-09-11 08:59:18 |
| 122.51.194.254 | attackspambots | Sep 8 16:00:27 host sshd[27679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.194.254 user=r.r Sep 8 16:00:29 host sshd[27679]: Failed password for r.r from 122.51.194.254 port 33478 ssh2 Sep 8 16:00:30 host sshd[27679]: Received disconnect from 122.51.194.254: 11: Bye Bye [preauth] Sep 8 16:05:16 host sshd[12086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.194.254 user=r.r Sep 8 16:05:18 host sshd[12086]: Failed password for r.r from 122.51.194.254 port 52878 ssh2 Sep 8 16:05:18 host sshd[12086]: Received disconnect from 122.51.194.254: 11: Bye Bye [preauth] Sep 8 16:07:10 host sshd[17758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.194.254 user=r.r Sep 8 16:07:12 host sshd[17758]: Failed password for r.r from 122.51.194.254 port 43382 ssh2 Sep 8 16:07:12 host sshd[17758]: Received disconnect from 122.51.1........ ------------------------------- |
2020-09-11 09:15:43 |