City: Boardman
Region: Oregon
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.26.116.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64222
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;52.26.116.4. IN A
;; AUTHORITY SECTION:
. 539 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023102302 1800 900 604800 86400
;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 24 05:51:01 CST 2023
;; MSG SIZE rcvd: 1044.116.26.52.in-addr.arpa domain name pointer ec2-52-26-116-4.us-west-2.compute.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
4.116.26.52.in-addr.arpa name = ec2-52-26-116-4.us-west-2.compute.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 81.22.45.148 | attack | Port scan on 12 port(s): 3502 3512 3575 3588 3605 3655 3675 3680 3684 3689 3699 3784 |
2019-10-31 02:36:32 |
| 116.233.184.159 | attack | Unauthorized connection attempt from IP address 116.233.184.159 on Port 445(SMB) |
2019-10-31 02:27:58 |
| 179.107.84.18 | attackbotsspam | Unauthorized connection attempt from IP address 179.107.84.18 on Port 445(SMB) |
2019-10-31 02:36:03 |
| 49.88.112.72 | attack | Oct 30 20:17:31 sauna sshd[114438]: Failed password for root from 49.88.112.72 port 58258 ssh2 ... |
2019-10-31 02:20:18 |
| 45.95.168.115 | attack | Unauthorised access (Oct 30) SRC=45.95.168.115 LEN=40 TTL=53 ID=53121 TCP DPT=8080 WINDOW=11711 SYN Unauthorised access (Oct 30) SRC=45.95.168.115 LEN=40 TTL=53 ID=63195 TCP DPT=8080 WINDOW=3587 SYN Unauthorised access (Oct 27) SRC=45.95.168.115 LEN=40 TTL=53 ID=28835 TCP DPT=8080 WINDOW=11711 SYN |
2019-10-31 02:35:48 |
| 5.189.16.37 | attack | Oct 30 18:50:11 mc1 kernel: \[3744134.048053\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.16.37 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=54388 PROTO=TCP SPT=45830 DPT=489 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 18:50:46 mc1 kernel: \[3744168.883371\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.16.37 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=31626 PROTO=TCP SPT=45830 DPT=3348 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 18:52:05 mc1 kernel: \[3744247.326488\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.16.37 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=29904 PROTO=TCP SPT=45830 DPT=3539 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-10-31 02:31:59 |
| 122.163.126.57 | attackbots | Unauthorized connection attempt from IP address 122.163.126.57 on Port 445(SMB) |
2019-10-31 02:41:14 |
| 200.109.181.56 | attackbots | Unauthorized connection attempt from IP address 200.109.181.56 on Port 445(SMB) |
2019-10-31 02:44:32 |
| 200.98.1.189 | attackbots | Oct 30 18:22:10 server sshd\[11694\]: Invalid user aid from 200.98.1.189 Oct 30 18:22:10 server sshd\[11694\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-98-1-189.tlf.dialuol.com.br Oct 30 18:22:12 server sshd\[11694\]: Failed password for invalid user aid from 200.98.1.189 port 33946 ssh2 Oct 30 18:41:08 server sshd\[16229\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-98-1-189.tlf.dialuol.com.br user=root Oct 30 18:41:11 server sshd\[16229\]: Failed password for root from 200.98.1.189 port 60318 ssh2 ... |
2019-10-31 02:28:51 |
| 139.199.209.89 | attack | Oct 30 13:52:05 plusreed sshd[12522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 user=root Oct 30 13:52:07 plusreed sshd[12522]: Failed password for root from 139.199.209.89 port 37846 ssh2 ... |
2019-10-31 02:03:45 |
| 90.154.206.53 | attackbots | Lines containing failures of 90.154.206.53 Oct 30 12:41:42 shared03 postfix/smtpd[13926]: connect from 90-154-206-53.ip.btc-net.bg[90.154.206.53] Oct 30 12:41:43 shared03 policyd-spf[13951]: prepend Received-SPF: Softfail (mailfrom) identhostnamey=mailfrom; client-ip=90.154.206.53; helo=90-154-206-53.ip.btc-net.bg; envelope-from=x@x Oct x@x Oct 30 12:41:44 shared03 postfix/smtpd[13926]: lost connection after DATA from 90-154-206-53.ip.btc-net.bg[90.154.206.53] Oct 30 12:41:44 shared03 postfix/smtpd[13926]: disconnect from 90-154-206-53.ip.btc-net.bg[90.154.206.53] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=90.154.206.53 |
2019-10-31 02:07:38 |
| 200.11.219.206 | attack | Unauthorized connection attempt from IP address 200.11.219.206 on Port 445(SMB) |
2019-10-31 02:37:49 |
| 193.112.113.228 | attackspambots | 2019-10-30T18:08:08.307523abusebot-4.cloudsearch.cf sshd\[487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.113.228 user=root |
2019-10-31 02:25:05 |
| 106.51.0.215 | attackspambots | Unauthorised access (Oct 30) SRC=106.51.0.215 LEN=52 PREC=0x20 TTL=112 ID=2073 DF TCP DPT=445 WINDOW=8192 SYN |
2019-10-31 02:25:28 |
| 23.89.101.82 | attackspam | Unauthorized connection attempt from IP address 23.89.101.82 on Port 445(SMB) |
2019-10-31 02:44:02 |