City: Uelzen
Region: Lower Saxony
Country: Germany
Internet Service Provider: Vodafone
Hostname: unknown
Organization: Vodafone Kabel Deutschland GmbH
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2a02:8108:4dc0:ca0:fd2e:b3c5:ff93:f89d
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15863
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2a02:8108:4dc0:ca0:fd2e:b3c5:ff93:f89d. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019071800 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 19 01:37:11 CST 2019
;; MSG SIZE rcvd: 142
Host d.9.8.f.3.9.f.f.5.c.3.b.e.2.d.f.0.a.c.0.0.c.d.4.8.0.1.8.2.0.a.2.ip6.arpa not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find d.9.8.f.3.9.f.f.5.c.3.b.e.2.d.f.0.a.c.0.0.c.d.4.8.0.1.8.2.0.a.2.ip6.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 51.15.102.187 | attackbots | Brute-Force,SSH |
2020-05-08 17:56:30 |
| 185.120.147.145 | attack | 185.120.147.145 - - \[08/May/2020:10:43:34 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 185.120.147.145 - - \[08/May/2020:10:43:35 +0200\] "POST /wp-login.php HTTP/1.0" 200 6267 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 185.120.147.145 - - \[08/May/2020:10:43:35 +0200\] "POST /wp-login.php HTTP/1.0" 200 6263 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-05-08 17:56:47 |
| 139.199.36.50 | attackspam | 5x Failed Password |
2020-05-08 18:06:22 |
| 54.37.159.12 | attack | Repeated brute force against a port |
2020-05-08 18:00:51 |
| 106.12.211.168 | attackspam | ssh brute force |
2020-05-08 17:40:47 |
| 51.141.110.138 | attack | May 8 08:35:05 vlre-nyc-1 sshd\[3640\]: Invalid user marcin from 51.141.110.138 May 8 08:35:05 vlre-nyc-1 sshd\[3640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.141.110.138 May 8 08:35:07 vlre-nyc-1 sshd\[3640\]: Failed password for invalid user marcin from 51.141.110.138 port 46882 ssh2 May 8 08:38:49 vlre-nyc-1 sshd\[3707\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.141.110.138 user=root May 8 08:38:51 vlre-nyc-1 sshd\[3707\]: Failed password for root from 51.141.110.138 port 60712 ssh2 ... |
2020-05-08 17:55:40 |
| 116.111.115.251 | attackbotsspam | Email rejected due to spam filtering |
2020-05-08 18:05:11 |
| 182.74.25.246 | attackbotsspam | $f2bV_matches |
2020-05-08 17:55:56 |
| 61.74.234.245 | attackbots | May 8 06:03:55 PorscheCustomer sshd[3272]: Failed password for root from 61.74.234.245 port 60340 ssh2 May 8 06:08:12 PorscheCustomer sshd[3418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.74.234.245 May 8 06:08:14 PorscheCustomer sshd[3418]: Failed password for invalid user sas from 61.74.234.245 port 37394 ssh2 ... |
2020-05-08 17:52:06 |
| 118.89.25.35 | attackspambots | (sshd) Failed SSH login from 118.89.25.35 (CN/China/-): 5 in the last 3600 secs |
2020-05-08 17:41:31 |
| 37.187.105.36 | attackspam | $f2bV_matches |
2020-05-08 17:39:43 |
| 85.25.91.142 | attackspambots | May 8 10:31:00 ns3164893 sshd[23165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.25.91.142 May 8 10:31:02 ns3164893 sshd[23165]: Failed password for invalid user dev from 85.25.91.142 port 53001 ssh2 ... |
2020-05-08 17:36:41 |
| 167.62.139.159 | attackspambots | DATE:2020-05-08 05:51:42, IP:167.62.139.159, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2020-05-08 17:33:15 |
| 92.63.194.7 | attackspambots | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-05-08 17:25:23 |
| 189.27.6.129 | attackspambots | GET / HTTP/1.1 400 0 "-" "-" |
2020-05-08 18:03:17 |