City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.83.25.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56014
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;158.83.25.25. IN A
;; AUTHORITY SECTION:
. 599 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400
;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 13:35:52 CST 2022
;; MSG SIZE rcvd: 10525.25.83.158.in-addr.arpa domain name pointer cwis.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer desire2learn.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer eventphotos.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer cms.gcportal.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer dev.gcportal.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer www.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer scheduler.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer www.gcportal.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer parking.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer surveys.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer prodou.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer banner.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer cutv.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer m.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer wcal.calu.edu.
25.25.83.158.in-addr.arpa domain name pointer calucenter.cab';; Truncated, retrying in TCP mode.
25.25.83.158.in-addr.arpa name = calu.edu.
25.25.83.158.in-addr.arpa name = eventphotos.calu.edu.
25.25.83.158.in-addr.arpa name = www.gcportal.calu.edu.
25.25.83.158.in-addr.arpa name = desire2learn.calu.edu.
25.25.83.158.in-addr.arpa name = m.calu.edu.
25.25.83.158.in-addr.arpa name = www.calu.edu.
25.25.83.158.in-addr.arpa name = cms.gcportal.calu.edu.
25.25.83.158.in-addr.arpa name = scheduler.calu.edu.
25.25.83.158.in-addr.arpa name = prodou.calu.edu.
25.25.83.158.in-addr.arpa name = cwis.calu.edu.
25.25.83.158.in-addr.arpa name = calucenter.calu.edu.
25.25.83.158.in-addr.arpa name = parking.calu.edu.
25.25.83.158.in-addr.arpa name = gameregister.calu.edu.
25.25.83.158.in-addr.arpa name = wcal.calu.edu.
25.25.83.158.in-addr.arpa name = cutv.calu.edu.
25.25.83.158.in-addr.arpa name = banner.calu.edu.
25.25.83.158.in-addr.arpa name = devou.calu.edu.
25.25.83.158.in-addr.arpa name = dev.calu.edu.
25.25.83.158.in-addr.arpa name = sai.calu.edu.
25.25.83.158.in-addr.arpa name = bannertest.calu.edu.
25.25.83.158.in-addr.arpa name = surveys.calu.edu.
25.25.83.158.in-addr.arpa name = dev.gcportal.calu.edu.
25.25.83.158.in-addr.arpa name = archive.calu.edu.
25.25.83.158.in-addr.arpa name = institutes.calu.edu.
25.25.83.158.in-addr.arpa name = d2l.calu.edu.
Authoritative answers can be found from:
'| IP | Type | Details | Datetime |
|---|---|---|---|
| 124.204.36.138 | attack | Oct 6 19:33:05 vps647732 sshd[14092]: Failed password for root from 124.204.36.138 port 38546 ssh2 ... |
2019-10-07 01:53:40 |
| 51.79.71.142 | attackbotsspam | 2019-10-06T17:40:26.589522shield sshd\[13179\]: Invalid user P4ssw0rt@1234 from 51.79.71.142 port 53746 2019-10-06T17:40:26.594021shield sshd\[13179\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.ip-51-79-71.net 2019-10-06T17:40:28.928076shield sshd\[13179\]: Failed password for invalid user P4ssw0rt@1234 from 51.79.71.142 port 53746 ssh2 2019-10-06T17:44:41.453759shield sshd\[13757\]: Invalid user Travel@123 from 51.79.71.142 port 37634 2019-10-06T17:44:41.458581shield sshd\[13757\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.ip-51-79-71.net |
2019-10-07 01:47:21 |
| 159.89.194.103 | attackspambots | Oct 6 18:39:15 SilenceServices sshd[8367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.194.103 Oct 6 18:39:16 SilenceServices sshd[8367]: Failed password for invalid user Pa$$word@2019 from 159.89.194.103 port 58168 ssh2 Oct 6 18:43:48 SilenceServices sshd[9627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.194.103 |
2019-10-07 01:40:10 |
| 52.163.221.85 | attackspambots | Oct 6 07:25:02 php1 sshd\[6499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.163.221.85 user=root Oct 6 07:25:05 php1 sshd\[6499\]: Failed password for root from 52.163.221.85 port 47706 ssh2 Oct 6 07:29:24 php1 sshd\[6925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.163.221.85 user=root Oct 6 07:29:25 php1 sshd\[6925\]: Failed password for root from 52.163.221.85 port 32792 ssh2 Oct 6 07:33:45 php1 sshd\[7454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.163.221.85 user=root |
2019-10-07 01:43:16 |
| 180.67.91.233 | attack | Unauthorised access (Oct 6) SRC=180.67.91.233 LEN=52 TTL=117 ID=7259 DF TCP DPT=1433 WINDOW=8192 SYN |
2019-10-07 02:18:54 |
| 218.92.0.198 | attack | Oct 6 17:53:40 legacy sshd[19989]: Failed password for root from 218.92.0.198 port 23039 ssh2 Oct 6 17:53:42 legacy sshd[19989]: Failed password for root from 218.92.0.198 port 23039 ssh2 Oct 6 17:53:44 legacy sshd[19989]: Failed password for root from 218.92.0.198 port 23039 ssh2 ... |
2019-10-07 02:12:34 |
| 192.99.36.76 | attack | Oct 6 01:52:24 php1 sshd\[5404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.36.76 user=root Oct 6 01:52:26 php1 sshd\[5404\]: Failed password for root from 192.99.36.76 port 44272 ssh2 Oct 6 01:56:24 php1 sshd\[5739\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.36.76 user=root Oct 6 01:56:26 php1 sshd\[5739\]: Failed password for root from 192.99.36.76 port 56622 ssh2 Oct 6 02:00:26 php1 sshd\[6058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.36.76 user=root |
2019-10-07 01:57:21 |
| 49.234.207.171 | attackspam | Oct 6 18:07:35 vps647732 sshd[12494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.207.171 Oct 6 18:07:37 vps647732 sshd[12494]: Failed password for invalid user 789UIOjkl from 49.234.207.171 port 50068 ssh2 ... |
2019-10-07 02:17:02 |
| 82.165.133.145 | attackspam | fail2ban honeypot |
2019-10-07 01:38:33 |
| 5.188.210.47 | attackbotsspam | Automatic report - XMLRPC Attack |
2019-10-07 01:57:50 |
| 54.39.148.234 | attackbots | Oct 6 15:16:37 vpn01 sshd[22500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.148.234 Oct 6 15:16:39 vpn01 sshd[22500]: Failed password for invalid user carapp from 54.39.148.234 port 42264 ssh2 ... |
2019-10-07 02:18:33 |
| 198.108.66.238 | attackbotsspam | firewall-block, port(s): 443/tcp |
2019-10-07 02:05:32 |
| 128.199.223.127 | attack | www.handydirektreparatur.de 128.199.223.127 \[06/Oct/2019:17:37:36 +0200\] "POST /wp-login.php HTTP/1.1" 200 5665 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 128.199.223.127 \[06/Oct/2019:17:37:37 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4114 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-10-07 02:03:34 |
| 50.99.193.144 | attackspambots | Oct 6 13:40:22 vpn01 sshd[18797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.99.193.144 Oct 6 13:40:24 vpn01 sshd[18797]: Failed password for invalid user amanda from 50.99.193.144 port 36154 ssh2 ... |
2019-10-07 01:59:16 |
| 104.248.27.238 | attack | WordPress wp-login brute force :: 104.248.27.238 0.056 BYPASS [07/Oct/2019:04:26:15 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2019-10-07 01:43:48 |