City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 64.13.182.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52559
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;64.13.182.49. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020300 1800 900 604800 86400
;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 00:34:37 CST 2025
;; MSG SIZE rcvd: 105Host 49.182.13.64.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 49.182.13.64.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 125.212.202.179 | attack | Mar 3 20:43:31 ns sshd[9540]: Connection from 125.212.202.179 port 36421 on 134.119.39.98 port 22 Mar 3 20:43:37 ns sshd[9540]: Invalid user t1tenor from 125.212.202.179 port 36421 Mar 3 20:43:37 ns sshd[9540]: Failed password for invalid user t1tenor from 125.212.202.179 port 36421 ssh2 Mar 3 20:43:37 ns sshd[9540]: Received disconnect from 125.212.202.179 port 36421:11: Normal Shutdown [preauth] Mar 3 20:43:37 ns sshd[9540]: Disconnected from 125.212.202.179 port 36421 [preauth] Mar 3 20:48:27 ns sshd[18225]: Connection from 125.212.202.179 port 49420 on 134.119.39.98 port 22 Mar 3 20:48:32 ns sshd[18225]: User r.r from 125.212.202.179 not allowed because not listed in AllowUsers Mar 3 20:48:32 ns sshd[18225]: Failed password for invalid user r.r from 125.212.202.179 port 49420 ssh2 Mar 3 20:48:33 ns sshd[18225]: Received disconnect from 125.212.202.179 port 49420:11: Normal Shutdown [preauth] Mar 3 20:48:33 ns sshd[18225]: Disconnected from 125.212.202.179 ........ ------------------------------- |
2020-03-04 09:05:25 |
| 190.191.163.43 | attackbotsspam | 2020-03-04T00:48:20.487172shield sshd\[8237\]: Invalid user jack from 190.191.163.43 port 35522 2020-03-04T00:48:20.493969shield sshd\[8237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.191.163.43 2020-03-04T00:48:22.145986shield sshd\[8237\]: Failed password for invalid user jack from 190.191.163.43 port 35522 ssh2 2020-03-04T00:54:06.675729shield sshd\[9162\]: Invalid user gameserver from 190.191.163.43 port 42024 2020-03-04T00:54:06.679660shield sshd\[9162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.191.163.43 |
2020-03-04 08:58:22 |
| 78.155.219.111 | attackspam | Mar 3 15:02:27 wbs sshd\[20934\]: Invalid user ts3server from 78.155.219.111 Mar 3 15:02:27 wbs sshd\[20934\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=contabilidadprox04.contasjurisp.net Mar 3 15:02:29 wbs sshd\[20934\]: Failed password for invalid user ts3server from 78.155.219.111 port 45236 ssh2 Mar 3 15:10:20 wbs sshd\[21760\]: Invalid user csgoserver from 78.155.219.111 Mar 3 15:10:20 wbs sshd\[21760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=contabilidadprox04.contasjurisp.net |
2020-03-04 09:11:42 |
| 36.228.136.188 | attackspambots | MultiHost/MultiPort Probe, Scan, Hack - |
2020-03-04 09:12:36 |
| 194.243.132.91 | attack | SSH brute force |
2020-03-04 09:01:13 |
| 129.211.75.22 | attackbots | DATE:2020-03-04 02:07:21, IP:129.211.75.22, PORT:ssh SSH brute force auth (docker-dc) |
2020-03-04 09:22:10 |
| 223.111.144.146 | attackspam | $f2bV_matches |
2020-03-04 09:42:07 |
| 49.145.103.137 | attackspam | 20/3/3@17:06:45: FAIL: Alarm-Network address from=49.145.103.137 ... |
2020-03-04 09:30:22 |
| 139.59.90.31 | attack | (sshd) Failed SSH login from 139.59.90.31 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 4 02:07:01 amsweb01 sshd[3049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.90.31 user=root Mar 4 02:07:03 amsweb01 sshd[3049]: Failed password for root from 139.59.90.31 port 58966 ssh2 Mar 4 02:16:19 amsweb01 sshd[4270]: Invalid user oracle from 139.59.90.31 port 54870 Mar 4 02:16:20 amsweb01 sshd[4270]: Failed password for invalid user oracle from 139.59.90.31 port 54870 ssh2 Mar 4 02:25:32 amsweb01 sshd[5532]: Invalid user alex from 139.59.90.31 port 50818 |
2020-03-04 09:37:14 |
| 188.68.3.115 | attackspam | B: Magento admin pass test (wrong country) |
2020-03-04 09:02:29 |
| 193.148.69.157 | attackbots | detected by Fail2Ban |
2020-03-04 09:07:18 |
| 67.205.138.198 | attackspambots | Mar 3 22:41:40 ovpn sshd\[16403\]: Invalid user joyoudata from 67.205.138.198 Mar 3 22:41:40 ovpn sshd\[16403\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.138.198 Mar 3 22:41:43 ovpn sshd\[16403\]: Failed password for invalid user joyoudata from 67.205.138.198 port 48042 ssh2 Mar 3 23:07:05 ovpn sshd\[22858\]: Invalid user shiyang from 67.205.138.198 Mar 3 23:07:05 ovpn sshd\[22858\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.138.198 |
2020-03-04 09:12:14 |
| 202.152.1.67 | attackspam | Mar 4 02:00:47 vpn01 sshd[19935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.152.1.67 Mar 4 02:00:50 vpn01 sshd[19935]: Failed password for invalid user fred from 202.152.1.67 port 36244 ssh2 ... |
2020-03-04 09:03:35 |
| 178.128.49.135 | attack | Automatic report - SSH Brute-Force Attack |
2020-03-04 09:32:18 |
| 140.238.243.39 | attackspam | Port 123/UDP : GPL EXPLOIT ntpdx overflow attempt |
2020-03-04 09:41:05 |