City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.1.74.35
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29901
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;148.1.74.35. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022301 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 24 09:21:17 CST 2025
;; MSG SIZE rcvd: 104Host 35.74.1.148.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 35.74.1.148.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 95.56.232.146 | attackspam | Unauthorized connection attempt from IP address 95.56.232.146 on Port 445(SMB) |
2020-06-21 00:53:52 |
| 185.86.164.100 | attackbotsspam | CMS (WordPress or Joomla) login attempt. |
2020-06-21 00:26:52 |
| 212.70.149.82 | attackbots | Jun 20 18:21:30 relay postfix/smtpd\[16861\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 20 18:21:47 relay postfix/smtpd\[1230\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 20 18:22:01 relay postfix/smtpd\[22024\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 20 18:22:18 relay postfix/smtpd\[1215\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 20 18:22:31 relay postfix/smtpd\[16861\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-06-21 00:25:11 |
| 58.228.159.253 | attack | KR_MNT-KRNIC-AP_<177>1592665797 [1:2403380:58145] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2]: |
2020-06-21 00:52:48 |
| 162.12.210.74 | attackspam | Unauthorized connection attempt from IP address 162.12.210.74 on Port 445(SMB) |
2020-06-21 00:50:49 |
| 14.160.38.146 | attackspambots | 'IP reached maximum auth failures for a one day block' |
2020-06-21 00:19:18 |
| 180.76.236.65 | attackbots | 2020-06-20T15:12:02.074695shield sshd\[7145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.236.65 user=root 2020-06-20T15:12:04.894907shield sshd\[7145\]: Failed password for root from 180.76.236.65 port 57494 ssh2 2020-06-20T15:16:50.680930shield sshd\[7774\]: Invalid user yhy from 180.76.236.65 port 48680 2020-06-20T15:16:50.684954shield sshd\[7774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.236.65 2020-06-20T15:16:52.707363shield sshd\[7774\]: Failed password for invalid user yhy from 180.76.236.65 port 48680 ssh2 |
2020-06-21 00:18:04 |
| 218.100.84.50 | attackbotsspam | "fail2ban match" |
2020-06-21 00:14:51 |
| 41.170.84.122 | attackspambots | Jun 20 02:11:52 php1 sshd\[28737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.170.84.122 user=root Jun 20 02:11:53 php1 sshd\[28737\]: Failed password for root from 41.170.84.122 port 60626 ssh2 Jun 20 02:16:16 php1 sshd\[29101\]: Invalid user roy from 41.170.84.122 Jun 20 02:16:16 php1 sshd\[29101\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.170.84.122 Jun 20 02:16:18 php1 sshd\[29101\]: Failed password for invalid user roy from 41.170.84.122 port 32838 ssh2 |
2020-06-21 00:24:09 |
| 1.84.1.187 | attackspambots | Port probing on unauthorized port 23 |
2020-06-21 00:24:55 |
| 209.105.243.145 | attackbots | Jun 20 02:12:35 web1 sshd\[12483\]: Invalid user super from 209.105.243.145 Jun 20 02:12:35 web1 sshd\[12483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.105.243.145 Jun 20 02:12:37 web1 sshd\[12483\]: Failed password for invalid user super from 209.105.243.145 port 42814 ssh2 Jun 20 02:16:03 web1 sshd\[12788\]: Invalid user peuser from 209.105.243.145 Jun 20 02:16:03 web1 sshd\[12788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.105.243.145 |
2020-06-21 00:32:46 |
| 201.150.149.195 | attack | Automatic report - Port Scan Attack |
2020-06-21 00:58:29 |
| 134.209.208.159 | attackbots | Port scan: Attack repeated for 24 hours |
2020-06-21 00:54:32 |
| 117.2.240.66 | attack | Unauthorized connection attempt from IP address 117.2.240.66 on Port 445(SMB) |
2020-06-21 00:48:51 |
| 104.129.5.49 | attackbots | Jun 18 10:07:44 our-server-hostname sshd[22531]: Address 104.129.5.49 maps to 104.129.5.49.static.quadranet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 18 10:07:44 our-server-hostname sshd[22531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.5.49 user=r.r Jun 18 10:07:46 our-server-hostname sshd[22531]: Failed password for r.r from 104.129.5.49 port 56645 ssh2 Jun 18 10:24:08 our-server-hostname sshd[26662]: Address 104.129.5.49 maps to 104.129.5.49.static.quadranet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 18 10:24:08 our-server-hostname sshd[26662]: Invalid user hy from 104.129.5.49 Jun 18 10:24:08 our-server-hostname sshd[26662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.5.49 Jun 18 10:24:11 our-server-hostname sshd[26662]: Failed password for invalid user hy from 104.129.5.49 port 46546 s........ ------------------------------- |
2020-06-21 00:38:43 |