City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 207.142.168.241
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;207.142.168.241. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021002 1800 900 604800 86400
;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 11 10:16:58 CST 2025
;; MSG SIZE rcvd: 108Host 241.168.142.207.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 241.168.142.207.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 193.70.0.42 | attackspambots | Jul 20 14:03:42 SilenceServices sshd[32138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.0.42 Jul 20 14:03:44 SilenceServices sshd[32138]: Failed password for invalid user kumar from 193.70.0.42 port 32880 ssh2 Jul 20 14:10:36 SilenceServices sshd[3329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.0.42 |
2019-07-20 20:19:26 |
| 72.21.91.29 | attack | malware https://www.virustotal.com/gui/ip-address/72.21.91.29/relations |
2019-07-20 19:44:31 |
| 206.189.73.71 | attackspam | Reported by AbuseIPDB proxy server. |
2019-07-20 19:44:07 |
| 119.18.195.196 | attack | 48/tcp 45/tcp 46/tcp... [2019-06-21/07-20]176pkt,24pt.(tcp) |
2019-07-20 20:16:54 |
| 121.142.111.98 | attack | /var/log/messages:Jul 16 22:37:44 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1563316664.533:36596): pid=9982 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha2-256 pfs=ecdh-sha2-nistp256 spid=9983 suid=74 rport=36996 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=121.142.111.98 terminal=? res=success' /var/log/messages:Jul 16 22:37:44 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1563316664.537:36597): pid=9982 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha2-256 pfs=ecdh-sha2-nistp256 spid=9983 suid=74 rport=36996 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=121.142.111.98 terminal=? res=success' /var/log/secure:Jul 16 22:37:44 sanyalnet-cloud-vps sshd[9982]: Connection from 121.142......... ------------------------------- |
2019-07-20 19:41:10 |
| 201.198.151.8 | attackbots | Jul 20 14:06:41 MK-Soft-Root2 sshd\[23302\]: Invalid user rodolfo from 201.198.151.8 port 34944 Jul 20 14:06:41 MK-Soft-Root2 sshd\[23302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.198.151.8 Jul 20 14:06:43 MK-Soft-Root2 sshd\[23302\]: Failed password for invalid user rodolfo from 201.198.151.8 port 34944 ssh2 ... |
2019-07-20 20:09:18 |
| 184.105.247.204 | attack | 873/tcp 50070/tcp 30005/tcp... [2019-05-21/07-20]56pkt,17pt.(tcp),1pt.(udp) |
2019-07-20 20:11:10 |
| 103.207.2.204 | attackspam | Jul 20 17:41:14 vibhu-HP-Z238-Microtower-Workstation sshd\[4643\]: Invalid user anand from 103.207.2.204 Jul 20 17:41:14 vibhu-HP-Z238-Microtower-Workstation sshd\[4643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.2.204 Jul 20 17:41:16 vibhu-HP-Z238-Microtower-Workstation sshd\[4643\]: Failed password for invalid user anand from 103.207.2.204 port 60368 ssh2 Jul 20 17:47:03 vibhu-HP-Z238-Microtower-Workstation sshd\[5002\]: Invalid user martha from 103.207.2.204 Jul 20 17:47:03 vibhu-HP-Z238-Microtower-Workstation sshd\[5002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.2.204 ... |
2019-07-20 20:17:20 |
| 14.176.178.113 | attack | 445/tcp 445/tcp 445/tcp [2019-07-16/20]3pkt |
2019-07-20 19:47:52 |
| 136.32.230.96 | attackspambots | SSH Brute Force, server-1 sshd[15908]: Failed password for invalid user 10101010 from 136.32.230.96 port 48054 ssh2 |
2019-07-20 19:37:10 |
| 114.199.0.18 | attackspam | 37215/tcp 37215/tcp 37215/tcp... [2019-05-19/07-20]80pkt,1pt.(tcp) |
2019-07-20 19:51:36 |
| 156.212.253.178 | attack | Jul 20 14:43:43 srv-4 sshd\[18061\]: Invalid user admin from 156.212.253.178 Jul 20 14:43:43 srv-4 sshd\[18061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.212.253.178 Jul 20 14:43:46 srv-4 sshd\[18061\]: Failed password for invalid user admin from 156.212.253.178 port 50905 ssh2 ... |
2019-07-20 19:56:19 |
| 177.129.206.36 | attackbotsspam | Jul 20 07:43:43 web1 postfix/smtpd[5048]: warning: unknown[177.129.206.36]: SASL PLAIN authentication failed: authentication failure ... |
2019-07-20 19:57:05 |
| 191.102.85.228 | attackbotsspam | scan r |
2019-07-20 19:51:11 |
| 39.82.201.183 | attackspam | Jul 20 13:42:50 cvbmail sshd\[25677\]: Invalid user pi from 39.82.201.183 Jul 20 13:42:51 cvbmail sshd\[25677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.82.201.183 Jul 20 13:42:51 cvbmail sshd\[25679\]: Invalid user pi from 39.82.201.183 |
2019-07-20 20:27:47 |