City: unknown
Region: unknown
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.52.197.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63606
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;61.52.197.109. IN A
;; AUTHORITY SECTION:
. 457 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400
;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 23:23:06 CST 2022
;; MSG SIZE rcvd: 106109.197.52.61.in-addr.arpa domain name pointer hn.kd.dhcp.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
109.197.52.61.in-addr.arpa name = hn.kd.dhcp.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 178.128.162.10 | attack | Jun 6 01:32:29 legacy sshd[12898]: Failed password for root from 178.128.162.10 port 46208 ssh2 Jun 6 01:35:41 legacy sshd[13007]: Failed password for root from 178.128.162.10 port 48272 ssh2 ... |
2020-06-06 07:39:59 |
| 115.159.66.109 | attackbotsspam | Bruteforce detected by fail2ban |
2020-06-06 07:35:44 |
| 139.59.81.166 | attackbotsspam |
|
2020-06-06 07:10:59 |
| 114.108.138.136 | attackspam | Jun 5 16:28:59 NPSTNNYC01T sshd[15134]: Failed password for root from 114.108.138.136 port 35759 ssh2 Jun 5 16:32:57 NPSTNNYC01T sshd[15483]: Failed password for root from 114.108.138.136 port 37599 ssh2 ... |
2020-06-06 07:11:49 |
| 139.219.5.244 | attackbots | 139.219.5.244 - - [06/Jun/2020:00:46:27 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [06/Jun/2020:00:49:42 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [06/Jun/2020:00:51:51 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [06/Jun/2020:00:52:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [06/Jun/2020:00:53:46 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safar ... |
2020-06-06 07:09:25 |
| 36.230.234.187 | attackbotsspam | Jun 5 16:52:56 Tower sshd[39458]: Connection from 36.230.234.187 port 42962 on 192.168.10.220 port 22 rdomain "" Jun 5 16:52:57 Tower sshd[39458]: Failed password for root from 36.230.234.187 port 42962 ssh2 Jun 5 16:52:57 Tower sshd[39458]: Received disconnect from 36.230.234.187 port 42962:11: Bye Bye [preauth] Jun 5 16:52:57 Tower sshd[39458]: Disconnected from authenticating user root 36.230.234.187 port 42962 [preauth] |
2020-06-06 07:33:41 |
| 89.248.162.247 | attack |
|
2020-06-06 07:35:11 |
| 112.85.42.94 | attack | Jun 6 01:09:57 ArkNodeAT sshd\[29756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.94 user=root Jun 6 01:09:58 ArkNodeAT sshd\[29756\]: Failed password for root from 112.85.42.94 port 37518 ssh2 Jun 6 01:09:59 ArkNodeAT sshd\[29758\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.94 user=root |
2020-06-06 07:43:24 |
| 146.185.130.101 | attackbotsspam | Invalid user gangnes from 146.185.130.101 port 43050 |
2020-06-06 07:40:48 |
| 112.85.42.172 | attackspam | Jun 6 00:36:31 sd-69548 sshd[664434]: Unable to negotiate with 112.85.42.172 port 60055: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Jun 6 01:24:22 sd-69548 sshd[667728]: Unable to negotiate with 112.85.42.172 port 17320: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ... |
2020-06-06 07:26:16 |
| 216.96.118.182 | attackbots | Jun 5 07:28:10 our-server-hostname sshd[11636]: Failed password for r.r from 216.96.118.182 port 3460 ssh2 Jun 5 07:29:34 our-server-hostname sshd[11952]: Failed password for r.r from 216.96.118.182 port 8568 ssh2 Jun 5 07:30:10 our-server-hostname sshd[12075]: Failed password for r.r from 216.96.118.182 port 5664 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=216.96.118.182 |
2020-06-06 07:37:03 |
| 161.35.80.37 | attackspam | 180. On Jun 5 2020 experienced a Brute Force SSH login attempt -> 44 unique times by 161.35.80.37. |
2020-06-06 07:27:57 |
| 59.144.139.18 | attackspambots | Brute-force attempt banned |
2020-06-06 07:17:43 |
| 125.215.207.44 | attackbots | SSH Brute Force |
2020-06-06 07:42:04 |
| 206.189.178.171 | attackspambots | Jun 6 01:24:06 abendstille sshd\[18693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.178.171 user=root Jun 6 01:24:08 abendstille sshd\[18693\]: Failed password for root from 206.189.178.171 port 47360 ssh2 Jun 6 01:30:25 abendstille sshd\[25734\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.178.171 user=root Jun 6 01:30:27 abendstille sshd\[25734\]: Failed password for root from 206.189.178.171 port 49594 ssh2 Jun 6 01:33:35 abendstille sshd\[28742\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.178.171 user=root ... |
2020-06-06 07:38:10 |