City: unknown
Region: unknown
Country: Singapore
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.66.138.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36748
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;148.66.138.109. IN A
;; AUTHORITY SECTION:
. 512 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400
;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:43:33 CST 2022
;; MSG SIZE rcvd: 107Host 109.138.66.148.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 109.138.66.148.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 35.232.185.125 | attack | Invalid user ubuntu from 35.232.185.125 port 38832 |
2020-07-01 06:13:31 |
| 112.85.42.194 | attacknormal | pfTop: Up State 1-11/11, View: default, Order: none, Cache: 10000 01:25:59 PR DIR SRC DEST STATE AGE EXP PKTS BYTES udp Out 192.168.0.77:42244 162.159.200.1:123 MULTIPLE:MULTIPLE 04:14:38 00:00:56 964 73264 udp Out 192.168.0.77:29349 162.159.200.1:123 MULTIPLE:MULTIPLE 04:14:38 00:00:40 966 73416 udp Out 192.168.0.77:25019 162.159.200.123:123 MULTIPLE:MULTIPLE 04:14:38 00:00:55 964 73264 tcp In 192.168.0.55:56807 192.168.0.77:22 ESTABLISHED:ESTABLISHED 04:11:45 23:48:41 76 21340 tcp In 192.168.0.55:56934 192.168.0.77:22 ESTABLISHED:ESTABLISHED 03:58:27 23:59:55 7747 1393025 tcp In 192.168.0.55:52547 192.168.0.77:22 ESTABLISHED:ESTABLISHED 03:09:45 23:50:38 4306 643001 tcp In 192.168.0.55:52890 192.168.0.77:22 ESTABLISHED:ESTABLISHED 02:43:08 23:57:38 4616 537897 udp Out 192.168.0.77:5188 84.2.44.19:123 MULTIPLE:MULTIPLE 02:14:24 00:00:39 514 39064 udp Out 192.168.0.77:11516 193.25.222.240:123 MULTIPLE:MULTIPLE 00:10:01 00:00:38 38 2888 tcp In 112.85.42.194:54932 192.168.0.77:22 FIN_WAIT_2:FIN_WAIT_2 00:01:24 00:00:10 30 4880 tcp In 112.85.42.194:36209 192.168.0.77:22 TIME_WAIT:TIME_WAIT 00:00:21 00:01:14 30 4868 |
2020-07-01 06:28:33 |
| 122.176.40.9 | attack | Jun 30 16:25:52 ip-172-31-62-245 sshd\[11396\]: Invalid user openerp from 122.176.40.9\ Jun 30 16:25:54 ip-172-31-62-245 sshd\[11396\]: Failed password for invalid user openerp from 122.176.40.9 port 51022 ssh2\ Jun 30 16:29:57 ip-172-31-62-245 sshd\[11403\]: Invalid user martyn from 122.176.40.9\ Jun 30 16:29:59 ip-172-31-62-245 sshd\[11403\]: Failed password for invalid user martyn from 122.176.40.9 port 50440 ssh2\ Jun 30 16:33:57 ip-172-31-62-245 sshd\[11413\]: Invalid user gp from 122.176.40.9\ |
2020-07-01 06:14:53 |
| 106.13.9.153 | attack | Jun 29 18:17:04 mx sshd[26148]: Failed password for root from 106.13.9.153 port 48856 ssh2 Jun 29 18:45:17 mx sshd[13242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.9.153 |
2020-07-01 06:03:43 |
| 165.22.206.182 | attackspam | Fail2Ban Ban Triggered |
2020-07-01 06:12:28 |
| 89.203.160.81 | attack | 89.203.160.81 - - [30/Jun/2020:17:10:15 +0100] "POST /xmlrpc.php HTTP/1.1" 200 229 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 89.203.160.81 - - [30/Jun/2020:17:10:18 +0100] "POST /xmlrpc.php HTTP/1.1" 200 229 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 89.203.160.81 - - [30/Jun/2020:17:10:21 +0100] "POST /xmlrpc.php HTTP/1.1" 200 229 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" ... |
2020-07-01 05:52:18 |
| 109.107.184.11 | attackbotsspam | DATE:2020-06-30 01:06:19, IP:109.107.184.11, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2020-07-01 05:37:49 |
| 152.231.108.170 | attackspambots | Invalid user jrodriguez from 152.231.108.170 port 36549 |
2020-07-01 05:36:42 |
| 192.35.169.43 | attack |
|
2020-07-01 06:20:08 |
| 187.16.108.154 | attackspambots | Multiple SSH authentication failures from 187.16.108.154 |
2020-07-01 06:19:01 |
| 139.99.238.48 | attackspambots | Multiple SSH authentication failures from 139.99.238.48 |
2020-07-01 05:50:10 |
| 167.172.98.86 | attackbots | SSH bruteforce |
2020-07-01 05:33:05 |
| 208.68.39.220 | attackbotsspam | Jun 30 15:17:07 *** sshd[24255]: Invalid user elena from 208.68.39.220 |
2020-07-01 05:32:29 |
| 193.33.240.91 | attack | Invalid user watanabe from 193.33.240.91 port 42494 |
2020-07-01 06:02:14 |
| 51.68.198.75 | attackspambots | Invalid user tomcat from 51.68.198.75 port 39990 |
2020-07-01 05:34:43 |