City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.20.49.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27795
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;148.20.49.214. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012600 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 16:40:06 CST 2025
;; MSG SIZE rcvd: 106Host 214.49.20.148.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 214.49.20.148.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 82.65.23.62 | attackspambots | Jul 29 19:16:33 *hidden* sshd[41315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.65.23.62 user=root Jul 29 19:16:35 *hidden* sshd[41315]: Failed password for *hidden* from 82.65.23.62 port 56252 ssh2 Jul 29 19:20:40 *hidden* sshd[51043]: Invalid user debian from 82.65.23.62 port 42786 Jul 29 19:20:40 *hidden* sshd[51043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.65.23.62 Jul 29 19:20:43 *hidden* sshd[51043]: Failed password for invalid user debian from 82.65.23.62 port 42786 ssh2 |
2020-07-30 02:13:01 |
| 42.159.80.91 | attack | 2020-07-29T12:04:50.142160abusebot-8.cloudsearch.cf sshd[4057]: Invalid user liubaimin from 42.159.80.91 port 1344 2020-07-29T12:04:50.150448abusebot-8.cloudsearch.cf sshd[4057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.80.91 2020-07-29T12:04:50.142160abusebot-8.cloudsearch.cf sshd[4057]: Invalid user liubaimin from 42.159.80.91 port 1344 2020-07-29T12:04:52.072600abusebot-8.cloudsearch.cf sshd[4057]: Failed password for invalid user liubaimin from 42.159.80.91 port 1344 ssh2 2020-07-29T12:08:17.540214abusebot-8.cloudsearch.cf sshd[4061]: Invalid user searchpub from 42.159.80.91 port 1344 2020-07-29T12:08:17.547034abusebot-8.cloudsearch.cf sshd[4061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.80.91 2020-07-29T12:08:17.540214abusebot-8.cloudsearch.cf sshd[4061]: Invalid user searchpub from 42.159.80.91 port 1344 2020-07-29T12:08:19.885626abusebot-8.cloudsearch.cf sshd[4061]: Failed ... |
2020-07-30 02:07:06 |
| 193.112.93.94 | attackspam | Jul 29 12:07:54 localhost sshd\[18608\]: Invalid user wook from 193.112.93.94 port 34506 Jul 29 12:07:54 localhost sshd\[18608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.93.94 Jul 29 12:07:56 localhost sshd\[18608\]: Failed password for invalid user wook from 193.112.93.94 port 34506 ssh2 ... |
2020-07-30 02:22:52 |
| 200.194.32.135 | attackbotsspam | Automatic report - Port Scan Attack |
2020-07-30 01:52:22 |
| 210.57.208.9 | attackspambots | 210.57.208.9 - - \[29/Jul/2020:15:03:31 +0200\] "POST /wp-login.php HTTP/1.0" 200 7994 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 210.57.208.9 - - \[29/Jul/2020:15:03:35 +0200\] "POST /wp-login.php HTTP/1.0" 200 7994 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 210.57.208.9 - - \[29/Jul/2020:15:03:36 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 802 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-07-30 02:05:37 |
| 47.88.153.61 | attackspam | Jul 29 15:44:18 piServer sshd[25083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.88.153.61 Jul 29 15:44:20 piServer sshd[25083]: Failed password for invalid user torus from 47.88.153.61 port 57732 ssh2 Jul 29 15:50:06 piServer sshd[25612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.88.153.61 ... |
2020-07-30 02:03:13 |
| 89.22.180.208 | attackbotsspam | Jul 29 19:11:23 ns392434 sshd[23063]: Invalid user yongqin from 89.22.180.208 port 46508 Jul 29 19:11:23 ns392434 sshd[23063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.22.180.208 Jul 29 19:11:23 ns392434 sshd[23063]: Invalid user yongqin from 89.22.180.208 port 46508 Jul 29 19:11:25 ns392434 sshd[23063]: Failed password for invalid user yongqin from 89.22.180.208 port 46508 ssh2 Jul 29 19:21:59 ns392434 sshd[23263]: Invalid user janfaust from 89.22.180.208 port 48040 Jul 29 19:21:59 ns392434 sshd[23263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.22.180.208 Jul 29 19:21:59 ns392434 sshd[23263]: Invalid user janfaust from 89.22.180.208 port 48040 Jul 29 19:22:01 ns392434 sshd[23263]: Failed password for invalid user janfaust from 89.22.180.208 port 48040 ssh2 Jul 29 19:26:02 ns392434 sshd[23293]: Invalid user nisuser2 from 89.22.180.208 port 59058 |
2020-07-30 02:09:49 |
| 61.177.172.61 | attackbotsspam | Jul 30 03:36:56 localhost sshd[3278296]: Unable to negotiate with 61.177.172.61 port 11215: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ... |
2020-07-30 01:54:20 |
| 111.39.88.92 | attackbots | port scan and connect, tcp 1433 (ms-sql-s) |
2020-07-30 01:48:49 |
| 212.64.43.52 | attack | SSH Brute Force |
2020-07-30 02:10:05 |
| 128.199.33.116 | attackspam | Automatic Fail2ban report - Trying login SSH |
2020-07-30 02:17:35 |
| 152.136.119.164 | attack | Jul 29 20:34:13 ift sshd\[23879\]: Invalid user divyam from 152.136.119.164Jul 29 20:34:14 ift sshd\[23879\]: Failed password for invalid user divyam from 152.136.119.164 port 59036 ssh2Jul 29 20:37:05 ift sshd\[24420\]: Invalid user amrita from 152.136.119.164Jul 29 20:37:07 ift sshd\[24420\]: Failed password for invalid user amrita from 152.136.119.164 port 34012 ssh2Jul 29 20:40:02 ift sshd\[24841\]: Invalid user sujiafeng from 152.136.119.164 ... |
2020-07-30 01:48:26 |
| 94.102.49.159 | attackspam | Jul 29 20:14:15 debian-2gb-nbg1-2 kernel: \[18304949.492849\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.159 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=52713 PROTO=TCP SPT=55447 DPT=7547 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-07-30 02:18:01 |
| 210.94.89.94 | attackspambots | Jul 29 18:53:11 ns382633 sshd\[24903\]: Invalid user hdfs from 210.94.89.94 port 42604 Jul 29 18:53:11 ns382633 sshd\[24903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.94.89.94 Jul 29 18:53:13 ns382633 sshd\[24903\]: Failed password for invalid user hdfs from 210.94.89.94 port 42604 ssh2 Jul 29 18:54:44 ns382633 sshd\[25052\]: Invalid user sugon from 210.94.89.94 port 35762 Jul 29 18:54:44 ns382633 sshd\[25052\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.94.89.94 |
2020-07-30 02:16:55 |
| 178.32.218.192 | attack | 2020-07-29T13:22:03.646030shield sshd\[13719\]: Invalid user mpcheng from 178.32.218.192 port 47169 2020-07-29T13:22:03.651844shield sshd\[13719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3303787.ovh.net 2020-07-29T13:22:04.940777shield sshd\[13719\]: Failed password for invalid user mpcheng from 178.32.218.192 port 47169 ssh2 2020-07-29T13:25:48.118053shield sshd\[14394\]: Invalid user rjh from 178.32.218.192 port 52443 2020-07-29T13:25:48.124983shield sshd\[14394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3303787.ovh.net |
2020-07-30 01:56:45 |