City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 199.149.212.170
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13005
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;199.149.212.170. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025030100 1800 900 604800 86400
;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 01 13:54:31 CST 2025
;; MSG SIZE rcvd: 108170.212.149.199.in-addr.arpa domain name pointer 199.149.212.170.4k.usda.gov.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
170.212.149.199.in-addr.arpa name = 199.149.212.170.4k.usda.gov.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 122.156.232.197 | attack | Sep 11 04:00:44 vps639187 sshd\[31583\]: Invalid user netman from 122.156.232.197 port 64448 Sep 11 04:00:45 vps639187 sshd\[31583\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.156.232.197 Sep 11 04:00:47 vps639187 sshd\[31583\]: Failed password for invalid user netman from 122.156.232.197 port 64448 ssh2 ... |
2020-09-11 14:20:22 |
| 162.158.106.128 | attackbotsspam | srv02 DDoS Malware Target(80:http) .. |
2020-09-11 14:08:29 |
| 68.71.20.138 | attack | Sep 11 06:05:50 ssh2 sshd[91884]: Invalid user admin from 68.71.20.138 port 56780 Sep 11 06:05:50 ssh2 sshd[91884]: Failed password for invalid user admin from 68.71.20.138 port 56780 ssh2 Sep 11 06:05:50 ssh2 sshd[91884]: Connection closed by invalid user admin 68.71.20.138 port 56780 [preauth] ... |
2020-09-11 14:25:38 |
| 24.209.19.246 | attackbots | Lines containing failures of 24.209.19.246 Sep 10 18:40:43 mx-in-02 sshd[9465]: Invalid user admin from 24.209.19.246 port 42312 Sep 10 18:40:43 mx-in-02 sshd[9465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.209.19.246 Sep 10 18:40:45 mx-in-02 sshd[9465]: Failed password for invalid user admin from 24.209.19.246 port 42312 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=24.209.19.246 |
2020-09-11 14:28:15 |
| 70.44.144.225 | attackbotsspam | Sep 10 18:56:56 mail sshd[11817]: Failed password for root from 70.44.144.225 port 40180 ssh2 |
2020-09-11 14:21:56 |
| 139.59.18.215 | attackbotsspam | Sep 11 03:57:45 cp sshd[8979]: Failed password for root from 139.59.18.215 port 33268 ssh2 Sep 11 04:01:00 cp sshd[11330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.18.215 Sep 11 04:01:03 cp sshd[11330]: Failed password for invalid user cacti from 139.59.18.215 port 51204 ssh2 |
2020-09-11 14:21:37 |
| 122.100.215.82 | attack | Sep 11 01:01:41 ssh2 sshd[78783]: User root from nz215l82.bb122100.ctm.net not allowed because not listed in AllowUsers Sep 11 01:01:41 ssh2 sshd[78783]: Failed password for invalid user root from 122.100.215.82 port 39552 ssh2 Sep 11 01:01:41 ssh2 sshd[78783]: Connection closed by invalid user root 122.100.215.82 port 39552 [preauth] ... |
2020-09-11 14:09:51 |
| 42.159.155.8 | attack | Sep 11 13:27:56 web1 sshd[29925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.155.8 user=root Sep 11 13:27:58 web1 sshd[29925]: Failed password for root from 42.159.155.8 port 1600 ssh2 Sep 11 13:33:16 web1 sshd[32117]: Invalid user wangxue from 42.159.155.8 port 1600 Sep 11 13:33:16 web1 sshd[32117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.155.8 Sep 11 13:33:16 web1 sshd[32117]: Invalid user wangxue from 42.159.155.8 port 1600 Sep 11 13:33:19 web1 sshd[32117]: Failed password for invalid user wangxue from 42.159.155.8 port 1600 ssh2 Sep 11 13:36:18 web1 sshd[909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.155.8 user=root Sep 11 13:36:20 web1 sshd[909]: Failed password for root from 42.159.155.8 port 1600 ssh2 Sep 11 13:39:26 web1 sshd[2169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos ... |
2020-09-11 14:31:28 |
| 185.220.100.240 | attack | Unwanted checking 80 or 443 port ... |
2020-09-11 14:37:16 |
| 114.34.241.158 | attackbots | Telnet Server BruteForce Attack |
2020-09-11 14:08:57 |
| 132.145.184.238 | attackbots | Invalid user ubnt from 132.145.184.238 port 48660 |
2020-09-11 14:06:51 |
| 159.203.36.107 | attackspambots | 159.203.36.107 - - \[11/Sep/2020:00:33:06 +0200\] "POST /wp-login.php HTTP/1.0" 200 9641 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.203.36.107 - - \[11/Sep/2020:00:33:07 +0200\] "POST /wp-login.php HTTP/1.0" 200 9456 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.203.36.107 - - \[11/Sep/2020:00:33:14 +0200\] "POST /wp-login.php HTTP/1.0" 200 9453 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-09-11 14:28:47 |
| 159.203.192.134 | attack | Port scan denied |
2020-09-11 14:15:49 |
| 212.70.149.20 | attackbots | Sep 11 08:28:30 galaxy event: galaxy/lswi: smtp: olympus@uni-potsdam.de [212.70.149.20] authentication failure using internet password Sep 11 08:28:54 galaxy event: galaxy/lswi: smtp: olli@uni-potsdam.de [212.70.149.20] authentication failure using internet password Sep 11 08:29:19 galaxy event: galaxy/lswi: smtp: olive@uni-potsdam.de [212.70.149.20] authentication failure using internet password Sep 11 08:29:44 galaxy event: galaxy/lswi: smtp: ofx@uni-potsdam.de [212.70.149.20] authentication failure using internet password Sep 11 08:30:08 galaxy event: galaxy/lswi: smtp: official@uni-potsdam.de [212.70.149.20] authentication failure using internet password ... |
2020-09-11 14:36:35 |
| 106.104.72.215 | attackspam | SSH Bruteforce Attempt on Honeypot |
2020-09-11 14:44:28 |