City: Andradina
Region: São Paulo
Country: Brazil
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 191.21.107.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62233
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;191.21.107.141. IN A
;; AUTHORITY SECTION:
. 227 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020080100 1800 900 604800 86400
;; Query time: 75 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 01 20:26:15 CST 2020
;; MSG SIZE rcvd: 118141.107.21.191.in-addr.arpa domain name pointer 191-21-107-141.user.vivozap.com.br.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
141.107.21.191.in-addr.arpa name = 191-21-107-141.user.vivozap.com.br.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 61.152.70.170 | attack | Trying for a month to gain root access to my server (root access is always disabled). Server located in Australia. |
2019-10-01 00:40:41 |
| 46.102.48.175 | attackspambots | (Sep 30) LEN=40 TTL=241 ID=44482 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=241 ID=49243 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=241 ID=43353 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=241 ID=52398 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=241 ID=18861 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=241 ID=38301 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=241 ID=63545 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=241 ID=16802 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=242 ID=19058 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=242 ID=47885 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=242 ID=8295 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=242 ID=40001 DF TCP DPT=23 WINDOW=14600 SYN (Sep 30) LEN=40 TTL=242 ID=54044 DF TCP DPT=23 WINDOW=14600 SYN |
2019-10-01 01:15:19 |
| 153.37.121.128 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2019-10-01 00:57:19 |
| 106.13.9.153 | attackbotsspam | Sep 30 17:49:06 vps691689 sshd[11901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.9.153 Sep 30 17:49:09 vps691689 sshd[11901]: Failed password for invalid user ftpuser from 106.13.9.153 port 37348 ssh2 Sep 30 17:54:07 vps691689 sshd[12042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.9.153 ... |
2019-10-01 00:34:33 |
| 50.62.176.139 | attack | (CT) IP 50.62.176.139 (US/United States/p3plcpnl0613.prod.phx3.secureserver.net) found to have 336 connections |
2019-10-01 00:34:08 |
| 58.22.65.25 | attackbotsspam | links to tampered cctv/circuit boards/and wanderer/domain admin/anyone can be a domain admin/usual death threats/google.com/api/reCAPTCHA.NET |
2019-10-01 00:51:49 |
| 50.236.62.30 | attackbotsspam | Sep 30 12:13:44 venus sshd\[26205\]: Invalid user galery from 50.236.62.30 port 41957 Sep 30 12:13:44 venus sshd\[26205\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.236.62.30 Sep 30 12:13:46 venus sshd\[26205\]: Failed password for invalid user galery from 50.236.62.30 port 41957 ssh2 ... |
2019-10-01 00:39:40 |
| 169.197.97.34 | attack | Sep 30 17:03:45 rotator sshd\[16773\]: Failed password for root from 169.197.97.34 port 40664 ssh2Sep 30 17:03:47 rotator sshd\[16773\]: Failed password for root from 169.197.97.34 port 40664 ssh2Sep 30 17:03:50 rotator sshd\[16773\]: Failed password for root from 169.197.97.34 port 40664 ssh2Sep 30 17:03:52 rotator sshd\[16773\]: Failed password for root from 169.197.97.34 port 40664 ssh2Sep 30 17:03:55 rotator sshd\[16773\]: Failed password for root from 169.197.97.34 port 40664 ssh2Sep 30 17:03:58 rotator sshd\[16773\]: Failed password for root from 169.197.97.34 port 40664 ssh2 ... |
2019-10-01 00:43:31 |
| 198.211.123.183 | attack | 2019-09-30T15:25:44.518137abusebot-2.cloudsearch.cf sshd\[17166\]: Invalid user user from 198.211.123.183 port 54136 |
2019-10-01 00:32:16 |
| 107.6.183.166 | attackbotsspam | 2222/tcp 179/tcp 1723/tcp... [2019-08-02/09-30]8pkt,8pt.(tcp) |
2019-10-01 00:31:37 |
| 195.154.255.85 | attack | 2019-09-30T12:13:13.839325abusebot.cloudsearch.cf sshd\[24093\]: Invalid user adil from 195.154.255.85 port 34736 |
2019-10-01 01:08:22 |
| 125.130.110.20 | attack | Sep 30 16:16:51 vmanager6029 sshd\[28346\]: Invalid user qwe123 from 125.130.110.20 port 35738 Sep 30 16:16:51 vmanager6029 sshd\[28346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.130.110.20 Sep 30 16:16:53 vmanager6029 sshd\[28346\]: Failed password for invalid user qwe123 from 125.130.110.20 port 35738 ssh2 |
2019-10-01 00:55:35 |
| 157.52.183.226 | attackbots | SMB Server BruteForce Attack |
2019-10-01 00:45:21 |
| 49.88.112.90 | attackbotsspam | Unauthorized access to SSH at 30/Sep/2019:16:36:32 +0000. Received: (SSH-2.0-PUTTY) |
2019-10-01 00:40:03 |
| 156.208.95.92 | attackbotsspam | Chat Spam |
2019-10-01 00:59:18 |