City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 135.2.158.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3929
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;135.2.158.53. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012300 1800 900 604800 86400
;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 15:32:37 CST 2025
;; MSG SIZE rcvd: 105Host 53.158.2.135.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 53.158.2.135.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 199.195.252.213 | attack | 'Fail2Ban' |
2019-06-23 13:04:09 |
| 174.126.222.32 | attackbotsspam | port scan and connect, tcp 8080 (http-proxy) |
2019-06-23 13:44:46 |
| 166.62.39.186 | attack | [munged]::443 166.62.39.186 - - [23/Jun/2019:06:01:40 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 166.62.39.186 - - [23/Jun/2019:06:01:43 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 166.62.39.186 - - [23/Jun/2019:06:01:46 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 166.62.39.186 - - [23/Jun/2019:06:01:49 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 166.62.39.186 - - [23/Jun/2019:06:01:52 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 166.62.39.186 - - [23/Jun/2019:06:01:55 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubun |
2019-06-23 13:27:57 |
| 196.52.43.58 | attackspam | 5984/tcp 8081/tcp 67/tcp... [2019-04-22/06-22]110pkt,54pt.(tcp),7pt.(udp),1tp.(icmp) |
2019-06-23 13:00:42 |
| 185.176.27.90 | attack | firewall-block, port(s): 35903/tcp, 54397/tcp, 54398/tcp |
2019-06-23 13:14:58 |
| 191.53.249.79 | attack | failed_logins |
2019-06-23 13:11:52 |
| 177.184.13.37 | attack | fail2ban honeypot |
2019-06-23 12:58:02 |
| 54.233.79.206 | attackbots | [munged]::443 54.233.79.206 - - [23/Jun/2019:05:10:45 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 54.233.79.206 - - [23/Jun/2019:05:11:27 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 54.233.79.206 - - [23/Jun/2019:05:12:04 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 54.233.79.206 - - [23/Jun/2019:05:12:41 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 54.233.79.206 - - [23/Jun/2019:05:13:24 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 54.233.79.206 - - [23/Jun/2019:05:14:06 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubun |
2019-06-23 12:55:20 |
| 185.127.18.238 | attack | proto=tcp . spt=59506 . dpt=3389 . src=185.127.18.238 . dst=xx.xx.4.1 . (listed on rbldns-ru) (33) |
2019-06-23 13:19:56 |
| 177.74.182.4 | attackbotsspam | $f2bV_matches |
2019-06-23 13:19:30 |
| 89.132.191.139 | attackbotsspam | SSH Brute Force |
2019-06-23 13:07:08 |
| 178.128.150.79 | attackbots | Jun 23 05:06:34 [host] sshd[18807]: Invalid user ddd from 178.128.150.79 Jun 23 05:06:34 [host] sshd[18807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.150.79 Jun 23 05:06:36 [host] sshd[18807]: Failed password for invalid user ddd from 178.128.150.79 port 57010 ssh2 |
2019-06-23 13:48:28 |
| 217.17.98.93 | attack | Autoban 217.17.98.93 AUTH/CONNECT |
2019-06-23 12:54:13 |
| 94.176.76.230 | attackspam | (Jun 23) LEN=40 TTL=244 ID=50068 DF TCP DPT=23 WINDOW=14600 SYN (Jun 23) LEN=40 TTL=244 ID=5027 DF TCP DPT=23 WINDOW=14600 SYN (Jun 23) LEN=40 TTL=244 ID=27829 DF TCP DPT=23 WINDOW=14600 SYN (Jun 22) LEN=40 TTL=244 ID=5358 DF TCP DPT=23 WINDOW=14600 SYN (Jun 22) LEN=40 TTL=244 ID=7561 DF TCP DPT=23 WINDOW=14600 SYN (Jun 22) LEN=40 TTL=244 ID=8651 DF TCP DPT=23 WINDOW=14600 SYN (Jun 22) LEN=40 TTL=244 ID=22480 DF TCP DPT=23 WINDOW=14600 SYN (Jun 22) LEN=40 TTL=244 ID=45239 DF TCP DPT=23 WINDOW=14600 SYN (Jun 22) LEN=40 TTL=244 ID=44605 DF TCP DPT=23 WINDOW=14600 SYN (Jun 22) LEN=40 TTL=244 ID=61580 DF TCP DPT=23 WINDOW=14600 SYN (Jun 22) LEN=40 TTL=244 ID=56463 DF TCP DPT=23 WINDOW=14600 SYN (Jun 21) LEN=40 TTL=244 ID=11269 DF TCP DPT=23 WINDOW=14600 SYN (Jun 21) LEN=40 TTL=244 ID=61785 DF TCP DPT=23 WINDOW=14600 SYN (Jun 21) LEN=40 TTL=244 ID=7175 DF TCP DPT=23 WINDOW=14600 SYN (Jun 21) LEN=40 TTL=244 ID=65298 DF TCP DPT=23 WINDOW=14600 SYN ... |
2019-06-23 12:56:24 |
| 138.204.133.57 | attack | 8080/tcp [2019-06-22]1pkt |
2019-06-23 13:21:05 |