City: unknown
Region: unknown
Country: Republic of China (ROC)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.121.154.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8731
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;140.121.154.160. IN A
;; AUTHORITY SECTION:
. 111 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022010700 1800 900 604800 86400
;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 07 17:45:10 CST 2022
;; MSG SIZE rcvd: 108Host 160.154.121.140.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 160.154.121.140.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 49.66.21.197 | attack | 1433/tcp [2019-06-26]1pkt |
2019-06-26 20:02:41 |
| 74.82.47.3 | attack | RDP brute force attack detected by fail2ban |
2019-06-26 19:54:22 |
| 124.156.240.114 | attack | Scanning and Vuln Attempts |
2019-06-26 19:40:55 |
| 213.32.63.123 | attackbots | 213.32.63.123 - - \[26/Jun/2019:12:22:07 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.32.63.123 - - \[26/Jun/2019:12:22:07 +0200\] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.32.63.123 - - \[26/Jun/2019:12:22:07 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.32.63.123 - - \[26/Jun/2019:12:22:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.32.63.123 - - \[26/Jun/2019:12:22:08 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.32.63.123 - - \[26/Jun/2019:12:22:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) |
2019-06-26 19:45:37 |
| 204.61.221.66 | attackspambots | 445/tcp [2019-06-26]1pkt |
2019-06-26 20:00:20 |
| 37.139.13.105 | attackbotsspam | $f2bV_matches |
2019-06-26 19:34:43 |
| 39.50.230.39 | attack | Unauthorized connection attempt from IP address 39.50.230.39 on Port 445(SMB) |
2019-06-26 19:53:09 |
| 139.59.69.106 | attackbots | Automatic report generated by Wazuh |
2019-06-26 19:32:03 |
| 193.56.29.129 | attackspam | [SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(06261032) |
2019-06-26 20:07:04 |
| 191.53.253.107 | attack | SMTP-sasl brute force ... |
2019-06-26 19:57:42 |
| 119.86.31.212 | attackspam | Scanning and Vuln Attempts |
2019-06-26 19:57:02 |
| 46.101.242.117 | attack | Jun 26 13:01:17 vpn01 sshd\[13432\]: Invalid user matilda from 46.101.242.117 Jun 26 13:01:17 vpn01 sshd\[13432\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.242.117 Jun 26 13:01:19 vpn01 sshd\[13432\]: Failed password for invalid user matilda from 46.101.242.117 port 48230 ssh2 |
2019-06-26 19:35:55 |
| 154.218.1.165 | attack | 154.218.1.165 - - [25/Jun/2019:23:43:37 -0400] "POST /%75%73%65%72%2e%70%68%70 HTTP/1.1" 301 237 "554fcae493e564ee0dc75bdf2ebf94caads|a:3:{s:2:"id";s:3:"'/*";s:3:"num";s:141:"*/ union select 1,0x272F2A,3,4,5,6,7,8,0x7b247b24524345275d3b6469652f2a2a2f286d6435284449524543544f52595f534550415241544f5229293b2f2f7d7d,0--";s:4:"name";s:3:"ads";}554fcae493e564ee0dc75bdf2ebf94ca" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:45.0) Gecko/20100101 Firefox/45.0"
... |
2019-06-26 19:38:19 |
| 35.239.74.123 | attackspam | RDP Brute-Force (Grieskirchen RZ2) |
2019-06-26 19:50:34 |
| 222.139.86.161 | attackspambots | 8000/udp [2019-06-26]1pkt |
2019-06-26 19:54:00 |