City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.252.198.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35585
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;142.252.198.234. IN A
;; AUTHORITY SECTION:
. 255 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400
;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 15:07:01 CST 2022
;; MSG SIZE rcvd: 108Host 234.198.252.142.in-addr.arpa not found: 2(SERVFAIL)
server can't find 142.252.198.234.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 197.220.163.230 | attackspambots | 01/01/2020-09:31:37.675605 197.220.163.230 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433 |
2020-01-01 17:25:43 |
| 218.92.0.195 | attackbots | Jan 1 07:24:52 dcd-gentoo sshd[14475]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Jan 1 07:24:56 dcd-gentoo sshd[14475]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Jan 1 07:24:52 dcd-gentoo sshd[14475]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Jan 1 07:24:56 dcd-gentoo sshd[14475]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Jan 1 07:24:52 dcd-gentoo sshd[14475]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Jan 1 07:24:56 dcd-gentoo sshd[14475]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Jan 1 07:24:56 dcd-gentoo sshd[14475]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.195 port 62926 ssh2 ... |
2020-01-01 17:40:34 |
| 148.70.77.22 | attackbots | Jan 1 07:25:13 * sshd[8374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.22 Jan 1 07:25:16 * sshd[8374]: Failed password for invalid user winther from 148.70.77.22 port 44714 ssh2 |
2020-01-01 17:23:39 |
| 149.56.46.220 | attackbots | Jan 1 10:36:11 localhost sshd\[27506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.46.220 user=root Jan 1 10:36:13 localhost sshd\[27506\]: Failed password for root from 149.56.46.220 port 45968 ssh2 Jan 1 10:39:17 localhost sshd\[29807\]: Invalid user google from 149.56.46.220 port 51378 Jan 1 10:39:17 localhost sshd\[29807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.46.220 |
2020-01-01 17:53:32 |
| 14.241.224.190 | attackspambots | 14.241.224.190 - - [01/Jan/2020:07:25:10 +0100] "GET /awstats.pl?framename=mainright&output=refererpages HTTP/1.0" 404 280 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.80 Safari/537.36 Core/1.47.516.400 QQBrowser/9.4.8186.400" |
2020-01-01 17:29:15 |
| 185.193.86.195 | attack | Chat Spam |
2020-01-01 17:25:09 |
| 111.229.28.34 | attackbotsspam | Dec 27 18:46:17 h1637304 sshd[16758]: Connection closed by 111.229.28.34 [preauth] Dec 30 01:08:18 h1637304 sshd[7815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.28.34 Dec 30 01:08:20 h1637304 sshd[7815]: Failed password for invalid user admin from 111.229.28.34 port 38246 ssh2 Dec 30 01:08:20 h1637304 sshd[7815]: Received disconnect from 111.229.28.34: 11: Bye Bye [preauth] Dec 30 01:25:38 h1637304 sshd[23600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.28.34 Dec 30 01:25:40 h1637304 sshd[23600]: Failed password for invalid user majernik from 111.229.28.34 port 52480 ssh2 Dec 30 01:25:40 h1637304 sshd[23600]: Received disconnect from 111.229.28.34: 11: Bye Bye [preauth] Dec 30 01:28:36 h1637304 sshd[26376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.28.34 Dec 30 01:28:39 h1637304 sshd[26376]: Failed password ........ ------------------------------- |
2020-01-01 17:55:53 |
| 222.186.175.220 | attackbots | 2020-01-01T09:45:33.411037hub.schaetter.us sshd\[1145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root 2020-01-01T09:45:35.204464hub.schaetter.us sshd\[1145\]: Failed password for root from 222.186.175.220 port 3662 ssh2 2020-01-01T09:45:38.602939hub.schaetter.us sshd\[1145\]: Failed password for root from 222.186.175.220 port 3662 ssh2 2020-01-01T09:45:41.414167hub.schaetter.us sshd\[1145\]: Failed password for root from 222.186.175.220 port 3662 ssh2 2020-01-01T09:45:52.937506hub.schaetter.us sshd\[1150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root ... |
2020-01-01 17:47:09 |
| 46.5.124.100 | attack | Lines containing failures of 46.5.124.100 Dec 31 13:09:23 shared02 sshd[25350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.5.124.100 user=r.r Dec 31 13:09:25 shared02 sshd[25350]: Failed password for r.r from 46.5.124.100 port 43992 ssh2 Dec 31 13:09:25 shared02 sshd[25350]: Received disconnect from 46.5.124.100 port 43992:11: Bye Bye [preauth] Dec 31 13:09:25 shared02 sshd[25350]: Disconnected from authenticating user r.r 46.5.124.100 port 43992 [preauth] Dec 31 13:49:45 shared02 sshd[1652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.5.124.100 user=r.r Dec 31 13:49:47 shared02 sshd[1652]: Failed password for r.r from 46.5.124.100 port 35448 ssh2 Dec 31 13:49:47 shared02 sshd[1652]: Received disconnect from 46.5.124.100 port 35448:11: Bye Bye [preauth] Dec 31 13:49:47 shared02 sshd[1652]: Disconnected from authenticating user r.r 46.5.124.100 port 35448 [preauth] Dec 31 14:1........ ------------------------------ |
2020-01-01 17:50:20 |
| 60.208.162.82 | attackbots | port scan and connect, tcp 1433 (ms-sql-s) |
2020-01-01 17:44:53 |
| 27.211.249.202 | attack | Jan 1 07:06:30 km20725 sshd[32376]: Invalid user pi from 27.211.249.202 Jan 1 07:06:30 km20725 sshd[32376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.211.249.202 Jan 1 07:06:31 km20725 sshd[32378]: Invalid user pi from 27.211.249.202 Jan 1 07:06:31 km20725 sshd[32378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.211.249.202 Jan 1 07:06:33 km20725 sshd[32378]: Failed password for invalid user pi from 27.211.249.202 port 34704 ssh2 Jan 1 07:06:33 km20725 sshd[32376]: Failed password for invalid user pi from 27.211.249.202 port 34702 ssh2 Jan 1 07:06:33 km20725 sshd[32378]: Connection closed by 27.211.249.202 [preauth] Jan 1 07:06:33 km20725 sshd[32376]: Connection closed by 27.211.249.202 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.211.249.202 |
2020-01-01 17:47:46 |
| 190.123.210.228 | attackspam | Automatic report - Banned IP Access |
2020-01-01 17:42:47 |
| 51.161.12.231 | attackbots | 01/01/2020-04:14:30.831266 51.161.12.231 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-01-01 17:20:52 |
| 218.92.0.199 | attack | Jan 1 07:39:18 amit sshd\[7271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.199 user=root Jan 1 07:39:20 amit sshd\[7271\]: Failed password for root from 218.92.0.199 port 29550 ssh2 Jan 1 07:40:52 amit sshd\[7273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.199 user=root ... |
2020-01-01 17:20:23 |
| 5.135.181.53 | attackbotsspam | $f2bV_matches |
2020-01-01 17:46:07 |