City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.92.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14141
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.131.92.4. IN A
;; AUTHORITY SECTION:
. 600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400
;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 03:19:30 CST 2022
;; MSG SIZE rcvd: 105
4.92.131.104.in-addr.arpa domain name pointer monitoring.internet-measurement.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
4.92.131.104.in-addr.arpa name = monitoring.internet-measurement.com.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 177.91.255.237 | attackbots | Aug 31 01:59:55 cumulus sshd[25235]: Invalid user disklessadmin from 177.91.255.237 port 38320 Aug 31 01:59:55 cumulus sshd[25235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.91.255.237 Aug 31 01:59:57 cumulus sshd[25235]: Failed password for invalid user disklessadmin from 177.91.255.237 port 38320 ssh2 Aug 31 01:59:58 cumulus sshd[25235]: Received disconnect from 177.91.255.237 port 38320:11: Bye Bye [preauth] Aug 31 01:59:58 cumulus sshd[25235]: Disconnected from 177.91.255.237 port 38320 [preauth] Aug 31 02:17:56 cumulus sshd[26062]: Invalid user mysql from 177.91.255.237 port 37610 Aug 31 02:17:56 cumulus sshd[26062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.91.255.237 Aug 31 02:17:58 cumulus sshd[26062]: Failed password for invalid user mysql from 177.91.255.237 port 37610 ssh2 Aug 31 02:17:58 cumulus sshd[26062]: Received disconnect from 177.91.255.237 port 37610:1........ ------------------------------- |
2019-09-01 02:23:05 |
| 103.205.133.77 | attack | Reported by AbuseIPDB proxy server. |
2019-09-01 03:07:50 |
| 167.71.210.71 | attackspambots | Aug 31 19:43:36 www1 sshd\[47608\]: Invalid user 123456 from 167.71.210.71Aug 31 19:43:38 www1 sshd\[47608\]: Failed password for invalid user 123456 from 167.71.210.71 port 38248 ssh2Aug 31 19:48:27 www1 sshd\[48141\]: Invalid user chris123 from 167.71.210.71Aug 31 19:48:29 www1 sshd\[48141\]: Failed password for invalid user chris123 from 167.71.210.71 port 55688 ssh2Aug 31 19:53:18 www1 sshd\[48661\]: Invalid user ch123 from 167.71.210.71Aug 31 19:53:20 www1 sshd\[48661\]: Failed password for invalid user ch123 from 167.71.210.71 port 44896 ssh2 ... |
2019-09-01 02:48:58 |
| 163.172.207.104 | attackspambots | \[2019-08-31 13:48:08\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-31T13:48:08.036-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011972595725668",SessionID="0x7f7b30be0af8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/54794",ACLName="no_extension_match" \[2019-08-31 13:49:18\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-31T13:49:18.481-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="999999999999999999011972592277524",SessionID="0x7f7b301c17c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/61946",ACLName="no_extension_match" \[2019-08-31 13:54:25\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-31T13:54:25.814-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9999999999999999999011972592277524",SessionID="0x7f7b303c21f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4 |
2019-09-01 02:33:15 |
| 1.58.247.169 | attack | Unauthorised access (Aug 31) SRC=1.58.247.169 LEN=40 TTL=49 ID=40783 TCP DPT=8080 WINDOW=42430 SYN Unauthorised access (Aug 31) SRC=1.58.247.169 LEN=40 TTL=49 ID=18469 TCP DPT=8080 WINDOW=42430 SYN |
2019-09-01 02:13:40 |
| 46.166.151.47 | attackbots | \[2019-08-31 11:45:24\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-31T11:45:24.550-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="40980046812111447",SessionID="0x7f7b303c21f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/52216",ACLName="no_extension_match" \[2019-08-31 11:45:38\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-31T11:45:38.849-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01246406820574",SessionID="0x7f7b30e1c6c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/63481",ACLName="no_extension_match" \[2019-08-31 11:47:24\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-31T11:47:24.601-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="90046812410249",SessionID="0x7f7b303c21f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/53586",ACLName="no_ext |
2019-09-01 02:51:37 |
| 190.147.159.34 | attack | $f2bV_matches_ltvn |
2019-09-01 02:54:13 |
| 51.254.57.17 | attackspambots | Aug 31 18:39:24 web8 sshd\[24458\]: Invalid user arun from 51.254.57.17 Aug 31 18:39:24 web8 sshd\[24458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.57.17 Aug 31 18:39:26 web8 sshd\[24458\]: Failed password for invalid user arun from 51.254.57.17 port 46846 ssh2 Aug 31 18:43:05 web8 sshd\[26392\]: Invalid user zero from 51.254.57.17 Aug 31 18:43:05 web8 sshd\[26392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.57.17 |
2019-09-01 02:49:51 |
| 103.39.214.36 | attackspambots | Aug 31 15:38:45 lnxweb62 sshd[5612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.214.36 |
2019-09-01 02:53:21 |
| 142.93.198.86 | attackbots | Aug 31 07:46:10 php1 sshd\[25811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.198.86 user=root Aug 31 07:46:13 php1 sshd\[25811\]: Failed password for root from 142.93.198.86 port 37612 ssh2 Aug 31 07:51:02 php1 sshd\[26886\]: Invalid user gl from 142.93.198.86 Aug 31 07:51:02 php1 sshd\[26886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.198.86 Aug 31 07:51:05 php1 sshd\[26886\]: Failed password for invalid user gl from 142.93.198.86 port 52928 ssh2 |
2019-09-01 02:33:45 |
| 94.97.96.139 | attack | CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found |
2019-09-01 02:29:21 |
| 61.183.35.44 | attackbots | Aug 31 19:59:36 srv206 sshd[3754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.183.35.44 user=root Aug 31 19:59:39 srv206 sshd[3754]: Failed password for root from 61.183.35.44 port 56001 ssh2 Aug 31 20:10:35 srv206 sshd[3813]: Invalid user openkm from 61.183.35.44 ... |
2019-09-01 02:16:55 |
| 59.1.116.20 | attackbots | 2019-09-01T00:22:03.547066enmeeting.mahidol.ac.th sshd\[5425\]: User root from 59.1.116.20 not allowed because not listed in AllowUsers 2019-09-01T00:22:03.669978enmeeting.mahidol.ac.th sshd\[5425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.1.116.20 user=root 2019-09-01T00:22:05.829378enmeeting.mahidol.ac.th sshd\[5425\]: Failed password for invalid user root from 59.1.116.20 port 38724 ssh2 ... |
2019-09-01 02:44:50 |
| 59.179.17.140 | attack | Aug 31 15:08:24 xeon sshd[29269]: Failed password for invalid user sikha from 59.179.17.140 port 55768 ssh2 |
2019-09-01 02:29:50 |
| 62.33.72.49 | attackspam | Aug 31 17:52:24 legacy sshd[950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.33.72.49 Aug 31 17:52:26 legacy sshd[950]: Failed password for invalid user admin from 62.33.72.49 port 54842 ssh2 Aug 31 17:57:03 legacy sshd[1083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.33.72.49 ... |
2019-09-01 03:01:36 |