City: San Francisco
Region: California
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: Sonic Telecom LLC
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.131.220.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42253
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.131.220.45. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019051700 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri May 17 23:18:18 CST 2019
;; MSG SIZE rcvd: 118
45.220.131.157.in-addr.arpa domain name pointer 157-131-220-45.fiber.dynamic.sonic.net.
Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
45.220.131.157.in-addr.arpa name = 157-131-220-45.fiber.dynamic.sonic.net.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 36.153.0.228 | attackspambots | Mar 6 15:52:33 server1 sshd\[4913\]: Invalid user user from 36.153.0.228 Mar 6 15:52:33 server1 sshd\[4913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.153.0.228 Mar 6 15:52:35 server1 sshd\[4913\]: Failed password for invalid user user from 36.153.0.228 port 4304 ssh2 Mar 6 16:02:13 server1 sshd\[7636\]: Invalid user user0 from 36.153.0.228 Mar 6 16:02:14 server1 sshd\[7636\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.153.0.228 ... |
2020-03-07 07:22:47 |
| 103.242.118.180 | attack | SpamScore above: 10.0 |
2020-03-07 07:09:30 |
| 202.141.230.42 | attack | 20/3/6@17:05:52: FAIL: Alarm-Telnet address from=202.141.230.42 ... |
2020-03-07 06:44:36 |
| 79.188.9.30 | attack | Automatic report - Port Scan Attack |
2020-03-07 06:47:21 |
| 165.227.53.241 | attackspam | (sshd) Failed SSH login from 165.227.53.241 (US/United States/268019.cloudwaysapps.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 6 23:37:51 amsweb01 sshd[16040]: User mysql from 165.227.53.241 not allowed because not listed in AllowUsers Mar 6 23:37:51 amsweb01 sshd[16040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.53.241 user=mysql Mar 6 23:37:53 amsweb01 sshd[16040]: Failed password for invalid user mysql from 165.227.53.241 port 39831 ssh2 Mar 6 23:41:31 amsweb01 sshd[16301]: Invalid user ubuntu from 165.227.53.241 port 52894 Mar 6 23:41:32 amsweb01 sshd[16301]: Failed password for invalid user ubuntu from 165.227.53.241 port 52894 ssh2 |
2020-03-07 06:43:16 |
| 134.73.51.243 | attack | Mar 6 23:06:14 mail.srvfarm.net postfix/smtpd[2297865]: NOQUEUE: reject: RCPT from unknown[134.73.51.243]: 450 4.1.8 |
2020-03-07 06:58:36 |
| 14.161.45.187 | attack | Mar 6 23:29:39 srv01 sshd[25227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 user=root Mar 6 23:29:41 srv01 sshd[25227]: Failed password for root from 14.161.45.187 port 47193 ssh2 Mar 6 23:32:08 srv01 sshd[25468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 user=root Mar 6 23:32:10 srv01 sshd[25468]: Failed password for root from 14.161.45.187 port 38584 ssh2 Mar 6 23:34:36 srv01 sshd[25606]: Invalid user amit from 14.161.45.187 port 58210 ... |
2020-03-07 07:13:29 |
| 104.229.203.202 | attackspam | SSH bruteforce (Triggered fail2ban) |
2020-03-07 07:15:08 |
| 181.48.134.65 | attackbotsspam | Mar 6 23:05:33 |
2020-03-07 06:52:33 |
| 178.33.12.237 | attackspambots | $f2bV_matches |
2020-03-07 06:55:50 |
| 106.13.184.99 | attack | Mar 6 22:52:59 server sshd[1943081]: Failed password for root from 106.13.184.99 port 39560 ssh2 Mar 6 23:01:14 server sshd[1957161]: Failed password for root from 106.13.184.99 port 44718 ssh2 Mar 6 23:05:45 server sshd[1964404]: Failed password for root from 106.13.184.99 port 45204 ssh2 |
2020-03-07 06:47:43 |
| 222.186.31.83 | attack | Mar 7 00:19:26 debian64 sshd[421]: Failed password for root from 222.186.31.83 port 59771 ssh2 Mar 7 00:19:31 debian64 sshd[421]: Failed password for root from 222.186.31.83 port 59771 ssh2 ... |
2020-03-07 07:23:16 |
| 134.3.15.111 | attackbots | " " |
2020-03-07 07:18:29 |
| 183.82.121.34 | attackbots | Mar 6 23:08:13 |
2020-03-07 07:05:49 |
| 177.128.137.147 | attackbots | 1583532352 - 03/06/2020 23:05:52 Host: 177.128.137.147/177.128.137.147 Port: 23 TCP Blocked |
2020-03-07 06:44:58 |