City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 7.64.83.35
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39932
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;7.64.83.35. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012100 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 21 16:42:28 CST 2025
;; MSG SIZE rcvd: 103Host 35.83.64.7.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 35.83.64.7.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 89.248.172.101 | attack | 03/31/2020-08:22:51.134461 89.248.172.101 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2020-03-31 20:38:27 |
| 134.209.90.139 | attack | 2020-03-31T12:16:51.538539whonock.onlinehub.pt sshd[15743]: Invalid user ikegaya from 134.209.90.139 port 37214 2020-03-31T12:16:51.542920whonock.onlinehub.pt sshd[15743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.90.139 2020-03-31T12:16:51.538539whonock.onlinehub.pt sshd[15743]: Invalid user ikegaya from 134.209.90.139 port 37214 2020-03-31T12:16:53.736492whonock.onlinehub.pt sshd[15743]: Failed password for invalid user ikegaya from 134.209.90.139 port 37214 ssh2 2020-03-31T12:26:56.204084whonock.onlinehub.pt sshd[16383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.90.139 user=root 2020-03-31T12:26:57.784914whonock.onlinehub.pt sshd[16383]: Failed password for root from 134.209.90.139 port 44018 ssh2 2020-03-31T12:30:46.275907whonock.onlinehub.pt sshd[16645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.90.139 user=root 2020-03 ... |
2020-03-31 20:31:21 |
| 218.92.0.192 | attack | Mar 31 14:44:47 legacy sshd[14002]: Failed password for root from 218.92.0.192 port 37529 ssh2 Mar 31 14:44:50 legacy sshd[14002]: Failed password for root from 218.92.0.192 port 37529 ssh2 Mar 31 14:44:52 legacy sshd[14002]: Failed password for root from 218.92.0.192 port 37529 ssh2 ... |
2020-03-31 20:50:59 |
| 51.77.140.36 | attackspam | (sshd) Failed SSH login from 51.77.140.36 (FR/France/36.ip-51-77-140.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 31 13:48:13 srv sshd[12283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 user=root Mar 31 13:48:15 srv sshd[12283]: Failed password for root from 51.77.140.36 port 48868 ssh2 Mar 31 14:02:11 srv sshd[12692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 user=root Mar 31 14:02:14 srv sshd[12692]: Failed password for root from 51.77.140.36 port 47740 ssh2 Mar 31 14:06:45 srv sshd[12865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 user=root |
2020-03-31 20:13:02 |
| 186.185.242.68 | attackbots | IP address logged by my Netflix account after the individual hacked into and locked me out of my account. Individual also changed my account settings to the most expensive plan, which allows multiple people (profiles) to watch, and several profiles were added. The name on my account was changed to "Juan". The address, 186.185.242.68 was the first person to use my account on 25 March 2020. I contacted Netflix to have my account restored, so I was able to see the various IP addresses used. I will report all of them as well. |
2020-03-31 20:25:16 |
| 89.163.225.183 | attack | " " |
2020-03-31 20:42:16 |
| 93.61.136.40 | attack | 400 BAD REQUEST |
2020-03-31 20:45:17 |
| 103.91.53.30 | attack | $f2bV_matches |
2020-03-31 20:07:17 |
| 58.152.221.237 | attack | Honeypot attack, port: 5555, PTR: n058152221237.netvigator.com. |
2020-03-31 20:50:02 |
| 156.96.56.35 | attackspam | Mar 31 05:47:12 localhost postfix/smtpd\[21206\]: warning: unknown\[156.96.56.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 31 05:47:20 localhost postfix/smtpd\[21206\]: warning: unknown\[156.96.56.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 31 05:47:32 localhost postfix/smtpd\[21206\]: warning: unknown\[156.96.56.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 31 05:47:47 localhost postfix/smtpd\[21503\]: warning: unknown\[156.96.56.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 31 05:47:55 localhost postfix/smtpd\[21491\]: warning: unknown\[156.96.56.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-03-31 20:26:59 |
| 178.128.20.225 | attack | Cleartext WordPress login |
2020-03-31 20:19:05 |
| 124.80.179.1 | attackspambots | Mar 31 05:48:05 debian-2gb-nbg1-2 kernel: \[7885539.690140\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=124.80.179.1 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=48 ID=0 DF PROTO=TCP SPT=23 DPT=20724 WINDOW=5840 RES=0x00 ACK SYN URGP=0 |
2020-03-31 20:21:20 |
| 104.137.17.215 | attackspambots | Mar 31 08:27:55 firewall sshd[23862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.137.17.215 Mar 31 08:27:55 firewall sshd[23862]: Invalid user ze from 104.137.17.215 Mar 31 08:27:57 firewall sshd[23862]: Failed password for invalid user ze from 104.137.17.215 port 43240 ssh2 ... |
2020-03-31 20:36:29 |
| 54.238.209.222 | attackbotsspam | Mar 31 05:48:24 debian-2gb-nbg1-2 kernel: \[7885559.336154\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=54.238.209.222 DST=195.201.40.59 LEN=44 TOS=0x08 PREC=0x00 TTL=228 ID=0 DF PROTO=TCP SPT=22 DPT=36858 WINDOW=26883 RES=0x00 ACK SYN URGP=0 |
2020-03-31 20:08:58 |
| 222.186.52.39 | attack | 03/31/2020-08:03:07.725391 222.186.52.39 Protocol: 6 ET SCAN Potential SSH Scan |
2020-03-31 20:10:58 |