City: Peine
Region: Niedersachsen
Country: Germany
Internet Service Provider: Vodafone
Hostname: unknown
Organization: unknown
Usage Type: unknown
bb'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 2a02:8108:9480:2cf4:5ee:cb50:c53f:dcf8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6609
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;2a02:8108:9480:2cf4:5ee:cb50:c53f:dcf8. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Wed Sep 18 15:37:22 CST 2024
;; MSG SIZE rcvd: 67
'Host 8.f.c.d.f.3.5.c.0.5.b.c.e.e.5.0.4.f.c.2.0.8.4.9.8.0.1.8.2.0.a.2.ip6.arpa not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 8.f.c.d.f.3.5.c.0.5.b.c.e.e.5.0.4.f.c.2.0.8.4.9.8.0.1.8.2.0.a.2.ip6.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 134.209.163.236 | attackspam | Automatic report - SSH Brute-Force Attack |
2019-12-30 07:54:34 |
| 68.70.17.184 | attack | Dec 30 00:03:06 cp sshd[13211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.70.17.184 |
2019-12-30 08:18:52 |
| 54.39.22.252 | attack | 2019-12-29 23:54:02,965 fail2ban.filter [1517]: INFO [ssh] Found 54.39.22.252 - 2019-12-29 23:54:02 2019-12-29 23:54:04,897 fail2ban.filter [1517]: INFO [ssh] Found 54.39.22.252 - 2019-12-29 23:54:04 2019-12-29 23:54:09,056 fail2ban.filter [1517]: INFO [ssh] Found 54.39.22.252 - 2019-12-29 23:54:09 2019-12-29 23:54:10,889 fail2ban.filter [1517]: INFO [ssh] Found 54.39.22.252 - 2019-12-29 23:54:10 2019-12-29 23:54:14,106 fail2ban.filter [1517]: INFO [ssh] Found 54.39.22.252 - 2019-12-29 23:54:13 2019-12-29 23:54:16,156 fail2ban.filter [1517]: INFO [ssh] Found 54.39.22.252 - 2019-12-29 23:54:16 2019-12-29 23:54:18,525 fail2ban.filter [1517]: INFO [ssh] Found 54.39.22.252 - 2019-12-29 23:54:18 2019-12-29 23:54:21,937 fail2ban.filter [1517]: INFO [ssh] Found 54.39.22.252 - 2019-12-29 23:54:21 2019-12-29 23:54:24,153 fail2ban.filter [1517]: INFO [ssh] Found 54.39.22.252 - 2019-........ ------------------------------- |
2019-12-30 08:27:42 |
| 177.72.65.218 | attackspambots | Dec 30 00:02:57 debian-2gb-nbg1-2 kernel: \[1313286.809294\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=177.72.65.218 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x00 TTL=234 ID=27510 DF PROTO=TCP SPT=34567 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0 |
2019-12-30 08:24:07 |
| 142.93.198.152 | attack | Dec 30 01:32:10 vps691689 sshd[11153]: Failed password for root from 142.93.198.152 port 50730 ssh2 Dec 30 01:34:34 vps691689 sshd[11431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.198.152 ... |
2019-12-30 08:35:18 |
| 144.91.95.229 | attack | Attempts to probe for or exploit a Drupal 7.69 site on url: /wp-login.php. Reported by the module https://www.drupal.org/project/abuseipdb. |
2019-12-30 08:11:06 |
| 91.106.193.72 | attackspambots | Dec 29 14:17:38 web9 sshd\[23134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=mysql Dec 29 14:17:40 web9 sshd\[23134\]: Failed password for mysql from 91.106.193.72 port 41950 ssh2 Dec 29 14:20:40 web9 sshd\[23547\]: Invalid user carin from 91.106.193.72 Dec 29 14:20:40 web9 sshd\[23547\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 Dec 29 14:20:42 web9 sshd\[23547\]: Failed password for invalid user carin from 91.106.193.72 port 44816 ssh2 |
2019-12-30 08:34:02 |
| 189.84.242.84 | attackbots | CloudCIX Reconnaissance Scan Detected, PTR: 189.84.242.84.cable.gigalink.net.br. |
2019-12-30 08:08:42 |
| 116.52.121.205 | attackspam | Forbidden directory scan :: 2019/12/29 23:03:37 [error] 1031#1031: *119513 access forbidden by rule, client: 116.52.121.205, server: [censored_1], request: "GET /downloads/Windows10-DisableCortanaSearch.zip HTTP/1.1", host: "www.[censored_1]" |
2019-12-30 07:59:42 |
| 41.39.72.152 | attackspambots | DLink DSL Remote OS Command Injection Vulnerability, PTR: host-41.39.72.152.tedata.net. |
2019-12-30 08:33:35 |
| 190.149.59.82 | attackbots | 12/29/2019-18:02:53.968962 190.149.59.82 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433 |
2019-12-30 08:27:58 |
| 213.6.116.222 | attackspam | Unauthorized access detected from banned ip |
2019-12-30 07:55:29 |
| 165.227.115.93 | attackbotsspam | Dec 30 01:16:19 mout sshd[32677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.115.93 user=root Dec 30 01:16:22 mout sshd[32677]: Failed password for root from 165.227.115.93 port 51606 ssh2 |
2019-12-30 08:21:01 |
| 5.2.143.125 | attack | Dec 30 00:03:25 debian-2gb-nbg1-2 kernel: \[1313315.057824\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=5.2.143.125 DST=195.201.40.59 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=35894 DF PROTO=TCP SPT=35350 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0 |
2019-12-30 08:06:06 |
| 192.254.129.171 | attackspambots | HTTP Directory Traversal Vulnerability, PTR: viv.vivenproducciones.com. |
2019-12-30 08:34:20 |