City: unknown
Region: unknown
Country: South Africa
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.89.103.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13402
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;197.89.103.138. IN A
;; AUTHORITY SECTION:
. 120 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400
;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 22:47:06 CST 2022
;; MSG SIZE rcvd: 107138.103.89.197.in-addr.arpa domain name pointer 197-89-103-138.dsl.mweb.co.za.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
138.103.89.197.in-addr.arpa name = 197-89-103-138.dsl.mweb.co.za.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 167.71.134.135 | attack | Automatic report - XMLRPC Attack |
2019-12-20 18:35:12 |
| 37.139.16.94 | attackbotsspam | Dec 17 00:08:47 server6 sshd[26711]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:08:47 server6 sshd[26711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 user=r.r Dec 17 00:08:49 server6 sshd[26711]: Failed password for r.r from 37.139.16.94 port 48222 ssh2 Dec 17 00:08:49 server6 sshd[26711]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:17:15 server6 sshd[13108]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:17:17 server6 sshd[13108]: Failed password for invalid user burgwell from 37.139.16.94 port 46168 ssh2 Dec 17 00:17:17 server6 sshd[13108]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:22:05 server6 sshd[23185]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - ........ ------------------------------- |
2019-12-20 18:08:23 |
| 68.183.127.93 | attack | 2019-12-20T06:44:10.435244shield sshd\[8764\]: Invalid user minichilli from 68.183.127.93 port 48480 2019-12-20T06:44:10.439575shield sshd\[8764\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.127.93 2019-12-20T06:44:12.601971shield sshd\[8764\]: Failed password for invalid user minichilli from 68.183.127.93 port 48480 ssh2 2019-12-20T06:49:58.966863shield sshd\[10695\]: Invalid user password from 68.183.127.93 port 56876 2019-12-20T06:49:58.971577shield sshd\[10695\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.127.93 |
2019-12-20 18:28:16 |
| 51.77.220.183 | attack | Invalid user test from 51.77.220.183 port 38558 |
2019-12-20 18:26:06 |
| 165.22.112.45 | attackspambots | Invalid user marissa from 165.22.112.45 port 41174 |
2019-12-20 18:04:03 |
| 68.183.106.84 | attack | Dec 20 11:15:28 root sshd[22630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.106.84 Dec 20 11:15:30 root sshd[22630]: Failed password for invalid user ffffffffff from 68.183.106.84 port 47362 ssh2 Dec 20 11:20:23 root sshd[22689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.106.84 ... |
2019-12-20 18:27:13 |
| 185.56.153.236 | attackbots | Dec 20 10:46:17 ArkNodeAT sshd\[20077\]: Invalid user serle from 185.56.153.236 Dec 20 10:46:17 ArkNodeAT sshd\[20077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.56.153.236 Dec 20 10:46:19 ArkNodeAT sshd\[20077\]: Failed password for invalid user serle from 185.56.153.236 port 40986 ssh2 |
2019-12-20 18:04:49 |
| 193.32.163.72 | attackbotsspam | Portscan or hack attempt detected by psad/fwsnort |
2019-12-20 18:28:46 |
| 75.158.204.252 | attack | TCP Port Scanning |
2019-12-20 18:05:33 |
| 123.138.111.243 | attackbots | Scanning |
2019-12-20 18:01:43 |
| 223.247.194.119 | attackbotsspam | Dec 20 11:03:07 sd-53420 sshd\[21721\]: Invalid user dapprich from 223.247.194.119 Dec 20 11:03:07 sd-53420 sshd\[21721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.194.119 Dec 20 11:03:09 sd-53420 sshd\[21721\]: Failed password for invalid user dapprich from 223.247.194.119 port 58760 ssh2 Dec 20 11:10:00 sd-53420 sshd\[24355\]: Invalid user slr from 223.247.194.119 Dec 20 11:10:00 sd-53420 sshd\[24355\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.194.119 ... |
2019-12-20 18:16:13 |
| 221.2.35.78 | attack | Dec 20 08:36:08 icinga sshd[9472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.2.35.78 Dec 20 08:36:10 icinga sshd[9472]: Failed password for invalid user smmsp from 221.2.35.78 port 4215 ssh2 Dec 20 09:06:27 icinga sshd[37379]: Failed password for root from 221.2.35.78 port 4217 ssh2 ... |
2019-12-20 18:24:58 |
| 49.234.206.45 | attack | Dec 20 11:10:28 loxhost sshd\[32565\]: Invalid user mysql from 49.234.206.45 port 57072 Dec 20 11:10:28 loxhost sshd\[32565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.206.45 Dec 20 11:10:30 loxhost sshd\[32565\]: Failed password for invalid user mysql from 49.234.206.45 port 57072 ssh2 Dec 20 11:18:05 loxhost sshd\[476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.206.45 user=root Dec 20 11:18:07 loxhost sshd\[476\]: Failed password for root from 49.234.206.45 port 60016 ssh2 ... |
2019-12-20 18:37:14 |
| 198.98.54.28 | attack | Invalid user admin from 198.98.54.28 port 57885 |
2019-12-20 18:33:58 |
| 178.34.16.223 | attackspam | Unauthorized connection attempt from IP address 178.34.16.223 on Port 445(SMB) |
2019-12-20 18:34:15 |