City: Stavanger
Region: Rogaland
Country: Norway
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.100.111.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24772
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;20.100.111.8. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2024112400 1800 900 604800 86400
;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 24 17:36:35 CST 2024
;; MSG SIZE rcvd: 105Host 8.111.100.20.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 8.111.100.20.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 192.241.238.20 | attack | US_DigitalOcean,_<177>1585631420 [1:2402000:5497] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2]: |
2020-03-31 17:49:25 |
| 94.191.25.32 | attack | 03/31/2020-03:58:09.911748 94.191.25.32 Protocol: 6 ET SCAN Potential SSH Scan |
2020-03-31 17:44:37 |
| 139.59.14.210 | attackbots | Invalid user jboss from 139.59.14.210 port 53116 |
2020-03-31 17:24:30 |
| 73.125.105.249 | attack | IP address logged by my Netflix account after the individual hacked into and locked me out of my account. Individual also changed my account settings to the most expensive plan, which allows multiple people (profiles) to watch, and several profiles were added. The name on my account was changed to "Juan". I contacted Netflix to have my account restored, so I was able to see the various IP addresses used. I will report all of them as well. |
2020-03-31 17:40:22 |
| 118.68.78.141 | attackspam | 1,10-10/02 [bc01/m67] PostRequest-Spammer scoring: luanda |
2020-03-31 17:30:00 |
| 178.60.39.163 | attackbots | SSH Brute-Force Attack |
2020-03-31 17:18:46 |
| 104.105.226.10 | attack | Mar 31 05:52:24 debian-2gb-nbg1-2 kernel: \[7885799.411924\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.105.226.10 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=47 ID=0 DF PROTO=TCP SPT=443 DPT=41361 WINDOW=29200 RES=0x00 ACK SYN URGP=0 |
2020-03-31 17:25:02 |
| 180.168.141.246 | attack | Mar 31 08:47:33 *** sshd[8957]: User root from 180.168.141.246 not allowed because not listed in AllowUsers |
2020-03-31 17:10:42 |
| 218.93.114.155 | attackbots | Mar 31 11:16:44 eventyay sshd[16252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.93.114.155 Mar 31 11:16:46 eventyay sshd[16252]: Failed password for invalid user jw from 218.93.114.155 port 63882 ssh2 Mar 31 11:20:46 eventyay sshd[16448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.93.114.155 ... |
2020-03-31 17:29:30 |
| 186.85.159.135 | attackspambots | Mar 31 11:03:25 sso sshd[9874]: Failed password for root from 186.85.159.135 port 8129 ssh2 ... |
2020-03-31 17:41:04 |
| 77.247.108.119 | attack | Mar 31 11:01:09 debian-2gb-nbg1-2 kernel: \[7904322.649825\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=77.247.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=32250 PROTO=TCP SPT=42028 DPT=5038 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-31 17:06:07 |
| 185.36.81.78 | attackspam | Rude login attack (17 tries in 1d) |
2020-03-31 17:15:15 |
| 71.6.199.23 | attackbotsspam | Mar 31 10:48:16 mout postfix/smtpd[13822]: lost connection after STARTTLS from einstein.census.shodan.io[71.6.199.23] |
2020-03-31 17:06:50 |
| 128.14.134.170 | attack | Malicious brute force vulnerability hacking attacks |
2020-03-31 17:25:30 |
| 216.194.122.27 | attackspambots | Mar 31 09:20:27 dev0-dcde-rnet sshd[10202]: Failed password for root from 216.194.122.27 port 46782 ssh2 Mar 31 09:26:09 dev0-dcde-rnet sshd[10237]: Failed password for root from 216.194.122.27 port 44052 ssh2 |
2020-03-31 17:26:55 |