City: unknown
Region: unknown
Country: IANA Special-Purpose Address
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 243.137.199.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37252
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;243.137.199.102. IN A
;; AUTHORITY SECTION:
. 600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023032900 1800 900 604800 86400
;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 29 15:34:34 CST 2023
;; MSG SIZE rcvd: 108Host 102.199.137.243.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 102.199.137.243.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 66.56.141.23 | attackspam | Fail2Ban Ban Triggered |
2019-11-05 15:51:46 |
| 130.61.23.96 | attackspam | Nov 5 08:31:22 vmanager6029 sshd\[13795\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.23.96 user=root Nov 5 08:31:24 vmanager6029 sshd\[13795\]: Failed password for root from 130.61.23.96 port 23564 ssh2 Nov 5 08:35:03 vmanager6029 sshd\[13830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.23.96 user=root |
2019-11-05 15:48:41 |
| 216.244.66.227 | attackbotsspam | login attempts |
2019-11-05 15:42:37 |
| 41.215.139.92 | attack | TCP Port Scanning |
2019-11-05 15:28:33 |
| 106.13.150.163 | attack | Nov 5 07:40:11 legacy sshd[8839]: Failed password for root from 106.13.150.163 port 48780 ssh2 Nov 5 07:45:46 legacy sshd[8999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.150.163 Nov 5 07:45:48 legacy sshd[8999]: Failed password for invalid user 1 from 106.13.150.163 port 57176 ssh2 ... |
2019-11-05 15:44:07 |
| 222.186.175.220 | attackspam | 2019-11-05T08:13:59.589188lon01.zurich-datacenter.net sshd\[20399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root 2019-11-05T08:14:02.001749lon01.zurich-datacenter.net sshd\[20399\]: Failed password for root from 222.186.175.220 port 3698 ssh2 2019-11-05T08:14:06.120792lon01.zurich-datacenter.net sshd\[20399\]: Failed password for root from 222.186.175.220 port 3698 ssh2 2019-11-05T08:14:10.458176lon01.zurich-datacenter.net sshd\[20399\]: Failed password for root from 222.186.175.220 port 3698 ssh2 2019-11-05T08:14:14.674769lon01.zurich-datacenter.net sshd\[20399\]: Failed password for root from 222.186.175.220 port 3698 ssh2 ... |
2019-11-05 15:19:29 |
| 45.82.153.133 | attackbotsspam | Nov 5 02:12:50 web1 postfix/smtpd[9418]: warning: unknown[45.82.153.133]: SASL LOGIN authentication failed: authentication failure ... |
2019-11-05 15:18:52 |
| 37.187.134.139 | attackbots | [Tue Nov 05 03:45:16.705949 2019] [:error] [pid 34927] [client 37.187.134.139:61000] [client 37.187.134.139] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ws22vmsma01.ufn.edu.br"] [uri "/"] [unique_id "XcEafPpFGIwYjAM2gCUa0wAAAAU"] ... |
2019-11-05 15:14:58 |
| 35.137.198.190 | attackspambots | Nov 5 07:29:14 andromeda sshd\[13368\]: Invalid user pi from 35.137.198.190 port 36252 Nov 5 07:29:14 andromeda sshd\[13369\]: Invalid user pi from 35.137.198.190 port 36254 Nov 5 07:29:14 andromeda sshd\[13368\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.137.198.190 |
2019-11-05 15:43:19 |
| 179.111.240.122 | attack | " " |
2019-11-05 15:52:08 |
| 185.244.234.196 | attack | Excessive Port-Scanning |
2019-11-05 15:45:00 |
| 123.30.154.184 | attackspambots | ssh failed login |
2019-11-05 15:39:24 |
| 104.199.21.252 | attackbots | 3389BruteforceFW23 |
2019-11-05 15:24:19 |
| 71.7.190.74 | attackspam | Nov 4 21:11:44 eddieflores sshd\[31160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71-7-190-74.eastlink.ca user=root Nov 4 21:11:46 eddieflores sshd\[31160\]: Failed password for root from 71.7.190.74 port 47288 ssh2 Nov 4 21:15:41 eddieflores sshd\[31465\]: Invalid user tgipl66 from 71.7.190.74 Nov 4 21:15:41 eddieflores sshd\[31465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71-7-190-74.eastlink.ca Nov 4 21:15:43 eddieflores sshd\[31465\]: Failed password for invalid user tgipl66 from 71.7.190.74 port 57820 ssh2 |
2019-11-05 15:30:51 |
| 2.59.153.97 | attackspam | Nov 4 17:05:39 HOST sshd[25251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.97 user=r.r Nov 4 17:05:41 HOST sshd[25251]: Failed password for r.r from 2.59.153.97 port 60746 ssh2 Nov 4 17:05:41 HOST sshd[25251]: Received disconnect from 2.59.153.97: 11: Bye Bye [preauth] Nov 4 17:29:21 HOST sshd[25725]: Failed password for invalid user team from 2.59.153.97 port 52564 ssh2 Nov 4 17:29:21 HOST sshd[25725]: Received disconnect from 2.59.153.97: 11: Bye Bye [preauth] Nov 4 17:33:15 HOST sshd[25807]: Failed password for invalid user sv from 2.59.153.97 port 50208 ssh2 Nov 4 17:33:15 HOST sshd[25807]: Received disconnect from 2.59.153.97: 11: Bye Bye [preauth] Nov 4 17:36:59 HOST sshd[25895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.97 user=r.r Nov 4 17:37:02 HOST sshd[25895]: Failed password for r.r from 2.59.153.97 port 47842 ssh2 Nov 4 17:37:02 HOST ssh........ ------------------------------- |
2019-11-05 15:39:07 |