City: unknown
Region: unknown
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.234.248.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54395
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;42.234.248.18. IN A
;; AUTHORITY SECTION:
. 275 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400
;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 14:20:13 CST 2022
;; MSG SIZE rcvd: 10618.248.234.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
18.248.234.42.in-addr.arpa name = hn.kd.ny.adsl.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.248.112.159 | attackspambots | 104.248.112.159 - - [05/Oct/2020:05:52:24 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2417 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.112.159 - - [05/Oct/2020:05:52:26 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2420 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.112.159 - - [05/Oct/2020:05:52:31 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-10-06 01:47:59 |
| 58.213.123.195 | attackspambots | Brute force attempt |
2020-10-06 01:45:44 |
| 139.99.55.150 | attackbots | Oct 5 12:44:19 ns382633 sshd\[16009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root Oct 5 12:44:21 ns382633 sshd\[16009\]: Failed password for root from 139.99.55.150 port 33485 ssh2 Oct 5 12:52:28 ns382633 sshd\[16835\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root Oct 5 12:52:30 ns382633 sshd\[16835\]: Failed password for root from 139.99.55.150 port 57762 ssh2 Oct 5 12:56:23 ns382633 sshd\[17334\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root |
2020-10-06 01:45:25 |
| 13.75.252.69 | attack | Oct 5 16:14:14 roki sshd[6119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.75.252.69 user=root Oct 5 16:14:17 roki sshd[6119]: Failed password for root from 13.75.252.69 port 53552 ssh2 Oct 5 16:26:16 roki sshd[7009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.75.252.69 user=root Oct 5 16:26:18 roki sshd[7009]: Failed password for root from 13.75.252.69 port 60156 ssh2 Oct 5 16:30:41 roki sshd[7322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.75.252.69 user=root ... |
2020-10-06 01:39:32 |
| 27.35.211.22 | attack | Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=55049 . dstport=1023 . (3506) |
2020-10-06 02:13:27 |
| 194.87.138.107 | attackspambots | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-10-06 02:00:30 |
| 68.73.49.153 | attackbotsspam | 68.73.49.153 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 5 05:54:04 jbs1 sshd[11945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.232.64.46 user=root Oct 5 05:53:57 jbs1 sshd[11909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.152.220.161 user=root Oct 5 05:53:59 jbs1 sshd[11909]: Failed password for root from 122.152.220.161 port 43406 ssh2 Oct 5 05:53:35 jbs1 sshd[11756]: Failed password for root from 91.122.159.193 port 44496 ssh2 Oct 5 05:53:12 jbs1 sshd[11681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.73.49.153 user=root Oct 5 05:53:14 jbs1 sshd[11681]: Failed password for root from 68.73.49.153 port 40596 ssh2 IP Addresses Blocked: 165.232.64.46 (US/United States/-) 122.152.220.161 (CN/China/-) 91.122.159.193 (RU/Russia/-) |
2020-10-06 01:55:07 |
| 85.9.251.137 | attackbotsspam | sina.com.cn |
2020-10-06 01:50:57 |
| 183.154.18.88 | attack | Oct 4 23:16:32 srv01 postfix/smtpd\[23936\]: warning: unknown\[183.154.18.88\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:16:43 srv01 postfix/smtpd\[23936\]: warning: unknown\[183.154.18.88\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:17:00 srv01 postfix/smtpd\[23936\]: warning: unknown\[183.154.18.88\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:17:20 srv01 postfix/smtpd\[23936\]: warning: unknown\[183.154.18.88\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:17:33 srv01 postfix/smtpd\[23936\]: warning: unknown\[183.154.18.88\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-10-06 01:51:28 |
| 165.22.96.79 | attackspambots | 2020-10-05T18:03:55.263236hostname sshd[112977]: Failed password for root from 165.22.96.79 port 59644 ssh2 ... |
2020-10-06 02:16:54 |
| 106.13.230.219 | attack | 106.13.230.219 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 5 06:41:46 server5 sshd[31614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 user=root Oct 5 06:41:49 server5 sshd[31614]: Failed password for root from 106.13.230.219 port 57258 ssh2 Oct 5 06:43:10 server5 sshd[32013]: Failed password for root from 191.3.150.101 port 61361 ssh2 Oct 5 06:47:40 server5 sshd[1382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.38.214 user=root Oct 5 06:34:21 server5 sshd[28327]: Failed password for root from 97.64.122.66 port 54070 ssh2 IP Addresses Blocked: |
2020-10-06 02:17:23 |
| 2.57.122.15 | attack | Sep 29 12:26:51 euve59663 sshd[9397]: Did not receive identification st= ring from 2.57.122.15 Sep 29 12:27:08 euve59663 sshd[9402]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D2.57= .122.15 user=3Dr.r Sep 29 12:27:10 euve59663 sshd[9402]: Failed password for r.r from 2.5= 7.122.15 port 36794 ssh2 Sep 29 12:27:10 euve59663 sshd[9402]: Received disconnect from 2.57.122= .15: 11: Normal Shutdown, Thank you for playing [preauth] Sep 29 12:27:31 euve59663 sshd[9404]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D2.57= .122.15 user=3Dr.r Sep 29 12:27:34 euve59663 sshd[9404]: Failed password for r.r from 2.5= 7.122.15 port 57048 ssh2 Sep 29 12:27:34 euve59663 sshd[9404]: Received disconnect from 2.57.122= .15: 11: Normal Shutdown, Thank you for playing [preauth] Sep 29 12:27:44 euve59663 sshd[9406]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3........ ------------------------------- |
2020-10-06 02:02:14 |
| 159.65.77.254 | attack | Oct 5 08:19:19 game-panel sshd[29280]: Failed password for root from 159.65.77.254 port 59384 ssh2 Oct 5 08:23:01 game-panel sshd[29420]: Failed password for root from 159.65.77.254 port 37202 ssh2 |
2020-10-06 01:57:40 |
| 180.76.167.78 | attackbotsspam | Oct 5 12:46:10 ns382633 sshd\[16178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.167.78 user=root Oct 5 12:46:12 ns382633 sshd\[16178\]: Failed password for root from 180.76.167.78 port 49090 ssh2 Oct 5 13:07:08 ns382633 sshd\[18611\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.167.78 user=root Oct 5 13:07:10 ns382633 sshd\[18611\]: Failed password for root from 180.76.167.78 port 37910 ssh2 Oct 5 13:11:22 ns382633 sshd\[19196\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.167.78 user=root |
2020-10-06 02:12:28 |
| 103.206.252.234 | attack | 1601843744 - 10/04/2020 22:35:44 Host: 103.206.252.234/103.206.252.234 Port: 8080 TCP Blocked |
2020-10-06 02:08:24 |