City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: University of California, San Diego
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 44.98.214.79
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11385
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;44.98.214.79. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019062400 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jun 24 15:59:13 CST 2019
;; MSG SIZE rcvd: 116Host 79.214.98.44.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 79.214.98.44.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 27.34.68.99 | attackspam | TCP Port Scanning |
2020-08-29 16:40:12 |
| 192.34.108.130 | attackbotsspam | 445/tcp 445/tcp 1433/tcp [2020-08-08/29]3pkt |
2020-08-29 16:22:12 |
| 104.131.12.67 | attackspam | 104.131.12.67 - - [29/Aug/2020:08:29:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2083 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.12.67 - - [29/Aug/2020:08:29:57 +0100] "POST /wp-login.php HTTP/1.1" 200 2081 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.12.67 - - [29/Aug/2020:08:29:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2084 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-08-29 16:48:45 |
| 109.122.80.234 | attack | Dovecot Invalid User Login Attempt. |
2020-08-29 16:50:30 |
| 106.13.37.213 | attack | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-08-29 16:21:39 |
| 58.39.154.118 | attack | Unauthorized connection attempt from IP address 58.39.154.118 on Port 445(SMB) |
2020-08-29 16:16:57 |
| 190.85.24.53 | attackspambots | Unauthorized connection attempt from IP address 190.85.24.53 on Port 445(SMB) |
2020-08-29 16:29:39 |
| 111.125.82.91 | attack | Unauthorized connection attempt from IP address 111.125.82.91 on Port 445(SMB) |
2020-08-29 16:23:14 |
| 103.92.26.252 | attack | 2020-08-29T08:52:05.457522shield sshd\[31828\]: Invalid user pentarun from 103.92.26.252 port 39950 2020-08-29T08:52:05.470556shield sshd\[31828\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.26.252 2020-08-29T08:52:07.723349shield sshd\[31828\]: Failed password for invalid user pentarun from 103.92.26.252 port 39950 ssh2 2020-08-29T08:56:43.522894shield sshd\[32255\]: Invalid user armando from 103.92.26.252 port 48734 2020-08-29T08:56:43.548831shield sshd\[32255\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.26.252 |
2020-08-29 16:58:01 |
| 111.229.90.233 | attackspam | Aug 29 07:52:32 lukav-desktop sshd\[21616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.90.233 user=root Aug 29 07:52:34 lukav-desktop sshd\[21616\]: Failed password for root from 111.229.90.233 port 57962 ssh2 Aug 29 07:53:28 lukav-desktop sshd\[21625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.90.233 user=root Aug 29 07:53:30 lukav-desktop sshd\[21625\]: Failed password for root from 111.229.90.233 port 34730 ssh2 Aug 29 07:54:27 lukav-desktop sshd\[21658\]: Invalid user samba from 111.229.90.233 |
2020-08-29 16:22:55 |
| 84.17.60.216 | attackbots | (From aiello.elvis@googlemail.com) Hello, I have been informed to contact you. The CIA has been doing intensive research for the past fifty years researching on what we call so called life. That information has been collected and presented for you here https://cutt.ly/cfgu7Vw This has been the finding as of seventeen years ago as of today. Now governments and other large organizations have develop technology around these concepts for their own deceptive uses. Soon you will be contacted by other means for counter measures and the part that you play in all this. Please get this as soon as possible because there are powers that be to take down this information about this. |
2020-08-29 16:39:08 |
| 119.29.65.240 | attack | Aug 28 19:58:59 tdfoods sshd\[30413\]: Invalid user fenix from 119.29.65.240 Aug 28 19:58:59 tdfoods sshd\[30413\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.65.240 Aug 28 19:59:00 tdfoods sshd\[30413\]: Failed password for invalid user fenix from 119.29.65.240 port 46412 ssh2 Aug 28 20:02:53 tdfoods sshd\[30741\]: Invalid user Linux from 119.29.65.240 Aug 28 20:02:53 tdfoods sshd\[30741\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.65.240 |
2020-08-29 16:47:10 |
| 59.56.99.130 | attackspambots | Aug 29 10:19:12 santamaria sshd\[572\]: Invalid user ajeet from 59.56.99.130 Aug 29 10:19:12 santamaria sshd\[572\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.56.99.130 Aug 29 10:19:14 santamaria sshd\[572\]: Failed password for invalid user ajeet from 59.56.99.130 port 42175 ssh2 ... |
2020-08-29 16:52:18 |
| 91.121.183.89 | attack | Automatic report - Banned IP Access |
2020-08-29 16:28:45 |
| 188.217.181.18 | attackspam | Aug 28 22:42:46 web1 sshd\[13519\]: Invalid user mz from 188.217.181.18 Aug 28 22:42:46 web1 sshd\[13519\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.217.181.18 Aug 28 22:42:48 web1 sshd\[13519\]: Failed password for invalid user mz from 188.217.181.18 port 55288 ssh2 Aug 28 22:46:46 web1 sshd\[13841\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.217.181.18 user=root Aug 28 22:46:48 web1 sshd\[13841\]: Failed password for root from 188.217.181.18 port 33396 ssh2 |
2020-08-29 16:59:00 |