City: unknown
Region: unknown
Country: IANA Special-Purpose Address
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 249.42.61.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34242
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;249.42.61.138. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020600 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 06 23:53:40 CST 2025
;; MSG SIZE rcvd: 106Host 138.61.42.249.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 138.61.42.249.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 200.44.50.155 | attack | Fail2Ban - SSH Bruteforce Attempt |
2019-10-18 17:42:44 |
| 107.173.0.204 | attackbotsspam | (From noreply@gplforest1639.website) Hello, Are you currently utilising Wordpress/Woocommerce or maybe do you actually project to use it later ? We provide around 2500 premium plugins and additionally themes fully free to download : http://anurl.xyz/fetUu Regards, Chet |
2019-10-18 17:13:39 |
| 89.248.174.3 | attackspambots | 10/18/2019-05:10:57.040524 89.248.174.3 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-10-18 17:24:35 |
| 106.12.132.187 | attack | Oct 18 06:57:48 meumeu sshd[25167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.187 Oct 18 06:57:51 meumeu sshd[25167]: Failed password for invalid user administrator from 106.12.132.187 port 38910 ssh2 Oct 18 07:03:53 meumeu sshd[25910]: Failed password for root from 106.12.132.187 port 46756 ssh2 ... |
2019-10-18 17:36:32 |
| 94.243.140.162 | attackspam | Unauthorized IMAP connection attempt |
2019-10-18 17:26:04 |
| 159.203.111.100 | attack | Oct 18 09:28:45 localhost sshd\[112409\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 user=root Oct 18 09:28:48 localhost sshd\[112409\]: Failed password for root from 159.203.111.100 port 58379 ssh2 Oct 18 09:34:08 localhost sshd\[112525\]: Invalid user zimbra from 159.203.111.100 port 49575 Oct 18 09:34:08 localhost sshd\[112525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 Oct 18 09:34:10 localhost sshd\[112525\]: Failed password for invalid user zimbra from 159.203.111.100 port 49575 ssh2 ... |
2019-10-18 17:37:27 |
| 119.27.165.134 | attack | 2019-10-18T04:51:36.900014abusebot-7.cloudsearch.cf sshd\[11615\]: Invalid user 123456 from 119.27.165.134 port 57892 |
2019-10-18 17:10:08 |
| 105.235.193.94 | attackbots | Oct 17 21:47:41 mail postfix/postscreen[205873]: PREGREET 15 after 2.4 from [105.235.193.94]:54552: EHLO lirus.it ... |
2019-10-18 17:25:48 |
| 5.15.80.147 | attack | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.15.80.147/ RO - 1H : (33) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RO NAME ASN : ASN8708 IP : 5.15.80.147 CIDR : 5.12.0.0/14 PREFIX COUNT : 236 UNIQUE IP COUNT : 2129408 WYKRYTE ATAKI Z ASN8708 : 1H - 2 3H - 3 6H - 4 12H - 8 24H - 14 DateTime : 2019-10-18 05:48:04 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery |
2019-10-18 17:10:26 |
| 203.146.170.167 | attack | Oct 18 06:54:57 eventyay sshd[27703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.146.170.167 Oct 18 06:54:59 eventyay sshd[27703]: Failed password for invalid user jong-i from 203.146.170.167 port 58914 ssh2 Oct 18 06:59:26 eventyay sshd[27787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.146.170.167 ... |
2019-10-18 17:41:14 |
| 188.150.173.73 | attackspam | Lines containing failures of 188.150.173.73 (max 1000) Oct 17 08:13:06 localhost sshd[13493]: User r.r from 188.150.173.73 not allowed because listed in DenyUsers Oct 17 08:13:06 localhost sshd[13493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.150.173.73 user=r.r Oct 17 08:13:08 localhost sshd[13493]: Failed password for invalid user r.r from 188.150.173.73 port 44588 ssh2 Oct 17 08:13:08 localhost sshd[13493]: Received disconnect from 188.150.173.73 port 44588:11: Bye Bye [preauth] Oct 17 08:13:08 localhost sshd[13493]: Disconnected from invalid user r.r 188.150.173.73 port 44588 [preauth] Oct 17 08:21:33 localhost sshd[17701]: Invalid user vbox from 188.150.173.73 port 48614 Oct 17 08:21:33 localhost sshd[17701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.150.173.73 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=188.150.173.73 |
2019-10-18 17:43:04 |
| 77.40.2.103 | attack | 10/18/2019-10:59:43.090955 77.40.2.103 Protocol: 6 SURICATA SMTP tls rejected |
2019-10-18 17:08:34 |
| 104.244.73.176 | attackspambots | rain |
2019-10-18 17:26:59 |
| 104.197.98.229 | attack | 18.10.2019 08:35:57 Connection to port 5900 blocked by firewall |
2019-10-18 17:26:44 |
| 190.102.140.7 | attack | Oct 17 18:01:34 friendsofhawaii sshd\[28661\]: Invalid user password from 190.102.140.7 Oct 17 18:01:34 friendsofhawaii sshd\[28661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.102.140.7 Oct 17 18:01:36 friendsofhawaii sshd\[28661\]: Failed password for invalid user password from 190.102.140.7 port 58810 ssh2 Oct 17 18:06:12 friendsofhawaii sshd\[29033\]: Invalid user password1 from 190.102.140.7 Oct 17 18:06:12 friendsofhawaii sshd\[29033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.102.140.7 |
2019-10-18 17:18:36 |