City: unknown
Region: unknown
Country: None
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.149.50.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35530
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;172.149.50.203. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021902 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 07:34:50 CST 2025
;; MSG SIZE rcvd: 107Host 203.50.149.172.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 203.50.149.172.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 31.46.16.95 | attackbotsspam | Sep 16 04:41:20 markkoudstaal sshd[25704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.46.16.95 Sep 16 04:41:21 markkoudstaal sshd[25704]: Failed password for invalid user laboratorio from 31.46.16.95 port 35790 ssh2 Sep 16 04:45:45 markkoudstaal sshd[26132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.46.16.95 |
2019-09-16 10:53:55 |
| 162.241.65.246 | attackspambots | Sep 16 01:51:15 [host] sshd[31594]: Invalid user mine from 162.241.65.246 Sep 16 01:51:15 [host] sshd[31594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.241.65.246 Sep 16 01:51:17 [host] sshd[31594]: Failed password for invalid user mine from 162.241.65.246 port 52730 ssh2 |
2019-09-16 10:14:58 |
| 13.68.141.175 | attackspambots | Sep 15 15:59:53 php1 sshd\[18283\]: Invalid user oracle from 13.68.141.175 Sep 15 15:59:53 php1 sshd\[18283\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.141.175 Sep 15 15:59:55 php1 sshd\[18283\]: Failed password for invalid user oracle from 13.68.141.175 port 55528 ssh2 Sep 15 16:04:03 php1 sshd\[18676\]: Invalid user neeraj from 13.68.141.175 Sep 15 16:04:03 php1 sshd\[18676\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.141.175 |
2019-09-16 10:13:18 |
| 159.192.230.28 | attack | Chat Spam |
2019-09-16 10:29:17 |
| 156.233.5.2 | attack | Sep 15 15:47:48 lcprod sshd\[29020\]: Invalid user qb from 156.233.5.2 Sep 15 15:47:48 lcprod sshd\[29020\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.233.5.2 Sep 15 15:47:49 lcprod sshd\[29020\]: Failed password for invalid user qb from 156.233.5.2 port 52512 ssh2 Sep 15 15:53:16 lcprod sshd\[29529\]: Invalid user aliba from 156.233.5.2 Sep 15 15:53:16 lcprod sshd\[29529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.233.5.2 |
2019-09-16 10:20:45 |
| 182.74.190.198 | attack | Sep 15 16:11:49 lcdev sshd\[15428\]: Invalid user cron from 182.74.190.198 Sep 15 16:11:49 lcdev sshd\[15428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.74.190.198 Sep 15 16:11:51 lcdev sshd\[15428\]: Failed password for invalid user cron from 182.74.190.198 port 59926 ssh2 Sep 15 16:16:51 lcdev sshd\[15939\]: Invalid user taiga from 182.74.190.198 Sep 15 16:16:51 lcdev sshd\[15939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.74.190.198 |
2019-09-16 10:35:27 |
| 37.156.146.132 | attack | Unauthorised access (Sep 16) SRC=37.156.146.132 LEN=40 PREC=0x20 TTL=244 ID=15441 TCP DPT=445 WINDOW=1024 SYN |
2019-09-16 10:49:51 |
| 59.83.221.4 | attackbotsspam | Sep 16 02:16:28 *** sshd[23800]: User root from 59.83.221.4 not allowed because not listed in AllowUsers |
2019-09-16 10:38:19 |
| 36.251.143.239 | attack | Sep 16 01:18:18 root sshd[11608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.251.143.239 Sep 16 01:18:20 root sshd[11608]: Failed password for invalid user admin from 36.251.143.239 port 53536 ssh2 Sep 16 01:18:23 root sshd[11608]: Failed password for invalid user admin from 36.251.143.239 port 53536 ssh2 Sep 16 01:18:27 root sshd[11608]: Failed password for invalid user admin from 36.251.143.239 port 53536 ssh2 ... |
2019-09-16 10:22:17 |
| 119.57.162.18 | attackbots | Sep 15 15:02:51 hcbb sshd\[15502\]: Invalid user 123456 from 119.57.162.18 Sep 15 15:02:51 hcbb sshd\[15502\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.57.162.18 Sep 15 15:02:53 hcbb sshd\[15502\]: Failed password for invalid user 123456 from 119.57.162.18 port 36032 ssh2 Sep 15 15:08:04 hcbb sshd\[15918\]: Invalid user neng123 from 119.57.162.18 Sep 15 15:08:04 hcbb sshd\[15918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.57.162.18 |
2019-09-16 10:12:54 |
| 54.36.150.141 | attackspambots | Automatic report - Banned IP Access |
2019-09-16 10:16:07 |
| 222.139.3.0 | attack | Sep 16 01:18:28 mail kernel: [702455.655209] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=30617 DF PROTO=TCP SPT=11603 DPT=4899 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Sep 16 01:18:31 mail kernel: [702458.656018] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=30618 DF PROTO=TCP SPT=11603 DPT=4899 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Sep 16 01:18:37 mail kernel: [702464.661804] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=30619 DF PROTO=TCP SPT=11657 DPT=4899 WINDOW=8192 RES=0x00 SYN URGP=0 |
2019-09-16 10:13:43 |
| 185.36.81.251 | attack | Sep 16 00:41:06 tamoto postfix/smtpd[15470]: warning: hostname mx251.basifi.com does not resolve to address 185.36.81.251 Sep 16 00:41:06 tamoto postfix/smtpd[15470]: connect from unknown[185.36.81.251] Sep 16 00:41:06 tamoto postfix/smtpd[15470]: warning: unknown[185.36.81.251]: SASL LOGIN authentication failed: authentication failure Sep 16 00:41:06 tamoto postfix/smtpd[15470]: lost connection after AUTH from unknown[185.36.81.251] Sep 16 00:41:06 tamoto postfix/smtpd[15470]: disconnect from unknown[185.36.81.251] Sep 16 00:46:41 tamoto postfix/smtpd[15470]: warning: hostname mx251.basifi.com does not resolve to address 185.36.81.251 Sep 16 00:46:41 tamoto postfix/smtpd[15470]: connect from unknown[185.36.81.251] Sep 16 00:46:41 tamoto postfix/smtpd[15470]: warning: unknown[185.36.81.251]: SASL LOGIN authentication failed: authentication failure Sep 16 00:46:41 tamoto postfix/smtpd[15470]: lost connection after AUTH from unknown[185.36.81.251] Sep 16 00:46:41 tamoto p........ ------------------------------- |
2019-09-16 10:27:57 |
| 128.46.69.104 | attack | Lines containing failures of 128.46.69.104 (max 1000) Sep 14 03:27:15 server sshd[32129]: Connection from 128.46.69.104 port 48400 on 62.116.165.82 port 22 Sep 14 03:27:16 server sshd[32129]: Invalid user www-data from 128.46.69.104 port 48400 Sep 14 03:27:16 server sshd[32129]: Received disconnect from 128.46.69.104 port 48400:11: Bye Bye [preauth] Sep 14 03:27:16 server sshd[32129]: Disconnected from 128.46.69.104 port 48400 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=128.46.69.104 |
2019-09-16 10:26:08 |
| 188.165.238.65 | attackbotsspam | Sep 16 05:02:10 site2 sshd\[8012\]: Invalid user usuario from 188.165.238.65Sep 16 05:02:13 site2 sshd\[8012\]: Failed password for invalid user usuario from 188.165.238.65 port 59000 ssh2Sep 16 05:06:12 site2 sshd\[8220\]: Invalid user leo from 188.165.238.65Sep 16 05:06:15 site2 sshd\[8220\]: Failed password for invalid user leo from 188.165.238.65 port 48666 ssh2Sep 16 05:10:15 site2 sshd\[9564\]: Invalid user www from 188.165.238.65 ... |
2019-09-16 10:17:22 |