City: Mariental
Region: Lower Saxony
Country: Germany
Internet Service Provider: Telekom
Hostname: unknown
Organization: Deutsche Telekom AG
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2003:f4:f3c9:4b5b:71c1:2373:3bb1:6332
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18817
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2003:f4:f3c9:4b5b:71c1:2373:3bb1:6332. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019072401 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 03:30:50 CST 2019
;; MSG SIZE rcvd: 141
2.3.3.6.1.b.b.3.3.7.3.2.1.c.1.7.b.5.b.4.9.c.3.f.4.f.0.0.3.0.0.2.ip6.arpa domain name pointer p200300F4F3C94B5B71C123733BB16332.dip0.t-ipconnect.de.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
2.3.3.6.1.b.b.3.3.7.3.2.1.c.1.7.b.5.b.4.9.c.3.f.4.f.0.0.3.0.0.2.ip6.arpa name = p200300F4F3C94B5B71C123733BB16332.dip0.t-ipconnect.de.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 199.195.254.80 | attack | Unauthorized access to SSH at 20/Feb/2020:10:47:57 +0000. |
2020-02-20 19:00:06 |
| 43.225.167.166 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2020-02-20 19:19:23 |
| 220.135.43.39 | attack | Honeypot attack, port: 81, PTR: 220-135-43-39.HINET-IP.hinet.net. |
2020-02-20 19:03:12 |
| 103.29.69.96 | attackspambots | SIP/5060 Probe, BF, Hack - |
2020-02-20 19:31:07 |
| 95.58.214.209 | attack | Honeypot attack, port: 445, PTR: 95.58.214.209.megaline.telecom.kz. |
2020-02-20 19:01:08 |
| 36.227.144.221 | attackspam | Honeypot attack, port: 5555, PTR: 36-227-144-221.dynamic-ip.hinet.net. |
2020-02-20 18:56:08 |
| 150.129.206.53 | attackspam | Honeypot attack, port: 445, PTR: PTR record not found |
2020-02-20 19:06:22 |
| 185.122.97.14 | attackspambots | Unauthorized connection attempt detected from IP address 185.122.97.14 to port 445 |
2020-02-20 19:35:23 |
| 193.58.196.146 | attackspambots | Invalid user centos from 193.58.196.146 port 57992 |
2020-02-20 19:16:49 |
| 36.85.223.76 | attackbotsspam | Attempt to attack host OS, exploiting network vulnerabilities, on 20-02-2020 04:50:10. |
2020-02-20 19:34:52 |
| 46.143.207.227 | attack | Honeypot attack, port: 81, PTR: PTR record not found |
2020-02-20 19:14:12 |
| 84.1.30.70 | attack | Invalid user wquan from 84.1.30.70 port 59726 |
2020-02-20 18:57:08 |
| 190.64.64.74 | attackbots | Feb 20 05:34:00 ns382633 sshd\[1320\]: Invalid user jiaxing from 190.64.64.74 port 20388 Feb 20 05:34:00 ns382633 sshd\[1320\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.64.74 Feb 20 05:34:01 ns382633 sshd\[1320\]: Failed password for invalid user jiaxing from 190.64.64.74 port 20388 ssh2 Feb 20 05:50:22 ns382633 sshd\[4414\]: Invalid user john from 190.64.64.74 port 25799 Feb 20 05:50:22 ns382633 sshd\[4414\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.64.74 |
2020-02-20 19:20:53 |
| 125.133.152.37 | attackbotsspam | Feb 20 05:50:17 h2177944 kernel: \[5372084.643450\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=125.133.152.37 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=3664 DF PROTO=TCP SPT=55717 DPT=285 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 20 05:50:17 h2177944 kernel: \[5372084.643465\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=125.133.152.37 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=3664 DF PROTO=TCP SPT=55717 DPT=285 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 20 05:50:20 h2177944 kernel: \[5372087.645889\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=125.133.152.37 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=4211 DF PROTO=TCP SPT=55717 DPT=285 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 20 05:50:20 h2177944 kernel: \[5372087.645903\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=125.133.152.37 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=4211 DF PROTO=TCP SPT=55717 DPT=285 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 20 05:50:27 h2177944 kernel: \[5372094.139896\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=125.133.152.37 DST=85. |
2020-02-20 19:16:00 |
| 1.54.171.247 | attackbots | Honeypot attack, port: 445, PTR: PTR record not found |
2020-02-20 19:16:27 |