City: unknown
Region: unknown
Country: None
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 12.106.87.32
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14836
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;12.106.87.32. IN A
;; AUTHORITY SECTION:
. 600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022001 1800 900 604800 86400
;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 21 02:15:42 CST 2022
;; MSG SIZE rcvd: 10532.87.106.12.in-addr.arpa domain name pointer info.quest.com.
32.87.106.12.in-addr.arpa domain name pointer klg.com.
32.87.106.12.in-addr.arpa domain name pointer magnum-tech.com.
32.87.106.12.in-addr.arpa domain name pointer passgo.com.
32.87.106.12.in-addr.arpa domain name pointer provisionnetworks.com.
32.87.106.12.in-addr.arpa domain name pointer questsoftware.be.
32.87.106.12.in-addr.arpa domain name pointer resources.passgo.com.
32.87.106.12.in-addr.arpa domain name pointer sharepointstudio.info.
32.87.106.12.in-addr.arpa domain name pointer vintela.com.
32.87.106.12.in-addr.arpa domain name pointer workplacearchitects.info.
32.87.106.12.in-addr.arpa domain name pointer workplacearchitects.net.
32.87.106.12.in-addr.arpa domain name pointer workplacearchitects.org.
32.87.106.12.in-addr.arpa domain name pointer www.aelita.com.
32.87.106.12.in-addr.arpa domain name pointer www.aftermail.com.
32.87.106.12.in-addr.arpa domain name pointer www.directorymanagement.com.
32.87.106.12.in-addr.arpa domain name poib';; Truncated, retrying in TCP mode.
32.87.106.12.in-addr.arpa name = www.aftermail.com.
32.87.106.12.in-addr.arpa name = www.exchangegurus.com.
32.87.106.12.in-addr.arpa name = questsoftware.be.
32.87.106.12.in-addr.arpa name = workplacearchitects.info.
32.87.106.12.in-addr.arpa name = www.itadvantage.eu.
32.87.106.12.in-addr.arpa name = magnum-tech.com.
32.87.106.12.in-addr.arpa name = www.questsoftware.ie.
32.87.106.12.in-addr.arpa name = www.passgo.com.
32.87.106.12.in-addr.arpa name = info.quest.com.
32.87.106.12.in-addr.arpa name = workplacearchitects.org.
32.87.106.12.in-addr.arpa name = www.aelita.com.
32.87.106.12.in-addr.arpa name = vintela.com.
32.87.106.12.in-addr.arpa name = www.directorymanagement.com.
32.87.106.12.in-addr.arpa name = www.qmaster.com.
32.87.106.12.in-addr.arpa name = sharepointstudio.info.
32.87.106.12.in-addr.arpa name = passgo.com.
32.87.106.12.in-addr.arpa name = www.quest.com.
32.87.106.12.in-addr.arpa name = idisoft.com.
32.87.106.12.in-addr.arpa name = www.jprobe.eu.
32.87.106.12.in-addr.arpa name = www.qsft.com.
32.87.106.12.in-addr.arpa name = www.idisoft.com.
32.87.106.12.in-addr.arpa name = provisionnetworks.com.
32.87.106.12.in-addr.arpa name = www.xaffire.com.
32.87.106.12.in-addr.arpa name = www.fastlane.com.
32.87.106.12.in-addr.arpa name = www.questcentral.eu.
32.87.106.12.in-addr.arpa name = www.dmsuite.com.
32.87.106.12.in-addr.arpa name = resources.passgo.com.
32.87.106.12.in-addr.arpa name = www.storageoptimization.com.
32.87.106.12.in-addr.arpa name = xaffire.com.
32.87.106.12.in-addr.arpa name = www.shareplex.com.
32.87.106.12.in-addr.arpa name = workplacearchitects.net.
32.87.106.12.in-addr.arpa name = klg.com.
Authoritative answers can be found from:
'| IP | Type | Details | Datetime |
|---|---|---|---|
| 40.83.76.21 | attackspam | Honeypot attack, port: 445, PTR: PTR record not found |
2019-11-27 20:24:10 |
| 145.255.28.2 | attack | Unauthorized connection attempt from IP address 145.255.28.2 on Port 445(SMB) |
2019-11-27 20:43:43 |
| 112.29.172.224 | attack | Nov 27 12:13:56 server2 sshd\[25926\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers Nov 27 12:13:57 server2 sshd\[25939\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers Nov 27 12:14:10 server2 sshd\[25967\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers Nov 27 12:18:04 server2 sshd\[26266\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers Nov 27 12:19:08 server2 sshd\[26273\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers Nov 27 12:21:53 server2 sshd\[26522\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers |
2019-11-27 20:23:50 |
| 68.183.124.53 | attackspam | Nov 27 13:26:53 vpn01 sshd[25807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.124.53 Nov 27 13:26:54 vpn01 sshd[25807]: Failed password for invalid user gdm from 68.183.124.53 port 51104 ssh2 ... |
2019-11-27 20:42:28 |
| 203.129.226.99 | attack | Nov 27 06:54:29 ns382633 sshd\[21687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.129.226.99 user=root Nov 27 06:54:31 ns382633 sshd\[21687\]: Failed password for root from 203.129.226.99 port 19959 ssh2 Nov 27 07:18:20 ns382633 sshd\[26053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.129.226.99 user=root Nov 27 07:18:22 ns382633 sshd\[26053\]: Failed password for root from 203.129.226.99 port 52116 ssh2 Nov 27 07:22:30 ns382633 sshd\[26827\]: Invalid user erol from 203.129.226.99 port 9510 Nov 27 07:22:30 ns382633 sshd\[26827\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.129.226.99 |
2019-11-27 20:27:30 |
| 187.44.113.33 | attackbotsspam | Nov 27 07:16:14 TORMINT sshd\[14457\]: Invalid user egg from 187.44.113.33 Nov 27 07:16:14 TORMINT sshd\[14457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.44.113.33 Nov 27 07:16:16 TORMINT sshd\[14457\]: Failed password for invalid user egg from 187.44.113.33 port 34302 ssh2 ... |
2019-11-27 20:24:30 |
| 209.17.97.26 | attackbots | Automatic report - Banned IP Access |
2019-11-27 20:27:11 |
| 58.254.132.41 | attackspam | Invalid user admin from 58.254.132.41 port 59742 |
2019-11-27 20:46:28 |
| 85.185.81.132 | attack | Unauthorised access (Nov 27) SRC=85.185.81.132 LEN=52 PREC=0x20 TTL=103 ID=5021 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 26) SRC=85.185.81.132 LEN=52 TTL=94 ID=22730 DF TCP DPT=445 WINDOW=8192 SYN |
2019-11-27 20:35:38 |
| 192.129.254.127 | attackbotsspam | [2019/11/27 上午 08:32:11] [852] 192.129.254.127 找不到此信箱或已被停用 : hacker@192.129.254.127 >>Because the sender is a loser without girlfriend, he will only indulge in the Internet all day to explore the privacy. [2019/11/27 上午 08:32:11] [852] SMTP 服務中斷從 192.129.254.127 來的連線 |
2019-11-27 20:58:15 |
| 59.175.145.101 | attack | 11/27/2019-07:21:31.699598 59.175.145.101 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433 |
2019-11-27 21:02:30 |
| 51.77.231.213 | attackspam | Invalid user admin from 51.77.231.213 port 45950 |
2019-11-27 20:39:10 |
| 106.13.31.93 | attackspambots | Nov 25 11:11:27 myhostname sshd[20082]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.31.93 user=r.r Nov 25 11:11:29 myhostname sshd[20082]: Failed password for r.r from 106.13.31.93 port 33620 ssh2 Nov 25 11:11:30 myhostname sshd[20082]: Received disconnect from 106.13.31.93 port 33620:11: Bye Bye [preauth] Nov 25 11:11:30 myhostname sshd[20082]: Disconnected from 106.13.31.93 port 33620 [preauth] Nov 25 11:34:48 myhostname sshd[10666]: Invalid user lotze from 106.13.31.93 Nov 25 11:34:48 myhostname sshd[10666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.31.93 Nov 25 11:34:50 myhostname sshd[10666]: Failed password for invalid user lotze from 106.13.31.93 port 46902 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.31.93 |
2019-11-27 20:22:31 |
| 125.27.220.66 | attackspam | Honeypot attack, port: 23, PTR: node-17ia.pool-125-27.dynamic.totinternet.net. |
2019-11-27 20:49:40 |
| 5.54.10.221 | attackspam | Honeypot attack, port: 23, PTR: ppp005054010221.access.hol.gr. |
2019-11-27 20:42:46 |