City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 161.241.75.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36515
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;161.241.75.85. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021500 1800 900 604800 86400
;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 15 14:39:18 CST 2025
;; MSG SIZE rcvd: 106Host 85.75.241.161.in-addr.arpa not found: 2(SERVFAIL)
server can't find 161.241.75.85.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 119.90.51.19 | attackspambots | Unauthorized connection attempt detected from IP address 119.90.51.19 to port 1433 |
2020-01-02 05:25:49 |
| 181.239.34.45 | attack | Jan 1 15:38:42 mxgate1 postfix/postscreen[29173]: CONNECT from [181.239.34.45]:26432 to [176.31.12.44]:25 Jan 1 15:38:42 mxgate1 postfix/dnsblog[29174]: addr 181.239.34.45 listed by domain cbl.abuseat.org as 127.0.0.2 Jan 1 15:38:42 mxgate1 postfix/dnsblog[29175]: addr 181.239.34.45 listed by domain zen.spamhaus.org as 127.0.0.4 Jan 1 15:38:42 mxgate1 postfix/dnsblog[29175]: addr 181.239.34.45 listed by domain zen.spamhaus.org as 127.0.0.11 Jan 1 15:38:43 mxgate1 postfix/dnsblog[29177]: addr 181.239.34.45 listed by domain b.barracudacentral.org as 127.0.0.2 Jan 1 15:38:48 mxgate1 postfix/postscreen[29173]: DNSBL rank 4 for [181.239.34.45]:26432 Jan x@x Jan 1 15:38:49 mxgate1 postfix/postscreen[29173]: HANGUP after 1.2 from [181.239.34.45]:26432 in tests after SMTP handshake Jan 1 15:38:49 mxgate1 postfix/postscreen[29173]: DISCONNECT [181.239.34.45]:26432 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=181.239.34.45 |
2020-01-02 05:56:59 |
| 218.92.0.179 | attackspam | Jan 1 22:23:49 minden010 sshd[9058]: Failed password for root from 218.92.0.179 port 28881 ssh2 Jan 1 22:23:52 minden010 sshd[9058]: Failed password for root from 218.92.0.179 port 28881 ssh2 Jan 1 22:24:03 minden010 sshd[9058]: error: maximum authentication attempts exceeded for root from 218.92.0.179 port 28881 ssh2 [preauth] ... |
2020-01-02 05:33:53 |
| 42.159.11.122 | attack | Jan 1 20:32:26 host sshd[11436]: Invalid user webadmin from 42.159.11.122 port 51897 ... |
2020-01-02 06:01:07 |
| 148.66.135.178 | attackbots | Jan 1 17:49:27 DAAP sshd[27952]: Invalid user wordpress from 148.66.135.178 port 47656 Jan 1 17:49:27 DAAP sshd[27952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.135.178 Jan 1 17:49:27 DAAP sshd[27952]: Invalid user wordpress from 148.66.135.178 port 47656 Jan 1 17:49:29 DAAP sshd[27952]: Failed password for invalid user wordpress from 148.66.135.178 port 47656 ssh2 Jan 1 17:51:42 DAAP sshd[28011]: Invalid user wwwadmin from 148.66.135.178 port 39764 ... |
2020-01-02 05:30:21 |
| 181.221.27.74 | attack | $f2bV_matches |
2020-01-02 05:50:52 |
| 85.140.63.21 | attack | Jan 1 17:10:11 ms-srv sshd[55901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.140.63.21 Jan 1 17:10:13 ms-srv sshd[55901]: Failed password for invalid user ghpkorea from 85.140.63.21 port 44619 ssh2 |
2020-01-02 06:02:33 |
| 218.92.0.191 | attack | Jan 1 22:31:22 dcd-gentoo sshd[8622]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Jan 1 22:31:24 dcd-gentoo sshd[8622]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Jan 1 22:31:22 dcd-gentoo sshd[8622]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Jan 1 22:31:24 dcd-gentoo sshd[8622]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Jan 1 22:31:22 dcd-gentoo sshd[8622]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Jan 1 22:31:24 dcd-gentoo sshd[8622]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Jan 1 22:31:24 dcd-gentoo sshd[8622]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 22507 ssh2 ... |
2020-01-02 05:32:02 |
| 36.72.218.175 | attackspam | 1577889786 - 01/01/2020 15:43:06 Host: 36.72.218.175/36.72.218.175 Port: 445 TCP Blocked |
2020-01-02 05:26:24 |
| 202.78.202.3 | attack | port scan and connect, tcp 1433 (ms-sql-s) |
2020-01-02 05:55:26 |
| 193.239.59.156 | attackbots | Invalid user kuhlmann from 193.239.59.156 port 10863 |
2020-01-02 05:35:00 |
| 185.56.80.40 | attackbots | 01/01/2020-15:49:49.325707 185.56.80.40 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-01-02 05:28:32 |
| 146.185.25.177 | attack | Jan 1 15:42:41 debian-2gb-nbg1-2 kernel: \[149093.404091\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=146.185.25.177 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54321 PROTO=TCP SPT=4786 DPT=4786 WINDOW=65535 RES=0x00 SYN URGP=0 |
2020-01-02 05:33:24 |
| 95.216.203.26 | attack | 2020-01-01 dovecot_login authenticator failed for static.26.203.216.95.clients.your-server.de \(USER\) \[95.216.203.26\]: 535 Incorrect authentication data \(set_id=info@miplounge.net\) 2020-01-01 dovecot_login authenticator failed for static.26.203.216.95.clients.your-server.de \(USER\) \[95.216.203.26\]: 535 Incorrect authentication data \(set_id=info@**REMOVED**.net\) 2020-01-01 dovecot_login authenticator failed for static.26.203.216.95.clients.your-server.de \(USER\) \[95.216.203.26\]: 535 Incorrect authentication data \(set_id=info@**REMOVED**\) |
2020-01-02 05:59:02 |
| 125.161.130.125 | attackspambots | Automatic report - Port Scan Attack |
2020-01-02 05:25:32 |