City: unknown
Region: unknown
Country: Romania
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.80.9.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40440
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;92.80.9.204. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012802 1800 900 604800 86400
;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 12:16:03 CST 2025
;; MSG SIZE rcvd: 104Host 204.9.80.92.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 204.9.80.92.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 103.118.49.11 | attackspam | port scan/probe/communication attempt |
2019-11-30 01:51:57 |
| 34.92.247.140 | attack | 2019-11-29T15:43:17.976276abusebot.cloudsearch.cf sshd\[32636\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.247.92.34.bc.googleusercontent.com user=root |
2019-11-30 02:07:30 |
| 182.76.160.138 | attackspam | Nov 29 07:26:23 wbs sshd\[7271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.76.160.138 user=root Nov 29 07:26:26 wbs sshd\[7271\]: Failed password for root from 182.76.160.138 port 50318 ssh2 Nov 29 07:30:17 wbs sshd\[7622\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.76.160.138 user=root Nov 29 07:30:19 wbs sshd\[7622\]: Failed password for root from 182.76.160.138 port 58314 ssh2 Nov 29 07:34:21 wbs sshd\[7986\]: Invalid user ubuntu from 182.76.160.138 |
2019-11-30 02:22:19 |
| 212.69.18.7 | attackbots | 3389BruteforceFW21 |
2019-11-30 01:55:29 |
| 49.88.112.73 | attack | Nov 29 17:43:18 pi sshd\[22166\]: Failed password for root from 49.88.112.73 port 47831 ssh2 Nov 29 17:44:38 pi sshd\[22231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.73 user=root Nov 29 17:44:40 pi sshd\[22231\]: Failed password for root from 49.88.112.73 port 45866 ssh2 Nov 29 17:44:43 pi sshd\[22231\]: Failed password for root from 49.88.112.73 port 45866 ssh2 Nov 29 17:44:46 pi sshd\[22231\]: Failed password for root from 49.88.112.73 port 45866 ssh2 ... |
2019-11-30 02:16:22 |
| 188.166.45.128 | attackspam | [Fri Nov 29 12:11:12.857906 2019] [:error] [pid 209474] [client 188.166.45.128:61000] [client 188.166.45.128] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ws22vmsma01.ufn.edu.br"] [uri "/"] [unique_id "XeE1EK9S580k382k6wHcnwAAAAc"] ... |
2019-11-30 01:57:41 |
| 103.4.217.138 | attackspambots | Lines containing failures of 103.4.217.138 Nov 27 03:00:06 mellenthin sshd[4340]: User r.r from 103.4.217.138 not allowed because not listed in AllowUsers Nov 27 03:00:06 mellenthin sshd[4340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.4.217.138 user=r.r Nov 27 03:00:08 mellenthin sshd[4340]: Failed password for invalid user r.r from 103.4.217.138 port 50671 ssh2 Nov 27 03:00:08 mellenthin sshd[4340]: Received disconnect from 103.4.217.138 port 50671:11: Bye Bye [preauth] Nov 27 03:00:08 mellenthin sshd[4340]: Disconnected from invalid user r.r 103.4.217.138 port 50671 [preauth] Nov 27 03:21:31 mellenthin sshd[5023]: Invalid user trullemans from 103.4.217.138 port 52400 Nov 27 03:21:31 mellenthin sshd[5023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.4.217.138 Nov 27 03:21:32 mellenthin sshd[5023]: Failed password for invalid user trullemans from 103.4.217.138 port 52400 s........ ------------------------------ |
2019-11-30 02:30:25 |
| 65.229.5.158 | attack | (sshd) Failed SSH login from 65.229.5.158 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Nov 29 15:38:02 andromeda sshd[14501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.229.5.158 user=nobody Nov 29 15:38:03 andromeda sshd[14501]: Failed password for nobody from 65.229.5.158 port 41458 ssh2 Nov 29 15:50:54 andromeda sshd[15956]: Invalid user culler from 65.229.5.158 port 38421 |
2019-11-30 02:22:33 |
| 88.202.190.148 | attackbots | " " |
2019-11-30 02:09:25 |
| 51.75.18.215 | attackspam | Nov 29 15:27:03 localhost sshd\[62964\]: Invalid user ch4rity from 51.75.18.215 port 54944 Nov 29 15:27:03 localhost sshd\[62964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.18.215 Nov 29 15:27:05 localhost sshd\[62964\]: Failed password for invalid user ch4rity from 51.75.18.215 port 54944 ssh2 Nov 29 15:30:08 localhost sshd\[63054\]: Invalid user T3ST2020 from 51.75.18.215 port 34214 Nov 29 15:30:08 localhost sshd\[63054\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.18.215 ... |
2019-11-30 02:18:53 |
| 83.55.132.62 | attackspam | port scan/probe/communication attempt |
2019-11-30 02:23:10 |
| 217.182.73.36 | attack | Forged login request. |
2019-11-30 01:52:36 |
| 104.131.29.92 | attackspam | ssh failed login |
2019-11-30 02:28:50 |
| 202.152.24.234 | attackspam | " " |
2019-11-30 01:58:09 |
| 51.75.248.127 | attack | Nov 29 11:55:16 ws24vmsma01 sshd[80680]: Failed password for root from 51.75.248.127 port 38292 ssh2 ... |
2019-11-30 02:04:57 |