City: Cheektowaga
Region: New York
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.72.55.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2710
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.72.55.125. IN A
;; AUTHORITY SECTION:
. 559 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019123101 1800 900 604800 86400
;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 01 09:16:27 CST 2020
;; MSG SIZE rcvd: 116Host 125.55.72.45.in-addr.arpa not found: 2(SERVFAIL);; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 125.55.72.45.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 140.143.9.145 | attack | [f2b] sshd bruteforce, retries: 1 |
2020-09-14 05:12:22 |
| 147.158.26.100 | attackbots | Automatic report - Port Scan Attack |
2020-09-14 04:48:05 |
| 104.131.131.140 | attackspam | Sep 13 21:02:17 ns308116 sshd[25452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root Sep 13 21:02:19 ns308116 sshd[25452]: Failed password for root from 104.131.131.140 port 40471 ssh2 Sep 13 21:05:54 ns308116 sshd[30485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root Sep 13 21:05:56 ns308116 sshd[30485]: Failed password for root from 104.131.131.140 port 35061 ssh2 Sep 13 21:09:19 ns308116 sshd[2631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root ... |
2020-09-14 04:57:28 |
| 54.39.209.237 | attackspam | Sep 12 07:48:31 dax sshd[7709]: Invalid user ubuntu from 54.39.209.237 Sep 12 07:48:33 dax sshd[7709]: Failed password for invalid user ubuntu from 54.39.209.237 port 43392 ssh2 Sep 12 07:48:33 dax sshd[7709]: Received disconnect from 54.39.209.237: 11: Bye Bye [preauth] Sep 12 07:56:22 dax sshd[8820]: Failed password for r.r from 54.39.209.237 port 58552 ssh2 Sep 12 07:56:22 dax sshd[8820]: Received disconnect from 54.39.209.237: 11: Bye Bye [preauth] Sep 12 08:00:16 dax sshd[9336]: Failed password for r.r from 54.39.209.237 port 45966 ssh2 Sep 12 08:00:16 dax sshd[9336]: Received disconnect from 54.39.209.237: 11: Bye Bye [preauth] Sep 12 08:04:11 dax sshd[9936]: Invalid user pruebas from 54.39.209.237 Sep 12 08:04:12 dax sshd[9936]: Failed password for invalid user pruebas from 54.39.209.237 port 33540 ssh2 Sep 12 08:04:12 dax sshd[9936]: Received disconnect from 54.39.209.237: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=54.39.20 |
2020-09-14 05:19:28 |
| 78.38.23.114 | attack | SMB Server BruteForce Attack |
2020-09-14 04:50:29 |
| 222.186.175.148 | attackspam | 2020-09-13T23:46:21.797913afi-git.jinr.ru sshd[28134]: Failed password for root from 222.186.175.148 port 52648 ssh2 2020-09-13T23:46:25.181666afi-git.jinr.ru sshd[28134]: Failed password for root from 222.186.175.148 port 52648 ssh2 2020-09-13T23:46:28.309044afi-git.jinr.ru sshd[28134]: Failed password for root from 222.186.175.148 port 52648 ssh2 2020-09-13T23:46:28.309172afi-git.jinr.ru sshd[28134]: error: maximum authentication attempts exceeded for root from 222.186.175.148 port 52648 ssh2 [preauth] 2020-09-13T23:46:28.309186afi-git.jinr.ru sshd[28134]: Disconnecting: Too many authentication failures [preauth] ... |
2020-09-14 04:50:06 |
| 180.89.58.27 | attack | prod8 ... |
2020-09-14 04:51:29 |
| 189.178.55.34 | attackspambots | Automatic report - Port Scan Attack |
2020-09-14 05:06:13 |
| 50.197.175.1 | attack | Cluster member 178.17.174.160 (MD/Republic of Moldova/ChiÈinÄu Municipality/Chisinau/kiv.hlex.pw/[AS43289 I.C.S. Trabia-Network S.R.L.]) said, TEMPDENY 50.197.175.1, Reason:[(sshd) Failed SSH login from 50.197.175.1 (US/United States/California/Oakland/50-197-175-1-static.hfc.comcastbusiness.net/[AS7922 COMCAST-7922]): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs: |
2020-09-14 05:18:01 |
| 159.65.89.214 | attackspambots | 2020-09-13T20:08:55.395815randservbullet-proofcloud-66.localdomain sshd[22543]: Invalid user backup from 159.65.89.214 port 40796 2020-09-13T20:08:55.400313randservbullet-proofcloud-66.localdomain sshd[22543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.89.214 2020-09-13T20:08:55.395815randservbullet-proofcloud-66.localdomain sshd[22543]: Invalid user backup from 159.65.89.214 port 40796 2020-09-13T20:08:57.925616randservbullet-proofcloud-66.localdomain sshd[22543]: Failed password for invalid user backup from 159.65.89.214 port 40796 ssh2 ... |
2020-09-14 04:56:33 |
| 205.185.115.116 | attack | none |
2020-09-14 04:51:59 |
| 222.186.180.6 | attackbotsspam | Sep 13 22:50:00 ucs sshd\[8266\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root Sep 13 22:50:02 ucs sshd\[8263\]: error: PAM: User not known to the underlying authentication module for root from 222.186.180.6 Sep 13 22:50:03 ucs sshd\[8313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root ... |
2020-09-14 04:53:17 |
| 212.145.192.205 | attackbotsspam | Sep 13 22:51:16 fhem-rasp sshd[16861]: Failed password for root from 212.145.192.205 port 47216 ssh2 Sep 13 22:51:16 fhem-rasp sshd[16861]: Disconnected from authenticating user root 212.145.192.205 port 47216 [preauth] ... |
2020-09-14 04:55:38 |
| 64.225.116.59 | attack | Sep 13 20:57:07 vm0 sshd[9757]: Failed password for root from 64.225.116.59 port 51468 ssh2 ... |
2020-09-14 05:08:15 |
| 111.229.199.239 | attack | SSH Brute-Forcing (server1) |
2020-09-14 04:54:16 |