City: unknown
Region: unknown
Country: United States
Internet Service Provider: Verizon
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 166.142.19.76
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38333
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;166.142.19.76. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019091101 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 12 02:46:09 CST 2019
;; MSG SIZE rcvd: 117
76.19.142.166.in-addr.arpa domain name pointer 76.sub-166-142-19.myvzw.com.
Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
76.19.142.166.in-addr.arpa name = 76.sub-166-142-19.myvzw.com.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 146.88.240.4 | attackbots | firewall-block, port(s): 389/udp, 500/udp, 5060/udp, 6881/udp, 21025/udp, 27015/udp, 27020/udp, 51413/udp |
2020-08-21 18:23:06 |
| 218.92.0.224 | attackbots | Aug 21 11:45:01 sd-69548 sshd[104895]: Unable to negotiate with 218.92.0.224 port 36205: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Aug 21 12:21:11 sd-69548 sshd[107382]: Unable to negotiate with 218.92.0.224 port 29859: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ... |
2020-08-21 18:23:37 |
| 202.152.1.67 | attackbotsspam | Aug 21 06:22:43 plg sshd[28688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.152.1.67 Aug 21 06:22:45 plg sshd[28688]: Failed password for invalid user zhanglei from 202.152.1.67 port 39066 ssh2 Aug 21 06:24:56 plg sshd[28711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.152.1.67 Aug 21 06:24:58 plg sshd[28711]: Failed password for invalid user lum from 202.152.1.67 port 35708 ssh2 Aug 21 06:27:07 plg sshd[28882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.152.1.67 Aug 21 06:27:09 plg sshd[28882]: Failed password for invalid user grid from 202.152.1.67 port 60582 ssh2 ... |
2020-08-21 18:22:37 |
| 113.244.149.69 | attack | Automatic report - Port Scan Attack |
2020-08-21 18:24:49 |
| 212.64.60.50 | attack | $f2bV_matches |
2020-08-21 18:45:42 |
| 167.99.15.232 | attackbots | Aug 21 11:12:35 fhem-rasp sshd[25413]: Invalid user marcus from 167.99.15.232 port 52030 ... |
2020-08-21 18:33:37 |
| 117.4.114.232 | attackspambots | IP attempted unauthorised action |
2020-08-21 18:58:05 |
| 49.49.235.72 | attackbots | WordPress wp-login brute force :: 49.49.235.72 0.096 - [21/Aug/2020:03:51:34 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1" |
2020-08-21 18:20:55 |
| 192.241.237.250 | attackspambots | Input Traffic from this IP, but critial abuseconfidencescore |
2020-08-21 18:37:59 |
| 182.140.233.9 | attackspambots | Icarus honeypot on github |
2020-08-21 18:50:14 |
| 45.88.12.72 | attackbotsspam | Invalid user hadoop from 45.88.12.72 port 42694 |
2020-08-21 18:34:58 |
| 67.207.94.180 | attackspambots | 2020-08-21T08:20:06+0200 Failed SSH Authentication/Brute Force Attack. (Server 9) |
2020-08-21 18:19:13 |
| 223.4.66.84 | attackspambots | web-1 [ssh_2] SSH Attack |
2020-08-21 18:39:20 |
| 222.252.156.34 | attackspambots | 20/8/20@23:50:47: FAIL: Alarm-Network address from=222.252.156.34 ... |
2020-08-21 18:44:56 |
| 188.165.230.118 | attackbots | 188.165.230.118 - - [21/Aug/2020:11:27:24 +0100] "POST /wp-login.php HTTP/1.1" 200 5618 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 188.165.230.118 - - [21/Aug/2020:11:28:30 +0100] "POST /wp-login.php HTTP/1.1" 200 5616 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 188.165.230.118 - - [21/Aug/2020:11:29:36 +0100] "POST /wp-login.php HTTP/1.1" 200 5609 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ... |
2020-08-21 18:30:52 |