City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.248.136.86
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44909
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;13.248.136.86. IN A
;; AUTHORITY SECTION:
. 140 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400
;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:18:14 CST 2022
;; MSG SIZE rcvd: 10686.136.248.13.in-addr.arpa domain name pointer afce6207ae184d61c.awsglobalaccelerator.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
86.136.248.13.in-addr.arpa name = afce6207ae184d61c.awsglobalaccelerator.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 180.76.54.158 | attack | Bruteforce detected by fail2ban |
2020-10-14 01:30:02 |
| 167.114.3.105 | attackspam | SSH Brute-Forcing (server1) |
2020-10-14 01:18:57 |
| 79.124.62.86 | attackspambots | Oct 13 19:02:40 *hidden* kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:00:07:7d:bd:41:7f:08:00 SRC=79.124.62.86 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=21421 PROTO=TCP SPT=52019 DPT=424 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 13 19:02:59 *hidden* kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:00:07:7d:bd:41:7f:08:00 SRC=79.124.62.86 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=61455 PROTO=TCP SPT=52019 DPT=41714 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 13 19:03:25 *hidden* kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:00:07:7d:bd:41:7f:08:00 SRC=79.124.62.86 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=48511 PROTO=TCP SPT=52019 DPT=27516 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 13 19:03:45 *hidden* kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:00:07:7d:bd:41:7f:08:00 SRC=79.124.62.86 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=64305 PROTO=TCP SPT=52019 DPT=14329 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 13 19: ... |
2020-10-14 01:49:36 |
| 125.209.70.2 | attack | Unauthorized connection attempt from IP address 125.209.70.2 on Port 445(SMB) |
2020-10-14 01:39:53 |
| 1.214.245.27 | attackbotsspam | various type of attack |
2020-10-14 01:52:01 |
| 140.148.248.8 | attackbotsspam | [Tue Oct 13 06:53:47 2020] IN=enp34s0 OUT= MAC=SERVERMAC SRC=140.148.248.8 DST=MYSERVERIP LEN=52 TOS=0x00 PREC=0x00 TTL=107 ID=3184 DF PROTO=TCP SPT=44932 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 Ports: 445 |
2020-10-14 01:42:15 |
| 139.186.73.140 | attackspambots | Oct 13 14:18:20 sip sshd[1924985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.73.140 Oct 13 14:18:20 sip sshd[1924985]: Invalid user comerciais from 139.186.73.140 port 32880 Oct 13 14:18:22 sip sshd[1924985]: Failed password for invalid user comerciais from 139.186.73.140 port 32880 ssh2 ... |
2020-10-14 01:36:18 |
| 138.201.2.53 | attackspam | Invalid user yoneda from 138.201.2.53 port 57962 |
2020-10-14 01:17:36 |
| 218.92.0.175 | attack | Oct 13 19:01:22 sso sshd[32282]: Failed password for root from 218.92.0.175 port 16082 ssh2 Oct 13 19:01:25 sso sshd[32282]: Failed password for root from 218.92.0.175 port 16082 ssh2 ... |
2020-10-14 01:14:06 |
| 82.130.201.15 | attack | various type of attack |
2020-10-14 01:21:48 |
| 185.152.113.92 | attackspambots | $f2bV_matches |
2020-10-14 01:22:33 |
| 138.59.40.199 | attack | Attempted Brute Force (dovecot) |
2020-10-14 01:28:30 |
| 81.68.126.54 | attackbots | various type of attack |
2020-10-14 01:37:12 |
| 201.174.59.122 | attackspambots | Unauthorized connection attempt from IP address 201.174.59.122 on Port 445(SMB) |
2020-10-14 01:52:20 |
| 175.123.253.220 | attackspambots | $f2bV_matches |
2020-10-14 01:48:29 |