City: São Paulo
Region: Sao Paulo
Country: Brazil
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.94.52.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64936
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.94.52.142. IN A
;; AUTHORITY SECTION:
. 517 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020092701 1800 900 604800 86400
;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 28 08:55:14 CST 2020
;; MSG SIZE rcvd: 116
142.52.94.54.in-addr.arpa domain name pointer ec2-54-94-52-142.sa-east-1.compute.amazonaws.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
142.52.94.54.in-addr.arpa name = ec2-54-94-52-142.sa-east-1.compute.amazonaws.com.
Authoritative answers can be found from:
IP | Type | Details | Datetime |
---|---|---|---|
218.92.0.202 | attack | Apr 15 05:57:17 santamaria sshd\[14712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.202 user=root Apr 15 05:57:19 santamaria sshd\[14712\]: Failed password for root from 218.92.0.202 port 37151 ssh2 Apr 15 05:58:58 santamaria sshd\[14757\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.202 user=root ... |
2020-04-15 12:56:55 |
134.122.124.193 | attackspam | frenzy |
2020-04-15 13:11:06 |
191.239.254.231 | attackspam | Apr 15 05:44:38 server sshd[38598]: Failed password for invalid user flw from 191.239.254.231 port 5890 ssh2 Apr 15 05:51:59 server sshd[40403]: Failed password for invalid user firefart from 191.239.254.231 port 42948 ssh2 Apr 15 05:59:24 server sshd[43122]: Failed password for root from 191.239.254.231 port 16070 ssh2 |
2020-04-15 12:40:43 |
111.231.73.62 | attackspam | Apr 15 06:38:42 vps sshd[361189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.73.62 Apr 15 06:38:44 vps sshd[361189]: Failed password for invalid user gpas from 111.231.73.62 port 45566 ssh2 Apr 15 06:41:55 vps sshd[381337]: Invalid user t3rr0r from 111.231.73.62 port 49636 Apr 15 06:41:55 vps sshd[381337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.73.62 Apr 15 06:41:57 vps sshd[381337]: Failed password for invalid user t3rr0r from 111.231.73.62 port 49636 ssh2 ... |
2020-04-15 12:52:56 |
64.202.185.147 | attackbots | CMS (WordPress or Joomla) login attempt. |
2020-04-15 12:56:13 |
176.107.255.121 | attackbotsspam | Unauthorized access or intrusion attempt detected from Thor banned IP |
2020-04-15 13:12:10 |
198.108.66.208 | attack | Unauthorized connection attempt detected from IP address 198.108.66.208 to port 443 |
2020-04-15 12:43:56 |
14.249.139.162 | attackbotsspam | port scan and connect, tcp 1433 (ms-sql-s) |
2020-04-15 12:42:20 |
179.184.59.109 | attackspambots | Apr 15 04:45:41 game-panel sshd[26107]: Failed password for root from 179.184.59.109 port 60520 ssh2 Apr 15 04:49:38 game-panel sshd[26243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.184.59.109 Apr 15 04:49:41 game-panel sshd[26243]: Failed password for invalid user user from 179.184.59.109 port 58228 ssh2 |
2020-04-15 13:04:56 |
134.209.165.47 | attackspambots | 2020-04-15T07:10:22.558360 sshd[21813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.165.47 user=root 2020-04-15T07:10:24.606852 sshd[21813]: Failed password for root from 134.209.165.47 port 47178 ssh2 2020-04-15T07:10:38.559400 sshd[21815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.165.47 user=root 2020-04-15T07:10:40.803641 sshd[21815]: Failed password for root from 134.209.165.47 port 46202 ssh2 ... |
2020-04-15 13:17:17 |
103.39.50.147 | attack | 2020-04-15T04:38:52.609314shield sshd\[12010\]: Invalid user asecruc from 103.39.50.147 port 58350 2020-04-15T04:38:52.613952shield sshd\[12010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.50.147 2020-04-15T04:38:54.867666shield sshd\[12010\]: Failed password for invalid user asecruc from 103.39.50.147 port 58350 ssh2 2020-04-15T04:43:09.549811shield sshd\[13023\]: Invalid user zte from 103.39.50.147 port 39220 2020-04-15T04:43:09.554246shield sshd\[13023\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.50.147 |
2020-04-15 12:50:27 |
49.233.185.109 | attack | Apr 15 00:54:30 firewall sshd[9094]: Failed password for root from 49.233.185.109 port 47048 ssh2 Apr 15 00:58:43 firewall sshd[9184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.185.109 user=root Apr 15 00:58:45 firewall sshd[9184]: Failed password for root from 49.233.185.109 port 38740 ssh2 ... |
2020-04-15 13:07:56 |
129.28.148.218 | attack | 129.28.148.218 - - [15/Apr/2020:05:58:29 +0200] "POST /Admind968bb25/Login.php HTTP/1.1" 403 430 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 129.28.148.218 - - [15/Apr/2020:05:58:40 +0200] "GET /l.php HTTP/1.1" 404 427 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 129.28.148.218 - - [15/Apr/2020:05:58:40 +0200] "GET /phpinfo.php HTTP/1.1" 404 427 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 129.28.148.218 - - [15/Apr/2020:05:58:41 +0200] "GET /test.php HTTP/1.1" 404 427 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" 129.28.148.218 - - [15/Apr/2020:05:58:45 +0200] "POST /index.php HTTP/1.1" 403 430 "-" "Mozilla/5.0 (Windows NT 5.1) Apple ... |
2020-04-15 13:07:00 |
122.224.98.46 | attackbots | Apr 15 05:59:11 odroid64 sshd\[929\]: User root from 122.224.98.46 not allowed because not listed in AllowUsers Apr 15 05:59:11 odroid64 sshd\[929\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.98.46 user=root ... |
2020-04-15 12:50:46 |
185.176.27.42 | attackbots | [MK-VM5] Blocked by UFW |
2020-04-15 12:36:51 |