City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 48.4.212.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29658
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;48.4.212.166. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021102 1800 900 604800 86400
;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 10:27:08 CST 2025
;; MSG SIZE rcvd: 105Host 166.212.4.48.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 166.212.4.48.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 206.81.12.242 | attack | Mar 6 10:00:55 takio sshd[2891]: Invalid user ubuntu from 206.81.12.242 port 47392 Mar 6 10:04:08 takio sshd[2921]: Invalid user oracle from 206.81.12.242 port 45184 Mar 6 10:07:23 takio sshd[2931]: Invalid user ftpuser from 206.81.12.242 port 42970 |
2020-03-06 17:50:33 |
| 5.8.184.42 | attack | Automatic report - Port Scan Attack |
2020-03-06 18:03:43 |
| 112.236.11.246 | attackspambots | Lines containing failures of 112.236.11.246 Mar 6 06:36:33 srv sshd[133266]: Invalid user pi from 112.236.11.246 port 39082 Mar 6 06:36:34 srv sshd[133266]: Connection closed by invalid user pi 112.236.11.246 port 39082 [preauth] Mar 6 06:36:34 srv sshd[133267]: Invalid user pi from 112.236.11.246 port 39088 Mar 6 06:36:34 srv sshd[133267]: Connection closed by invalid user pi 112.236.11.246 port 39088 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=112.236.11.246 |
2020-03-06 17:46:47 |
| 106.13.36.185 | attackbotsspam | Mar 6 07:12:53 |
2020-03-06 17:52:23 |
| 13.228.75.161 | attackspambots | Mar 5 22:48:37 hanapaa sshd\[27822\]: Invalid user nginx from 13.228.75.161 Mar 5 22:48:37 hanapaa sshd\[27822\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-13-228-75-161.ap-southeast-1.compute.amazonaws.com Mar 5 22:48:39 hanapaa sshd\[27822\]: Failed password for invalid user nginx from 13.228.75.161 port 46683 ssh2 Mar 5 22:52:46 hanapaa sshd\[28144\]: Invalid user ldapuser from 13.228.75.161 Mar 5 22:52:46 hanapaa sshd\[28144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-13-228-75-161.ap-southeast-1.compute.amazonaws.com |
2020-03-06 18:09:38 |
| 2.236.34.9 | attackbots | [munged]::443 2.236.34.9 - - [06/Mar/2020:05:48:44 +0100] "POST /[munged]: HTTP/1.1" 200 9129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2.236.34.9 - - [06/Mar/2020:05:49:44 +0100] "POST /[munged]: HTTP/1.1" 200 9129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2.236.34.9 - - [06/Mar/2020:05:49:47 +0100] "POST /[munged]: HTTP/1.1" 200 9129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2.236.34.9 - - [06/Mar/2020:05:49:50 +0100] "POST /[munged]: HTTP/1.1" 200 9129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2.236.34.9 - - [06/Mar/2020:05:50:21 +0100] "POST /[munged]: HTTP/1.1" 200 9129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2.236.34.9 - - [06/Mar/2020:05:50:24 +0100] "POST /[munged]: HTTP/1.1" 200 9129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; |
2020-03-06 18:21:06 |
| 96.9.245.174 | attackbots | spam 6 Mar 2020 05:15 Received: from mail.beautifulintersections.com (vpsnode24.webstudio40.com [96.9.245.174]) |
2020-03-06 17:59:36 |
| 213.159.41.237 | attack | 2020-03-0605:51:131jA4x7-0003KX-Oc\<=verena@rs-solution.chH=\(localhost\)[213.159.41.237]:47419P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2228id=BDB80E5D5682AC1FC3C68F37C35D5D76@rs-solution.chT="Wanttogetacquaintedwithyou"forsunnytisawar3000@gmail.comizquierdomatt@gmail.com2020-03-0605:50:271jA4wN-0003Fj-BP\<=verena@rs-solution.chH=\(localhost\)[14.187.37.149]:5595P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2252id=ABAE184B4094BA09D5D09921D5C3A780@rs-solution.chT="Youhappentobetryingtofindtruelove\?"forchasityrodriguez054@gmail.comdimazprayoga863@gmail.com2020-03-0605:50:541jA4wn-0003IF-Li\<=verena@rs-solution.chH=\(localhost\)[202.137.154.17]:39612P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2270id=919422717AAE8033EFEAA31BEFE6E461@rs-solution.chT="Youhappentobesearchingforlove\?"fordennisabbott25@gmail.comjefmastine@gmail.com2020-03-0605:51:521jA4xj-0003N2-He |
2020-03-06 18:11:51 |
| 61.182.232.38 | attackbotsspam | Mar 6 00:21:23 Tower sshd[15020]: Connection from 61.182.232.38 port 58356 on 192.168.10.220 port 22 rdomain "" Mar 6 00:21:24 Tower sshd[15020]: Invalid user ftptest from 61.182.232.38 port 58356 Mar 6 00:21:24 Tower sshd[15020]: error: Could not get shadow information for NOUSER Mar 6 00:21:24 Tower sshd[15020]: Failed password for invalid user ftptest from 61.182.232.38 port 58356 ssh2 Mar 6 00:21:25 Tower sshd[15020]: Received disconnect from 61.182.232.38 port 58356:11: Bye Bye [preauth] Mar 6 00:21:25 Tower sshd[15020]: Disconnected from invalid user ftptest 61.182.232.38 port 58356 [preauth] |
2020-03-06 18:02:39 |
| 89.248.168.202 | attackspam | Automatic report - Port Scan |
2020-03-06 18:18:50 |
| 80.82.77.86 | attackbotsspam | 11 packets to ports 161 623 626 2302 2362 5632 10000 12111 32768 32771 49153 |
2020-03-06 18:10:36 |
| 206.189.132.8 | attackspam | Mar 6 12:43:27 server sshd\[13125\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.132.8 user=saslauth Mar 6 12:43:29 server sshd\[13125\]: Failed password for saslauth from 206.189.132.8 port 47406 ssh2 Mar 6 12:51:12 server sshd\[14659\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.132.8 user=root Mar 6 12:51:14 server sshd\[14659\]: Failed password for root from 206.189.132.8 port 55596 ssh2 Mar 6 12:54:46 server sshd\[14971\]: Invalid user kafka from 206.189.132.8 Mar 6 12:54:46 server sshd\[14971\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.132.8 ... |
2020-03-06 18:19:43 |
| 180.76.102.136 | attackspambots | Mar 6 10:38:18 localhost sshd\[10724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.102.136 user=root Mar 6 10:38:20 localhost sshd\[10724\]: Failed password for root from 180.76.102.136 port 52408 ssh2 Mar 6 10:44:13 localhost sshd\[11086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.102.136 user=root Mar 6 10:44:14 localhost sshd\[11086\]: Failed password for root from 180.76.102.136 port 46592 ssh2 Mar 6 10:47:11 localhost sshd\[11356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.102.136 user=root ... |
2020-03-06 17:53:03 |
| 207.134.10.43 | attackspam | 1583470356 - 03/06/2020 05:52:36 Host: 207.134.10.43/207.134.10.43 Port: 445 TCP Blocked |
2020-03-06 17:46:28 |
| 192.241.211.215 | attackspambots | Mar 6 11:14:14 lukav-desktop sshd\[17976\]: Invalid user impala from 192.241.211.215 Mar 6 11:14:14 lukav-desktop sshd\[17976\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.211.215 Mar 6 11:14:17 lukav-desktop sshd\[17976\]: Failed password for invalid user impala from 192.241.211.215 port 51315 ssh2 Mar 6 11:21:03 lukav-desktop sshd\[18071\]: Invalid user openfiler from 192.241.211.215 Mar 6 11:21:03 lukav-desktop sshd\[18071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.211.215 |
2020-03-06 17:56:23 |