City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.214.185.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31877
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;162.214.185.74. IN A
;; AUTHORITY SECTION:
. 246 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400
;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 19:56:30 CST 2022
;; MSG SIZE rcvd: 10774.185.214.162.in-addr.arpa domain name pointer server.scrantonpa.gov.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
74.185.214.162.in-addr.arpa name = server.scrantonpa.gov.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 212.48.66.26 | attack | Jun 1 00:45:03 emma postfix/smtpd[29112]: connect from vps23280903.123-vps.co.uk[212.48.66.26] Jun 1 00:45:03 emma postfix/smtpd[29112]: Anonymous TLS connection established from vps23280903.123-vps.co.uk[212.48.66.26]: TLSv1.2 whostnameh cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bhostnames) Jun 1 00:45:05 emma postfix/policy-spf[29115]: Policy action=PREPEND Received-SPF: none (elephant-dighostnameal.co.uk: No applicable sender policy available) receiver=x@x Jun x@x Jun 1 00:45:11 emma postfix/smtpd[29112]: disconnect from vps23280903.123-vps.co.uk[212.48.66.26] Jun 1 01:55:03 emma postfix/smtpd[32248]: connect from vps23280903.123-vps.co.uk[212.48.66.26] Jun 1 01:55:03 emma postfix/smtpd[32248]: Anonymous TLS connection established from vps23280903.123-vps.co.uk[212.48.66.26]: TLSv1.2 whostnameh cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bhostnames) Jun 1 01:55:04 emma postfix/policy-spf[32251]: Policy action=PREPEND Received-SPF: none (elephant-dighostnamea........ ------------------------------- |
2020-06-02 20:45:56 |
| 36.230.174.194 | attackspambots | Jun 2 14:08:48 fhem-rasp sshd[8139]: Failed password for root from 36.230.174.194 port 41178 ssh2 Jun 2 14:08:50 fhem-rasp sshd[8139]: Connection closed by authenticating user root 36.230.174.194 port 41178 [preauth] ... |
2020-06-02 20:26:25 |
| 159.138.65.33 | attackbotsspam | Jun 2 02:20:20 web9 sshd\[24582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.65.33 user=root Jun 2 02:20:23 web9 sshd\[24582\]: Failed password for root from 159.138.65.33 port 44506 ssh2 Jun 2 02:23:19 web9 sshd\[24911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.65.33 user=root Jun 2 02:23:21 web9 sshd\[24911\]: Failed password for root from 159.138.65.33 port 39862 ssh2 Jun 2 02:26:18 web9 sshd\[25259\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.65.33 user=root |
2020-06-02 20:30:23 |
| 36.238.191.60 | attack | Jun 2 14:08:34 fhem-rasp sshd[7945]: Failed password for root from 36.238.191.60 port 44085 ssh2 Jun 2 14:08:36 fhem-rasp sshd[7945]: Connection closed by authenticating user root 36.238.191.60 port 44085 [preauth] ... |
2020-06-02 20:49:49 |
| 51.83.216.216 | attackspambots | CMS (WordPress or Joomla) login attempt. |
2020-06-02 20:11:06 |
| 94.102.56.215 | attackspambots | Jun 2 14:42:11 debian-2gb-nbg1-2 kernel: \[13360498.589393\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.56.215 DST=195.201.40.59 LEN=57 TOS=0x00 PREC=0x00 TTL=247 ID=54321 PROTO=UDP SPT=54646 DPT=34096 LEN=37 |
2020-06-02 20:43:34 |
| 221.124.117.55 | attackspambots | Jun 2 14:08:39 fhem-rasp sshd[8040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.124.117.55 Jun 2 14:08:40 fhem-rasp sshd[8040]: Failed password for invalid user admin from 221.124.117.55 port 36446 ssh2 ... |
2020-06-02 20:44:48 |
| 61.216.2.79 | attack |
|
2020-06-02 20:30:39 |
| 112.85.42.188 | attackbotsspam | 06/02/2020-08:23:16.368894 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan |
2020-06-02 20:25:33 |
| 140.143.16.248 | attack | Bruteforce detected by fail2ban |
2020-06-02 20:38:18 |
| 118.69.182.217 | attackspambots | Automatic report - Banned IP Access |
2020-06-02 20:40:37 |
| 163.172.42.21 | attackbots | Jun 2 11:46:38 netserv300 sshd[31120]: Connection from 163.172.42.21 port 57330 on 178.63.236.20 port 22 Jun 2 11:47:07 netserv300 sshd[31127]: Connection from 163.172.42.21 port 42846 on 178.63.236.20 port 22 Jun 2 11:47:14 netserv300 sshd[31129]: Connection from 163.172.42.21 port 56662 on 178.63.236.20 port 22 Jun 2 11:47:22 netserv300 sshd[31133]: Connection from 163.172.42.21 port 42276 on 178.63.236.20 port 22 Jun 2 11:47:29 netserv300 sshd[31135]: Connection from 163.172.42.21 port 56112 on 178.63.236.20 port 22 Jun 2 11:47:37 netserv300 sshd[31137]: Connection from 163.172.42.21 port 41710 on 178.63.236.20 port 22 Jun 2 11:47:44 netserv300 sshd[31139]: Connection from 163.172.42.21 port 55548 on 178.63.236.20 port 22 Jun 2 11:47:52 netserv300 sshd[31144]: Connection from 163.172.42.21 port 41154 on 178.63.236.20 port 22 Jun 2 11:47:59 netserv300 sshd[31146]: Connection from 163.172.42.21 port 54990 on 178.63.236.20 port 22 Jun 2 11:48:07 netserv300 sshd........ ------------------------------ |
2020-06-02 20:14:05 |
| 112.197.139.117 | attackbots | Jun 2 14:08:34 fhem-rasp sshd[7977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.197.139.117 Jun 2 14:08:37 fhem-rasp sshd[7977]: Failed password for invalid user ubnt from 112.197.139.117 port 35332 ssh2 ... |
2020-06-02 20:49:13 |
| 91.214.114.7 | attackbotsspam | Brute force attempt |
2020-06-02 20:37:45 |
| 67.207.89.207 | attack | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-06-02 20:43:55 |