City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.198.4.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1110
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;134.198.4.85. IN A
;; AUTHORITY SECTION:
. 471 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400
;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:40:49 CST 2022
;; MSG SIZE rcvd: 10585.4.198.134.in-addr.arpa domain name pointer admissions.scranton.edu.
85.4.198.134.in-addr.arpa domain name pointer news.scranton.edu.
85.4.198.134.in-addr.arpa domain name pointer www.alloneforautism.org.
85.4.198.134.in-addr.arpa domain name pointer alloneforautism.org.
85.4.198.134.in-addr.arpa domain name pointer alloneforautism.com.
85.4.198.134.in-addr.arpa domain name pointer www.alloneforautism.com.
85.4.198.134.in-addr.arpa domain name pointer matrix.scranton.edu.
85.4.198.134.in-addr.arpa domain name pointer cms.scranton.edu.
85.4.198.134.in-addr.arpa domain name pointer 125th.scranton.edu.
85.4.198.134.in-addr.arpa domain name pointer ajculib.scranton.edu.
85.4.198.134.in-addr.arpa domain name pointer academic.scranton.edu.
85.4.198.134.in-addr.arpa domain name pointer scranton.edu.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
85.4.198.134.in-addr.arpa name = academic.scranton.edu.
85.4.198.134.in-addr.arpa name = scranton.edu.
85.4.198.134.in-addr.arpa name = admissions.scranton.edu.
85.4.198.134.in-addr.arpa name = news.scranton.edu.
85.4.198.134.in-addr.arpa name = www.alloneforautism.org.
85.4.198.134.in-addr.arpa name = alloneforautism.org.
85.4.198.134.in-addr.arpa name = alloneforautism.com.
85.4.198.134.in-addr.arpa name = www.alloneforautism.com.
85.4.198.134.in-addr.arpa name = matrix.scranton.edu.
85.4.198.134.in-addr.arpa name = cms.scranton.edu.
85.4.198.134.in-addr.arpa name = 125th.scranton.edu.
85.4.198.134.in-addr.arpa name = ajculib.scranton.edu.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 34.71.250.163 | attack | 34.71.250.163 - - \[25/Aug/2020:08:51:30 +0300\] "POST //wordpress//wp-login.php HTTP/1.1" 200 6220 "https://www.versocapital.de//wordpress//wp-login.php" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/78.0.3904.108 Safari/537.36" "-" 34.71.250.163 - - \[25/Aug/2020:08:51:30 +0300\] "POST //wordpress//wp-login.php HTTP/1.1" 200 6220 "https://www.versocapital.de//wordpress//wp-login.php" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/78.0.3904.108 Safari/537.36" "-" 34.71.250.163 - - \[25/Aug/2020:08:51:31 +0300\] "POST //wordpress//wp-login.php HTTP/1.1" 200 6220 "https://www.versocapital.de//wordpress//wp-login.php" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/78.0.3904.108 Safari/537.36" "-" 34.71.250.163 - - \[25/Aug/2020:08:51:31 +0300\] "POST //wordpress//wp-login.php HTTP/1.1" 200 6220 "https://www.versocapital.de//wordpress//wp-login.p ... |
2020-08-25 18:12:12 |
| 185.39.11.32 | attack | SmallBizIT.US 4 packets to tcp(3395,3397,3398,3417) |
2020-08-25 18:33:12 |
| 60.2.221.53 | attack | firewall-block, port(s): 1433/tcp |
2020-08-25 18:43:46 |
| 189.203.178.109 | attackspambots | Port probing on unauthorized port 445 |
2020-08-25 18:09:38 |
| 65.49.20.68 | attackbotsspam | 2020-08-24 UTC: (2x) - |
2020-08-25 18:12:36 |
| 74.82.47.27 | attackspambots | " " |
2020-08-25 18:27:14 |
| 51.79.51.241 | attackspam | Invalid user jboss from 51.79.51.241 port 53042 |
2020-08-25 18:05:01 |
| 191.234.186.218 | attack | detected by Fail2Ban |
2020-08-25 18:22:45 |
| 51.255.64.58 | attack | 51.255.64.58 - - \[25/Aug/2020:11:55:33 +0200\] "POST /wp-login.php HTTP/1.0" 200 9274 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 51.255.64.58 - - \[25/Aug/2020:11:55:34 +0200\] "POST /wp-login.php HTTP/1.0" 200 9243 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 51.255.64.58 - - \[25/Aug/2020:11:55:34 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-08-25 18:31:19 |
| 77.23.20.58 | attackbots | C2,WP GET /wp-login.php |
2020-08-25 18:19:41 |
| 185.153.45.174 | attackspam | 1598327431 - 08/25/2020 05:50:31 Host: 185.153.45.174/185.153.45.174 Port: 23 TCP Blocked ... |
2020-08-25 18:23:57 |
| 88.152.29.204 | attackbotsspam | Aug 24 09:49:54 vps8769 sshd[20994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.152.29.204 Aug 24 09:49:56 vps8769 sshd[20995]: Failed password for invalid user pi from 88.152.29.204 port 33924 ssh2 Aug 24 09:49:56 vps8769 sshd[20994]: Failed password for invalid user pi from 88.152.29.204 port 33922 ssh2 ... |
2020-08-25 18:15:34 |
| 103.228.160.220 | attackbots | 2020-08-25T11:54:28+0200 Failed SSH Authentication/Brute Force Attack. (Server 5) |
2020-08-25 18:37:02 |
| 106.12.69.53 | attackbotsspam | srv02 Mass scanning activity detected Target: 26969 .. |
2020-08-25 18:06:24 |
| 122.166.237.117 | attackbots | Aug 25 11:09:03 server sshd[17726]: Failed password for invalid user craig from 122.166.237.117 port 11711 ssh2 Aug 25 11:13:53 server sshd[23950]: Failed password for invalid user xjf from 122.166.237.117 port 46973 ssh2 Aug 25 11:18:38 server sshd[30250]: Failed password for invalid user redmine from 122.166.237.117 port 51657 ssh2 |
2020-08-25 18:34:46 |