City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: Wellington Management Company LLP
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.42.64.32
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24889
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.42.64.32. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019061900 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 19 15:06:24 CST 2019
;; MSG SIZE rcvd: 116Host 32.64.42.134.in-addr.arpa not found: 2(SERVFAIL);; Got SERVFAIL reply from 67.207.67.2, trying next server
Server: 67.207.67.3
Address: 67.207.67.3#53
** server can't find 32.64.42.134.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 40.92.20.67 | attack | Dec 16 17:44:04 debian-2gb-vpn-nbg1-1 kernel: [885813.632253] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.20.67 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=234 ID=42034 DF PROTO=TCP SPT=6323 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0 |
2019-12-17 01:36:21 |
| 118.126.98.159 | attack | $f2bV_matches |
2019-12-17 01:27:09 |
| 167.114.98.229 | attackbotsspam | Dec 16 17:17:11 ncomp sshd[4125]: Invalid user gearhart from 167.114.98.229 Dec 16 17:17:11 ncomp sshd[4125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.98.229 Dec 16 17:17:11 ncomp sshd[4125]: Invalid user gearhart from 167.114.98.229 Dec 16 17:17:14 ncomp sshd[4125]: Failed password for invalid user gearhart from 167.114.98.229 port 44702 ssh2 |
2019-12-17 01:24:14 |
| 152.136.95.118 | attackspam | invalid user |
2019-12-17 01:26:36 |
| 123.58.6.219 | attackspam | Dec 16 15:43:42 MK-Soft-VM6 sshd[26155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.58.6.219 Dec 16 15:43:44 MK-Soft-VM6 sshd[26155]: Failed password for invalid user server from 123.58.6.219 port 54053 ssh2 ... |
2019-12-17 01:56:24 |
| 45.148.10.62 | attackbots | Brute force attempt |
2019-12-17 01:55:16 |
| 189.59.60.108 | attackbots | Lines containing failures of 189.59.60.108 Dec 16 06:34:06 nextcloud sshd[4618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.59.60.108 user=r.r Dec 16 06:34:08 nextcloud sshd[4618]: Failed password for r.r from 189.59.60.108 port 55596 ssh2 Dec 16 06:34:08 nextcloud sshd[4618]: Received disconnect from 189.59.60.108 port 55596:11: Bye Bye [preauth] Dec 16 06:34:08 nextcloud sshd[4618]: Disconnected from authenticating user r.r 189.59.60.108 port 55596 [preauth] Dec 16 06:45:03 nextcloud sshd[6668]: Invalid user admin from 189.59.60.108 port 57688 Dec 16 06:45:03 nextcloud sshd[6668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.59.60.108 Dec 16 06:45:05 nextcloud sshd[6668]: Failed password for invalid user admin from 189.59.60.108 port 57688 ssh2 Dec 16 06:45:05 nextcloud sshd[6668]: Received disconnect from 189.59.60.108 port 57688:11: Bye Bye [preauth] Dec 16 06:45:05 nextc........ ------------------------------ |
2019-12-17 01:57:17 |
| 194.228.3.191 | attackbotsspam | sshd jail - ssh hack attempt |
2019-12-17 01:48:25 |
| 51.159.59.47 | attack | 51.159.59.47 was recorded 13 times by 13 hosts attempting to connect to the following ports: 389. Incident counter (4h, 24h, all-time): 13, 35, 106 |
2019-12-17 01:39:52 |
| 218.92.0.157 | attackbotsspam | Dec 16 18:20:08 legacy sshd[7876]: Failed password for root from 218.92.0.157 port 7242 ssh2 Dec 16 18:20:11 legacy sshd[7876]: Failed password for root from 218.92.0.157 port 7242 ssh2 Dec 16 18:20:20 legacy sshd[7876]: Failed password for root from 218.92.0.157 port 7242 ssh2 Dec 16 18:20:20 legacy sshd[7876]: error: maximum authentication attempts exceeded for root from 218.92.0.157 port 7242 ssh2 [preauth] ... |
2019-12-17 01:38:40 |
| 37.59.114.113 | attack | Dec 16 19:19:58 pkdns2 sshd\[61615\]: Invalid user margo from 37.59.114.113Dec 16 19:20:00 pkdns2 sshd\[61615\]: Failed password for invalid user margo from 37.59.114.113 port 44938 ssh2Dec 16 19:22:53 pkdns2 sshd\[61809\]: Invalid user netapp from 37.59.114.113Dec 16 19:22:55 pkdns2 sshd\[61809\]: Failed password for invalid user netapp from 37.59.114.113 port 52900 ssh2Dec 16 19:25:52 pkdns2 sshd\[61981\]: Invalid user aliza from 37.59.114.113Dec 16 19:25:54 pkdns2 sshd\[61981\]: Failed password for invalid user aliza from 37.59.114.113 port 60864 ssh2 ... |
2019-12-17 01:36:55 |
| 40.92.9.49 | attack | Dec 16 20:28:05 debian-2gb-vpn-nbg1-1 kernel: [895653.959642] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.9.49 DST=78.46.192.101 LEN=48 TOS=0x00 PREC=0x00 TTL=104 ID=27542 DF PROTO=TCP SPT=26254 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0 |
2019-12-17 01:54:17 |
| 138.99.216.221 | attackbots | CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found |
2019-12-17 01:18:29 |
| 187.167.64.177 | attackspambots | MultiHost/MultiPort Probe, Scan, Hack - |
2019-12-17 01:40:43 |
| 103.87.25.201 | attackspambots | 2019-12-16T16:18:27.439146shield sshd\[28236\]: Invalid user netadmin from 103.87.25.201 port 46616 2019-12-16T16:18:27.443447shield sshd\[28236\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.87.25.201 2019-12-16T16:18:30.090713shield sshd\[28236\]: Failed password for invalid user netadmin from 103.87.25.201 port 46616 ssh2 2019-12-16T16:25:38.055042shield sshd\[29794\]: Invalid user vcsa from 103.87.25.201 port 43824 2019-12-16T16:25:38.059541shield sshd\[29794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.87.25.201 |
2019-12-17 01:56:38 |