City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 155.97.149.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5587
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;155.97.149.82. IN A
;; AUTHORITY SECTION:
. 291 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400
;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 18:56:11 CST 2022
;; MSG SIZE rcvd: 106
Host 82.149.97.155.in-addr.arpa not found: 2(SERVFAIL)
b';; Truncated, retrying in TCP mode.
82.149.97.155.in-addr.arpa name = diversity.utah.edu.
82.149.97.155.in-addr.arpa name = ethnic.utah.edu.
82.149.97.155.in-addr.arpa name = pmst.utah.edu.
82.149.97.155.in-addr.arpa name = frontiers.utah.edu.
82.149.97.155.in-addr.arpa name = ita-is.utah.edu.
82.149.97.155.in-addr.arpa name = chicano.utah.edu.
82.149.97.155.in-addr.arpa name = centers.utah.edu.
82.149.97.155.in-addr.arpa name = tvplab.utah.edu.
82.149.97.155.in-addr.arpa name = content.gradschool.utah.edu.
82.149.97.155.in-addr.arpa name = transform.utah.edu.
82.149.97.155.in-addr.arpa name = shawlab.cvrti.utah.edu.
82.149.97.155.in-addr.arpa name = scienceofhiv.org.
82.149.97.155.in-addr.arpa name = gregglab.neuro.utah.edu.
82.149.97.155.in-addr.arpa name = rocklab.earth.utah.edu.
82.149.97.155.in-addr.arpa name = postdocs.utah.edu.
82.149.97.155.in-addr.arpa name = rocklab.web.utah.edu.
82.149.97.155.in-addr.arpa name = aromolaranlab.cvrti.utah.edu.
82.149.97.155.in-addr.arpa name = accreditation.utah.edu.
82.149.97.155.in-addr.arpa name = portal.sys.utah.edu.
82.149.97.155.in-addr.arpa name = genderstudies.utah.edu.
82.149.97.155.in-addr.arpa name = fulbright.utah.edu.
82.149.97.155.in-addr.arpa name = www.bjrl.utah.edu.
82.149.97.155.in-addr.arpa name = www.ptc.utah.edu.
82.149.97.155.in-addr.arpa name = maricqlab.neuro.utah.edu.
82.149.97.155.in-addr.arpa name = surtsey50years.utah.edu.
82.149.97.155.in-addr.arpa name = upda.utah.edu.
82.149.97.155.in-addr.arpa name = www.cvrti.utah.edu.
Authoritative answers can be found from:
'
| IP | Type | Details | Datetime |
|---|---|---|---|
| 187.176.5.136 | attackspambots | Mar 16 06:07:58 debian-2gb-nbg1-2 kernel: \[6594400.146495\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=187.176.5.136 DST=195.201.40.59 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=61643 DF PROTO=TCP SPT=43738 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 |
2020-03-16 22:29:24 |
| 46.38.145.4 | attackspam | Mar 16 15:21:08 srv01 postfix/smtpd\[6507\]: warning: unknown\[46.38.145.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 16 15:21:39 srv01 postfix/smtpd\[6507\]: warning: unknown\[46.38.145.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 16 15:22:09 srv01 postfix/smtpd\[6507\]: warning: unknown\[46.38.145.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 16 15:22:40 srv01 postfix/smtpd\[6507\]: warning: unknown\[46.38.145.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 16 15:23:11 srv01 postfix/smtpd\[31749\]: warning: unknown\[46.38.145.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-03-16 22:24:48 |
| 69.94.144.45 | attack | Mar 16 13:23:28 web01 postfix/smtpd[12369]: warning: hostname wine.myginni.com does not resolve to address 69.94.144.45 Mar 16 13:23:28 web01 postfix/smtpd[12369]: connect from unknown[69.94.144.45] Mar 16 13:23:28 web01 policyd-spf[12373]: None; identhostnamey=helo; client-ip=69.94.144.45; helo=wine.tipsboi.com; envelope-from=x@x Mar 16 13:23:28 web01 policyd-spf[12373]: Pass; identhostnamey=mailfrom; client-ip=69.94.144.45; helo=wine.tipsboi.com; envelope-from=x@x Mar x@x Mar 16 13:23:29 web01 postfix/smtpd[12369]: disconnect from unknown[69.94.144.45] Mar 16 13:23:36 web01 postfix/smtpd[12370]: warning: hostname wine.myginni.com does not resolve to address 69.94.144.45 Mar 16 13:23:36 web01 postfix/smtpd[12370]: connect from unknown[69.94.144.45] Mar 16 13:23:37 web01 policyd-spf[12375]: None; identhostnamey=helo; client-ip=69.94.144.45; helo=wine.tipsboi.com; envelope-from=x@x Mar 16 13:23:37 web01 policyd-spf[12375]: Pass; identhostnamey=mailfrom; client-ip=69.94.1........ ------------------------------- |
2020-03-16 22:54:30 |
| 85.210.212.233 | attack | Unauthorised access (Mar 16) SRC=85.210.212.233 LEN=44 TTL=55 ID=947 TCP DPT=8080 WINDOW=11162 SYN |
2020-03-16 22:37:27 |
| 80.17.244.2 | attack | SSH bruteforce (Triggered fail2ban) |
2020-03-16 22:52:24 |
| 51.254.129.170 | attackspam | $f2bV_matches |
2020-03-16 22:41:32 |
| 113.20.86.138 | attackbotsspam | FJ_APNIC-HM_<177>1584369940 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: |
2020-03-16 23:03:42 |
| 180.242.223.68 | attackspam | Mar 16 08:06:10 vmd17057 sshd[19985]: Failed password for root from 180.242.223.68 port 21239 ssh2 ... |
2020-03-16 22:21:44 |
| 116.108.64.43 | attack | Port probing on unauthorized port 23 |
2020-03-16 22:30:18 |
| 182.176.149.2 | attackbotsspam | Unauthorized connection attempt from IP address 182.176.149.2 on Port 445(SMB) |
2020-03-16 22:21:09 |
| 194.61.27.243 | attackbots | Mar 16 15:45:50 debian-2gb-nbg1-2 kernel: \[6629070.051033\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.61.27.243 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=53155 PROTO=TCP SPT=47589 DPT=3386 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-16 22:50:23 |
| 50.116.101.52 | attack | 2020-03-16T11:40:27.331970jannga.de sshd[18108]: Failed password for root from 50.116.101.52 port 56824 ssh2 2020-03-16T11:55:21.811957jannga.de sshd[18984]: Invalid user yousnow from 50.116.101.52 port 57008 ... |
2020-03-16 22:23:12 |
| 41.205.53.96 | attackbotsspam | Honeypot attack, port: 445, PTR: cust96-53.205.41.tvcabo.ao. |
2020-03-16 22:43:39 |
| 71.226.81.128 | attackbots | " " |
2020-03-16 22:15:12 |
| 88.255.50.6 | attack | Honeypot attack, port: 445, PTR: 88.255.50.6.static.ttnet.com.tr. |
2020-03-16 22:27:08 |