City: unknown
Region: unknown
Country: United Kingdom of Great Britain and Northern Ireland (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.103.29.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3201
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.103.29.252. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012902 1800 900 604800 86400
;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 11:54:38 CST 2025
;; MSG SIZE rcvd: 105252.29.103.2.in-addr.arpa domain name pointer host-2-103-29-252.as13285.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
252.29.103.2.in-addr.arpa name = host-2-103-29-252.as13285.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 212.70.149.19 | attackbotsspam | Aug 2 07:38:14 web1 postfix/smtpd[31672]: warning: unknown[212.70.149.19]: SASL LOGIN authentication failed: authentication failure Aug 2 07:38:24 web1 postfix/smtpd[31672]: warning: unknown[212.70.149.19]: SASL LOGIN authentication failed: authentication failure Aug 2 07:38:36 web1 postfix/smtpd[31672]: warning: unknown[212.70.149.19]: SASL LOGIN authentication failed: authentication failure Aug 2 07:38:47 web1 postfix/smtpd[31672]: warning: unknown[212.70.149.19]: SASL LOGIN authentication failed: authentication failure Aug 2 07:38:59 web1 postfix/smtpd[31672]: warning: unknown[212.70.149.19]: SASL LOGIN authentication failed: authentication failure ... |
2020-08-02 05:41:08 |
| 106.55.173.60 | attackspambots | Aug 1 21:39:10 plex-server sshd[104724]: Failed password for root from 106.55.173.60 port 47190 ssh2 Aug 1 21:41:01 plex-server sshd[105935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.173.60 user=root Aug 1 21:41:03 plex-server sshd[105935]: Failed password for root from 106.55.173.60 port 39034 ssh2 Aug 1 21:42:49 plex-server sshd[107062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.173.60 user=root Aug 1 21:42:51 plex-server sshd[107062]: Failed password for root from 106.55.173.60 port 59108 ssh2 ... |
2020-08-02 05:47:34 |
| 222.186.30.59 | attackbotsspam | Aug 2 02:10:11 gw1 sshd[17617]: Failed password for root from 222.186.30.59 port 21242 ssh2 Aug 2 02:10:13 gw1 sshd[17617]: Failed password for root from 222.186.30.59 port 21242 ssh2 ... |
2020-08-02 05:19:31 |
| 45.169.19.56 | attackbotsspam | Aug 1 22:15:19 mail.srvfarm.net postfix/smtps/smtpd[1162680]: warning: unknown[45.169.19.56]: SASL PLAIN authentication failed: Aug 1 22:15:20 mail.srvfarm.net postfix/smtps/smtpd[1162680]: lost connection after AUTH from unknown[45.169.19.56] Aug 1 22:16:30 mail.srvfarm.net postfix/smtpd[1163191]: warning: unknown[45.169.19.56]: SASL PLAIN authentication failed: Aug 1 22:16:31 mail.srvfarm.net postfix/smtpd[1163191]: lost connection after AUTH from unknown[45.169.19.56] Aug 1 22:24:29 mail.srvfarm.net postfix/smtpd[1163193]: warning: unknown[45.169.19.56]: SASL PLAIN authentication failed: |
2020-08-02 05:44:13 |
| 219.135.179.220 | attack | 20 attempts against mh-ssh on pole |
2020-08-02 05:18:09 |
| 78.128.113.115 | attackspambots | Aug 1 23:28:32 srv01 postfix/smtpd\[31939\]: warning: unknown\[78.128.113.115\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 23:28:45 srv01 postfix/smtpd\[31897\]: warning: unknown\[78.128.113.115\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 23:29:01 srv01 postfix/smtpd\[31939\]: warning: unknown\[78.128.113.115\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 23:29:20 srv01 postfix/smtpd\[31939\]: warning: unknown\[78.128.113.115\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 23:42:26 srv01 postfix/smtpd\[3330\]: warning: unknown\[78.128.113.115\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-08-02 05:43:06 |
| 212.70.149.67 | attackspam | 2020-08-01 23:24:19 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=waters@no-server.de\) 2020-08-01 23:24:19 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=waters@no-server.de\) 2020-08-01 23:26:04 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=wayne@no-server.de\) 2020-08-01 23:26:05 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=wayne@no-server.de\) 2020-08-01 23:27:52 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=weaver@no-server.de\) 2020-08-01 23:27:52 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=weaver@no-server.de\) ... |
2020-08-02 05:40:40 |
| 106.13.144.8 | attackspam | Aug 1 21:31:21 game-panel sshd[22791]: Failed password for root from 106.13.144.8 port 60414 ssh2 Aug 1 21:34:00 game-panel sshd[22891]: Failed password for root from 106.13.144.8 port 41748 ssh2 |
2020-08-02 05:37:28 |
| 182.92.85.121 | attack | [SatAug0122:48:18.6322402020][:error][pid7144:tid139903505520384][client182.92.85.121:51602][client182.92.85.121]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"aress2030.ch"][uri"/public/js/image.js"][unique_id"XyXVEuiEyPkpGEPXCyT@2AAAAEI"][SatAug0122:48:21.3442452020][:error][pid12883:tid139903327192832][client182.92.85.121:52017][client182.92.85.121]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CR |
2020-08-02 05:54:26 |
| 181.48.138.242 | attackspambots | fail2ban |
2020-08-02 05:30:09 |
| 104.131.46.166 | attackspam | 2020-08-01T21:38:40.730502shield sshd\[15242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.46.166 user=root 2020-08-01T21:38:42.937799shield sshd\[15242\]: Failed password for root from 104.131.46.166 port 52600 ssh2 2020-08-01T21:39:45.767780shield sshd\[15444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.46.166 user=root 2020-08-01T21:39:47.563701shield sshd\[15444\]: Failed password for root from 104.131.46.166 port 33052 ssh2 2020-08-01T21:40:49.818769shield sshd\[15583\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.46.166 user=root |
2020-08-02 05:48:26 |
| 69.120.183.192 | attackbots | Automatic report - Banned IP Access |
2020-08-02 05:53:16 |
| 106.13.227.104 | attackspambots | Aug 1 17:45:27 firewall sshd[25707]: Failed password for root from 106.13.227.104 port 41424 ssh2 Aug 1 17:48:29 firewall sshd[25768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.227.104 user=root Aug 1 17:48:31 firewall sshd[25768]: Failed password for root from 106.13.227.104 port 53290 ssh2 ... |
2020-08-02 05:48:48 |
| 180.166.184.66 | attackspambots | SSH Invalid Login |
2020-08-02 05:46:18 |
| 112.85.42.180 | attackspam | Aug 2 02:21:19 gw1 sshd[18075]: Failed password for root from 112.85.42.180 port 41522 ssh2 Aug 2 02:21:22 gw1 sshd[18075]: Failed password for root from 112.85.42.180 port 41522 ssh2 ... |
2020-08-02 05:30:27 |