City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.208.106.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65303
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;138.208.106.212. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022000 1800 900 604800 86400
;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 17:35:07 CST 2025
;; MSG SIZE rcvd: 108Host 212.106.208.138.in-addr.arpa not found: 2(SERVFAIL);; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 212.106.208.138.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 110.12.85.215 | attackbots | firewall-block, port(s): 1433/tcp |
2019-11-01 23:47:34 |
| 91.226.81.103 | attackbotsspam | Lines containing failures of 91.226.81.103 Nov 1 12:38:15 shared09 postfix/smtpd[1136]: connect from vm-6726517f.netangels.ru[91.226.81.103] Nov 1 12:38:15 shared09 policyd-spf[5822]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=91.226.81.103; helo=hikareras.com; envelope-from=x@x Nov x@x Nov 1 12:38:15 shared09 postfix/smtpd[1136]: disconnect from vm-6726517f.netangels.ru[91.226.81.103] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=91.226.81.103 |
2019-11-01 23:51:53 |
| 187.190.235.89 | attackbotsspam | Nov 1 14:04:45 localhost sshd\[3085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.190.235.89 user=root Nov 1 14:04:46 localhost sshd\[3085\]: Failed password for root from 187.190.235.89 port 43601 ssh2 Nov 1 14:09:11 localhost sshd\[3479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.190.235.89 user=root |
2019-11-01 23:15:46 |
| 41.141.250.244 | attackspambots | 2019-11-01T15:15:55.801931scmdmz1 sshd\[7394\]: Invalid user joaquim from 41.141.250.244 port 39472 2019-11-01T15:15:55.806260scmdmz1 sshd\[7394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.141.250.244 2019-11-01T15:15:57.801722scmdmz1 sshd\[7394\]: Failed password for invalid user joaquim from 41.141.250.244 port 39472 ssh2 ... |
2019-11-01 23:34:09 |
| 95.52.62.3 | attackbotsspam | Nov 1 12:32:19 h2421860 sshd[22040]: Invalid user pi from 95.52.62.3 Nov 1 12:32:19 h2421860 sshd[22040]: Connection closed by 95.52.62.3 [preauth] Nov 1 12:32:19 h2421860 sshd[22042]: Invalid user pi from 95.52.62.3 Nov 1 12:32:19 h2421860 sshd[22042]: Connection closed by 95.52.62.3 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=95.52.62.3 |
2019-11-01 23:38:49 |
| 106.12.3.189 | attack | Nov 1 14:41:16 localhost sshd\[6366\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.3.189 user=root Nov 1 14:41:18 localhost sshd\[6366\]: Failed password for root from 106.12.3.189 port 41742 ssh2 Nov 1 14:46:17 localhost sshd\[6796\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.3.189 user=root |
2019-11-01 23:40:00 |
| 5.39.82.197 | attack | Nov 1 21:03:03 webhost01 sshd[13517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.82.197 Nov 1 21:03:06 webhost01 sshd[13517]: Failed password for invalid user Rapido123 from 5.39.82.197 port 39224 ssh2 ... |
2019-11-01 23:22:10 |
| 211.254.179.221 | attackspam | 2019-11-01T15:32:13.265313scmdmz1 sshd\[8924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.254.179.221 user=root 2019-11-01T15:32:15.190285scmdmz1 sshd\[8924\]: Failed password for root from 211.254.179.221 port 39702 ssh2 2019-11-01T15:36:43.702088scmdmz1 sshd\[9280\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.254.179.221 user=root ... |
2019-11-01 23:10:16 |
| 113.162.166.95 | attackspam | Nov 1 12:40:36 mxgate1 postfix/postscreen[21803]: CONNECT from [113.162.166.95]:49317 to [176.31.12.44]:25 Nov 1 12:40:36 mxgate1 postfix/dnsblog[21805]: addr 113.162.166.95 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 1 12:40:36 mxgate1 postfix/dnsblog[21804]: addr 113.162.166.95 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 1 12:40:36 mxgate1 postfix/dnsblog[21804]: addr 113.162.166.95 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 1 12:40:36 mxgate1 postfix/dnsblog[21804]: addr 113.162.166.95 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 1 12:40:36 mxgate1 postfix/dnsblog[21808]: addr 113.162.166.95 listed by domain bl.spamcop.net as 127.0.0.2 Nov 1 12:40:36 mxgate1 postfix/dnsblog[21806]: addr 113.162.166.95 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 1 12:40:42 mxgate1 postfix/postscreen[21803]: DNSBL rank 5 for [113.162.166.95]:49317 Nov 1 12:40:43 mxgate1 postfix/tlsproxy[21771]: CONNECT from [113.162.166.95]:49317 Nov x@........ ------------------------------- |
2019-11-01 23:33:13 |
| 193.70.33.75 | attack | Nov 1 16:36:45 server sshd\[25402\]: Invalid user wyr from 193.70.33.75 Nov 1 16:36:45 server sshd\[25402\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3059199.ip-193-70-33.eu Nov 1 16:36:47 server sshd\[25402\]: Failed password for invalid user wyr from 193.70.33.75 port 60566 ssh2 Nov 1 16:43:36 server sshd\[26691\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3059199.ip-193-70-33.eu user=root Nov 1 16:43:38 server sshd\[26691\]: Failed password for root from 193.70.33.75 port 59980 ssh2 ... |
2019-11-01 23:20:57 |
| 200.105.215.18 | attackbotsspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/200.105.215.18/ BO - 1H : (2) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BO NAME ASN : ASN26210 IP : 200.105.215.18 CIDR : 200.105.215.0/24 PREFIX COUNT : 179 UNIQUE IP COUNT : 57344 ATTACKS DETECTED ASN26210 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-01 12:50:49 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery |
2019-11-01 23:12:16 |
| 143.208.137.209 | attackbotsspam | port scan and connect, tcp 1433 (ms-sql-s) |
2019-11-01 23:28:01 |
| 62.48.150.175 | attack | Nov 1 13:39:30 sd-53420 sshd\[9324\]: Invalid user guigui748!@ from 62.48.150.175 Nov 1 13:39:30 sd-53420 sshd\[9324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.48.150.175 Nov 1 13:39:32 sd-53420 sshd\[9324\]: Failed password for invalid user guigui748!@ from 62.48.150.175 port 39476 ssh2 Nov 1 13:43:55 sd-53420 sshd\[9643\]: Invalid user Alexis from 62.48.150.175 Nov 1 13:43:55 sd-53420 sshd\[9643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.48.150.175 ... |
2019-11-01 23:29:10 |
| 194.247.27.65 | attackspam | slow and persistent scanner |
2019-11-01 23:12:39 |
| 82.214.118.6 | attackbots | 82.214.118.6 - - \[01/Nov/2019:13:02:33 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 82.214.118.6 - - \[01/Nov/2019:13:02:34 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ... |
2019-11-01 23:24:06 |