City: Frankfurt am Main
Region: Hessen
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 164.92.237.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13484
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;164.92.237.201. IN A
;; AUTHORITY SECTION:
. 399 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022102300 1800 900 604800 86400
;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 24 00:36:44 CST 2022
;; MSG SIZE rcvd: 107Host 201.237.92.164.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 201.237.92.164.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 203.81.88.226 | attack | SMB Server BruteForce Attack |
2020-08-07 13:47:56 |
| 156.96.46.226 | attackspam | 2020-08-07T07:22:32.289187+02:00 lumpi kernel: [22067347.779571] INPUT:DROP:SPAMHAUS_DROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=156.96.46.226 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=15083 PROTO=TCP SPT=50910 DPT=19889 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2020-08-07 13:29:04 |
| 39.59.45.122 | attack | IP 39.59.45.122 attacked honeypot on port: 8080 at 8/6/2020 8:56:45 PM |
2020-08-07 13:23:34 |
| 159.89.170.154 | attack | Aug 6 18:52:56 tdfoods sshd\[6243\]: Invalid user db2fenc1 from 159.89.170.154 Aug 6 18:52:56 tdfoods sshd\[6243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.170.154 Aug 6 18:52:58 tdfoods sshd\[6243\]: Failed password for invalid user db2fenc1 from 159.89.170.154 port 36158 ssh2 Aug 6 18:53:49 tdfoods sshd\[6300\]: Invalid user 62716849 from 159.89.170.154 Aug 6 18:53:49 tdfoods sshd\[6300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.170.154 |
2020-08-07 13:27:00 |
| 171.244.38.118 | attack | Port scan on 11 port(s): 4820 4823 4831 4836 4849 4896 4924 4941 4973 4993 4998 |
2020-08-07 13:49:11 |
| 106.54.200.209 | attackspambots | 2020-08-07T06:48:40.733209amanda2.illicoweb.com sshd\[14950\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root 2020-08-07T06:48:43.240233amanda2.illicoweb.com sshd\[14950\]: Failed password for root from 106.54.200.209 port 37102 ssh2 2020-08-07T06:50:50.529270amanda2.illicoweb.com sshd\[15299\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root 2020-08-07T06:50:52.213627amanda2.illicoweb.com sshd\[15299\]: Failed password for root from 106.54.200.209 port 48860 ssh2 2020-08-07T06:52:58.556961amanda2.illicoweb.com sshd\[15814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root ... |
2020-08-07 14:11:50 |
| 193.27.229.3 | attackbots | Aug 7 07:01:02 debian-2gb-nbg1-2 kernel: \[19034914.687889\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.27.229.3 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO=TCP SPT=33100 DPT=222 WINDOW=65535 RES=0x00 SYN URGP=0 Aug 7 07:01:02 debian-2gb-nbg1-2 kernel: \[19034914.699044\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.27.229.3 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=33099 DPT=222 WINDOW=65535 RES=0x00 SYN URGP=0 Aug 7 07:01:02 debian-2gb-nbg1-2 kernel: \[19034914.708037\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.27.229.3 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=33101 DPT=222 WINDOW=65535 RES=0x00 SYN URGP=0 |
2020-08-07 13:27:17 |
| 222.186.180.6 | attackspam | Aug 7 02:51:55 firewall sshd[6523]: Failed password for root from 222.186.180.6 port 38758 ssh2 Aug 7 02:51:58 firewall sshd[6523]: Failed password for root from 222.186.180.6 port 38758 ssh2 Aug 7 02:52:01 firewall sshd[6523]: Failed password for root from 222.186.180.6 port 38758 ssh2 ... |
2020-08-07 13:57:57 |
| 182.207.182.156 | attack | 20 attempts against mh-ssh on float |
2020-08-07 14:07:19 |
| 139.59.32.156 | attackspam | k+ssh-bruteforce |
2020-08-07 13:48:15 |
| 119.45.55.249 | attack | Bruteforce detected by fail2ban |
2020-08-07 13:53:27 |
| 128.199.52.45 | attackbots | Aug 7 05:49:30 web-main sshd[795412]: Failed password for root from 128.199.52.45 port 50434 ssh2 Aug 7 05:56:32 web-main sshd[795441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root Aug 7 05:56:34 web-main sshd[795441]: Failed password for root from 128.199.52.45 port 33618 ssh2 |
2020-08-07 13:59:23 |
| 164.132.44.25 | attack | Aug 7 02:01:44 firewall sshd[5045]: Failed password for root from 164.132.44.25 port 50178 ssh2 Aug 7 02:05:51 firewall sshd[5184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.44.25 user=root Aug 7 02:05:53 firewall sshd[5184]: Failed password for root from 164.132.44.25 port 33106 ssh2 ... |
2020-08-07 13:53:01 |
| 34.91.145.211 | attackspam | xmlrpc attack |
2020-08-07 14:00:24 |
| 185.156.73.54 | attackspam | Port-scan: detected 342 distinct ports within a 24-hour window. |
2020-08-07 13:19:42 |