City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 153.45.19.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49505
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;153.45.19.69. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025013100 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 01 01:23:27 CST 2025
;; MSG SIZE rcvd: 105Host 69.19.45.153.in-addr.arpa not found: 2(SERVFAIL)
;; Got SERVFAIL reply from 183.60.82.98, trying next server
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 69.19.45.153.in-addr.arpa: SERVFAIL
| IP | Type | Details | Datetime |
|---|---|---|---|
| 123.207.145.66 | attack | 123.207.145.66 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 5 04:02:33 server2 sshd[25196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.253.133 user=root Oct 5 04:02:35 server2 sshd[25196]: Failed password for root from 172.81.253.133 port 41854 ssh2 Oct 5 04:03:00 server2 sshd[25554]: Failed password for root from 49.135.43.11 port 58740 ssh2 Oct 5 04:03:07 server2 sshd[25822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.145.66 user=root Oct 5 04:03:08 server2 sshd[25876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.31.107.34 user=root IP Addresses Blocked: 172.81.253.133 (CN/China/-) 49.135.43.11 (JP/Japan/-) |
2020-10-05 17:25:15 |
| 86.104.101.42 | attack | Listed on zen-spamhaus also barracudaCentral / proto=6 . srcport=9907 . dstport=445 SMB . (3515) |
2020-10-05 17:13:20 |
| 200.37.35.228 | attackspam | Multiple SSH authentication failures from 200.37.35.228 |
2020-10-05 17:46:42 |
| 49.235.75.158 | attackbots | Oct 4 23:33:59 ift sshd\[40463\]: Failed password for root from 49.235.75.158 port 43382 ssh2Oct 4 23:34:48 ift sshd\[40599\]: Failed password for root from 49.235.75.158 port 51604 ssh2Oct 4 23:35:37 ift sshd\[40935\]: Failed password for root from 49.235.75.158 port 59828 ssh2Oct 4 23:36:23 ift sshd\[41041\]: Failed password for root from 49.235.75.158 port 39818 ssh2Oct 4 23:37:10 ift sshd\[41208\]: Failed password for root from 49.235.75.158 port 48036 ssh2 ... |
2020-10-05 17:01:01 |
| 2a03:b0c0:3:e0::33c:b001 | attackbots | 2a03:b0c0:3:e0::33c:b001 - - [04/Oct/2020:21:36:51 +0100] "POST /wp-login.php HTTP/1.1" 200 2863 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 2a03:b0c0:3:e0::33c:b001 - - [04/Oct/2020:21:36:51 +0100] "POST /wp-login.php HTTP/1.1" 200 2844 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 2a03:b0c0:3:e0::33c:b001 - - [04/Oct/2020:21:37:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2844 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-10-05 17:07:33 |
| 218.92.0.158 | attackbots | Oct 5 11:10:03 marvibiene sshd[8603]: Failed password for root from 218.92.0.158 port 41667 ssh2 Oct 5 11:10:08 marvibiene sshd[8603]: Failed password for root from 218.92.0.158 port 41667 ssh2 |
2020-10-05 17:24:55 |
| 183.250.89.179 | attack | Found on CINS badguys / proto=6 . srcport=46088 . dstport=26984 . (781) |
2020-10-05 17:48:12 |
| 138.219.100.78 | attack | DATE:2020-10-05 09:06:04, IP:138.219.100.78, PORT:ssh SSH brute force auth (docker-dc) |
2020-10-05 17:02:37 |
| 104.248.112.159 | attackspam | 104.248.112.159 - - [05/Oct/2020:05:52:24 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2417 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.112.159 - - [05/Oct/2020:05:52:26 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2420 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.112.159 - - [05/Oct/2020:05:52:31 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-10-05 17:37:35 |
| 189.3.229.198 | attackspambots | Listed on zen-spamhaus also abuseat.org / proto=6 . srcport=58112 . dstport=445 SMB . (3509) |
2020-10-05 17:44:33 |
| 145.239.29.217 | attack | Attempt to hack Wordpress Login, XMLRPC or other login |
2020-10-05 17:49:52 |
| 35.192.99.43 | attackbotsspam | Oct 5 06:23:33 cdc sshd[3580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.192.99.43 user=root Oct 5 06:23:35 cdc sshd[3580]: Failed password for invalid user root from 35.192.99.43 port 57686 ssh2 |
2020-10-05 17:31:44 |
| 119.254.155.39 | attackbots | Oct 5 07:01:43 lnxmail61 postfix/smtp/smtpd[27438]: lost connection after CONNECT from unknown[119.254.155.39] Oct 5 07:01:55 lnxmail61 postfix/smtp/smtpd[27504]: warning: unknown[119.254.155.39]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 5 07:01:55 lnxmail61 postfix/smtp/smtpd[27504]: warning: unknown[119.254.155.39]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-10-05 17:51:13 |
| 122.155.202.93 | attackspam | Oct 5 11:04:27 marvibiene sshd[8792]: Failed password for root from 122.155.202.93 port 40346 ssh2 Oct 5 11:08:16 marvibiene sshd[8963]: Failed password for root from 122.155.202.93 port 34790 ssh2 |
2020-10-05 17:41:57 |
| 82.44.77.7 | attack | Port scan on 1 port(s): 22 |
2020-10-05 17:51:48 |