City: Boardman
Region: Oregon
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 44.241.70.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22888
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;44.241.70.13. IN A
;; AUTHORITY SECTION:
. 115 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020092802 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 29 08:48:07 CST 2020
;; MSG SIZE rcvd: 116
13.70.241.44.in-addr.arpa domain name pointer ec2-44-241-70-13.us-west-2.compute.amazonaws.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
13.70.241.44.in-addr.arpa name = ec2-44-241-70-13.us-west-2.compute.amazonaws.com.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 154.221.31.118 | attackbots | Lines containing failures of 154.221.31.118 Nov 5 18:26:57 cdb sshd[7267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.31.118 user=r.r Nov 5 18:26:59 cdb sshd[7267]: Failed password for r.r from 154.221.31.118 port 38702 ssh2 Nov 5 18:27:00 cdb sshd[7267]: Received disconnect from 154.221.31.118 port 38702:11: Bye Bye [preauth] Nov 5 18:27:00 cdb sshd[7267]: Disconnected from authenticating user r.r 154.221.31.118 port 38702 [preauth] Nov 5 18:43:22 cdb sshd[8488]: Invalid user mike from 154.221.31.118 port 56274 Nov 5 18:43:22 cdb sshd[8488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.31.118 Nov 5 18:43:24 cdb sshd[8488]: Failed password for invalid user mike from 154.221.31.118 port 56274 ssh2 Nov 5 18:43:24 cdb sshd[8488]: Received disconnect from 154.221.31.118 port 56274:11: Bye Bye [preauth] Nov 5 18:43:24 cdb sshd[8488]: Disconnected from invalid user........ ------------------------------ |
2019-11-06 19:37:41 |
| 193.112.123.100 | attackspam | [Aegis] @ 2019-11-06 10:01:50 0000 -> SSH insecure connection attempt (scan). |
2019-11-06 20:13:59 |
| 167.71.82.184 | attackspambots | Nov 6 09:30:34 * sshd[15624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.82.184 Nov 6 09:30:37 * sshd[15624]: Failed password for invalid user deploy1 from 167.71.82.184 port 48804 ssh2 |
2019-11-06 19:37:14 |
| 91.137.129.21 | attackspam | 2019-11-06T07:23:21.740493MailD postfix/smtpd[3368]: NOQUEUE: reject: RCPT from 91-137-129-21.opticon.hu[91.137.129.21]: 554 5.7.1 Service unavailable; Client host [91.137.129.21] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?91.137.129.21; from= |
2019-11-06 19:57:44 |
| 74.82.47.2 | attack | 11211/tcp 4786/tcp 27017/tcp... [2019-09-07/11-06]31pkt,12pt.(tcp),1pt.(udp) |
2019-11-06 19:52:58 |
| 80.211.48.46 | attackbots | Nov 6 09:25:37 lnxded63 sshd[22083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.48.46 |
2019-11-06 19:52:41 |
| 222.186.175.155 | attackspambots | Nov 6 12:43:54 legacy sshd[28318]: Failed password for root from 222.186.175.155 port 28694 ssh2 Nov 6 12:44:12 legacy sshd[28318]: error: maximum authentication attempts exceeded for root from 222.186.175.155 port 28694 ssh2 [preauth] Nov 6 12:44:22 legacy sshd[28328]: Failed password for root from 222.186.175.155 port 34234 ssh2 ... |
2019-11-06 19:46:12 |
| 164.68.112.178 | attackbotsspam | CloudCIX Reconnaissance Scan Detected, PTR: ip-178-112-68-164.static.contabo.net. |
2019-11-06 20:16:06 |
| 58.27.217.68 | attackspambots | Sniffing for wp-login |
2019-11-06 20:08:18 |
| 59.126.223.157 | attack | scan z |
2019-11-06 19:41:50 |
| 51.89.41.85 | attackspam | CloudCIX Reconnaissance Scan Detected, PTR: ns3152050.ip-51-89-41.eu. |
2019-11-06 20:08:38 |
| 51.91.212.79 | attack | Connection by 51.91.212.79 on port: 1025 got caught by honeypot at 11/6/2019 10:55:07 AM |
2019-11-06 19:59:16 |
| 113.160.208.110 | attack | [portscan] tcp/23 [TELNET] in sorbs:'listed [web]' in spfbl.net:'listed' *(RWIN=63948)(11061245) |
2019-11-06 20:01:40 |
| 80.116.3.55 | attackspambots | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/80.116.3.55/ IT - 1H : (99) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IT NAME ASN : ASN3269 IP : 80.116.3.55 CIDR : 80.116.0.0/18 PREFIX COUNT : 550 UNIQUE IP COUNT : 19507712 ATTACKS DETECTED ASN3269 : 1H - 3 3H - 6 6H - 13 12H - 26 24H - 56 DateTime : 2019-11-06 07:23:57 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-11-06 19:34:44 |
| 81.28.100.136 | attack | 2019-11-06T07:23:23.707360stark.klein-stark.info postfix/smtpd\[9168\]: NOQUEUE: reject: RCPT from shallow.shrewdmhealth.com\[81.28.100.136\]: 554 5.7.1 \ |
2019-11-06 19:56:21 |