City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 9.52.96.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10576
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;9.52.96.41. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022001 1800 900 604800 86400
;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 21 04:47:25 CST 2025
;; MSG SIZE rcvd: 103
Host 41.96.52.9.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 41.96.52.9.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 213.32.122.80 | attackspambots | Unauthorised access (Sep 26) SRC=213.32.122.80 LEN=40 PREC=0x20 TTL=244 ID=54321 TCP DPT=111 WINDOW=65535 SYN |
2020-09-26 23:52:40 |
| 165.232.113.222 | attackbots | Sep 24 08:49:44 online-web-1 sshd[1881796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.232.113.222 user=r.r Sep 24 08:49:46 online-web-1 sshd[1881796]: Failed password for r.r from 165.232.113.222 port 50924 ssh2 Sep 24 08:49:46 online-web-1 sshd[1881796]: Received disconnect from 165.232.113.222 port 50924:11: Bye Bye [preauth] Sep 24 08:49:46 online-web-1 sshd[1881796]: Disconnected from 165.232.113.222 port 50924 [preauth] Sep 24 08:57:19 online-web-1 sshd[1883076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.232.113.222 user=r.r Sep 24 08:57:21 online-web-1 sshd[1883076]: Failed password for r.r from 165.232.113.222 port 49086 ssh2 Sep 24 08:57:21 online-web-1 sshd[1883076]: Received disconnect from 165.232.113.222 port 49086:11: Bye Bye [preauth] Sep 24 08:57:21 online-web-1 sshd[1883076]: Disconnected from 165.232.113.222 port 49086 [preauth] Sep 24 09:01:05 online-w........ ------------------------------- |
2020-09-26 23:33:42 |
| 165.22.115.137 | attackbotsspam | 165.22.115.137 - - [26/Sep/2020:15:02:10 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.115.137 - - [26/Sep/2020:15:02:14 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.115.137 - - [26/Sep/2020:15:02:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-09-27 00:02:54 |
| 218.92.0.248 | attack | 2020-09-25T02:31:16.067169git sshd[66716]: Unable to negotiate with 218.92.0.248 port 23775: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] 2020-09-25T14:47:19.233993git sshd[71188]: Connection from 218.92.0.248 port 43594 on 138.197.214.51 port 22 rdomain "" 2020-09-25T14:47:19.947520git sshd[71188]: Unable to negotiate with 218.92.0.248 port 43594: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] 2020-09-25T16:53:45.684230git sshd[71704]: Connection from 218.92.0.248 port 45008 on 138.197.214.51 port 22 rdomain "" 2020-09-25T16:53:46.402222git sshd[71704]: Unable to negotiate with 218.92.0.248 port 45008: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] 2020-09-25T18:24:35.10551 ... |
2020-09-27 00:02:11 |
| 13.85.72.71 | attack | 2020-09-26 10:03:49.796396-0500 localhost sshd[46942]: Failed password for invalid user admin from 13.85.72.71 port 36062 ssh2 |
2020-09-26 23:40:22 |
| 125.44.22.179 | attackspam | Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=50635 . dstport=37215 . (3545) |
2020-09-26 23:42:06 |
| 213.178.252.29 | attackbots | 5x Failed Password |
2020-09-26 23:27:59 |
| 219.136.249.151 | attackspam | (sshd) Failed SSH login from 219.136.249.151 (CN/China/-): 5 in the last 3600 secs |
2020-09-26 23:27:31 |
| 200.219.207.42 | attackbots | Invalid user alyssa from 200.219.207.42 port 32964 |
2020-09-26 23:47:18 |
| 181.177.245.165 | attackspam | Sep 26 09:37:17 ny01 sshd[4898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.177.245.165 Sep 26 09:37:19 ny01 sshd[4898]: Failed password for invalid user tom from 181.177.245.165 port 42516 ssh2 Sep 26 09:41:50 ny01 sshd[5512]: Failed password for root from 181.177.245.165 port 52012 ssh2 |
2020-09-26 23:32:45 |
| 34.66.3.53 | attack | Sep 26 16:52:22 con01 sshd[752795]: Failed password for root from 34.66.3.53 port 42880 ssh2 Sep 26 16:56:24 con01 sshd[760461]: Invalid user pp from 34.66.3.53 port 36688 Sep 26 16:56:24 con01 sshd[760461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.66.3.53 Sep 26 16:56:24 con01 sshd[760461]: Invalid user pp from 34.66.3.53 port 36688 Sep 26 16:56:27 con01 sshd[760461]: Failed password for invalid user pp from 34.66.3.53 port 36688 ssh2 ... |
2020-09-26 23:38:10 |
| 35.230.162.59 | attack | [-]:80 35.230.162.59 - - [26/Sep/2020:17:10:44 +0200] "GET /wp-login.php HTTP/1.1" 301 456 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-09-26 23:54:36 |
| 64.225.116.59 | attackspam | Sep 26 15:45:30 rush sshd[27383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.116.59 Sep 26 15:45:32 rush sshd[27383]: Failed password for invalid user ts3srv from 64.225.116.59 port 54122 ssh2 Sep 26 15:49:34 rush sshd[27462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.116.59 ... |
2020-09-26 23:55:29 |
| 52.243.94.243 | attackspam | Sep 26 11:28:32 lanister sshd[2546]: Invalid user banglanatak from 52.243.94.243 Sep 26 11:28:32 lanister sshd[2546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.243.94.243 Sep 26 11:28:32 lanister sshd[2546]: Invalid user banglanatak from 52.243.94.243 Sep 26 11:28:34 lanister sshd[2546]: Failed password for invalid user banglanatak from 52.243.94.243 port 42319 ssh2 |
2020-09-26 23:45:12 |
| 49.235.84.101 | attackspambots | Repeated brute force against a port |
2020-09-26 23:33:05 |