City: unknown
Region: unknown
Country: unknown
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
b'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 2001:610:1a08:292:129:125:2:51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 59525
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;2001:610:1a08:292:129:125:2:51. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Feb 18 23:46:02 CST 2022
;; MSG SIZE rcvd: 59
'
b'1.5.0.0.2.0.0.0.5.2.1.0.9.2.1.0.2.9.2.0.8.0.a.1.0.1.6.0.1.0.0.2.ip6.arpa domain name pointer production.ucms.rug.nl.
'
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
1.5.0.0.2.0.0.0.5.2.1.0.9.2.1.0.2.9.2.0.8.0.a.1.0.1.6.0.1.0.0.2.ip6.arpa name = production.ucms.rug.nl.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 58.69.151.116 | attack | Automatic report - Port Scan Attack |
2019-10-28 05:37:07 |
| 45.136.110.26 | attackspambots | Oct 27 20:56:24 h2177944 kernel: \[5081970.844225\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.26 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=15546 PROTO=TCP SPT=55361 DPT=8998 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 21:03:57 h2177944 kernel: \[5082423.711380\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.26 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=64828 PROTO=TCP SPT=55361 DPT=5656 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 21:15:16 h2177944 kernel: \[5083102.077663\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.26 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=27306 PROTO=TCP SPT=55361 DPT=8090 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 21:21:33 h2177944 kernel: \[5083478.975678\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.26 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=39130 PROTO=TCP SPT=55361 DPT=8389 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 21:28:58 h2177944 kernel: \[5083923.803708\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.26 DST=85.214.117.9 |
2019-10-28 05:04:35 |
| 178.47.249.11 | attack | Chat Spam |
2019-10-28 05:18:16 |
| 86.128.244.98 | attackspam | RDP Bruteforce |
2019-10-28 05:25:21 |
| 123.207.237.192 | attack | " " |
2019-10-28 05:15:33 |
| 103.45.105.236 | attack | Oct 27 11:00:36 auw2 sshd\[13859\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.105.236 user=root Oct 27 11:00:38 auw2 sshd\[13859\]: Failed password for root from 103.45.105.236 port 59020 ssh2 Oct 27 11:05:21 auw2 sshd\[14200\]: Invalid user deborah from 103.45.105.236 Oct 27 11:05:21 auw2 sshd\[14200\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.105.236 Oct 27 11:05:23 auw2 sshd\[14200\]: Failed password for invalid user deborah from 103.45.105.236 port 40294 ssh2 |
2019-10-28 05:17:48 |
| 62.2.148.66 | attackbotsspam | Oct 27 22:25:40 SilenceServices sshd[7138]: Failed password for root from 62.2.148.66 port 43440 ssh2 Oct 27 22:29:51 SilenceServices sshd[9802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.2.148.66 Oct 27 22:29:53 SilenceServices sshd[9802]: Failed password for invalid user elf from 62.2.148.66 port 36111 ssh2 |
2019-10-28 05:31:48 |
| 94.191.28.110 | attackspam | Oct 27 21:28:47 pornomens sshd\[23587\]: Invalid user lincoln from 94.191.28.110 port 51690 Oct 27 21:28:47 pornomens sshd\[23587\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.28.110 Oct 27 21:28:49 pornomens sshd\[23587\]: Failed password for invalid user lincoln from 94.191.28.110 port 51690 ssh2 ... |
2019-10-28 05:22:37 |
| 51.254.79.235 | attackspambots | 2019-10-27T20:29:10.287949abusebot-6.cloudsearch.cf sshd\[20947\]: Invalid user tests from 51.254.79.235 port 59876 |
2019-10-28 05:09:23 |
| 178.128.24.84 | attack | Oct 27 10:41:58 hanapaa sshd\[2173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.24.84 user=root Oct 27 10:41:59 hanapaa sshd\[2173\]: Failed password for root from 178.128.24.84 port 49358 ssh2 Oct 27 10:46:16 hanapaa sshd\[2497\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.24.84 user=root Oct 27 10:46:18 hanapaa sshd\[2497\]: Failed password for root from 178.128.24.84 port 59536 ssh2 Oct 27 10:50:36 hanapaa sshd\[2821\]: Invalid user steam from 178.128.24.84 Oct 27 10:50:36 hanapaa sshd\[2821\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.24.84 |
2019-10-28 05:00:00 |
| 106.12.26.160 | attackbots | Oct 27 10:24:24 wbs sshd\[4401\]: Invalid user glop from 106.12.26.160 Oct 27 10:24:24 wbs sshd\[4401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.26.160 Oct 27 10:24:26 wbs sshd\[4401\]: Failed password for invalid user glop from 106.12.26.160 port 41778 ssh2 Oct 27 10:29:16 wbs sshd\[4813\]: Invalid user china333 from 106.12.26.160 Oct 27 10:29:16 wbs sshd\[4813\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.26.160 |
2019-10-28 05:04:52 |
| 52.231.153.23 | attack | $f2bV_matches |
2019-10-28 05:07:04 |
| 103.139.45.67 | attackbotsspam | Oct 27 22:07:38 mail postfix/smtpd\[7621\]: warning: unknown\[103.139.45.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 22:07:45 mail postfix/smtpd\[7621\]: warning: unknown\[103.139.45.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 22:07:56 mail postfix/smtpd\[7621\]: warning: unknown\[103.139.45.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2019-10-28 05:27:03 |
| 144.217.50.242 | attackbots | Oct 27 22:03:54 sso sshd[25223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.50.242 Oct 27 22:03:55 sso sshd[25223]: Failed password for invalid user ubuntu from 144.217.50.242 port 57136 ssh2 ... |
2019-10-28 05:29:27 |
| 138.197.101.125 | attackspambots | Automatic report - XMLRPC Attack |
2019-10-28 05:13:17 |