City: unknown
Region: unknown
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.212.56.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17920
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;42.212.56.158. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021601 1800 900 604800 86400
;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 09:41:36 CST 2025
;; MSG SIZE rcvd: 106Host 158.56.212.42.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 158.56.212.42.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.59.137.154 | attackbotsspam | Feb 18 18:40:57 plex sshd[18446]: Invalid user grey from 139.59.137.154 port 48890 |
2020-02-19 03:12:03 |
| 45.144.235.50 | attack | missing rdns |
2020-02-19 03:10:19 |
| 219.159.49.58 | attackbots | Port 1433 Scan |
2020-02-19 03:09:59 |
| 82.118.236.186 | attackbots | Feb 18 08:58:19 hpm sshd\[2277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.118.236.186 user=root Feb 18 08:58:21 hpm sshd\[2277\]: Failed password for root from 82.118.236.186 port 38676 ssh2 Feb 18 09:01:34 hpm sshd\[2588\]: Invalid user userftp from 82.118.236.186 Feb 18 09:01:34 hpm sshd\[2588\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.118.236.186 Feb 18 09:01:36 hpm sshd\[2588\]: Failed password for invalid user userftp from 82.118.236.186 port 39922 ssh2 |
2020-02-19 03:02:18 |
| 78.162.211.57 | attackspam | Automatic report - Port Scan Attack |
2020-02-19 03:06:46 |
| 145.239.89.243 | attack | frenzy |
2020-02-19 03:29:34 |
| 59.127.107.18 | attackbots | port scan and connect, tcp 23 (telnet) |
2020-02-19 03:07:11 |
| 185.243.53.78 | attackspambots | Feb 18 14:05:28 twattle sshd[26037]: Did not receive identification str= ing from 185.243.53.78 Feb 18 14:05:47 twattle sshd[26038]: Received disconnect from 185.243.5= 3.78: 11: Normal Shutdown, Thank you for playing [preauth] Feb 18 14:06:07 twattle sshd[26040]: Invalid user oracle from 185.243.5= 3.78 Feb 18 14:06:07 twattle sshd[26040]: Received disconnect from 185.243.5= 3.78: 11: Normal Shutdown, Thank you for playing [preauth] Feb 18 14:06:27 twattle sshd[26042]: Received disconnect from 185.243.5= 3.78: 11: Normal Shutdown, Thank you for playing [preauth] Feb 18 14:06:47 twattle sshd[26046]: Invalid user postgres from 185.243= .53.78 Feb 18 14:06:47 twattle sshd[26046]: Received disconnect from 185.243.5= 3.78: 11: Normal Shutdown, Thank you for playing [preauth] Feb 18 14:07:07 twattle sshd[26048]: Received disconnect from 185.243.5= 3.78: 11: Normal Shutdown, Thank you for playing [preauth] Feb 18 14:07:28 twattle sshd[26050]: Invalid user hadoop from 185.243......... ------------------------------- |
2020-02-19 03:25:39 |
| 14.160.238.45 | attackbotsspam | Feb 18 05:00:38 host2 sshd[2732]: Address 14.160.238.45 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 18 05:00:38 host2 sshd[2732]: Invalid user admin from 14.160.238.45 Feb 18 05:00:38 host2 sshd[2732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.160.238.45 Feb 18 05:00:40 host2 sshd[2732]: Failed password for invalid user admin from 14.160.238.45 port 53658 ssh2 Feb 18 05:00:41 host2 sshd[2732]: Connection closed by 14.160.238.45 [preauth] Feb 18 05:00:48 host2 sshd[3490]: Address 14.160.238.45 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 18 05:00:48 host2 sshd[3490]: Invalid user admin from 14.160.238.45 Feb 18 05:00:48 host2 sshd[3490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.160.238.45 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.160.238.45 |
2020-02-19 02:54:54 |
| 45.247.188.85 | attackbots | Feb 18 14:09:55 olgosrv01 sshd[11650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.247.188.85 user=r.r Feb 18 14:09:57 olgosrv01 sshd[11650]: Failed password for r.r from 45.247.188.85 port 60287 ssh2 Feb 18 14:10:00 olgosrv01 sshd[11650]: Failed password for r.r from 45.247.188.85 port 60287 ssh2 Feb 18 14:10:01 olgosrv01 sshd[11650]: Failed password for r.r from 45.247.188.85 port 60287 ssh2 Feb 18 14:10:04 olgosrv01 sshd[11650]: Failed password for r.r from 45.247.188.85 port 60287 ssh2 Feb 18 14:10:07 olgosrv01 sshd[11650]: Failed password for r.r from 45.247.188.85 port 60287 ssh2 Feb 18 14:10:09 olgosrv01 sshd[11650]: Failed password for r.r from 45.247.188.85 port 60287 ssh2 Feb 18 14:10:09 olgosrv01 sshd[11650]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.247.188.85 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.247.188.85 |
2020-02-19 03:21:39 |
| 3.12.246.245 | attackbotsspam | Wordpress_xmlrpc_attack |
2020-02-19 03:09:28 |
| 222.186.175.140 | attack | pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.140 user=root Failed password for root from 222.186.175.140 port 19748 ssh2 Failed password for root from 222.186.175.140 port 19748 ssh2 Failed password for root from 222.186.175.140 port 19748 ssh2 Failed password for root from 222.186.175.140 port 19748 ssh2 |
2020-02-19 03:04:51 |
| 157.230.34.239 | attack | WordPress login Brute force / Web App Attack on client site. |
2020-02-19 03:27:56 |
| 103.102.30.66 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2020-02-19 02:54:05 |
| 102.43.109.73 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2020-02-19 03:32:35 |