City: Pretoria
Region: Gauteng
Country: South Africa
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.246.28.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48569
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.246.28.161. IN A
;; AUTHORITY SECTION:
. 444 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019110100 1800 900 604800 86400
;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 01 19:14:37 CST 2019
;; MSG SIZE rcvd: 117
161.28.246.41.in-addr.arpa domain name pointer 8ta-246-28-161.telkomadsl.co.za.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
161.28.246.41.in-addr.arpa name = 8ta-246-28-161.telkomadsl.co.za.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 212.22.79.241 | attackspam | [portscan] Port scan |
2020-01-02 17:54:13 |
| 2604:a880:800:10::3b7:c001 | attack | xmlrpc attack |
2020-01-02 17:35:24 |
| 110.44.236.131 | attackspam | Honeypot attack, port: 23, PTR: PTR record not found |
2020-01-02 17:46:45 |
| 216.10.217.18 | attack | Honeypot attack, port: 23, PTR: PTR record not found |
2020-01-02 17:32:24 |
| 87.67.191.52 | attackspambots | Jan 2 06:17:59 shadeyouvpn sshd[6650]: Invalid user kusch from 87.67.191.52 port 56702 Jan 2 06:17:59 shadeyouvpn sshd[6650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.67.191.52 Jan 2 06:18:01 shadeyouvpn sshd[6650]: Failed password for invalid user kusch from 87.67.191.52 port 56702 ssh2 Jan 2 06:18:01 shadeyouvpn sshd[6650]: Received disconnect from 87.67.191.52 port 56702:11: Bye Bye [preauth] Jan 2 06:18:01 shadeyouvpn sshd[6650]: Disconnected from 87.67.191.52 port 56702 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=87.67.191.52 |
2020-01-02 17:22:49 |
| 168.205.38.137 | attack | Honeypot attack, port: 81, PTR: 168-205-38-137.wantel.net.br. |
2020-01-02 17:39:28 |
| 147.135.186.76 | attackbotsspam | Port scan on 1 port(s): 445 |
2020-01-02 17:42:34 |
| 194.36.190.150 | attack | Jan 2 10:31:50 silence02 sshd[26792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.36.190.150 Jan 2 10:31:52 silence02 sshd[26792]: Failed password for invalid user wwwrun from 194.36.190.150 port 39800 ssh2 Jan 2 10:33:35 silence02 sshd[26858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.36.190.150 |
2020-01-02 17:49:29 |
| 86.83.195.94 | attackspam | port 23 |
2020-01-02 17:56:31 |
| 40.115.41.17 | attackbots | Dec 29 23:39:18 cumulus sshd[17531]: Invalid user ondi from 40.115.41.17 port 45650 Dec 29 23:39:18 cumulus sshd[17531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.115.41.17 Dec 29 23:39:20 cumulus sshd[17531]: Failed password for invalid user ondi from 40.115.41.17 port 45650 ssh2 Dec 29 23:39:23 cumulus sshd[17531]: Received disconnect from 40.115.41.17 port 45650:11: Bye Bye [preauth] Dec 29 23:39:23 cumulus sshd[17531]: Disconnected from 40.115.41.17 port 45650 [preauth] Dec 29 23:55:58 cumulus sshd[18222]: Connection closed by 40.115.41.17 port 35652 [preauth] Dec 30 00:04:04 cumulus sshd[18481]: Connection closed by 40.115.41.17 port 51168 [preauth] Dec 30 00:12:31 cumulus sshd[18887]: Connection closed by 40.115.41.17 port 38352 [preauth] Dec 30 00:20:11 cumulus sshd[19156]: Connection closed by 40.115.41.17 port 53996 [preauth] Dec 30 00:29:07 cumulus sshd[19479]: Invalid user lundh from 40.115.41.17 port 41694 Dec........ ------------------------------- |
2020-01-02 17:52:01 |
| 222.186.180.142 | attackbots | Jan 2 09:41:08 *** sshd[13850]: User root from 222.186.180.142 not allowed because not listed in AllowUsers |
2020-01-02 17:43:07 |
| 148.255.174.229 | attackbots | Jan 2 07:55:24 IngegnereFirenze sshd[24363]: Did not receive identification string from 148.255.174.229 port 35809 ... |
2020-01-02 17:34:03 |
| 66.240.219.146 | attackspambots | Unauthorized connection attempt detected from IP address 66.240.219.146 to port 8413 |
2020-01-02 17:37:37 |
| 49.235.97.238 | attack | Invalid user b7 from 49.235.97.238 port 55802 |
2020-01-02 17:26:41 |
| 117.102.64.66 | attackspam | Honeypot attack, port: 445, PTR: PTR record not found |
2020-01-02 17:25:12 |