City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.202.239.168
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7297
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;54.202.239.168. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020302 1800 900 604800 86400
;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 10:28:14 CST 2025
;; MSG SIZE rcvd: 107168.239.202.54.in-addr.arpa domain name pointer ec2-54-202-239-168.us-west-2.compute.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
168.239.202.54.in-addr.arpa name = ec2-54-202-239-168.us-west-2.compute.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 62.234.8.41 | attack | 2019-07-30T20:02:56.874077abusebot-2.cloudsearch.cf sshd\[8615\]: Invalid user administrator from 62.234.8.41 port 48858 |
2019-07-31 04:12:47 |
| 49.81.93.12 | spambotsattack | Bloquei imediatamente de seus servidores. Range : 49.64.0.0/16 - China Domínio : qq.com Adicionais : (mxbiz2.qq.com)[49.81.93.12] mgkzbine@morna.sk Outros : 113.121.0.0/16 114.104.239.0/24 117.84.0.0/16 113.121.0.0/16 114.229.21.0/24 117.84.0.0/16 115.217.0.0/16 122.244.0.0/16 106.56.0.0/16 Spam, Brute-force e outros attackes. |
2019-07-31 04:16:19 |
| 159.65.155.227 | attackspam | Jul 30 14:14:19 vpn01 sshd\[27112\]: Invalid user ts3 from 159.65.155.227 Jul 30 14:14:19 vpn01 sshd\[27112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.155.227 Jul 30 14:14:21 vpn01 sshd\[27112\]: Failed password for invalid user ts3 from 159.65.155.227 port 48102 ssh2 |
2019-07-31 04:29:02 |
| 89.108.104.70 | attack | Jul 30 15:15:15 srv-4 sshd\[15584\]: Invalid user lab from 89.108.104.70 Jul 30 15:15:15 srv-4 sshd\[15584\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.108.104.70 Jul 30 15:15:17 srv-4 sshd\[15584\]: Failed password for invalid user lab from 89.108.104.70 port 55796 ssh2 ... |
2019-07-31 03:51:39 |
| 112.85.42.175 | attack | Jul 30 22:08:39 icinga sshd[7552]: Failed password for root from 112.85.42.175 port 53918 ssh2 Jul 30 22:08:53 icinga sshd[7552]: error: maximum authentication attempts exceeded for root from 112.85.42.175 port 53918 ssh2 [preauth] ... |
2019-07-31 04:31:38 |
| 193.110.157.151 | attackbotsspam | Jul 30 15:14:00 site2 sshd\[15183\]: Invalid user cisco from 193.110.157.151Jul 30 15:14:02 site2 sshd\[15183\]: Failed password for invalid user cisco from 193.110.157.151 port 59902 ssh2Jul 30 15:14:11 site2 sshd\[15191\]: Invalid user c-comatic from 193.110.157.151Jul 30 15:14:12 site2 sshd\[15191\]: Failed password for invalid user c-comatic from 193.110.157.151 port 60302 ssh2Jul 30 15:14:22 site2 sshd\[15193\]: Failed password for root from 193.110.157.151 port 60620 ssh2 ... |
2019-07-31 04:28:14 |
| 198.108.67.95 | attackspambots | 9020/tcp 5060/tcp 3052/tcp... [2019-05-29/07-30]121pkt,115pt.(tcp) |
2019-07-31 04:20:14 |
| 14.164.229.250 | attackspam | 445/tcp [2019-07-30]1pkt |
2019-07-31 04:23:56 |
| 164.132.230.244 | attackspam | Invalid user webmaster from 164.132.230.244 port 46513 |
2019-07-31 04:22:00 |
| 106.12.34.188 | attackbots | Jul 29 12:36:54 zimbra sshd[4429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.34.188 user=r.r Jul 29 12:36:56 zimbra sshd[4429]: Failed password for r.r from 106.12.34.188 port 60188 ssh2 Jul 29 12:36:56 zimbra sshd[4429]: Received disconnect from 106.12.34.188 port 60188:11: Bye Bye [preauth] Jul 29 12:36:56 zimbra sshd[4429]: Disconnected from 106.12.34.188 port 60188 [preauth] Jul 29 13:20:21 zimbra sshd[1546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.34.188 user=r.r Jul 29 13:20:22 zimbra sshd[1546]: Failed password for r.r from 106.12.34.188 port 46484 ssh2 Jul 29 13:20:23 zimbra sshd[1546]: Received disconnect from 106.12.34.188 port 46484:11: Bye Bye [preauth] Jul 29 13:20:23 zimbra sshd[1546]: Disconnected from 106.12.3 .... truncated .... Jul 29 12:36:54 zimbra sshd[4429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser=........ ------------------------------- |
2019-07-31 03:46:49 |
| 115.94.204.156 | attack | SSH/22 MH Probe, BF, Hack - |
2019-07-31 04:18:33 |
| 128.199.138.31 | attackbotsspam | Jul 30 12:15:20 unicornsoft sshd\[25161\]: Invalid user mabel from 128.199.138.31 Jul 30 12:15:20 unicornsoft sshd\[25161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.138.31 Jul 30 12:15:22 unicornsoft sshd\[25161\]: Failed password for invalid user mabel from 128.199.138.31 port 36467 ssh2 |
2019-07-31 03:50:27 |
| 185.105.121.55 | attackbots | SSH Brute-Force reported by Fail2Ban |
2019-07-31 04:27:22 |
| 47.92.109.159 | attackspambots | DATE:2019-07-30 14:14:35, IP:47.92.109.159, PORT:ssh brute force auth on SSH service (patata) |
2019-07-31 04:23:33 |
| 46.101.223.241 | attackbotsspam | 2019-07-31T01:57:38.945283enmeeting.mahidol.ac.th sshd\[31275\]: Invalid user ts2 from 46.101.223.241 port 57898 2019-07-31T01:57:38.964218enmeeting.mahidol.ac.th sshd\[31275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.223.241 2019-07-31T01:57:41.220750enmeeting.mahidol.ac.th sshd\[31275\]: Failed password for invalid user ts2 from 46.101.223.241 port 57898 ssh2 ... |
2019-07-31 03:45:01 |