City: unknown
Region: unknown
Country: Korea (the Republic of)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.19.245.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20910
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;49.19.245.160. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021601 1800 900 604800 86400
;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 10:06:44 CST 2025
;; MSG SIZE rcvd: 106Host 160.245.19.49.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 160.245.19.49.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 187.233.203.7 | attackspam | Automatic report - Port Scan Attack |
2020-03-17 02:25:33 |
| 190.96.252.108 | attackbots | Mar 16 14:21:42 UTC__SANYALnet-Labs__lste sshd[31145]: Connection from 190.96.252.108 port 19521 on 192.168.1.10 port 22 Mar 16 14:21:42 UTC__SANYALnet-Labs__lste sshd[31145]: User r.r from 190.96.252.108 not allowed because not listed in AllowUsers Mar 16 14:21:42 UTC__SANYALnet-Labs__lste sshd[31145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.96.252.108 user=r.r Mar 16 14:21:44 UTC__SANYALnet-Labs__lste sshd[31145]: Failed password for invalid user r.r from 190.96.252.108 port 19521 ssh2 Mar 16 14:21:44 UTC__SANYALnet-Labs__lste sshd[31145]: Received disconnect from 190.96.252.108 port 19521:11: Bye Bye [preauth] Mar 16 14:21:44 UTC__SANYALnet-Labs__lste sshd[31145]: Disconnected from 190.96.252.108 port 19521 [preauth] Mar 16 14:38:48 UTC__SANYALnet-Labs__lste sshd[32101]: Connection from 190.96.252.108 port 43873 on 192.168.1.10 port 22 Mar 16 14:38:48 UTC__SANYALnet-Labs__lste sshd[32101]: User r.r from 190.96.252......... ------------------------------- |
2020-03-17 02:00:16 |
| 93.174.93.195 | attackspambots | 93.174.93.195 was recorded 16 times by 10 hosts attempting to connect to the following ports: 17408,17152. Incident counter (4h, 24h, all-time): 16, 106, 8877 |
2020-03-17 02:06:05 |
| 49.204.90.205 | attack | Failed password for root from 49.204.90.205 port 42149 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.204.90.205 Failed password for invalid user gitlab-prometheus from 49.204.90.205 port 62377 ssh2 |
2020-03-17 02:35:40 |
| 103.76.22.118 | attackbotsspam | Portscan or hack attempt detected by psad/fwsnort |
2020-03-17 02:17:37 |
| 45.67.15.95 | attack | email brute force |
2020-03-17 01:56:02 |
| 129.204.95.90 | attack | Mar 16 10:41:33 Tower sshd[41172]: Connection from 129.204.95.90 port 51578 on 192.168.10.220 port 22 rdomain "" Mar 16 10:41:43 Tower sshd[41172]: Invalid user oracle from 129.204.95.90 port 51578 Mar 16 10:41:43 Tower sshd[41172]: error: Could not get shadow information for NOUSER Mar 16 10:41:43 Tower sshd[41172]: Failed password for invalid user oracle from 129.204.95.90 port 51578 ssh2 Mar 16 10:41:43 Tower sshd[41172]: Received disconnect from 129.204.95.90 port 51578:11: Bye Bye [preauth] Mar 16 10:41:43 Tower sshd[41172]: Disconnected from invalid user oracle 129.204.95.90 port 51578 [preauth] |
2020-03-17 02:22:56 |
| 78.128.113.70 | attackspambots | 2020-03-16 19:15:40 dovecot_login authenticator failed for \(\[78.128.113.70\]\) \[78.128.113.70\]: 535 Incorrect authentication data \(set_id=harald.schueller@jugend-ohne-grenzen.net\) 2020-03-16 19:15:47 dovecot_login authenticator failed for \(\[78.128.113.70\]\) \[78.128.113.70\]: 535 Incorrect authentication data 2020-03-16 19:15:57 dovecot_login authenticator failed for \(\[78.128.113.70\]\) \[78.128.113.70\]: 535 Incorrect authentication data 2020-03-16 19:16:02 dovecot_login authenticator failed for \(\[78.128.113.70\]\) \[78.128.113.70\]: 535 Incorrect authentication data 2020-03-16 19:16:14 dovecot_login authenticator failed for \(\[78.128.113.70\]\) \[78.128.113.70\]: 535 Incorrect authentication data ... |
2020-03-17 02:17:53 |
| 146.168.2.84 | attackbots | Mar 17 01:19:04 webhost01 sshd[3613]: Failed password for root from 146.168.2.84 port 47696 ssh2 ... |
2020-03-17 02:33:41 |
| 171.233.129.41 | attackspambots | Automatic report - Port Scan Attack |
2020-03-17 01:57:11 |
| 162.243.129.244 | attackbotsspam | scan r |
2020-03-17 02:41:12 |
| 62.210.104.83 | attackspam | Automatically reported by fail2ban report script (mx1) |
2020-03-17 02:22:08 |
| 189.50.44.75 | attackbots | Mar 16 18:15:37 lnxmail61 sshd[21868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.50.44.75 |
2020-03-17 02:01:17 |
| 167.71.185.249 | attackspam | Mar 16 09:09:26 our-server-hostname postfix/smtpd[9375]: connect from unknown[167.71.185.249] Mar x@x Mar 16 09:09:28 our-server-hostname postfix/smtpd[9375]: disconnect from unknown[167.71.185.249] Mar 16 11:15:53 our-server-hostname postfix/smtpd[24306]: connect from unknown[167.71.185.249] Mar x@x Mar 16 11:15:54 our-server-hostname postfix/smtpd[24306]: disconnect from unknown[167.71.185.249] Mar 16 13:43:02 our-server-hostname postfix/smtpd[8689]: connect from unknown[167.71.185.249] Mar x@x Mar 16 13:43:03 our-server-hostname postfix/smtpd[8689]: disconnect from unknown[167.71.185.249] Mar 16 17:30:49 our-server-hostname postfix/smtpd[7299]: connect from unknown[167.71.185.249] Mar x@x Mar 16 17:30:50 our-server-hostname postfix/smtpd[7299]: disconnect from unknown[167.71.185.249] Mar 16 19:47:03 our-server-hostname postfix/smtpd[18615]: connect from unknown[167.71.185.249] Mar x@x Mar 16 19:47:04 our-server-hostname postfix/smtpd[18615]: disconnect from unknown[1........ ------------------------------- |
2020-03-17 01:58:11 |
| 218.107.46.228 | attack | port scan and connect, tcp 1433 (ms-sql-s) |
2020-03-17 01:59:44 |