City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.14.239.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9871
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.14.239.148. IN A
;; AUTHORITY SECTION:
. 2131 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019080301 1800 900 604800 86400
;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 04 11:52:33 CST 2019
;; MSG SIZE rcvd: 118Host 148.239.14.149.in-addr.arpa. not found: 3(NXDOMAIN)Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 148.239.14.149.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 80.244.179.6 | attackbots | Nov 15 02:36:05 plusreed sshd[17632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.244.179.6 user=root Nov 15 02:36:07 plusreed sshd[17632]: Failed password for root from 80.244.179.6 port 57778 ssh2 ... |
2019-11-15 15:49:13 |
| 106.13.115.197 | attackbotsspam | Nov 15 02:42:26 plusreed sshd[20252]: Invalid user segraves from 106.13.115.197 ... |
2019-11-15 16:20:57 |
| 64.213.148.59 | attackspam | Nov 15 07:58:30 meumeu sshd[22362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.213.148.59 Nov 15 07:58:32 meumeu sshd[22362]: Failed password for invalid user teamspeak from 64.213.148.59 port 42187 ssh2 Nov 15 08:02:54 meumeu sshd[23124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.213.148.59 ... |
2019-11-15 16:24:48 |
| 128.199.207.45 | attack | 2019-11-15T06:59:59.277117abusebot-8.cloudsearch.cf sshd\[12275\]: Invalid user scan from 128.199.207.45 port 52632 |
2019-11-15 16:05:42 |
| 106.13.48.201 | attackbots | Nov 15 07:24:35 OPSO sshd\[25321\]: Invalid user 1tianxia from 106.13.48.201 port 40950 Nov 15 07:24:35 OPSO sshd\[25321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.201 Nov 15 07:24:36 OPSO sshd\[25321\]: Failed password for invalid user 1tianxia from 106.13.48.201 port 40950 ssh2 Nov 15 07:29:23 OPSO sshd\[26075\]: Invalid user wallman from 106.13.48.201 port 46464 Nov 15 07:29:23 OPSO sshd\[26075\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.201 |
2019-11-15 15:47:07 |
| 192.228.100.249 | attack | 3 failed attempts at connecting to SSH. |
2019-11-15 15:45:32 |
| 106.54.94.95 | attackbotsspam | $f2bV_matches |
2019-11-15 16:03:03 |
| 213.138.73.250 | attackspam | Nov 15 06:58:27 thevastnessof sshd[11264]: Failed password for root from 213.138.73.250 port 39540 ssh2 ... |
2019-11-15 15:57:35 |
| 77.40.2.223 | attack | 11/15/2019-09:10:41.712844 77.40.2.223 Protocol: 6 SURICATA SMTP tls rejected |
2019-11-15 16:17:28 |
| 171.227.20.60 | attack | Nov 15 01:19:55 newdogma sshd[13546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.227.20.60 user=r.r Nov 15 01:19:57 newdogma sshd[13546]: Failed password for r.r from 171.227.20.60 port 20190 ssh2 Nov 15 01:19:58 newdogma sshd[13546]: Connection closed by 171.227.20.60 port 20190 [preauth] Nov 15 01:22:01 newdogma sshd[13585]: Invalid user admin from 171.227.20.60 port 36004 Nov 15 01:22:02 newdogma sshd[13585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.227.20.60 Nov 15 01:22:04 newdogma sshd[13585]: Failed password for invalid user admin from 171.227.20.60 port 36004 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=171.227.20.60 |
2019-11-15 15:46:38 |
| 123.31.43.173 | attack | www.geburtshaus-fulda.de 123.31.43.173 \[15/Nov/2019:07:28:29 +0100\] "POST /wp-login.php HTTP/1.1" 200 6383 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 123.31.43.173 \[15/Nov/2019:07:28:31 +0100\] "POST /wp-login.php HTTP/1.1" 200 6387 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 123.31.43.173 \[15/Nov/2019:07:28:32 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4107 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-11-15 16:14:55 |
| 31.145.1.90 | attackspambots | Nov 14 21:42:17 auw2 sshd\[8491\]: Invalid user pelletti from 31.145.1.90 Nov 14 21:42:17 auw2 sshd\[8491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.145.1.90 Nov 14 21:42:18 auw2 sshd\[8491\]: Failed password for invalid user pelletti from 31.145.1.90 port 48282 ssh2 Nov 14 21:46:57 auw2 sshd\[8899\]: Invalid user Kaino from 31.145.1.90 Nov 14 21:46:57 auw2 sshd\[8899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.145.1.90 |
2019-11-15 16:07:09 |
| 58.20.139.26 | attackspam | $f2bV_matches |
2019-11-15 15:58:49 |
| 115.231.218.110 | attack | 115.231.218.110 was recorded 5 times by 5 hosts attempting to connect to the following ports: 8080. Incident counter (4h, 24h, all-time): 5, 5, 6 |
2019-11-15 16:09:04 |
| 185.176.27.178 | attackspambots | Nov 15 08:30:18 mc1 kernel: \[5089287.731310\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=21573 PROTO=TCP SPT=43558 DPT=55378 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 08:30:49 mc1 kernel: \[5089319.088850\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=7908 PROTO=TCP SPT=43558 DPT=6051 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 08:32:03 mc1 kernel: \[5089393.019709\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=29084 PROTO=TCP SPT=43558 DPT=51364 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-11-15 15:59:47 |