City: unknown
Region: unknown
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.31.131.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23521
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;154.31.131.1. IN A
;; AUTHORITY SECTION:
. 586 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2024042000 1800 900 604800 86400
;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 20 22:31:17 CST 2024
;; MSG SIZE rcvd: 105Host 1.131.31.154.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 1.131.31.154.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 185.143.221.85 | attack | Unauthorized connection attempt detected from IP address 185.143.221.85 to port 3390 [T] |
2020-03-31 16:54:59 |
| 80.82.77.139 | attackbots | Unauthorized connection attempt detected from IP address 80.82.77.139 to port 37 |
2020-03-31 16:40:24 |
| 77.247.110.58 | attack | 03/31/2020-03:51:28.406382 77.247.110.58 Protocol: 17 ET SCAN Sipvicious Scan |
2020-03-31 17:05:32 |
| 118.70.113.1 | attackspam | " " |
2020-03-31 16:34:00 |
| 167.86.103.125 | attack | Mar 31 05:52:35 ns382633 sshd\[20943\]: Invalid user ogpbot from 167.86.103.125 port 39864 Mar 31 05:52:35 ns382633 sshd\[20943\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.86.103.125 Mar 31 05:52:35 ns382633 sshd\[20945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.86.103.125 user=root Mar 31 05:52:36 ns382633 sshd\[20947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.86.103.125 user=root Mar 31 05:52:36 ns382633 sshd\[20949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.86.103.125 user=root |
2020-03-31 17:16:44 |
| 185.175.93.78 | attackspambots | ET DROP Dshield Block Listed Source group 1 - port: 33569 proto: TCP cat: Misc Attack |
2020-03-31 16:53:09 |
| 185.175.93.37 | attackbots | 03/31/2020-03:19:54.041981 185.175.93.37 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2020-03-31 16:53:42 |
| 2601:589:4480:a5a0:7dd7:9a45:d088:7653 | attack | IP address logged by my Netflix account after the individual hacked into and locked me out of my account. Individual also changed my account settings to the most expensive plan, which allows multiple people (profiles) to watch, and several profiles were added. The name on my account was changed to "Juan". I contacted Netflix to have my account restored, so I was able to see the various IP addresses used. I will report all of them as well. |
2020-03-31 17:14:40 |
| 185.176.27.90 | attack | Mar 31 09:54:51 debian-2gb-nbg1-2 kernel: \[7900344.969146\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.90 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=23235 PROTO=TCP SPT=44329 DPT=3720 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-31 16:50:44 |
| 185.175.93.14 | attackbotsspam | Mar 31 10:01:33 debian-2gb-nbg1-2 kernel: \[7900747.312669\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.14 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=41322 PROTO=TCP SPT=52249 DPT=6516 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-31 16:54:09 |
| 94.102.52.57 | attackbotsspam | 03/31/2020-04:18:20.698053 94.102.52.57 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-03-31 16:36:27 |
| 51.38.213.132 | attack | ssh brute force |
2020-03-31 17:16:16 |
| 66.240.219.146 | attackbots | Unauthorized connection attempt detected from IP address 66.240.219.146 to port 8050 |
2020-03-31 16:44:37 |
| 89.159.142.235 | attack | $f2bV_matches |
2020-03-31 17:18:29 |
| 220.121.58.55 | attackbotsspam | (sshd) Failed SSH login from 220.121.58.55 (KR/South Korea/-): 5 in the last 3600 secs |
2020-03-31 16:48:31 |