City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.158.196.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57076
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;148.158.196.245. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020602 1800 900 604800 86400
;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 11:12:57 CST 2025
;; MSG SIZE rcvd: 108Host 245.196.158.148.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 245.196.158.148.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 14.18.189.68 | attackbotsspam | Automatic report - Banned IP Access |
2019-12-25 18:51:15 |
| 37.187.120.96 | attackbots | Dec 24 01:22:12 mailrelay sshd[13270]: Invalid user guest from 37.187.120.96 port 57230 Dec 24 01:22:12 mailrelay sshd[13270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.120.96 Dec 24 01:22:14 mailrelay sshd[13270]: Failed password for invalid user guest from 37.187.120.96 port 57230 ssh2 Dec 24 01:22:14 mailrelay sshd[13270]: Received disconnect from 37.187.120.96 port 57230:11: Bye Bye [preauth] Dec 24 01:22:14 mailrelay sshd[13270]: Disconnected from 37.187.120.96 port 57230 [preauth] Dec 24 01:25:39 mailrelay sshd[13346]: Invalid user esry from 37.187.120.96 port 50330 Dec 24 01:25:39 mailrelay sshd[13346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.120.96 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.187.120.96 |
2019-12-25 18:47:28 |
| 94.187.54.182 | attackspambots | Lines containing failures of 94.187.54.182 Dec 25 07:30:17 HOSTNAME sshd[7353]: Invalid user user from 94.187.54.182 port 56306 Dec 25 07:30:18 HOSTNAME sshd[7353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.187.54.182 Dec 25 07:30:19 HOSTNAME sshd[7353]: Failed password for invalid user user from 94.187.54.182 port 56306 ssh2 Dec 25 07:30:20 HOSTNAME sshd[7353]: Connection closed by 94.187.54.182 port 56306 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.187.54.182 |
2019-12-25 19:15:33 |
| 120.92.153.47 | attackbots | Unauthorized connection attempt from IP address 120.92.153.47 on Port 25(SMTP) |
2019-12-25 19:02:31 |
| 134.175.124.221 | attack | Dec 25 05:29:12 vps46666688 sshd[3282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.124.221 Dec 25 05:29:14 vps46666688 sshd[3282]: Failed password for invalid user heile from 134.175.124.221 port 53554 ssh2 ... |
2019-12-25 18:45:13 |
| 14.187.119.239 | attack | Dec 25 00:22:59 mailman postfix/smtpd[4137]: warning: unknown[14.187.119.239]: SASL PLAIN authentication failed: authentication failure |
2019-12-25 19:17:29 |
| 115.214.201.159 | attackbots | Scanning |
2019-12-25 18:52:20 |
| 46.101.94.240 | attack | Dec 25 12:20:44 vibhu-HP-Z238-Microtower-Workstation sshd\[19375\]: Invalid user demo from 46.101.94.240 Dec 25 12:20:44 vibhu-HP-Z238-Microtower-Workstation sshd\[19375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.94.240 Dec 25 12:20:46 vibhu-HP-Z238-Microtower-Workstation sshd\[19375\]: Failed password for invalid user demo from 46.101.94.240 port 35246 ssh2 Dec 25 12:23:37 vibhu-HP-Z238-Microtower-Workstation sshd\[19521\]: Invalid user user from 46.101.94.240 Dec 25 12:23:37 vibhu-HP-Z238-Microtower-Workstation sshd\[19521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.94.240 ... |
2019-12-25 18:55:58 |
| 111.193.24.48 | attackspam | FTP Brute Force |
2019-12-25 18:40:52 |
| 14.225.17.9 | attackbots | 2019-12-25T07:03:24.247663shield sshd\[29819\]: Invalid user rich123 from 14.225.17.9 port 60842 2019-12-25T07:03:24.254132shield sshd\[29819\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.225.17.9 2019-12-25T07:03:26.584144shield sshd\[29819\]: Failed password for invalid user rich123 from 14.225.17.9 port 60842 ssh2 2019-12-25T07:06:06.572621shield sshd\[30533\]: Invalid user pieper from 14.225.17.9 port 52022 2019-12-25T07:06:06.578080shield sshd\[30533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.225.17.9 |
2019-12-25 19:08:34 |
| 140.143.134.86 | attackbots | 2019-12-25 05:18:40,799 fail2ban.actions \[10658\]: NOTICE \[sshd\] Ban 140.143.134.86 2019-12-25 05:50:20,112 fail2ban.actions \[10658\]: NOTICE \[sshd\] Ban 140.143.134.86 2019-12-25 06:21:38,454 fail2ban.actions \[10658\]: NOTICE \[sshd\] Ban 140.143.134.86 2019-12-25 06:52:14,475 fail2ban.actions \[10658\]: NOTICE \[sshd\] Ban 140.143.134.86 2019-12-25 07:24:04,304 fail2ban.actions \[10658\]: NOTICE \[sshd\] Ban 140.143.134.86 ... |
2019-12-25 18:49:26 |
| 123.231.121.50 | attack | www.handydirektreparatur.de 123.231.121.50 [25/Dec/2019:07:24:28 +0100] "POST /wp-login.php HTTP/1.1" 200 6299 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 123.231.121.50 [25/Dec/2019:07:24:30 +0100] "POST /wp-login.php HTTP/1.1" 200 6259 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2019-12-25 18:40:34 |
| 101.206.1.254 | attackspambots | Scanning |
2019-12-25 19:01:25 |
| 180.95.184.67 | attackspam | Scanning |
2019-12-25 19:02:57 |
| 178.234.82.184 | attack | SSH Bruteforce |
2019-12-25 19:03:22 |