City: Ashburn
Region: Virginia
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.71.86.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60164
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;52.71.86.129. IN A
;; AUTHORITY SECTION:
. 570 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022041200 1800 900 604800 86400
;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 12 16:31:01 CST 2022
;; MSG SIZE rcvd: 105129.86.71.52.in-addr.arpa domain name pointer ec2-52-71-86-129.compute-1.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
129.86.71.52.in-addr.arpa name = ec2-52-71-86-129.compute-1.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 185.175.93.11 | attack | Port 57659 scan denied |
2020-04-17 06:16:43 |
| 1.249.31.138 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 2 - port: 4567 proto: TCP cat: Misc Attack |
2020-04-17 06:12:54 |
| 92.118.161.53 | attackspambots | ET CINS Active Threat Intelligence Poor Reputation IP group 87 - port: 8443 proto: TCP cat: Misc Attack |
2020-04-17 05:58:34 |
| 37.139.2.218 | attackbots | Apr 17 00:34:19 pkdns2 sshd\[63962\]: Address 37.139.2.218 maps to pplmx.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Apr 17 00:34:19 pkdns2 sshd\[63962\]: Invalid user admin from 37.139.2.218Apr 17 00:34:22 pkdns2 sshd\[63962\]: Failed password for invalid user admin from 37.139.2.218 port 41276 ssh2Apr 17 00:40:45 pkdns2 sshd\[64320\]: Address 37.139.2.218 maps to pplmx.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Apr 17 00:40:45 pkdns2 sshd\[64320\]: Invalid user nh from 37.139.2.218Apr 17 00:40:46 pkdns2 sshd\[64320\]: Failed password for invalid user nh from 37.139.2.218 port 48616 ssh2 ... |
2020-04-17 05:44:45 |
| 51.158.31.243 | attack | firewall-block, port(s): 5060/udp |
2020-04-17 06:08:15 |
| 176.32.34.224 | attackbotsspam | ET DROP Dshield Block Listed Source group 1 - port: 11211 proto: TCP cat: Misc Attack |
2020-04-17 06:18:38 |
| 89.144.47.247 | attack | ET DROP Dshield Block Listed Source group 1 - port: 3399 proto: TCP cat: Misc Attack |
2020-04-17 06:00:39 |
| 185.175.93.25 | attackbotsspam | 04/16/2020-17:09:29.356988 185.175.93.25 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2020-04-17 06:16:07 |
| 188.166.0.213 | attackspambots | GPL DNS named version attempt - port: 53 proto: UDP cat: Attempted Information Leak |
2020-04-17 06:15:03 |
| 45.225.216.80 | attackbotsspam | SSH Brute Force |
2020-04-17 05:44:25 |
| 185.175.93.34 | attackbots | ET DROP Dshield Block Listed Source group 1 - port: 3383 proto: TCP cat: Misc Attack |
2020-04-17 05:52:31 |
| 217.78.1.59 | attack | ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic |
2020-04-17 05:48:26 |
| 91.212.38.210 | attack | ET SCAN Sipvicious User-Agent Detected (friendly-scanner) - port: 5060 proto: UDP cat: Attempted Information Leak |
2020-04-17 05:59:36 |
| 103.145.12.50 | attackbots | 103.145.12.50 was recorded 9 times by 7 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 9, 21, 129 |
2020-04-17 05:57:19 |
| 177.222.253.22 | attackspam | ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic |
2020-04-17 05:55:22 |