City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.22.70.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4252
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;52.22.70.43. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020302 1800 900 604800 86400
;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 09:37:28 CST 2025
;; MSG SIZE rcvd: 10443.70.22.52.in-addr.arpa domain name pointer ec2-52-22-70-43.compute-1.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
43.70.22.52.in-addr.arpa name = ec2-52-22-70-43.compute-1.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 183.224.226.21 | attackspambots | 1433/tcp 1433/tcp 1433/tcp [2020-09-11/10-04]3pkt |
2020-10-05 12:33:49 |
| 129.211.82.59 | attackspam | 129.211.82.59 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 4 16:41:17 jbs1 sshd[6580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.228.33 user=root Oct 4 16:40:46 jbs1 sshd[6383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.82.59 user=root Oct 4 16:40:48 jbs1 sshd[6383]: Failed password for root from 129.211.82.59 port 38014 ssh2 Oct 4 16:35:08 jbs1 sshd[4715]: Failed password for root from 190.210.231.34 port 35549 ssh2 Oct 4 16:39:55 jbs1 sshd[6117]: Failed password for root from 193.70.38.187 port 46870 ssh2 IP Addresses Blocked: 106.13.228.33 (CN/China/-) |
2020-10-05 12:37:35 |
| 45.149.78.103 | attackbots | "XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES: |
2020-10-05 12:30:49 |
| 123.235.149.165 | attack | Automatic report - Banned IP Access |
2020-10-05 12:55:28 |
| 173.212.246.117 | attack | Lines containing failures of 173.212.246.117 (max 1000) Oct 5 02:38:31 localhost sshd[22436]: User r.r from 173.212.246.117 not allowed because listed in DenyUsers Oct 5 02:38:31 localhost sshd[22436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.246.117 user=r.r Oct 5 02:38:33 localhost sshd[22436]: Failed password for invalid user r.r from 173.212.246.117 port 43406 ssh2 Oct 5 02:38:35 localhost sshd[22436]: Received disconnect from 173.212.246.117 port 43406:11: Bye Bye [preauth] Oct 5 02:38:35 localhost sshd[22436]: Disconnected from invalid user r.r 173.212.246.117 port 43406 [preauth] Oct 5 02:51:00 localhost sshd[25650]: User r.r from 173.212.246.117 not allowed because listed in DenyUsers Oct 5 02:51:00 localhost sshd[25650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.246.117 user=r.r Oct 5 02:51:02 localhost sshd[25650]: Failed password for invalid u........ ------------------------------ |
2020-10-05 12:36:59 |
| 192.241.232.99 | attackbots | Port scan: Attack repeated for 24 hours |
2020-10-05 12:46:28 |
| 103.100.210.136 | attack | Oct 5 06:21:41 sso sshd[11134]: Failed password for root from 103.100.210.136 port 35020 ssh2 ... |
2020-10-05 12:40:09 |
| 114.226.35.254 | attackspam | Oct 4 22:32:44 georgia postfix/smtpd[11542]: connect from unknown[114.226.35.254] Oct 4 22:32:45 georgia postfix/smtpd[11542]: warning: unknown[114.226.35.254]: SASL LOGIN authentication failed: authentication failure Oct 4 22:32:46 georgia postfix/smtpd[11542]: lost connection after AUTH from unknown[114.226.35.254] Oct 4 22:32:46 georgia postfix/smtpd[11542]: disconnect from unknown[114.226.35.254] ehlo=2 starttls=1 auth=0/1 commands=3/4 Oct 4 22:32:46 georgia postfix/smtpd[11542]: connect from unknown[114.226.35.254] Oct 4 22:32:50 georgia postfix/smtpd[11542]: warning: unknown[114.226.35.254]: SASL LOGIN authentication failed: authentication failure Oct 4 22:32:50 georgia postfix/smtpd[11542]: lost connection after AUTH from unknown[114.226.35.254] Oct 4 22:32:50 georgia postfix/smtpd[11542]: disconnect from unknown[114.226.35.254] ehlo=2 starttls=1 auth=0/1 commands=3/4 Oct 4 22:32:50 georgia postfix/smtpd[11542]: connect from unknown[114.226.35.254] Oct ........ ------------------------------- |
2020-10-05 12:38:27 |
| 140.238.95.47 | attackspam | [N1.H1.VM1] Bad Bot Blocked by UFW |
2020-10-05 12:47:49 |
| 210.202.105.4 | attackspambots | 37215/tcp 23/tcp 9530/tcp... [2020-08-08/10-04]15pkt,3pt.(tcp) |
2020-10-05 12:36:19 |
| 51.178.131.2 | attack |
|
2020-10-05 12:50:19 |
| 112.85.42.151 | attackspambots | Oct 5 06:34:31 server sshd[38636]: Failed none for root from 112.85.42.151 port 32204 ssh2 Oct 5 06:34:34 server sshd[38636]: Failed password for root from 112.85.42.151 port 32204 ssh2 Oct 5 06:34:40 server sshd[38636]: Failed password for root from 112.85.42.151 port 32204 ssh2 |
2020-10-05 12:38:49 |
| 78.190.194.81 | attack | Listed on barracudaCentral plus zen-spamhaus / proto=6 . srcport=45614 . dstport=445 SMB . (3561) |
2020-10-05 12:27:57 |
| 190.160.57.66 | attackspam | 23/tcp 37215/tcp [2020-09-30/10-04]2pkt |
2020-10-05 12:58:04 |
| 190.215.40.170 | attack | 445/tcp 445/tcp 445/tcp... [2020-09-01/10-04]5pkt,1pt.(tcp) |
2020-10-05 12:27:09 |