City: unknown
Region: unknown
Country: unknown
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
bb'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 2001:67c:240c:214::58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 9143
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;2001:67c:240c:214::58. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Feb 18 23:46:13 CST 2022
;; MSG SIZE rcvd: 50
'b'8.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.1.2.0.c.0.4.2.c.7.6.0.1.0.0.2.ip6.arpa domain name pointer jordbruksverket.se.
'Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
8.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.1.2.0.c.0.4.2.c.7.6.0.1.0.0.2.ip6.arpa name = jordbruksverket.se.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.141.84.123 | attack | RDP Brute force |
2020-09-12 14:13:03 |
| 116.74.76.140 | attackbots | Port Scan detected! ... |
2020-09-12 13:55:43 |
| 37.23.214.18 | attackbots | (sshd) Failed SSH login from 37.23.214.18 (RU/Russia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 11 12:56:00 server5 sshd[15108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.23.214.18 user=root Sep 11 12:56:02 server5 sshd[15108]: Failed password for root from 37.23.214.18 port 34085 ssh2 Sep 11 12:56:07 server5 sshd[15108]: Failed password for root from 37.23.214.18 port 34085 ssh2 Sep 11 12:56:12 server5 sshd[15108]: Failed password for root from 37.23.214.18 port 34085 ssh2 Sep 11 12:56:14 server5 sshd[15108]: Failed password for root from 37.23.214.18 port 34085 ssh2 |
2020-09-12 14:26:22 |
| 142.93.7.111 | attackspambots | 142.93.7.111 - - [12/Sep/2020:06:09:50 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.7.111 - - [12/Sep/2020:06:09:53 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.7.111 - - [12/Sep/2020:06:09:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-09-12 14:14:25 |
| 42.159.36.122 | attack | Spam email from @mecocg.com |
2020-09-12 14:23:30 |
| 119.204.96.131 | attackbotsspam | $f2bV_matches |
2020-09-12 14:23:02 |
| 115.84.112.138 | attack | 2020-09-12 07:16:15 wonderland auth[31449]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=sales@wonderland.com rhost=115.84.112.138 |
2020-09-12 14:31:36 |
| 158.69.194.115 | attackspambots | 2020-09-11T22:39:51.723279abusebot-7.cloudsearch.cf sshd[377]: Invalid user kabincha from 158.69.194.115 port 34113 2020-09-11T22:39:51.729318abusebot-7.cloudsearch.cf sshd[377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.ip-158-69-194.net 2020-09-11T22:39:51.723279abusebot-7.cloudsearch.cf sshd[377]: Invalid user kabincha from 158.69.194.115 port 34113 2020-09-11T22:39:54.061480abusebot-7.cloudsearch.cf sshd[377]: Failed password for invalid user kabincha from 158.69.194.115 port 34113 ssh2 2020-09-11T22:43:24.324544abusebot-7.cloudsearch.cf sshd[388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.ip-158-69-194.net user=root 2020-09-11T22:43:25.895817abusebot-7.cloudsearch.cf sshd[388]: Failed password for root from 158.69.194.115 port 50140 ssh2 2020-09-11T22:46:16.506609abusebot-7.cloudsearch.cf sshd[443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= r ... |
2020-09-12 14:17:56 |
| 216.218.206.77 | attackspambots | SSH Scan |
2020-09-12 14:22:34 |
| 116.73.95.94 | attackspam | Port Scan detected! ... |
2020-09-12 14:05:17 |
| 23.98.142.109 | attackspam | *Port Scan* detected from 23.98.142.109 (US/United States/Texas/San Antonio/-). 4 hits in the last 70 seconds |
2020-09-12 14:06:13 |
| 49.149.139.28 | attack | (from jason.kenneth@contentrunner.com) Hello, We created Content Runner, a writing management marketplace out of Seattle, Washington and I would like to discuss how we could work together. I see that your company is in the content business and with our ability to set your own price per article, I thought you’d like to try out the writers on our site. Accounts are free and I would be willing to give you a $30 credit to test us out, would you be interested in that? If you are not interested, please reply to this email with STOP and we will make sure not to contact you again. |
2020-09-12 14:01:00 |
| 188.166.109.87 | attackbots | Banned for a week because repeated abuses, for example SSH, but not only |
2020-09-12 14:32:39 |
| 170.130.187.2 | attackspam |
|
2020-09-12 14:02:49 |
| 193.95.90.82 | attackbots | Brute forcing RDP port 3389 |
2020-09-12 14:24:18 |