City: Bergneustadt
Region: North Rhine-Westphalia
Country: Germany
Internet Service Provider: Telekom
Hostname: unknown
Organization: Deutsche Telekom AG
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.134.13.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59574
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.134.13.74. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019072301 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 24 03:22:27 CST 2019
;; MSG SIZE rcvd: 11674.13.134.80.in-addr.arpa domain name pointer p50860D4A.dip0.t-ipconnect.de.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
74.13.134.80.in-addr.arpa name = p50860D4A.dip0.t-ipconnect.de.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 193.32.163.108 | attackspambots | Port scan denied |
2020-10-09 17:52:28 |
| 27.220.88.51 | attack | DATE:2020-10-08 22:43:50, IP:27.220.88.51, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc) |
2020-10-09 17:54:19 |
| 69.147.221.84 | attack | Tried our host z. |
2020-10-09 17:38:59 |
| 185.214.164.10 | attack | 1 attempts against mh-modsecurity-ban on creek |
2020-10-09 17:33:17 |
| 191.232.245.241 | attackbotsspam | Oct 9 10:06:33 h2829583 sshd[8702]: Failed password for root from 191.232.245.241 port 53432 ssh2 |
2020-10-09 17:27:09 |
| 45.142.120.59 | attackspam | 2020-10-09 03:32:55 dovecot_login authenticator failed for \(localhost\) \[45.142.120.59\]: 535 Incorrect authentication data 2020-10-09 03:32:58 dovecot_login authenticator failed for \(localhost\) \[45.142.120.59\]: 535 Incorrect authentication data 2020-10-09 03:33:05 dovecot_login authenticator failed for \(localhost\) \[45.142.120.59\]: 535 Incorrect authentication data 2020-10-09 03:33:05 dovecot_login authenticator failed for \(localhost\) \[45.142.120.59\]: 535 Incorrect authentication data 2020-10-09 03:37:41 dovecot_login authenticator failed for \(localhost\) \[45.142.120.59\]: 535 Incorrect authentication data \(set_id=ags@no-server.de\) ... |
2020-10-09 17:50:14 |
| 106.12.125.241 | attackbots | Oct 9 09:47:45 ns382633 sshd\[20848\]: Invalid user administrator from 106.12.125.241 port 55126 Oct 9 09:47:45 ns382633 sshd\[20848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Oct 9 09:47:47 ns382633 sshd\[20848\]: Failed password for invalid user administrator from 106.12.125.241 port 55126 ssh2 Oct 9 09:53:23 ns382633 sshd\[21610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Oct 9 09:53:25 ns382633 sshd\[21610\]: Failed password for root from 106.12.125.241 port 48080 ssh2 |
2020-10-09 17:42:14 |
| 185.220.38.216 | attackspambots | 08.10.2020 22:44:17 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter |
2020-10-09 17:40:28 |
| 68.183.83.38 | attack | 2020-10-09T08:58:37.599336mail.broermann.family sshd[391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.83.38 user=root 2020-10-09T08:58:39.722749mail.broermann.family sshd[391]: Failed password for root from 68.183.83.38 port 57134 ssh2 2020-10-09T09:01:15.382497mail.broermann.family sshd[686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.83.38 user=root 2020-10-09T09:01:17.196137mail.broermann.family sshd[686]: Failed password for root from 68.183.83.38 port 40880 ssh2 2020-10-09T09:03:51.203543mail.broermann.family sshd[891]: Invalid user hr from 68.183.83.38 port 52858 ... |
2020-10-09 18:01:13 |
| 72.34.58.212 | attackspambots | Abuse of XMLRPC |
2020-10-09 17:42:45 |
| 182.69.100.167 | attackbots | Lines containing failures of 182.69.100.167 Oct 8 10:21:44 kmh-vmh-003-fsn07 sshd[18897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.69.100.167 user=r.r Oct 8 10:21:46 kmh-vmh-003-fsn07 sshd[18897]: Failed password for r.r from 182.69.100.167 port 48538 ssh2 Oct 8 10:21:47 kmh-vmh-003-fsn07 sshd[18897]: Received disconnect from 182.69.100.167 port 48538:11: Bye Bye [preauth] Oct 8 10:21:47 kmh-vmh-003-fsn07 sshd[18897]: Disconnected from authenticating user r.r 182.69.100.167 port 48538 [preauth] Oct 8 10:37:30 kmh-vmh-003-fsn07 sshd[21108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.69.100.167 user=r.r Oct 8 10:37:32 kmh-vmh-003-fsn07 sshd[21108]: Failed password for r.r from 182.69.100.167 port 43248 ssh2 Oct 8 10:37:33 kmh-vmh-003-fsn07 sshd[21108]: Received disconnect from 182.69.100.167 port 43248:11: Bye Bye [preauth] Oct 8 10:37:33 kmh-vmh-003-fsn07 sshd[211........ ------------------------------ |
2020-10-09 17:34:11 |
| 61.247.28.56 | attack | WordPress brute force |
2020-10-09 17:43:06 |
| 79.155.93.160 | attackbots | Automatic report - Port Scan Attack |
2020-10-09 17:53:48 |
| 212.124.119.74 | attackbots | 212.124.119.74 - - [09/Oct/2020:09:51:13 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.124.119.74 - - [09/Oct/2020:09:51:14 +0100] "POST /wp-login.php HTTP/1.1" 200 1856 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.124.119.74 - - [09/Oct/2020:09:51:15 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-10-09 17:30:39 |
| 139.198.17.31 | attackbotsspam | sshd: Failed password for .... from 139.198.17.31 port 49608 ssh2 (12 attempts) |
2020-10-09 17:39:48 |