City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.73.112.127
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9978
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;148.73.112.127. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021401 1800 900 604800 86400
;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 15 06:20:21 CST 2025
;; MSG SIZE rcvd: 107Host 127.112.73.148.in-addr.arpa not found: 2(SERVFAIL);; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 127.112.73.148.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.68.234.162 | attackbotsspam | 2020-02-11T23:28:10.2631261495-001 sshd[35480]: Invalid user ibanez from 138.68.234.162 port 50012 2020-02-11T23:28:10.2666121495-001 sshd[35480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.234.162 2020-02-11T23:28:10.2631261495-001 sshd[35480]: Invalid user ibanez from 138.68.234.162 port 50012 2020-02-11T23:28:12.1590821495-001 sshd[35480]: Failed password for invalid user ibanez from 138.68.234.162 port 50012 ssh2 2020-02-11T23:47:35.3677521495-001 sshd[36556]: Invalid user monopoly from 138.68.234.162 port 42410 2020-02-11T23:47:35.3715151495-001 sshd[36556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.234.162 2020-02-11T23:47:35.3677521495-001 sshd[36556]: Invalid user monopoly from 138.68.234.162 port 42410 2020-02-11T23:47:37.5300871495-001 sshd[36556]: Failed password for invalid user monopoly from 138.68.234.162 port 42410 ssh2 2020-02-11T23:49:50.5799261495-001 sshd[36701]: ... |
2020-02-12 13:48:57 |
| 67.218.96.149 | attackspam | ssh brute force |
2020-02-12 14:08:38 |
| 222.186.175.23 | attackbots | SSH login attempts |
2020-02-12 14:23:18 |
| 71.62.129.30 | attackspam | Feb 12 05:49:44 h1745522 sshd[18040]: Invalid user hdduser from 71.62.129.30 port 42072 Feb 12 05:49:44 h1745522 sshd[18040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.62.129.30 Feb 12 05:49:44 h1745522 sshd[18040]: Invalid user hdduser from 71.62.129.30 port 42072 Feb 12 05:49:46 h1745522 sshd[18040]: Failed password for invalid user hdduser from 71.62.129.30 port 42072 ssh2 Feb 12 05:53:47 h1745522 sshd[18100]: Invalid user usertest from 71.62.129.30 port 41238 Feb 12 05:53:47 h1745522 sshd[18100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.62.129.30 Feb 12 05:53:47 h1745522 sshd[18100]: Invalid user usertest from 71.62.129.30 port 41238 Feb 12 05:53:48 h1745522 sshd[18100]: Failed password for invalid user usertest from 71.62.129.30 port 41238 ssh2 Feb 12 05:57:47 h1745522 sshd[18267]: Invalid user user2 from 71.62.129.30 port 40396 ... |
2020-02-12 13:56:51 |
| 36.66.172.121 | attackbots | xmlrpc attack |
2020-02-12 14:10:39 |
| 164.132.145.22 | attackspambots | Brute force VPN server |
2020-02-12 15:05:01 |
| 64.225.24.239 | attack | Fail2Ban - SSH Bruteforce Attempt |
2020-02-12 14:25:59 |
| 110.78.146.69 | attackspambots | (sshd) Failed SSH login from 110.78.146.69 (TH/Thailand/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 12 04:57:46 andromeda sshd[21428]: Did not receive identification string from 110.78.146.69 port 64104 Feb 12 04:57:53 andromeda sshd[21436]: Invalid user avanthi from 110.78.146.69 port 64396 Feb 12 04:57:55 andromeda sshd[21436]: Failed password for invalid user avanthi from 110.78.146.69 port 64396 ssh2 |
2020-02-12 13:49:31 |
| 178.154.171.135 | attackspam | [Wed Feb 12 11:57:33.918154 2020] [:error] [pid 28215:tid 140538904831744] [client 178.154.171.135:35595] [client 178.154.171.135] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XkOFvf6AVtTKTbaYjADHbQAAAU0"] ... |
2020-02-12 14:06:38 |
| 222.186.15.166 | attackbots | Feb 12 11:15:20 areeb-Workstation sshd[3434]: Failed password for root from 222.186.15.166 port 52202 ssh2 Feb 12 11:15:23 areeb-Workstation sshd[3434]: Failed password for root from 222.186.15.166 port 52202 ssh2 ... |
2020-02-12 13:53:00 |
| 150.129.36.9 | attack | 5x Failed Password |
2020-02-12 13:48:44 |
| 189.82.109.202 | attackspambots | SS5,WP GET /wp-login.php |
2020-02-12 14:03:43 |
| 27.34.68.130 | attackbotsspam | Lines containing failures of 27.34.68.130 Feb 12 05:57:13 home sshd[4908]: Invalid user test from 27.34.68.130 port 37609 Feb 12 05:57:13 home sshd[4908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.34.68.130 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.34.68.130 |
2020-02-12 14:28:41 |
| 34.213.87.129 | attackbotsspam | 02/12/2020-06:44:37.903402 34.213.87.129 Protocol: 6 SURICATA TLS invalid record/traffic |
2020-02-12 13:57:36 |
| 34.84.101.187 | attackspam | Feb 12 06:44:04 silence02 sshd[6065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.84.101.187 Feb 12 06:44:05 silence02 sshd[6065]: Failed password for invalid user millers from 34.84.101.187 port 60090 ssh2 Feb 12 06:47:21 silence02 sshd[6314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.84.101.187 |
2020-02-12 14:13:36 |