City: unknown
Region: unknown
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.42.40.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57647
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;106.42.40.48. IN A
;; AUTHORITY SECTION:
. 340 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400
;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 21:42:53 CST 2022
;; MSG SIZE rcvd: 105Host 48.40.42.106.in-addr.arpa not found: 2(SERVFAIL)
server can't find 106.42.40.48.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 213.82.214.113 | attack | Trying to deliver email spam, but blocked by RBL |
2019-07-03 04:54:28 |
| 189.18.243.210 | attackbots | Jul 2 10:26:14 plusreed sshd[17075]: Invalid user paula from 189.18.243.210 ... |
2019-07-03 05:07:43 |
| 83.97.20.36 | attack | Jul 2 22:31:29 h2177944 kernel: \[423894.374349\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=83.97.20.36 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=1281 PROTO=TCP SPT=49371 DPT=527 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 2 22:34:51 h2177944 kernel: \[424096.565411\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=83.97.20.36 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=861 PROTO=TCP SPT=49371 DPT=822 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 2 22:38:29 h2177944 kernel: \[424314.743348\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=83.97.20.36 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=37224 PROTO=TCP SPT=49371 DPT=693 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 2 22:38:57 h2177944 kernel: \[424342.893626\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=83.97.20.36 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=40754 PROTO=TCP SPT=49371 DPT=464 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 2 22:39:24 h2177944 kernel: \[424369.020727\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=83.97.20.36 DST=85.214.117.9 LEN=40 TOS=0x00 PREC= |
2019-07-03 05:10:42 |
| 185.176.27.54 | attack | Port scan: Attack repeated for 24 hours |
2019-07-03 04:46:32 |
| 106.225.219.156 | attackspambots | 445/tcp [2019-07-02]1pkt |
2019-07-03 05:00:07 |
| 142.93.168.48 | attackbots | Brute force attempt |
2019-07-03 05:13:51 |
| 183.129.160.229 | attackspam | Scanning (more than 2 packets) random ports - tries to find possible vulnerable services |
2019-07-03 05:12:44 |
| 80.211.7.198 | attack | Jul 2 16:56:33 lnxmail61 sshd[22432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.7.198 |
2019-07-03 05:17:53 |
| 187.28.50.230 | attack | Jul 2 16:12:35 rpi sshd[10171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.28.50.230 Jul 2 16:12:36 rpi sshd[10171]: Failed password for invalid user ek from 187.28.50.230 port 58916 ssh2 |
2019-07-03 04:49:20 |
| 176.222.157.14 | attackspam | 21/tcp 21/tcp 21/tcp [2019-07-02]3pkt |
2019-07-03 04:38:38 |
| 183.60.254.175 | attackspambots | Message meets Alert condition date=2019-07-01 time=03:35:52 devname=FG200E4Q16901016 devid=FG200E4Q16901016 logid=0101037124 type=event subtype=vpn level=error vd=root logdesc="IPsec phase 1 error" msg="IPsec phase 1 error" action=negotiate remip=183.60.254.175 locip=107.178.11.178 remport=500 locport=500 outintf="wan1" cookies="c612e168ba6fda64/0000000000000000" user="N/A" group="N/A" xauthuser="N/A" xauthgroup="N/A" assignip=N/A vpntunnel="N/A" status=negotiate_error reason="peer SA proposal not match local policy" peer_notif="NOT-APPLICABLE" |
2019-07-03 05:00:35 |
| 180.254.120.148 | attackspam | 23/tcp [2019-07-02]1pkt |
2019-07-03 04:52:00 |
| 216.218.206.85 | attack | firewall-block, port(s): 4786/tcp |
2019-07-03 05:02:22 |
| 71.6.232.6 | attack | Port scan: Attack repeated for 24 hours |
2019-07-03 05:14:18 |
| 52.221.240.4 | attack | 6443/tcp [2019-07-02]2pkt |
2019-07-03 05:05:48 |