City: Phanat Nikhom
Region: Changwat Chon Buri
Country: Thailand
Internet Service Provider: unknown
Hostname: unknown
Organization: True Internet Co.,Ltd.
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.145.204.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58920
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.145.204.158. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019062201 1800 900 604800 86400
;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 22 15:46:23 CST 2019
;; MSG SIZE rcvd: 118158.204.145.27.in-addr.arpa domain name pointer cm-27-145-204-158.revip12.asianet.co.th.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
158.204.145.27.in-addr.arpa name = cm-27-145-204-158.revip12.asianet.co.th.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 176.113.115.43 | attack | ET DROP Dshield Block Listed Source group 1 - port: 33900 proto: TCP cat: Misc Attack |
2020-03-20 22:45:35 |
| 198.108.66.154 | attack | ET DROP Dshield Block Listed Source group 1 - port: 5901 proto: TCP cat: Misc Attack |
2020-03-20 22:29:54 |
| 80.82.77.189 | attackspam | Mar 20 16:03:16 debian-2gb-nbg1-2 kernel: \[6975698.032661\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.189 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=58756 PROTO=TCP SPT=52829 DPT=7098 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-20 23:04:18 |
| 103.10.87.54 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 1433 proto: TCP cat: Misc Attack |
2020-03-20 22:50:03 |
| 185.156.73.49 | attack | Mar 20 15:04:55 debian-2gb-nbg1-2 kernel: \[6972196.998011\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.156.73.49 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=62363 PROTO=TCP SPT=41380 DPT=7253 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-20 22:43:04 |
| 190.199.155.133 | attack | ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic |
2020-03-20 22:34:53 |
| 93.174.93.216 | attackspam | ET CINS Active Threat Intelligence Poor Reputation IP group 87 - port: 5555 proto: TCP cat: Misc Attack |
2020-03-20 22:51:35 |
| 212.85.124.235 | spam | MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord ! X-Originating-IP: [213.171.216.60] Received: from 10.200.77.176 (EHLO smtp.livemail.co.uk) (213.171.216.60) by mta1047.mail.ir2.yahoo.com with SMTPS; Received: from mvtp (unknown [188.162.198.188]) (Authenticated sender: web@keepfitwithkelly.co.uk) by smtp.livemail.co.uk (Postfix) with ESMTPSA id EB0D52805CD; Message-ID: <0d619dcec5ee3b3711a41241b573595531f1e6ff@keepfitwithkelly.co.uk> Reply-To: Jennifer From: Jennifer keepfitwithkelly.co.uk (FALSE EMPTY Web Site to STOP to host and destroiy IP and access keys !)>fasthosts.co.uk keepfitwithkelly.co.uk>88.208.252.239 88.208.252.239>fasthosts.co.uk https://www.mywot.com/scorecard/keepfitwithkelly.co.uk https://www.mywot.com/scorecard/fasthosts.co.uk https://en.asytech.cn/check-ip/88.208.252.239 ortaggi.co.uk>one.com>joker.com one.com>195.47.247.9 joker.com>194.245.148.200 194.245.148.200>nrw.net which resend to csl.de nrw.net>joker.com csl.de>nrw.net https://www.mywot.com/scorecard/one.com https://www.mywot.com/scorecard/joker.com https://www.mywot.com/scorecard/nrw.net https://www.mywot.com/scorecard/csl.de https://en.asytech.cn/check-ip/195.47.247.9 https://en.asytech.cn/check-ip/194.245.148.200 which send to : https://honeychicksfinder.com/pnguakzjfkmgrtk%3Ft%3Dshh&sa=D&sntz=1&usg=AFQjCNGvyrBCDGwYkoLXFlDkbYHNh0OsYg honeychicksfinder.com>gdpr-masked.com honeychicksfinder.com>104.27.137.81 gdpr-masked.com>endurance.com AGAIN... https://www.mywot.com/scorecard/honeychicksfinder.com https://www.mywot.com/scorecard/gdpr-masked.com https://www.mywot.com/scorecard/endurance.com https://en.asytech.cn/check-ip/104.27.137.81 |
2020-03-20 23:19:59 |
| 45.138.172.57 | attack | Portscan or hack attempt detected by psad/fwsnort |
2020-03-20 23:18:33 |
| 94.205.66.58 | attackbotsspam | ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 23 proto: TCP cat: Misc Attack |
2020-03-20 22:51:00 |
| 41.93.40.115 | attack | ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic |
2020-03-20 23:20:25 |
| 185.176.27.102 | attackbots | 03/20/2020-09:54:44.160750 185.176.27.102 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2020-03-20 22:38:55 |
| 78.162.13.52 | attack | ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic |
2020-03-20 23:08:54 |
| 71.6.232.8 | attackbots | SIP/5060 Probe, BF, Hack - |
2020-03-20 23:10:40 |
| 60.195.191.5 | attackbotsspam | ET CINS Active Threat Intelligence Poor Reputation IP group 45 - port: 1433 proto: TCP cat: Misc Attack |
2020-03-20 23:13:53 |