City: unknown
Region: unknown
Country: Australia
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.106.42.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1179
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;3.106.42.222. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021700 1800 900 604800 86400
;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 17:40:09 CST 2025
;; MSG SIZE rcvd: 105222.42.106.3.in-addr.arpa domain name pointer ec2-3-106-42-222.ap-southeast-2.compute.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
222.42.106.3.in-addr.arpa name = ec2-3-106-42-222.ap-southeast-2.compute.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 27.16.241.48 | attack | Oct 22 05:20:49 eola sshd[31683]: Invalid user osmc from 27.16.241.48 port 44338 Oct 22 05:20:49 eola sshd[31683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.16.241.48 Oct 22 05:20:51 eola sshd[31683]: Failed password for invalid user osmc from 27.16.241.48 port 44338 ssh2 Oct 22 05:20:51 eola sshd[31683]: Received disconnect from 27.16.241.48 port 44338:11: Bye Bye [preauth] Oct 22 05:20:51 eola sshd[31683]: Disconnected from 27.16.241.48 port 44338 [preauth] Oct 22 05:27:39 eola sshd[31792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.16.241.48 user=r.r Oct 22 05:27:42 eola sshd[31792]: Failed password for r.r from 27.16.241.48 port 60280 ssh2 Oct 22 05:27:42 eola sshd[31792]: Received disconnect from 27.16.241.48 port 60280:11: Bye Bye [preauth] Oct 22 05:27:42 eola sshd[31792]: Disconnected from 27.16.241.48 port 60280 [preauth] ........ ----------------------------------------------- https://www.blocklist.d |
2019-10-24 00:49:08 |
| 201.130.192.76 | attackspam | MultiHost/MultiPort Probe, Scan, Hack - |
2019-10-24 01:12:40 |
| 34.77.201.22 | attackspam | Port Scan |
2019-10-24 00:37:37 |
| 103.87.25.201 | attackbotsspam | Oct 23 13:31:58 ovpn sshd\[23739\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.87.25.201 user=root Oct 23 13:32:00 ovpn sshd\[23739\]: Failed password for root from 103.87.25.201 port 33992 ssh2 Oct 23 13:40:40 ovpn sshd\[25701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.87.25.201 user=root Oct 23 13:40:41 ovpn sshd\[25701\]: Failed password for root from 103.87.25.201 port 35260 ssh2 Oct 23 13:44:19 ovpn sshd\[26517\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.87.25.201 user=root |
2019-10-24 01:04:26 |
| 193.239.207.83 | attackspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/193.239.207.83/ PL - 1H : (99) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN33951 IP : 193.239.207.83 CIDR : 193.239.206.0/23 PREFIX COUNT : 5 UNIQUE IP COUNT : 11008 ATTACKS DETECTED ASN33951 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 DateTime : 2019-10-23 13:44:18 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-24 01:03:00 |
| 156.219.128.138 | attackspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/156.219.128.138/ EG - 1H : (53) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : EG NAME ASN : ASN8452 IP : 156.219.128.138 CIDR : 156.219.128.0/18 PREFIX COUNT : 833 UNIQUE IP COUNT : 7610368 ATTACKS DETECTED ASN8452 : 1H - 6 3H - 12 6H - 20 12H - 30 24H - 48 DateTime : 2019-10-23 13:43:59 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-24 01:22:42 |
| 187.60.32.153 | attackbots | Oct 23 17:56:50 vmd17057 sshd\[27786\]: Invalid user admin from 187.60.32.153 port 46486 Oct 23 17:56:50 vmd17057 sshd\[27786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.60.32.153 Oct 23 17:56:52 vmd17057 sshd\[27786\]: Failed password for invalid user admin from 187.60.32.153 port 46486 ssh2 ... |
2019-10-24 01:11:47 |
| 88.231.97.213 | attack | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/88.231.97.213/ TR - 1H : (60) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TR NAME ASN : ASN9121 IP : 88.231.97.213 CIDR : 88.231.64.0/18 PREFIX COUNT : 4577 UNIQUE IP COUNT : 6868736 ATTACKS DETECTED ASN9121 : 1H - 3 3H - 8 6H - 11 12H - 19 24H - 31 DateTime : 2019-10-23 13:43:59 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-24 01:23:39 |
| 80.211.0.160 | attack | $f2bV_matches |
2019-10-24 00:58:37 |
| 200.28.100.233 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2019-10-24 00:56:55 |
| 132.232.48.121 | attack | Oct 23 00:07:15 km20725 sshd[4831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.48.121 user=r.r Oct 23 00:07:17 km20725 sshd[4831]: Failed password for r.r from 132.232.48.121 port 39220 ssh2 Oct 23 00:07:17 km20725 sshd[4831]: Received disconnect from 132.232.48.121: 11: Bye Bye [preauth] Oct 23 00:13:57 km20725 sshd[5366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.48.121 user=r.r Oct 23 00:14:00 km20725 sshd[5366]: Failed password for r.r from 132.232.48.121 port 39900 ssh2 Oct 23 00:14:00 km20725 sshd[5366]: Received disconnect from 132.232.48.121: 11: Bye Bye [preauth] Oct 23 00:18:56 km20725 sshd[5606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.48.121 user=r.r Oct 23 00:18:58 km20725 sshd[5606]: Failed password for r.r from 132.232.48.121 port 59188 ssh2 Oct 23 00:18:59 km20725 sshd[5606]: Received discon........ ------------------------------- |
2019-10-24 01:26:04 |
| 51.38.186.47 | attack | Oct 23 18:45:28 MK-Soft-VM7 sshd[10974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.47 Oct 23 18:45:30 MK-Soft-VM7 sshd[10974]: Failed password for invalid user evan from 51.38.186.47 port 54412 ssh2 ... |
2019-10-24 01:06:31 |
| 106.111.118.69 | attackspambots | Brute force SMTP login attempts. |
2019-10-24 01:00:07 |
| 171.6.139.148 | attackspam | Oct 22 06:15:39 DNS-2 sshd[25063]: User r.r from 171.6.139.148 not allowed because not listed in AllowUsers Oct 22 06:15:39 DNS-2 sshd[25063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.6.139.148 user=r.r Oct 22 06:15:41 DNS-2 sshd[25063]: Failed password for invalid user r.r from 171.6.139.148 port 1844 ssh2 Oct 22 06:15:42 DNS-2 sshd[25063]: Received disconnect from 171.6.139.148 port 1844:11: Bye Bye [preauth] Oct 22 06:15:42 DNS-2 sshd[25063]: Disconnected from 171.6.139.148 port 1844 [preauth] Oct 22 06:24:48 DNS-2 sshd[25364]: User r.r from 171.6.139.148 not allowed because not listed in AllowUsers Oct 22 06:24:48 DNS-2 sshd[25364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.6.139.148 user=r.r Oct 22 06:24:50 DNS-2 sshd[25364]: Failed password for invalid user r.r from 171.6.139.148 port 63606 ssh2 Oct 22 06:24:50 DNS-2 sshd[25364]: Received disconnect from 171.6.13........ ------------------------------- |
2019-10-24 00:38:44 |
| 106.13.36.73 | attack | Oct 23 14:11:21 legacy sshd[30254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.36.73 Oct 23 14:11:23 legacy sshd[30254]: Failed password for invalid user aaaaaaaa from 106.13.36.73 port 45836 ssh2 Oct 23 14:16:59 legacy sshd[30428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.36.73 ... |
2019-10-24 01:15:13 |