City: Salzgitter
Region: Niedersachsen
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.244.217.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33173
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;89.244.217.160. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025011501 1800 900 604800 86400
;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 16 07:53:05 CST 2025
;; MSG SIZE rcvd: 107160.217.244.89.in-addr.arpa domain name pointer i59F4D9A0.versanet.de.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
160.217.244.89.in-addr.arpa name = i59F4D9A0.versanet.de.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 192.241.234.43 | attack | Found on CINS badguys / proto=6 . srcport=50297 . dstport=50064 . (283) |
2020-09-27 20:23:08 |
| 167.172.25.74 | attack | Automated report - ssh fail2ban: Sep 27 14:52:50 Unable to negotiate with 167.172.25.74 port=47092: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 27 14:52:51 Unable to negotiate with 167.172.25.74 port=48080: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 27 14:52:51 Unable to negotiate with 167.172.25.74 port=48948: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 27 14:52:52 Unable to negotiate with 167.172.25.74 port=49878: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] |
2020-09-27 20:54:52 |
| 218.92.0.251 | attackbotsspam | Sep 27 14:27:31 eventyay sshd[13672]: Failed password for root from 218.92.0.251 port 6333 ssh2 Sep 27 14:27:44 eventyay sshd[13672]: error: maximum authentication attempts exceeded for root from 218.92.0.251 port 6333 ssh2 [preauth] Sep 27 14:27:50 eventyay sshd[13676]: Failed password for root from 218.92.0.251 port 29290 ssh2 ... |
2020-09-27 20:28:24 |
| 20.49.6.117 | attack | SSH Brute Force |
2020-09-27 20:41:54 |
| 104.211.212.220 | attack | Sep 27 10:46:05 haigwepa sshd[11617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.212.220 Sep 27 10:46:07 haigwepa sshd[11617]: Failed password for invalid user 186 from 104.211.212.220 port 62914 ssh2 ... |
2020-09-27 20:19:57 |
| 36.255.156.126 | attackspambots | Sep 27 17:04:13 dhoomketu sshd[3407453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.255.156.126 Sep 27 17:04:13 dhoomketu sshd[3407453]: Invalid user anna from 36.255.156.126 port 35750 Sep 27 17:04:15 dhoomketu sshd[3407453]: Failed password for invalid user anna from 36.255.156.126 port 35750 ssh2 Sep 27 17:08:28 dhoomketu sshd[3407473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.255.156.126 user=root Sep 27 17:08:30 dhoomketu sshd[3407473]: Failed password for root from 36.255.156.126 port 43646 ssh2 ... |
2020-09-27 20:49:55 |
| 114.67.110.126 | attackbots | IP blocked |
2020-09-27 20:46:57 |
| 177.107.199.34 | attack | 445/tcp 445/tcp 445/tcp... [2020-09-15/25]6pkt,1pt.(tcp) |
2020-09-27 20:36:19 |
| 129.204.33.4 | attackspambots | Sep 27 11:44:13 roki sshd[4835]: Invalid user luke from 129.204.33.4 Sep 27 11:44:13 roki sshd[4835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.33.4 Sep 27 11:44:15 roki sshd[4835]: Failed password for invalid user luke from 129.204.33.4 port 59384 ssh2 Sep 27 11:47:40 roki sshd[5086]: Invalid user git from 129.204.33.4 Sep 27 11:47:40 roki sshd[5086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.33.4 ... |
2020-09-27 20:51:36 |
| 51.79.35.114 | attackbots | [H1.VM4] Blocked by UFW |
2020-09-27 20:22:49 |
| 189.93.97.38 | attackspambots | (sshd) Failed SSH login from 189.93.97.38 (BR/Brazil/São Paulo/São Paulo/189-93-97-38.3g.claro.net.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 26 16:32:43 atlas sshd[13309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.93.97.38 user=root Sep 26 16:32:44 atlas sshd[13309]: Failed password for root from 189.93.97.38 port 48980 ssh2 Sep 26 16:32:46 atlas sshd[13318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.93.97.38 user=root Sep 26 16:32:48 atlas sshd[13318]: Failed password for root from 189.93.97.38 port 48981 ssh2 Sep 26 16:32:50 atlas sshd[13330]: Invalid user ubnt from 189.93.97.38 port 48982 |
2020-09-27 20:21:30 |
| 78.138.127.98 | attackspambots | Automatic report - Banned IP Access |
2020-09-27 20:57:21 |
| 13.70.16.210 | attackbotsspam | failed root login |
2020-09-27 20:21:09 |
| 45.142.120.74 | attackbots | Sep 27 14:16:29 srv01 postfix/smtpd\[20945\]: warning: unknown\[45.142.120.74\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 14:16:37 srv01 postfix/smtpd\[28714\]: warning: unknown\[45.142.120.74\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 14:16:39 srv01 postfix/smtpd\[20945\]: warning: unknown\[45.142.120.74\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 14:16:51 srv01 postfix/smtpd\[28722\]: warning: unknown\[45.142.120.74\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 14:16:53 srv01 postfix/smtpd\[28783\]: warning: unknown\[45.142.120.74\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-09-27 20:20:37 |
| 94.51.25.1 | attackbotsspam |
|
2020-09-27 20:37:25 |