City: unknown
Region: unknown
Country: None
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 242.131.52.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53823
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;242.131.52.166. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021902 1800 900 604800 86400
;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 07:18:57 CST 2025
;; MSG SIZE rcvd: 107
Host 166.52.131.242.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 166.52.131.242.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 35.236.155.182 | attackspambots | *Port Scan* detected from 35.236.155.182 (US/United States/182.155.236.35.bc.googleusercontent.com). 11 hits in the last 276 seconds |
2020-07-16 15:12:53 |
| 222.186.180.130 | attack | Jul 16 09:50:08 vps647732 sshd[19145]: Failed password for root from 222.186.180.130 port 40062 ssh2 ... |
2020-07-16 15:51:09 |
| 212.64.3.40 | attack | Jul 16 00:38:11 ny01 sshd[28293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.3.40 Jul 16 00:38:13 ny01 sshd[28293]: Failed password for invalid user hans from 212.64.3.40 port 55990 ssh2 Jul 16 00:41:31 ny01 sshd[28709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.3.40 |
2020-07-16 15:19:56 |
| 185.100.87.206 | attackspambots | 2020/07/16 08:55:23 [error] 20617#20617: *8620541 open() "/usr/share/nginx/html/cgi-bin/php.cgi" failed (2: No such file or directory), client: 185.100.87.206, server: _, request: "POST /cgi-bin/php.cgi?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E HTTP/1.1", host: "waldatmen.com" 2020/07/16 08:55:23 [error] 20617#20617: *8620541 open() "/usr/share/nginx/html/cgi-bin/php4.cgi" failed (2: No such file or directory), client: 185.100.87.206, server: _, request: "POST /cgi-bin/php4.cgi?%2D%64+%61%6C%6C |
2020-07-16 15:42:57 |
| 139.59.146.28 | attack | 139.59.146.28 - - [16/Jul/2020:05:51:47 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [16/Jul/2020:05:51:47 +0200] "POST /wp-login.php HTTP/1.1" 200 1811 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [16/Jul/2020:05:51:48 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [16/Jul/2020:05:51:48 +0200] "POST /wp-login.php HTTP/1.1" 200 1799 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [16/Jul/2020:05:51:48 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [16/Jul/2020:05:51:49 +0200] "POST /wp-login.php HTTP/1.1" 200 1798 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ... |
2020-07-16 15:28:11 |
| 46.101.157.11 | attack | Jul 16 10:25:51 ift sshd\[64923\]: Invalid user jira from 46.101.157.11Jul 16 10:25:54 ift sshd\[64923\]: Failed password for invalid user jira from 46.101.157.11 port 44460 ssh2Jul 16 10:30:15 ift sshd\[828\]: Invalid user liuziyuan from 46.101.157.11Jul 16 10:30:17 ift sshd\[828\]: Failed password for invalid user liuziyuan from 46.101.157.11 port 34130 ssh2Jul 16 10:34:41 ift sshd\[1613\]: Invalid user team from 46.101.157.11 ... |
2020-07-16 15:48:33 |
| 222.186.173.238 | attackspambots | 2020-07-16T07:49:24.704874mail.csmailer.org sshd[14751]: Failed password for root from 222.186.173.238 port 16054 ssh2 2020-07-16T07:49:27.876084mail.csmailer.org sshd[14751]: Failed password for root from 222.186.173.238 port 16054 ssh2 2020-07-16T07:49:31.263817mail.csmailer.org sshd[14751]: Failed password for root from 222.186.173.238 port 16054 ssh2 2020-07-16T07:49:31.264256mail.csmailer.org sshd[14751]: error: maximum authentication attempts exceeded for root from 222.186.173.238 port 16054 ssh2 [preauth] 2020-07-16T07:49:31.264277mail.csmailer.org sshd[14751]: Disconnecting: Too many authentication failures [preauth] ... |
2020-07-16 15:50:32 |
| 142.44.240.82 | attackspambots | xmlrpc attack |
2020-07-16 15:16:24 |
| 104.248.138.221 | attackbots | $f2bV_matches |
2020-07-16 15:41:22 |
| 202.137.20.58 | attackbotsspam | Failed password for invalid user users from 202.137.20.58 port 28631 ssh2 |
2020-07-16 15:40:41 |
| 43.226.153.152 | attack | Portscan or hack attempt detected by psad/fwsnort |
2020-07-16 15:26:48 |
| 46.38.150.132 | attackbotsspam | Jul 16 09:37:50 srv01 postfix/smtpd\[5979\]: warning: unknown\[46.38.150.132\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 16 09:38:08 srv01 postfix/smtpd\[5979\]: warning: unknown\[46.38.150.132\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 16 09:38:33 srv01 postfix/smtpd\[5979\]: warning: unknown\[46.38.150.132\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 16 09:39:02 srv01 postfix/smtpd\[23163\]: warning: unknown\[46.38.150.132\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 16 09:39:30 srv01 postfix/smtpd\[5979\]: warning: unknown\[46.38.150.132\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-07-16 15:46:44 |
| 149.56.44.101 | attack | 2020-07-16T07:34:46.589507shield sshd\[13796\]: Invalid user oracle from 149.56.44.101 port 56922 2020-07-16T07:34:46.601039shield sshd\[13796\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.ip-149-56-44.net 2020-07-16T07:34:48.875950shield sshd\[13796\]: Failed password for invalid user oracle from 149.56.44.101 port 56922 ssh2 2020-07-16T07:36:47.137013shield sshd\[14100\]: Invalid user jacky from 149.56.44.101 port 33386 2020-07-16T07:36:47.147431shield sshd\[14100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.ip-149-56-44.net |
2020-07-16 15:38:24 |
| 34.72.148.13 | attackspam | Invalid user administrator from 34.72.148.13 port 48556 |
2020-07-16 15:39:41 |
| 177.11.139.114 | attackspam | $f2bV_matches |
2020-07-16 15:43:48 |