City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 74.4.12.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65411
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;74.4.12.252. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025013000 1800 900 604800 86400
;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 16:52:56 CST 2025
;; MSG SIZE rcvd: 104Host 252.12.4.74.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 252.12.4.74.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 192.241.237.52 | attack | [Wed Mar 18 00:52:54.510270 2020] [:error] [pid 30582] [client 192.241.237.52:55330] [client 192.241.237.52] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "200.132.59.214"] [uri "/portal/redlion"] [unique_id "XnGbFotlQlNEsmk4W3tPsQAAAAY"] ... |
2020-03-18 14:33:35 |
| 49.232.95.250 | attackspam | Mar 18 07:23:50 h1745522 sshd[2967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.95.250 user=root Mar 18 07:23:52 h1745522 sshd[2967]: Failed password for root from 49.232.95.250 port 36750 ssh2 Mar 18 07:24:59 h1745522 sshd[2995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.95.250 user=root Mar 18 07:25:01 h1745522 sshd[2995]: Failed password for root from 49.232.95.250 port 49784 ssh2 Mar 18 07:27:19 h1745522 sshd[3091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.95.250 user=root Mar 18 07:27:21 h1745522 sshd[3091]: Failed password for root from 49.232.95.250 port 47644 ssh2 Mar 18 07:28:32 h1745522 sshd[3163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.95.250 user=root Mar 18 07:28:34 h1745522 sshd[3163]: Failed password for root from 49.232.95.250 port 60692 ssh2 Mar 18 07:29 ... |
2020-03-18 14:36:14 |
| 134.175.60.216 | attack | Invalid user lxd from 134.175.60.216 port 35286 |
2020-03-18 15:13:40 |
| 139.199.89.157 | attackspambots | Brute-force attempt banned |
2020-03-18 15:13:23 |
| 45.227.255.119 | attackspam | Mar 18 07:53:47 tor-proxy-06 sshd\[10286\]: User root from 45.227.255.119 not allowed because not listed in AllowUsers Mar 18 07:53:47 tor-proxy-06 sshd\[10286\]: Connection closed by 45.227.255.119 port 19095 \[preauth\] Mar 18 07:53:47 tor-proxy-06 sshd\[10288\]: User root from 45.227.255.119 not allowed because not listed in AllowUsers Mar 18 07:53:47 tor-proxy-06 sshd\[10288\]: Connection closed by 45.227.255.119 port 29453 \[preauth\] ... |
2020-03-18 15:03:03 |
| 217.61.109.80 | attackspam | Mar 18 03:52:49 *** sshd[30711]: User root from 217.61.109.80 not allowed because not listed in AllowUsers |
2020-03-18 14:34:08 |
| 104.248.122.143 | attack | Mar 17 19:44:15 kapalua sshd\[8284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.122.143 user=root Mar 17 19:44:17 kapalua sshd\[8284\]: Failed password for root from 104.248.122.143 port 58824 ssh2 Mar 17 19:48:22 kapalua sshd\[8648\]: Invalid user testftp from 104.248.122.143 Mar 17 19:48:22 kapalua sshd\[8648\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.122.143 Mar 17 19:48:24 kapalua sshd\[8648\]: Failed password for invalid user testftp from 104.248.122.143 port 52766 ssh2 |
2020-03-18 14:38:14 |
| 111.68.46.68 | attack | Mar 18 07:50:43 mout sshd[13405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.46.68 user=root Mar 18 07:50:46 mout sshd[13405]: Failed password for root from 111.68.46.68 port 43262 ssh2 |
2020-03-18 14:54:27 |
| 129.211.32.25 | attackspam | Mar 18 06:33:02 meumeu sshd[18081]: Failed password for minecraft from 129.211.32.25 port 46514 ssh2 Mar 18 06:42:31 meumeu sshd[19376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.32.25 Mar 18 06:42:33 meumeu sshd[19376]: Failed password for invalid user gzq from 129.211.32.25 port 54436 ssh2 ... |
2020-03-18 14:24:06 |
| 166.111.152.230 | attackbotsspam | DATE:2020-03-18 07:10:41, IP:166.111.152.230, PORT:ssh SSH brute force auth (docker-dc) |
2020-03-18 14:34:31 |
| 103.60.214.110 | attackbots | Fail2Ban Ban Triggered (2) |
2020-03-18 15:00:51 |
| 89.187.178.175 | attack | (From jamison.dukes85@googlemail.com) Want to promote your advertisement on tons of online ad sites monthly? Pay one low monthly fee and get almost endless traffic to your site forever! To find out more check out our site here: http://bit.ly/adpostingrobot |
2020-03-18 15:02:31 |
| 89.36.220.145 | attackspambots | Mar 17 23:31:30 mockhub sshd[6123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.36.220.145 Mar 17 23:31:32 mockhub sshd[6123]: Failed password for invalid user sammy from 89.36.220.145 port 50714 ssh2 ... |
2020-03-18 14:58:55 |
| 159.89.180.144 | attackspam | scan r |
2020-03-18 15:13:54 |
| 202.153.34.244 | attackspam | Invalid user at from 202.153.34.244 port 44101 |
2020-03-18 14:24:55 |