City: unknown
Region: unknown
Country: unknown
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
b'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 2001:610:1a08:292:129:125:2:51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 59525
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;2001:610:1a08:292:129:125:2:51. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Feb 18 23:46:02 CST 2022
;; MSG SIZE rcvd: 59
'
b'1.5.0.0.2.0.0.0.5.2.1.0.9.2.1.0.2.9.2.0.8.0.a.1.0.1.6.0.1.0.0.2.ip6.arpa domain name pointer production.ucms.rug.nl.
'
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
1.5.0.0.2.0.0.0.5.2.1.0.9.2.1.0.2.9.2.0.8.0.a.1.0.1.6.0.1.0.0.2.ip6.arpa name = production.ucms.rug.nl.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 43.225.151.142 | attack | Multiple SSH authentication failures from 43.225.151.142 |
2020-07-01 18:34:25 |
| 106.12.199.117 | attackspam | Jun 30 20:55:15 DAAP sshd[3608]: Invalid user omnix from 106.12.199.117 port 37702 Jun 30 20:55:16 DAAP sshd[3608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.117 Jun 30 20:55:15 DAAP sshd[3608]: Invalid user omnix from 106.12.199.117 port 37702 Jun 30 20:55:18 DAAP sshd[3608]: Failed password for invalid user omnix from 106.12.199.117 port 37702 ssh2 Jun 30 21:01:54 DAAP sshd[3656]: Invalid user ftp from 106.12.199.117 port 48426 ... |
2020-07-01 18:50:04 |
| 62.169.235.101 | attack | Unauthorized connection attempt detected from IP address 62.169.235.101 to port 8000 |
2020-07-01 18:43:35 |
| 138.122.97.204 | attack | Jun 28 07:43:56 mail.srvfarm.net postfix/smtps/smtpd[3992742]: warning: unknown[138.122.97.204]: SASL PLAIN authentication failed: Jun 28 07:43:57 mail.srvfarm.net postfix/smtps/smtpd[3992742]: lost connection after AUTH from unknown[138.122.97.204] Jun 28 07:50:05 mail.srvfarm.net postfix/smtpd[3997359]: warning: unknown[138.122.97.204]: SASL PLAIN authentication failed: Jun 28 07:50:05 mail.srvfarm.net postfix/smtpd[3997359]: lost connection after AUTH from unknown[138.122.97.204] Jun 28 07:52:29 mail.srvfarm.net postfix/smtps/smtpd[3991414]: warning: unknown[138.122.97.204]: SASL PLAIN authentication failed: |
2020-07-01 19:13:58 |
| 88.247.3.69 | attackspam | Port probing on unauthorized port 23 |
2020-07-01 19:11:46 |
| 114.35.147.130 | attackspam |
|
2020-07-01 18:42:58 |
| 64.227.70.78 | attackspambots | Port scan: Attack repeated for 24 hours |
2020-07-01 18:40:14 |
| 109.123.117.244 | attack | firewall-block, port(s): 8001/tcp |
2020-07-01 19:04:30 |
| 157.245.83.8 | attack | Jun 30 18:32:03 h2865660 sshd[27495]: Invalid user ansible from 157.245.83.8 port 57008 Jun 30 18:32:03 h2865660 sshd[27495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.83.8 Jun 30 18:32:03 h2865660 sshd[27495]: Invalid user ansible from 157.245.83.8 port 57008 Jun 30 18:32:05 h2865660 sshd[27495]: Failed password for invalid user ansible from 157.245.83.8 port 57008 ssh2 Jun 30 18:33:44 h2865660 sshd[27514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.83.8 user=root Jun 30 18:33:46 h2865660 sshd[27514]: Failed password for root from 157.245.83.8 port 38592 ssh2 Jun 30 18:35:33 h2865660 sshd[27534]: Invalid user david from 157.245.83.8 port 48408 Jun 30 18:35:33 h2865660 sshd[27534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.83.8 Jun 30 18:35:33 h2865660 sshd[27534]: Invalid user david from 157.245.83.8 port 48408 Jun 30 18:35:3 ... |
2020-07-01 19:22:48 |
| 125.74.47.230 | attackbots | Jun 30 18:25:33 plex sshd[5426]: Invalid user linaro from 125.74.47.230 port 38264 |
2020-07-01 18:39:23 |
| 59.126.7.130 | attack | Honeypot attack, port: 81, PTR: 59-126-7-130.HINET-IP.hinet.net. |
2020-07-01 19:19:09 |
| 183.148.14.168 | attack | Port probing on unauthorized port 2323 |
2020-07-01 18:46:02 |
| 121.42.49.168 | attack | 121.42.49.168 - - [30/Jun/2020:08:11:30 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 121.42.49.168 - - [30/Jun/2020:08:11:33 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 121.42.49.168 - - [30/Jun/2020:08:11:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-07-01 19:07:59 |
| 220.94.7.121 | attackspam | Unauthorized connection attempt detected from IP address 220.94.7.121 to port 23 |
2020-07-01 18:44:48 |
| 212.171.168.216 | attack |
|
2020-07-01 18:34:51 |