City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 166.112.89.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63209
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;166.112.89.39. IN A
;; AUTHORITY SECTION:
. 278 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023021600 1800 900 604800 86400
;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 16 21:48:09 CST 2023
;; MSG SIZE rcvd: 106
b'Host 39.89.112.166.in-addr.arpa not found: 2(SERVFAIL)
'
server can't find 166.112.89.39.in-addr.arpa: SERVFAIL
| IP | Type | Details | Datetime |
|---|---|---|---|
| 144.22.108.33 | attackspam | web-1 [ssh_2] SSH Attack |
2020-08-04 07:16:29 |
| 156.96.44.168 | attackspambots | Aug 4 01:11:34 srv01 postfix/smtpd\[14921\]: warning: unknown\[156.96.44.168\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 4 01:11:42 srv01 postfix/smtpd\[14921\]: warning: unknown\[156.96.44.168\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 4 01:11:45 srv01 postfix/smtpd\[9137\]: warning: unknown\[156.96.44.168\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 4 01:11:45 srv01 postfix/smtpd\[14919\]: warning: unknown\[156.96.44.168\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 4 01:11:45 srv01 postfix/smtpd\[16379\]: warning: unknown\[156.96.44.168\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-08-04 07:28:13 |
| 182.61.2.135 | attackspam | Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root |
2020-08-04 07:07:54 |
| 210.105.82.53 | attackspam | 2020-08-03T22:33:07.430787+02:00 |
2020-08-04 07:30:00 |
| 91.121.184.52 | attackspam | 91.121.184.52 - - [03/Aug/2020:22:38:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2121 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.184.52 - - [03/Aug/2020:22:38:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.184.52 - - [03/Aug/2020:22:38:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-08-04 07:23:09 |
| 150.136.245.92 | attackbots | Aug 4 01:41:49 journals sshd\[101940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.245.92 user=root Aug 4 01:41:51 journals sshd\[101940\]: Failed password for root from 150.136.245.92 port 46542 ssh2 Aug 4 01:45:44 journals sshd\[102328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.245.92 user=root Aug 4 01:45:46 journals sshd\[102328\]: Failed password for root from 150.136.245.92 port 59590 ssh2 Aug 4 01:49:45 journals sshd\[102803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.245.92 user=root ... |
2020-08-04 07:24:11 |
| 35.190.218.27 | attackbotsspam |
|
2020-08-04 07:09:45 |
| 54.38.180.93 | attack | 2020-08-03T18:23:03.2045531495-001 sshd[44957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.ip-54-38-180.eu user=root 2020-08-03T18:23:04.8713741495-001 sshd[44957]: Failed password for root from 54.38.180.93 port 37262 ssh2 2020-08-03T18:28:12.6830911495-001 sshd[45262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.ip-54-38-180.eu user=root 2020-08-03T18:28:15.4349721495-001 sshd[45262]: Failed password for root from 54.38.180.93 port 49224 ssh2 2020-08-03T18:33:15.2434071495-001 sshd[45473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.ip-54-38-180.eu user=root 2020-08-03T18:33:16.9247251495-001 sshd[45473]: Failed password for root from 54.38.180.93 port 32952 ssh2 ... |
2020-08-04 07:00:37 |
| 190.145.192.106 | attackbots | Aug 3 22:24:55 v22019038103785759 sshd\[24884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.192.106 user=root Aug 3 22:24:57 v22019038103785759 sshd\[24884\]: Failed password for root from 190.145.192.106 port 54026 ssh2 Aug 3 22:29:24 v22019038103785759 sshd\[24995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.192.106 user=root Aug 3 22:29:26 v22019038103785759 sshd\[24995\]: Failed password for root from 190.145.192.106 port 37610 ssh2 Aug 3 22:34:44 v22019038103785759 sshd\[25100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.192.106 user=root ... |
2020-08-04 07:01:59 |
| 157.55.39.184 | attack | $f2bV_matches |
2020-08-04 07:15:55 |
| 2a01:cb0c:6f:d800:a8e5:8bce:e3e:4057 | attackbotsspam | SSH Bruteforce attempt |
2020-08-04 07:20:10 |
| 45.145.67.197 | attack | [H1.VM1] Blocked by UFW |
2020-08-04 07:10:03 |
| 123.122.163.40 | attackspam | Failed password for root from 123.122.163.40 port 41134 ssh2 |
2020-08-04 06:54:42 |
| 178.32.219.66 | attack | Aug 3 19:31:04 firewall sshd[4149]: Failed password for root from 178.32.219.66 port 52494 ssh2 Aug 3 19:34:52 firewall sshd[4878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.219.66 user=root Aug 3 19:34:54 firewall sshd[4878]: Failed password for root from 178.32.219.66 port 37078 ssh2 ... |
2020-08-04 07:02:23 |
| 103.151.125.123 | attackbotsspam | 103.151.125.123 - - \[03/Aug/2020:22:34:55 +0200\] "GET / HTTP/1.1" 200 29164 "-" "Mozilla/4.0 \(compatible\; MSIE 5.0\; Windows NT\; DigExt\; DTS Agent" |
2020-08-04 06:52:33 |