City: unknown
Region: unknown
Country: None
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 199.159.214.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32335
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;199.159.214.141. IN A
;; AUTHORITY SECTION:
. 388 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020032801 1800 900 604800 86400
;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 14:00:30 CST 2020
;; MSG SIZE rcvd: 119141.214.159.199.in-addr.arpa domain name pointer 199.159.214.141.4k.usda.gov.
;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 141.214.159.199.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 124.47.8.10 | attackbots | Unauthorised access (Dec 2) SRC=124.47.8.10 LEN=40 TTL=45 ID=41358 TCP DPT=23 WINDOW=42402 SYN |
2019-12-03 05:54:50 |
| 134.175.154.22 | attackspambots | Dec 2 11:49:40 php1 sshd\[18757\]: Invalid user 123 from 134.175.154.22 Dec 2 11:49:40 php1 sshd\[18757\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.154.22 Dec 2 11:49:42 php1 sshd\[18757\]: Failed password for invalid user 123 from 134.175.154.22 port 57398 ssh2 Dec 2 11:56:59 php1 sshd\[19822\]: Invalid user abigail from 134.175.154.22 Dec 2 11:57:00 php1 sshd\[19822\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.154.22 |
2019-12-03 06:07:57 |
| 192.236.160.41 | attackbots | Fail2Ban Ban Triggered HTTP SQL Injection Attempt |
2019-12-03 06:04:36 |
| 45.95.168.105 | attack | Dec 2 13:54:32 ihweb003 sshd[17190]: Connection from 45.95.168.105 port 54470 on 139.59.173.177 port 22 Dec 2 13:54:32 ihweb003 sshd[17190]: Did not receive identification string from 45.95.168.105 port 54470 Dec 2 13:57:35 ihweb003 sshd[17742]: Connection from 45.95.168.105 port 54086 on 139.59.173.177 port 22 Dec 2 13:57:36 ihweb003 sshd[17742]: Address 45.95.168.105 maps to maxko-hosting.com, but this does not map back to the address. Dec 2 13:57:36 ihweb003 sshd[17742]: User r.r from 45.95.168.105 not allowed because none of user's groups are listed in AllowGroups Dec 2 13:57:36 ihweb003 sshd[17742]: Received disconnect from 45.95.168.105 port 54086:11: Normal Shutdown, Thank you for playing [preauth] Dec 2 13:57:36 ihweb003 sshd[17742]: Disconnected from 45.95.168.105 port 54086 [preauth] Dec 2 13:58:36 ihweb003 sshd[17907]: Connection from 45.95.168.105 port 42174 on 139.59.173.177 port 22 Dec 2 13:58:36 ihweb003 sshd[17907]: Address 45.95.168.105 maps to........ ------------------------------- |
2019-12-03 05:59:01 |
| 218.92.0.182 | attackspam | $f2bV_matches |
2019-12-03 06:00:28 |
| 118.25.189.123 | attackbots | Dec 2 22:47:05 ns3042688 sshd\[28152\]: Invalid user alka from 118.25.189.123 Dec 2 22:47:05 ns3042688 sshd\[28152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.189.123 Dec 2 22:47:07 ns3042688 sshd\[28152\]: Failed password for invalid user alka from 118.25.189.123 port 55580 ssh2 Dec 2 22:53:13 ns3042688 sshd\[29933\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.189.123 user=mail Dec 2 22:53:16 ns3042688 sshd\[29933\]: Failed password for mail from 118.25.189.123 port 36432 ssh2 ... |
2019-12-03 05:59:50 |
| 178.128.117.55 | attack | Dec 2 22:28:39 tux-35-217 sshd\[7650\]: Invalid user hallgeir from 178.128.117.55 port 55216 Dec 2 22:28:39 tux-35-217 sshd\[7650\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.117.55 Dec 2 22:28:41 tux-35-217 sshd\[7650\]: Failed password for invalid user hallgeir from 178.128.117.55 port 55216 ssh2 Dec 2 22:35:03 tux-35-217 sshd\[7677\]: Invalid user hank from 178.128.117.55 port 38312 Dec 2 22:35:03 tux-35-217 sshd\[7677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.117.55 ... |
2019-12-03 06:13:48 |
| 89.179.118.84 | attackspambots | frenzy |
2019-12-03 05:58:41 |
| 117.4.64.10 | attack | Dec 2 22:35:09 h2177944 kernel: \[8197733.874880\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=117.4.64.10 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=3329 DF PROTO=TCP SPT=63516 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 2 22:35:12 h2177944 kernel: \[8197736.873583\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=117.4.64.10 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=13999 DF PROTO=TCP SPT=63439 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 2 22:35:15 h2177944 kernel: \[8197739.958180\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=117.4.64.10 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=27697 DF PROTO=TCP SPT=63439 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 2 22:35:18 h2177944 kernel: \[8197743.603554\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=117.4.64.10 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=17467 DF PROTO=TCP SPT=52461 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 2 22:35:21 h2177944 kernel: \[8197746.657450\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=117.4.64.10 DST=85.214.117. |
2019-12-03 05:57:09 |
| 149.202.193.120 | attackbots | Automatic report - XMLRPC Attack |
2019-12-03 05:47:02 |
| 142.93.195.189 | attackbotsspam | $f2bV_matches |
2019-12-03 05:46:07 |
| 138.68.20.158 | attackspam | Dec 3 03:05:13 areeb-Workstation sshd[10421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.20.158 Dec 3 03:05:16 areeb-Workstation sshd[10421]: Failed password for invalid user cacti from 138.68.20.158 port 50210 ssh2 ... |
2019-12-03 06:03:51 |
| 209.85.220.69 | attackbotsspam | Received: from mail-sor-f69.google.com (mail-sor-f69.google.com. [209.85.220.69])
by mx.google.com with SMTPS id a130sor408591ybg.114.2019.12.02.12.31.39
for <@gmail.com>
(Google Transport Security);
Mon, 02 Dec 2019 12:31:39 -0800 (PST)
CareyHolzman just uploaded a video
What Did Windows 10 1809 Do To Your USB Speeds? A Lesson That Everyone
Should Know About!
http://www.youtube.com/watch?v=au-niXiKYXo&feature=em-uploademail
Name: Carey Alan Holzman
Michelle Lee Holzman
Address: 5381 N 87th Ave, Glendale, Arizona, 85305
https://careyholzman.com
Phone Numbers:
(602) 527-9723
(623) 628-4266
carey@tech-vets.com carey.holzman@yahoo.com cholzman@cox.net
carey@careyholzman.com ,cholzman@outlook.com,cholzman@gmail.com
IP Number : 68.231.131.39
x-originating-ip: [199.189.26.30] |
2019-12-03 06:03:20 |
| 92.222.72.234 | attack | Dec 2 22:55:59 localhost sshd\[29945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.72.234 user=root Dec 2 22:56:01 localhost sshd\[29945\]: Failed password for root from 92.222.72.234 port 46745 ssh2 Dec 2 23:01:11 localhost sshd\[30688\]: Invalid user wwwadmin from 92.222.72.234 port 52371 Dec 2 23:01:11 localhost sshd\[30688\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.72.234 |
2019-12-03 06:01:51 |
| 118.70.233.163 | attackspambots | Dec 2 06:12:48 server sshd\[3031\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.233.163 user=root Dec 2 06:12:50 server sshd\[3031\]: Failed password for root from 118.70.233.163 port 46248 ssh2 Dec 3 00:35:12 server sshd\[12354\]: Invalid user kushnirs from 118.70.233.163 Dec 3 00:35:12 server sshd\[12354\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.233.163 Dec 3 00:35:14 server sshd\[12354\]: Failed password for invalid user kushnirs from 118.70.233.163 port 48578 ssh2 ... |
2019-12-03 06:06:12 |