City: unknown
Region: unknown
Country: South Africa
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.48.169.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1833
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;41.48.169.45. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020900 1800 900 604800 86400
;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 10 00:39:56 CST 2025
;; MSG SIZE rcvd: 105
Host 45.169.48.41.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 45.169.48.41.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 51.38.112.45 | attackspam | Sep 16 20:26:50 yesfletchmain sshd\[25162\]: Invalid user uftp from 51.38.112.45 port 50916 Sep 16 20:26:50 yesfletchmain sshd\[25162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.112.45 Sep 16 20:26:52 yesfletchmain sshd\[25162\]: Failed password for invalid user uftp from 51.38.112.45 port 50916 ssh2 Sep 16 20:30:20 yesfletchmain sshd\[25212\]: Invalid user 1234 from 51.38.112.45 port 38738 Sep 16 20:30:20 yesfletchmain sshd\[25212\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.112.45 ... |
2019-09-17 06:38:26 |
| 102.134.2.110 | attack | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 18:28:46,239 INFO [amun_request_handler] PortScan Detected on Port: 445 (102.134.2.110) |
2019-09-17 06:53:17 |
| 110.49.71.244 | attack | Sep 17 00:30:09 yabzik sshd[23465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.71.244 Sep 17 00:30:11 yabzik sshd[23465]: Failed password for invalid user oltu from 110.49.71.244 port 32932 ssh2 Sep 17 00:34:38 yabzik sshd[25460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.71.244 |
2019-09-17 06:28:27 |
| 207.46.13.111 | attack | Automatic report - Banned IP Access |
2019-09-17 06:45:45 |
| 58.93.49.69 | attackspambots | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 18:24:55,857 INFO [amun_request_handler] PortScan Detected on Port: 445 (58.93.49.69) |
2019-09-17 07:03:19 |
| 139.59.238.39 | attack | xmlrpc attack |
2019-09-17 06:59:09 |
| 106.12.209.117 | attackspam | 2019-09-17T00:16:07.900633 sshd[8294]: Invalid user map from 106.12.209.117 port 44540 2019-09-17T00:16:07.913302 sshd[8294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.209.117 2019-09-17T00:16:07.900633 sshd[8294]: Invalid user map from 106.12.209.117 port 44540 2019-09-17T00:16:10.397490 sshd[8294]: Failed password for invalid user map from 106.12.209.117 port 44540 ssh2 2019-09-17T00:21:08.009638 sshd[8345]: Invalid user maya from 106.12.209.117 port 57844 ... |
2019-09-17 06:32:22 |
| 115.74.227.62 | attackbots | xmlrpc attack |
2019-09-17 07:04:08 |
| 115.75.2.189 | attackspam | Sep 16 18:44:23 ny01 sshd[22274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.75.2.189 Sep 16 18:44:25 ny01 sshd[22274]: Failed password for invalid user abrahan from 115.75.2.189 port 56420 ssh2 Sep 16 18:48:53 ny01 sshd[23146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.75.2.189 |
2019-09-17 06:50:23 |
| 172.104.242.173 | attack | firewall-block, port(s): 3000/tcp |
2019-09-17 06:25:19 |
| 113.91.38.67 | attackspam | Sep 16 00:33:07 web1 sshd[5666]: Invalid user susane from 113.91.38.67 Sep 16 00:33:07 web1 sshd[5666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.91.38.67 Sep 16 00:33:10 web1 sshd[5666]: Failed password for invalid user susane from 113.91.38.67 port 26438 ssh2 Sep 16 00:33:10 web1 sshd[5666]: Received disconnect from 113.91.38.67: 11: Bye Bye [preauth] Sep 16 00:50:47 web1 sshd[7174]: Invalid user azureuser from 113.91.38.67 Sep 16 00:50:47 web1 sshd[7174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.91.38.67 Sep 16 00:50:48 web1 sshd[7174]: Failed password for invalid user azureuser from 113.91.38.67 port 28172 ssh2 Sep 16 00:50:49 web1 sshd[7174]: Received disconnect from 113.91.38.67: 11: Bye Bye [preauth] Sep 16 00:53:53 web1 sshd[7193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.91.38.67 user=admin Sep 16 00:53:55 we........ ------------------------------- |
2019-09-17 06:47:59 |
| 96.78.222.147 | attack | www.goldgier.de 96.78.222.147 \[16/Sep/2019:22:56:06 +0200\] "POST /wp-login.php HTTP/1.1" 200 8728 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 96.78.222.147 \[16/Sep/2019:22:56:07 +0200\] "POST /wp-login.php HTTP/1.1" 200 8728 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-09-17 06:39:33 |
| 112.85.42.176 | attackspambots | Scanning random ports - tries to find possible vulnerable services |
2019-09-17 06:43:24 |
| 86.158.99.45 | attackspambots | SSH invalid-user multiple login attempts |
2019-09-17 06:52:32 |
| 5.39.219.141 | attack | Sep 16 00:35:38 plesk sshd[9557]: Did not receive identification string from 5.39.219.141 Sep 16 00:36:59 plesk sshd[9601]: Did not receive identification string from 5.39.219.141 Sep 16 00:37:46 plesk sshd[9613]: Address 5.39.219.141 maps to wisdomcenter.online, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 16 00:37:46 plesk sshd[9613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.219.141 user=r.r Sep 16 00:37:48 plesk sshd[9613]: Failed password for r.r from 5.39.219.141 port 51496 ssh2 Sep 16 00:37:48 plesk sshd[9613]: Received disconnect from 5.39.219.141: 11: Bye Bye [preauth] Sep 16 00:39:01 plesk sshd[9667]: Address 5.39.219.141 maps to wisdomcenter.online, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 16 00:39:01 plesk sshd[9667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.219.141 user=r.r Sep 16 00:39:03 p........ ------------------------------- |
2019-09-17 06:33:05 |