City: unknown
Region: unknown
Country: unknown
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
b'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 2001:610:1a08:292:129:125:2:51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 59525
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;2001:610:1a08:292:129:125:2:51. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Feb 18 23:46:02 CST 2022
;; MSG SIZE rcvd: 59
'
b'1.5.0.0.2.0.0.0.5.2.1.0.9.2.1.0.2.9.2.0.8.0.a.1.0.1.6.0.1.0.0.2.ip6.arpa domain name pointer production.ucms.rug.nl.
'
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
1.5.0.0.2.0.0.0.5.2.1.0.9.2.1.0.2.9.2.0.8.0.a.1.0.1.6.0.1.0.0.2.ip6.arpa name = production.ucms.rug.nl.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 185.40.14.173 | attackspam | 3389BruteforceStormFW21 |
2019-10-20 12:55:15 |
| 45.136.109.253 | attackspambots | Oct 20 06:11:11 mc1 kernel: \[2831029.540320\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.253 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=61955 PROTO=TCP SPT=51336 DPT=33133 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 20 06:13:46 mc1 kernel: \[2831184.398547\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.253 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=15987 PROTO=TCP SPT=51336 DPT=6363 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 20 06:17:51 mc1 kernel: \[2831429.377092\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.253 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=45851 PROTO=TCP SPT=51336 DPT=10600 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-10-20 12:50:51 |
| 2.143.62.229 | attackbots | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/2.143.62.229/ ES - 1H : (48) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ES NAME ASN : ASN3352 IP : 2.143.62.229 CIDR : 2.143.0.0/16 PREFIX COUNT : 662 UNIQUE IP COUNT : 10540800 ATTACKS DETECTED ASN3352 : 1H - 1 3H - 3 6H - 3 12H - 6 24H - 16 DateTime : 2019-10-20 05:58:05 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-20 12:39:44 |
| 222.186.173.201 | attackspambots | Oct 20 06:51:58 [host] sshd[1943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.201 user=root Oct 20 06:52:00 [host] sshd[1943]: Failed password for root from 222.186.173.201 port 34778 ssh2 Oct 20 06:52:24 [host] sshd[1945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.201 user=root |
2019-10-20 13:00:48 |
| 40.112.72.205 | attack | microsoft.com - Bad Bots Host! |
2019-10-20 13:05:32 |
| 62.162.103.206 | attackspambots | REQUESTED PAGE: /2016/wp-login.php |
2019-10-20 12:36:47 |
| 5.160.103.202 | attack | Unauthorised access (Oct 20) SRC=5.160.103.202 LEN=40 PREC=0x20 TTL=241 ID=26285 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Oct 19) SRC=5.160.103.202 LEN=40 PREC=0x20 TTL=241 ID=49517 TCP DPT=3389 WINDOW=1024 SYN |
2019-10-20 12:38:40 |
| 200.196.253.251 | attackspambots | Oct 20 07:28:01 server sshd\[24817\]: User root from 200.196.253.251 not allowed because listed in DenyUsers Oct 20 07:28:01 server sshd\[24817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.196.253.251 user=root Oct 20 07:28:03 server sshd\[24817\]: Failed password for invalid user root from 200.196.253.251 port 44528 ssh2 Oct 20 07:32:37 server sshd\[7335\]: User root from 200.196.253.251 not allowed because listed in DenyUsers Oct 20 07:32:37 server sshd\[7335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.196.253.251 user=root |
2019-10-20 12:42:17 |
| 61.76.175.195 | attack | Oct 20 07:15:54 server sshd\[15430\]: User root from 61.76.175.195 not allowed because listed in DenyUsers Oct 20 07:15:54 server sshd\[15430\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.76.175.195 user=root Oct 20 07:15:56 server sshd\[15430\]: Failed password for invalid user root from 61.76.175.195 port 60232 ssh2 Oct 20 07:20:29 server sshd\[20410\]: User root from 61.76.175.195 not allowed because listed in DenyUsers Oct 20 07:20:29 server sshd\[20410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.76.175.195 user=root |
2019-10-20 12:29:53 |
| 23.129.64.180 | attackbots | Oct 20 05:57:08 rotator sshd\[16864\]: Failed password for root from 23.129.64.180 port 25143 ssh2Oct 20 05:57:11 rotator sshd\[16864\]: Failed password for root from 23.129.64.180 port 25143 ssh2Oct 20 05:57:13 rotator sshd\[16864\]: Failed password for root from 23.129.64.180 port 25143 ssh2Oct 20 05:57:17 rotator sshd\[16864\]: Failed password for root from 23.129.64.180 port 25143 ssh2Oct 20 05:57:19 rotator sshd\[16864\]: Failed password for root from 23.129.64.180 port 25143 ssh2Oct 20 05:57:22 rotator sshd\[16864\]: Failed password for root from 23.129.64.180 port 25143 ssh2 ... |
2019-10-20 12:59:39 |
| 61.133.232.251 | attackspambots | Invalid user vincintz from 61.133.232.251 port 11595 |
2019-10-20 13:00:03 |
| 222.186.175.155 | attackbots | Oct 20 02:03:22 firewall sshd[8505]: Failed password for root from 222.186.175.155 port 28004 ssh2 Oct 20 02:03:26 firewall sshd[8505]: Failed password for root from 222.186.175.155 port 28004 ssh2 Oct 20 02:03:31 firewall sshd[8505]: Failed password for root from 222.186.175.155 port 28004 ssh2 ... |
2019-10-20 13:04:32 |
| 72.5.54.245 | attackbotsspam | detected by Fail2Ban |
2019-10-20 12:39:17 |
| 217.30.75.78 | attack | Oct 20 06:24:07 markkoudstaal sshd[2764]: Failed password for root from 217.30.75.78 port 34792 ssh2 Oct 20 06:30:11 markkoudstaal sshd[3735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.30.75.78 Oct 20 06:30:12 markkoudstaal sshd[3735]: Failed password for invalid user jg from 217.30.75.78 port 54640 ssh2 |
2019-10-20 13:01:50 |
| 185.40.12.49 | attackbots | 3389BruteforceFW21 |
2019-10-20 12:30:32 |