City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 48.68.111.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21001
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;48.68.111.142. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025011800 1800 900 604800 86400
;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 18 23:50:01 CST 2025
;; MSG SIZE rcvd: 106Host 142.111.68.48.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 142.111.68.48.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 159.147.54.183 | attackspam | SSH/22 MH Probe, BF, Hack - |
2020-06-13 22:38:07 |
| 104.248.117.234 | attackspam | Failed password for invalid user ela from 104.248.117.234 port 34018 ssh2 |
2020-06-13 23:02:06 |
| 183.66.65.247 | attackbotsspam | Jun 11 16:24:13 uapps sshd[3184]: User r.r from 183.66.65.247 not allowed because not listed in AllowUsers Jun 11 16:24:13 uapps sshd[3184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.66.65.247 user=r.r Jun 11 16:24:16 uapps sshd[3184]: Failed password for invalid user r.r from 183.66.65.247 port 52101 ssh2 Jun 11 16:24:16 uapps sshd[3184]: Received disconnect from 183.66.65.247: 11: Bye Bye [preauth] Jun 11 16:39:08 uapps sshd[3913]: Failed password for invalid user satkamp from 183.66.65.247 port 54491 ssh2 Jun 11 16:39:08 uapps sshd[3913]: Received disconnect from 183.66.65.247: 11: Bye Bye [preauth] Jun 11 16:41:54 uapps sshd[3920]: User r.r from 183.66.65.247 not allowed because not listed in AllowUsers Jun 11 16:41:54 uapps sshd[3920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.66.65.247 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=183.66.65. |
2020-06-13 22:55:09 |
| 191.20.155.63 | attack | Jun 13 13:26:34 cdc sshd[19482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.20.155.63 Jun 13 13:26:36 cdc sshd[19482]: Failed password for invalid user admin from 191.20.155.63 port 55254 ssh2 |
2020-06-13 22:43:12 |
| 74.84.150.75 | attack | Jun 13 14:26:19 debian-2gb-nbg1-2 kernel: \[14309896.081672\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=74.84.150.75 DST=195.201.40.59 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=9036 DF PROTO=TCP SPT=57300 DPT=52 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 |
2020-06-13 22:59:34 |
| 129.204.250.129 | attackbotsspam | Jun 13 17:13:07 journals sshd\[59472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.250.129 user=root Jun 13 17:13:10 journals sshd\[59472\]: Failed password for root from 129.204.250.129 port 39098 ssh2 Jun 13 17:19:57 journals sshd\[60314\]: Invalid user lisha from 129.204.250.129 Jun 13 17:19:57 journals sshd\[60314\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.250.129 Jun 13 17:19:59 journals sshd\[60314\]: Failed password for invalid user lisha from 129.204.250.129 port 53130 ssh2 ... |
2020-06-13 22:32:10 |
| 34.82.119.95 | attackspam | 10 attempts against mh-misc-ban on heat |
2020-06-13 22:51:29 |
| 106.12.173.149 | attack | Bruteforce detected by fail2ban |
2020-06-13 22:36:47 |
| 174.138.20.105 | attack | Jun 11 08:55:16 lvpxxxxxxx88-92-201-20 sshd[16208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 user=r.r Jun 11 08:55:18 lvpxxxxxxx88-92-201-20 sshd[16208]: Failed password for r.r from 174.138.20.105 port 40800 ssh2 Jun 11 08:55:18 lvpxxxxxxx88-92-201-20 sshd[16208]: Received disconnect from 174.138.20.105: 11: Bye Bye [preauth] Jun 11 09:01:51 lvpxxxxxxx88-92-201-20 sshd[16451]: Failed password for invalid user price from 174.138.20.105 port 44752 ssh2 Jun 11 09:01:52 lvpxxxxxxx88-92-201-20 sshd[16451]: Received disconnect from 174.138.20.105: 11: Bye Bye [preauth] Jun 11 09:05:16 lvpxxxxxxx88-92-201-20 sshd[16599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.105 user=r.r Jun 11 09:05:18 lvpxxxxxxx88-92-201-20 sshd[16599]: Failed password for r.r from 174.138.20.105 port 51020 ssh2 Jun 11 09:05:18 lvpxxxxxxx88-92-201-20 sshd[16599]: Received disconnect f........ ------------------------------- |
2020-06-13 22:31:19 |
| 46.38.145.250 | attackspambots | Jun 12 22:28:29 websrv1.aknwsrv.net postfix/smtpd[2273471]: warning: unknown[46.38.145.250]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 22:29:52 websrv1.aknwsrv.net postfix/smtpd[2272272]: warning: unknown[46.38.145.250]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 22:31:29 websrv1.aknwsrv.net postfix/smtpd[2272272]: warning: unknown[46.38.145.250]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 22:32:58 websrv1.aknwsrv.net postfix/smtpd[2273819]: warning: unknown[46.38.145.250]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 22:34:38 websrv1.aknwsrv.net postfix/smtpd[2273471]: warning: unknown[46.38.145.250]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-06-13 23:14:13 |
| 5.188.86.165 | attackbotsspam | SSH Bruteforce on Honeypot |
2020-06-13 23:04:30 |
| 42.113.160.26 | attackbots | 1592051202 - 06/13/2020 14:26:42 Host: 42.113.160.26/42.113.160.26 Port: 445 TCP Blocked |
2020-06-13 22:37:34 |
| 107.180.71.116 | attackbots | 10 attempts against mh-misc-ban on cell |
2020-06-13 23:12:18 |
| 138.197.69.184 | attackbots | Jun 13 12:26:09 *** sshd[31247]: Invalid user remi from 138.197.69.184 |
2020-06-13 23:04:17 |
| 133.242.155.85 | attackbots | Jun 13 12:26:20 *** sshd[31250]: User root from 133.242.155.85 not allowed because not listed in AllowUsers |
2020-06-13 22:57:04 |