City: Friedrichshafen
Region: Baden-Württemberg
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.238.221.23
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18721
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;149.238.221.23. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021300 1800 900 604800 86400
;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 16:35:26 CST 2025
;; MSG SIZE rcvd: 107Host 23.221.238.149.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 23.221.238.149.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 46.40.76.12 | attack | Jul 11 15:55:07 rigel postfix/smtpd[17726]: connect from unknown[46.40.76.12] Jul 11 15:55:08 rigel postfix/smtpd[17726]: warning: unknown[46.40.76.12]: SASL CRAM-MD5 authentication failed: authentication failure Jul 11 15:55:08 rigel postfix/smtpd[17726]: warning: unknown[46.40.76.12]: SASL PLAIN authentication failed: authentication failure Jul 11 15:55:08 rigel postfix/smtpd[17726]: warning: unknown[46.40.76.12]: SASL LOGIN authentication failed: authentication failure ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=46.40.76.12 |
2019-07-12 06:34:01 |
| 45.227.253.213 | attack | Jul 11 19:44:43 smtp postfix/smtpd[95235]: warning: unknown[45.227.253.213]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 11 19:44:51 smtp postfix/smtpd[95235]: warning: unknown[45.227.253.213]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 11 22:31:19 smtp postfix/smtpd[66464]: warning: unknown[45.227.253.213]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 11 22:31:26 smtp postfix/smtpd[77948]: warning: unknown[45.227.253.213]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 00:08:37 smtp postfix/smtpd[25537]: warning: unknown[45.227.253.213]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2019-07-12 06:22:07 |
| 14.162.144.74 | attackbots | May 23 19:19:52 server sshd\[144977\]: Invalid user filip from 14.162.144.74 May 23 19:19:52 server sshd\[144977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.162.144.74 May 23 19:19:54 server sshd\[144977\]: Failed password for invalid user filip from 14.162.144.74 port 47695 ssh2 ... |
2019-07-12 06:20:03 |
| 139.59.41.154 | attackbots | Jun 29 03:33:50 server sshd\[101070\]: Invalid user minecraft from 139.59.41.154 Jun 29 03:33:50 server sshd\[101070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.154 Jun 29 03:33:52 server sshd\[101070\]: Failed password for invalid user minecraft from 139.59.41.154 port 58692 ssh2 ... |
2019-07-12 07:06:17 |
| 40.73.0.32 | attackbotsspam | Feb 26 22:31:15 mail sshd\[59360\]: Invalid user le from 40.73.0.32 Feb 26 22:31:15 mail sshd\[59360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.0.32 Feb 26 22:31:17 mail sshd\[59360\]: Failed password for invalid user le from 40.73.0.32 port 60257 ssh2 Feb 26 22:36:26 mail sshd\[59388\]: Invalid user gateway from 40.73.0.32 Feb 26 22:36:26 mail sshd\[59388\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.0.32 Feb 26 22:36:28 mail sshd\[59388\]: Failed password for invalid user gateway from 40.73.0.32 port 49036 ssh2 Feb 26 22:38:41 mail sshd\[59398\]: Invalid user pz from 40.73.0.32 Feb 26 22:38:41 mail sshd\[59398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.0.32 Feb 26 22:38:43 mail sshd\[59398\]: Failed password for invalid user pz from 40.73.0.32 port 17251 ssh2 Feb 26 22:41:02 mail sshd\[59474\]: Invalid user maven from 40.73.0.32 |
2019-07-12 06:57:29 |
| 103.11.69.75 | attackspambots | Unauthorized connection attempt from IP address 103.11.69.75 on Port 445(SMB) |
2019-07-12 06:53:49 |
| 37.106.182.230 | attack | Unauthorized connection attempt from IP address 37.106.182.230 on Port 445(SMB) |
2019-07-12 06:57:50 |
| 14.162.144.63 | attack | Jun 6 12:22:03 server sshd\[223211\]: Invalid user admin from 14.162.144.63 Jun 6 12:22:03 server sshd\[223211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.162.144.63 Jun 6 12:22:04 server sshd\[223211\]: Failed password for invalid user admin from 14.162.144.63 port 42488 ssh2 ... |
2019-07-12 06:20:26 |
| 139.59.42.211 | attack | Scanning random ports - tries to find possible vulnerable services |
2019-07-12 07:05:22 |
| 217.197.39.56 | attackspam | Jul 11 15:56:42 rigel postfix/smtpd[17235]: warning: hostname v1-56.vlcovice.net does not resolve to address 217.197.39.56: Name or service not known Jul 11 15:56:42 rigel postfix/smtpd[17235]: connect from unknown[217.197.39.56] Jul 11 15:56:42 rigel postfix/smtpd[17235]: warning: unknown[217.197.39.56]: SASL CRAM-MD5 authentication failed: authentication failure Jul 11 15:56:42 rigel postfix/smtpd[17235]: warning: unknown[217.197.39.56]: SASL PLAIN authentication failed: authentication failure Jul 11 15:56:43 rigel postfix/smtpd[17235]: warning: unknown[217.197.39.56]: SASL LOGIN authentication failed: authentication failure Jul 11 15:56:43 rigel postfix/smtpd[17235]: disconnect from unknown[217.197.39.56] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=217.197.39.56 |
2019-07-12 06:43:09 |
| 139.59.34.17 | attackbotsspam | Jul 12 01:03:15 srv-4 sshd\[3571\]: Invalid user kerrie from 139.59.34.17 Jul 12 01:03:15 srv-4 sshd\[3571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.34.17 Jul 12 01:03:18 srv-4 sshd\[3571\]: Failed password for invalid user kerrie from 139.59.34.17 port 58414 ssh2 ... |
2019-07-12 07:11:36 |
| 37.239.20.48 | attackspambots | Jul 11 15:57:24 rigel postfix/smtpd[17891]: connect from unknown[37.239.20.48] Jul 11 15:57:26 rigel postfix/smtpd[17891]: warning: unknown[37.239.20.48]: SASL CRAM-MD5 authentication failed: authentication failure Jul 11 15:57:26 rigel postfix/smtpd[17891]: warning: unknown[37.239.20.48]: SASL PLAIN authentication failed: authentication failure Jul 11 15:57:27 rigel postfix/smtpd[17891]: warning: unknown[37.239.20.48]: SASL LOGIN authentication failed: authentication failure Jul 11 15:57:28 rigel postfix/smtpd[17891]: disconnect from unknown[37.239.20.48] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.239.20.48 |
2019-07-12 06:46:31 |
| 14.161.253.2 | attack | Unauthorized connection attempt from IP address 14.161.253.2 on Port 445(SMB) |
2019-07-12 07:00:49 |
| 14.142.57.66 | attackspambots | May 10 05:18:44 server sshd\[40792\]: Invalid user chai from 14.142.57.66 May 10 05:18:44 server sshd\[40792\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.142.57.66 May 10 05:18:46 server sshd\[40792\]: Failed password for invalid user chai from 14.142.57.66 port 56310 ssh2 ... |
2019-07-12 06:22:38 |
| 206.189.129.131 | attack | Jul 12 01:17:34 server2 sshd\[6992\]: Invalid user fake from 206.189.129.131 Jul 12 01:17:35 server2 sshd\[6994\]: Invalid user ubnt from 206.189.129.131 Jul 12 01:17:37 server2 sshd\[6996\]: User root from 206.189.129.131 not allowed because not listed in AllowUsers Jul 12 01:17:38 server2 sshd\[6998\]: Invalid user admin from 206.189.129.131 Jul 12 01:17:39 server2 sshd\[7000\]: Invalid user user from 206.189.129.131 Jul 12 01:17:41 server2 sshd\[7002\]: Invalid user admin from 206.189.129.131 |
2019-07-12 06:21:26 |