City: unknown
Region: unknown
Country: Egypt
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.34.168.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2752
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;41.34.168.43. IN A
;; AUTHORITY SECTION:
. 498 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400
;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 05:05:12 CST 2022
;; MSG SIZE rcvd: 10543.168.34.41.in-addr.arpa domain name pointer host-41.34.168.43.tedata.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
43.168.34.41.in-addr.arpa name = host-41.34.168.43.tedata.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 98.24.65.198 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 26-09-2019 04:45:35. |
2019-09-26 17:29:30 |
| 45.136.109.199 | attackbotsspam | 09/26/2019-05:13:15.728101 45.136.109.199 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2019-09-26 17:28:18 |
| 52.41.20.47 | attackspambots | Sending out Netflix spam from IP 54.240.14.174 (amazon.com / amazonaws.com) I have NEVER been a Netflix customer and never asked for this junk. The website spammed out is https://www.netflix.com/signup/creditoption?nftoken=BQAbAAEBEA77T6CHfer3tv8qolkSAduAkLFC%2FFYUyiUS4Sdi62TDOAptLP7WiMxUQK74rIuN%2BRXrWDnwU8vxCNSC2khWG0ZmflN2tsqMsqNHMDWRdKmlf6XFVqwlgd%2BFLY2Nz88IH4y3pcuOeFYD5X9L4G9ZZfbRHvrmZF%2FjsAyUI1f5mpTFg3eEFWfNQayYDiVrbb%2FU65EF%2B0XXrVI0T4jKa2zmCB8w5g%3D%3D&lnktrk=EMP&g=AEF2F71097E503EBEB44921E2720235C64526E40&lkid=URL_SIGNUP_CREDIT IPs: 54.69.16.110, 54.70.73.70, 54.149.101.155, 54.201.91.38, 54.213.182.74, 52.37.77.112, 52.41.20.47, 52.41.193.16 (amazon.com / amazonaws.com) amazon are pure scumbags who allow their customers to send out spam and do nothing about it! Report via email and website at https://support.aws.amazon.com/#/contacts/report-abuse |
2019-09-26 17:14:27 |
| 222.186.180.147 | attack | SSH Brute Force, server-1 sshd[14455]: Failed password for root from 222.186.180.147 port 13472 ssh2 |
2019-09-26 17:24:00 |
| 45.40.198.41 | attackspam | Unauthorized SSH login attempts |
2019-09-26 17:07:05 |
| 168.232.14.6 | attackspam | port scan and connect, tcp 80 (http) |
2019-09-26 17:29:11 |
| 94.102.51.78 | attackspam | Sep 26 08:26:40 thevastnessof sshd[32253]: Failed password for root from 94.102.51.78 port 46634 ssh2 ... |
2019-09-26 16:58:52 |
| 45.176.101.23 | attackbotsspam | Automatic report - Port Scan Attack |
2019-09-26 17:18:12 |
| 115.216.203.31 | attackspam | Unauthorised access (Sep 26) SRC=115.216.203.31 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=20400 TCP DPT=8080 WINDOW=50583 SYN |
2019-09-26 16:57:57 |
| 27.123.215.222 | attackbotsspam | Attempt to attack host OS, exploiting network vulnerabilities, on 26-09-2019 04:45:32. |
2019-09-26 17:36:50 |
| 193.56.28.178 | attack | Sep 26 10:35:01 mail postfix/smtpd\[11047\]: warning: unknown\[193.56.28.178\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 26 10:35:07 mail postfix/smtpd\[11047\]: warning: unknown\[193.56.28.178\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 26 10:35:17 mail postfix/smtpd\[11047\]: warning: unknown\[193.56.28.178\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 26 10:35:27 mail postfix/smtpd\[11047\]: warning: unknown\[193.56.28.178\]: SASL LOGIN authentication failed: Connection lost to authentication server\ |
2019-09-26 17:03:03 |
| 218.92.0.202 | attackspam | Sep 26 10:19:14 vmanager6029 sshd\[16711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.202 user=root Sep 26 10:19:16 vmanager6029 sshd\[16711\]: Failed password for root from 218.92.0.202 port 15887 ssh2 Sep 26 10:19:19 vmanager6029 sshd\[16711\]: Failed password for root from 218.92.0.202 port 15887 ssh2 |
2019-09-26 17:13:08 |
| 77.82.206.218 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 26-09-2019 04:45:34. |
2019-09-26 17:31:44 |
| 122.227.185.101 | attackspambots | Sep 25 23:46:56 localhost kernel: [3207434.321816] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=122.227.185.101 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=235 ID=42788 PROTO=TCP SPT=52366 DPT=445 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 25 23:46:56 localhost kernel: [3207434.321841] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=122.227.185.101 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=235 ID=42788 PROTO=TCP SPT=52366 DPT=445 SEQ=1638057703 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 |
2019-09-26 17:01:31 |
| 106.111.166.26 | attack | Sep 22 08:45:47 josie sshd[18294]: Invalid user service from 106.111.166.26 Sep 22 08:45:47 josie sshd[18294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.166.26 Sep 22 08:45:48 josie sshd[18294]: Failed password for invalid user service from 106.111.166.26 port 54213 ssh2 Sep 22 08:45:52 josie sshd[18294]: Failed password for invalid user service from 106.111.166.26 port 54213 ssh2 Sep 22 08:45:56 josie sshd[18294]: Failed password for invalid user service from 106.111.166.26 port 54213 ssh2 Sep 22 08:46:00 josie sshd[18294]: Failed password for invalid user service from 106.111.166.26 port 54213 ssh2 Sep 22 08:46:04 josie sshd[18294]: Failed password for invalid user service from 106.111.166.26 port 54213 ssh2 Sep 25 11:50:04 josie sshd[4888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.166.26 user=r.r Sep 25 11:50:07 josie sshd[4888]: Failed password for r.r from........ ------------------------------- |
2019-09-26 17:08:15 |