City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.38.105.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7988
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;134.38.105.85. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021700 1800 900 604800 86400
;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 18:06:39 CST 2025
;; MSG SIZE rcvd: 106
Host 85.105.38.134.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 85.105.38.134.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 106.13.237.235 | attack | Apr 22 17:16:27 gw1 sshd[30519]: Failed password for root from 106.13.237.235 port 59296 ssh2 ... |
2020-04-22 21:34:14 |
| 184.105.247.248 | attackbotsspam | Apr 22 14:04:01 debian-2gb-nbg1-2 kernel: \[9815994.549658\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.247.248 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=48633 DPT=6379 WINDOW=65535 RES=0x00 SYN URGP=0 |
2020-04-22 21:23:29 |
| 45.143.220.112 | attackbots | UDP scanned port list, 15080, 25080, 35080, 45080, 55080 |
2020-04-22 21:16:48 |
| 113.189.46.45 | attackspam | Unauthorized connection attempt detected from IP address 113.189.46.45 to port 445 |
2020-04-22 21:03:59 |
| 188.76.8.168 | attack | Automatic report - Port Scan |
2020-04-22 21:31:11 |
| 50.104.13.15 | spambotsattack | This is 1 of several ip addresses stalking and hard my kids and me on internet for 2 in a half years. They have my credit card info all my passwords stole 7 email ACCTS that r still active and used with different names. They edit right on the screen everything even legal documents. My ip is 192.168.254.254 please look into this issue and block these psycho paths. Also they have my apps cloned so they can run them |
2020-04-22 21:28:21 |
| 175.140.138.193 | attack | Apr 22 14:45:57 h2779839 sshd[15474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.140.138.193 user=root Apr 22 14:45:58 h2779839 sshd[15474]: Failed password for root from 175.140.138.193 port 48667 ssh2 Apr 22 14:49:14 h2779839 sshd[15510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.140.138.193 user=root Apr 22 14:49:15 h2779839 sshd[15510]: Failed password for root from 175.140.138.193 port 45890 ssh2 Apr 22 14:52:36 h2779839 sshd[15588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.140.138.193 user=root Apr 22 14:52:38 h2779839 sshd[15588]: Failed password for root from 175.140.138.193 port 33774 ssh2 Apr 22 14:55:52 h2779839 sshd[15763]: Invalid user chef from 175.140.138.193 port 19239 Apr 22 14:55:52 h2779839 sshd[15763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.140.138.193 Apr 22 14:5 ... |
2020-04-22 21:31:37 |
| 116.104.78.47 | attackbotsspam | Lines containing failures of 116.104.78.47 Apr 22 04:43:32 server-name sshd[6842]: Invalid user admin from 116.104.78.47 port 36490 Apr 22 04:43:32 server-name sshd[6842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.104.78.47 Apr 22 04:43:34 server-name sshd[6842]: Failed password for invalid user admin from 116.104.78.47 port 36490 ssh2 Apr 22 04:43:36 server-name sshd[6842]: Connection closed by invalid user admin 116.104.78.47 port 36490 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=116.104.78.47 |
2020-04-22 21:24:04 |
| 176.31.93.62 | attack | Apr 22 13:37:05 mail01 postfix/postscreen[28305]: CONNECT from [176.31.93.62]:33914 to [94.130.181.95]:25 Apr 22 13:37:05 mail01 postfix/dnsblog[28306]: addr 176.31.93.62 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Apr 22 13:37:11 mail01 postfix/postscreen[28305]: PASS NEW [176.31.93.62]:33914 Apr 22 13:37:12 mail01 postfix/smtpd[28308]: connect from de.infolawsuhostname.com[176.31.93.62] Apr x@x Apr 22 13:37:12 mail01 postfix/smtpd[28308]: disconnect from de.infolawsuhostname.com[176.31.93.62] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Apr 22 13:42:05 mail01 postfix/postscreen[28305]: CONNECT from [176.31.93.62]:40401 to [94.130.181.95]:25 Apr 22 13:42:05 mail01 postfix/dnsblog[28307]: addr 176.31.93.62 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Apr 22 13:42:05 mail01 postfix/postscreen[28305]: PASS OLD [176.31.93.62]:40401 Apr 22 13:42:05 mail01 postfix/smtpd[28308]: connect from de.infolawsuhostname.com[176.31.93.62] Apr x@x Apr 22 13:42........ ------------------------------- |
2020-04-22 21:15:39 |
| 119.28.132.211 | attackspambots | Apr 22 14:04:19 nextcloud sshd\[23433\]: Invalid user is from 119.28.132.211 Apr 22 14:04:19 nextcloud sshd\[23433\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.132.211 Apr 22 14:04:21 nextcloud sshd\[23433\]: Failed password for invalid user is from 119.28.132.211 port 44020 ssh2 |
2020-04-22 21:05:50 |
| 50.104.13.15 | spambotsattack | This is 1 of several ip addresses stalking and hard my kids and me on internet for 2 in a half years. They have my credit card info all my passwords stole 7 email ACCTS that r still active and used with different names. They edit right on the screen everything even legal documents. My ip is 192.168.254.254 please look into this issue and block these psycho paths. Also they have my apps cloned so they can run them |
2020-04-22 21:28:45 |
| 180.215.204.139 | attack | Apr 22 05:28:15 mockhub sshd[10380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.215.204.139 Apr 22 05:28:17 mockhub sshd[10380]: Failed password for invalid user pw from 180.215.204.139 port 53582 ssh2 ... |
2020-04-22 21:22:01 |
| 188.191.28.175 | attack | Honeypot attack, port: 5555, PTR: host-188.191.28.175.ardinvest.net. |
2020-04-22 21:09:32 |
| 167.71.96.148 | attackspambots | Apr 21 11:27:26 rs-7 sshd[5329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.96.148 user=r.r Apr 21 11:27:28 rs-7 sshd[5329]: Failed password for r.r from 167.71.96.148 port 49462 ssh2 Apr 21 11:27:28 rs-7 sshd[5329]: Received disconnect from 167.71.96.148 port 49462:11: Bye Bye [preauth] Apr 21 11:27:28 rs-7 sshd[5329]: Disconnected from 167.71.96.148 port 49462 [preauth] Apr 21 11:36:21 rs-7 sshd[7501]: Invalid user wh from 167.71.96.148 port 56850 Apr 21 11:36:21 rs-7 sshd[7501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.96.148 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=167.71.96.148 |
2020-04-22 21:26:07 |
| 104.254.245.169 | attackbots | 2020-04-22T14:07:27.448896amanda2.illicoweb.com sshd\[10225\]: Invalid user nl from 104.254.245.169 port 53472 2020-04-22T14:07:27.454220amanda2.illicoweb.com sshd\[10225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.254.245.169 2020-04-22T14:07:29.837058amanda2.illicoweb.com sshd\[10225\]: Failed password for invalid user nl from 104.254.245.169 port 53472 ssh2 2020-04-22T14:12:22.899007amanda2.illicoweb.com sshd\[10665\]: Invalid user aw from 104.254.245.169 port 48068 2020-04-22T14:12:22.903969amanda2.illicoweb.com sshd\[10665\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.254.245.169 ... |
2020-04-22 21:26:26 |