City: unknown
Region: unknown
Country: unknown
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
bb'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 2001:8d8:1000:50d7:85f8:f08f:d577:f82c
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 19431
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;2001:8d8:1000:50d7:85f8:f08f:d577:f82c. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Feb 19 00:35:38 CST 2022
;; MSG SIZE rcvd: 67
'c.2.8.f.7.7.5.d.f.8.0.f.8.f.5.8.7.d.0.5.0.0.0.1.8.d.8.0.1.0.0.2.ip6.arpa domain name pointer kundenserver.de.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
c.2.8.f.7.7.5.d.f.8.0.f.8.f.5.8.7.d.0.5.0.0.0.1.8.d.8.0.1.0.0.2.ip6.arpa name = kundenserver.de.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.199.5.50 | attackspambots | Oct 6 02:46:56 *hidden* sshd[29517]: Failed password for *hidden* from 139.199.5.50 port 54982 ssh2 Oct 6 02:50:42 *hidden* sshd[30971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 02:50:45 *hidden* sshd[30971]: Failed password for *hidden* from 139.199.5.50 port 56904 ssh2 Oct 6 02:54:23 *hidden* sshd[32323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 02:54:24 *hidden* sshd[32323]: Failed password for *hidden* from 139.199.5.50 port 58804 ssh2 |
2020-10-06 12:48:58 |
| 122.194.229.37 | attackbots | Oct 6 06:39:05 sd-69548 sshd[4047352]: Unable to negotiate with 122.194.229.37 port 48540: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Oct 6 06:46:38 sd-69548 sshd[4047915]: Unable to negotiate with 122.194.229.37 port 1514: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ... |
2020-10-06 12:50:14 |
| 222.186.31.166 | attackbots | Oct 6 01:52:40 shivevps sshd[29394]: Failed password for root from 222.186.31.166 port 47944 ssh2 Oct 6 01:52:47 shivevps sshd[29396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Oct 6 01:52:50 shivevps sshd[29396]: Failed password for root from 222.186.31.166 port 19004 ssh2 ... |
2020-10-06 12:55:23 |
| 62.201.120.141 | attack | Oct 5 23:11:58 localhost sshd\[25214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.201.120.141 user=root Oct 5 23:12:01 localhost sshd\[25214\]: Failed password for root from 62.201.120.141 port 55808 ssh2 Oct 5 23:15:30 localhost sshd\[25479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.201.120.141 user=root Oct 5 23:15:32 localhost sshd\[25479\]: Failed password for root from 62.201.120.141 port 33894 ssh2 Oct 5 23:18:58 localhost sshd\[25744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.201.120.141 user=root ... |
2020-10-06 12:46:06 |
| 190.206.95.108 | attackspambots | 20/10/5@16:44:16: FAIL: Alarm-Network address from=190.206.95.108 ... |
2020-10-06 12:45:19 |
| 104.155.163.244 | attackbotsspam | Oct 5 18:17:59 php1 sshd\[29196\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.155.163.244 user=root Oct 5 18:18:01 php1 sshd\[29196\]: Failed password for root from 104.155.163.244 port 33026 ssh2 Oct 5 18:21:38 php1 sshd\[29566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.155.163.244 user=root Oct 5 18:21:39 php1 sshd\[29566\]: Failed password for root from 104.155.163.244 port 40130 ssh2 Oct 5 18:25:09 php1 sshd\[29923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.155.163.244 user=root |
2020-10-06 12:34:00 |
| 185.202.2.130 | attackspambots | RDP Brute-Force (honeypot 2) |
2020-10-06 12:35:50 |
| 218.92.0.249 | attack | Oct 6 04:50:48 localhost sshd[57616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.249 user=root Oct 6 04:50:51 localhost sshd[57616]: Failed password for root from 218.92.0.249 port 47680 ssh2 Oct 6 04:50:54 localhost sshd[57616]: Failed password for root from 218.92.0.249 port 47680 ssh2 Oct 6 04:50:48 localhost sshd[57616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.249 user=root Oct 6 04:50:51 localhost sshd[57616]: Failed password for root from 218.92.0.249 port 47680 ssh2 Oct 6 04:50:54 localhost sshd[57616]: Failed password for root from 218.92.0.249 port 47680 ssh2 Oct 6 04:50:48 localhost sshd[57616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.249 user=root Oct 6 04:50:51 localhost sshd[57616]: Failed password for root from 218.92.0.249 port 47680 ssh2 Oct 6 04:50:54 localhost sshd[57616]: Failed password fo ... |
2020-10-06 12:56:48 |
| 81.71.24.200 | attackspam | Oct 5 11:11:30 host sshd[28009]: User r.r from 81.71.24.200 not allowed because none of user's groups are listed in AllowGroups Oct 5 11:11:31 host sshd[28009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.71.24.200 user=r.r Oct 5 11:11:33 host sshd[28009]: Failed password for invalid user r.r from 81.71.24.200 port 58898 ssh2 Oct 5 11:11:33 host sshd[28009]: Received disconnect from 81.71.24.200 port 58898:11: Bye Bye [preauth] Oct 5 11:11:33 host sshd[28009]: Disconnected from invalid user r.r 81.71.24.200 port 58898 [preauth] Oct 5 11:20:11 host sshd[28182]: User r.r from 81.71.24.200 not allowed because none of user's groups are listed in AllowGroups Oct 5 11:20:11 host sshd[28182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.71.24.200 user=r.r Oct 5 11:20:13 host sshd[28182]: Failed password for invalid user r.r from 81.71.24.200 port 44596 ssh2 Oct 5 11:20:13 ho........ ------------------------------- |
2020-10-06 12:59:09 |
| 189.240.3.169 | attackbots | Repeated RDP login failures. Last user: administrator |
2020-10-06 12:35:33 |
| 206.189.171.204 | attackbots | Oct 6 04:45:47 Ubuntu-1404-trusty-64-minimal sshd\[932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.171.204 user=root Oct 6 04:45:49 Ubuntu-1404-trusty-64-minimal sshd\[932\]: Failed password for root from 206.189.171.204 port 58624 ssh2 Oct 6 04:47:27 Ubuntu-1404-trusty-64-minimal sshd\[1295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.171.204 user=root Oct 6 04:47:29 Ubuntu-1404-trusty-64-minimal sshd\[1295\]: Failed password for root from 206.189.171.204 port 58950 ssh2 Oct 6 04:49:05 Ubuntu-1404-trusty-64-minimal sshd\[1748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.171.204 user=root |
2020-10-06 12:48:42 |
| 191.5.182.251 | attackspambots | port scan and connect, tcp 23 (telnet) |
2020-10-06 12:24:25 |
| 112.29.172.148 | attack | $f2bV_matches |
2020-10-06 12:43:31 |
| 80.90.82.70 | attackbotsspam | 80.90.82.70 - - [06/Oct/2020:01:50:27 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-10-06 12:47:25 |
| 103.92.29.50 | attackbots | Oct 6 04:12:12 *hidden* sshd[23384]: Failed password for *hidden* from 103.92.29.50 port 48764 ssh2 Oct 6 04:15:24 *hidden* sshd[25194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.29.50 user=root Oct 6 04:15:26 *hidden* sshd[25194]: Failed password for *hidden* from 103.92.29.50 port 37824 ssh2 |
2020-10-06 12:52:54 |