City: Boardman
Region: Oregon
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.212.114.156
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21821
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;54.212.114.156. IN A
;; AUTHORITY SECTION:
. 583 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022600 1800 900 604800 86400
;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 26 15:46:25 CST 2022
;; MSG SIZE rcvd: 107156.114.212.54.in-addr.arpa domain name pointer ec2-54-212-114-156.us-west-2.compute.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
156.114.212.54.in-addr.arpa name = ec2-54-212-114-156.us-west-2.compute.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 106.13.57.178 | attackbots | Dec 4 23:26:33 tdfoods sshd\[21489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178 user=root Dec 4 23:26:34 tdfoods sshd\[21489\]: Failed password for root from 106.13.57.178 port 38500 ssh2 Dec 4 23:34:16 tdfoods sshd\[22215\]: Invalid user clegg from 106.13.57.178 Dec 4 23:34:16 tdfoods sshd\[22215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178 Dec 4 23:34:19 tdfoods sshd\[22215\]: Failed password for invalid user clegg from 106.13.57.178 port 39848 ssh2 |
2019-12-05 17:38:48 |
| 46.105.31.249 | attackspambots | 2019-12-05T06:28:22.285492abusebot-8.cloudsearch.cf sshd\[2359\]: Invalid user mmmmmmmmmm from 46.105.31.249 port 57222 |
2019-12-05 18:04:54 |
| 193.169.253.86 | attackbots | firewall-block, port(s): 8545/tcp |
2019-12-05 18:18:24 |
| 159.65.158.229 | attack | Dec 4 23:52:06 web1 sshd\[1312\]: Invalid user callan from 159.65.158.229 Dec 4 23:52:06 web1 sshd\[1312\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.158.229 Dec 4 23:52:08 web1 sshd\[1312\]: Failed password for invalid user callan from 159.65.158.229 port 46396 ssh2 Dec 4 23:58:15 web1 sshd\[1976\]: Invalid user wwwrun from 159.65.158.229 Dec 4 23:58:15 web1 sshd\[1976\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.158.229 |
2019-12-05 18:07:16 |
| 128.199.142.0 | attack | Dec 5 00:09:43 auw2 sshd\[12248\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root Dec 5 00:09:45 auw2 sshd\[12248\]: Failed password for root from 128.199.142.0 port 59698 ssh2 Dec 5 00:16:22 auw2 sshd\[12889\]: Invalid user debian from 128.199.142.0 Dec 5 00:16:22 auw2 sshd\[12889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 Dec 5 00:16:24 auw2 sshd\[12889\]: Failed password for invalid user debian from 128.199.142.0 port 39114 ssh2 |
2019-12-05 18:18:49 |
| 112.85.42.171 | attack | Dec 5 10:36:31 MK-Soft-Root1 sshd[20776]: Failed password for root from 112.85.42.171 port 41991 ssh2 Dec 5 10:36:35 MK-Soft-Root1 sshd[20776]: Failed password for root from 112.85.42.171 port 41991 ssh2 ... |
2019-12-05 17:42:04 |
| 218.87.149.136 | attack | Portscan or hack attempt detected by psad/fwsnort |
2019-12-05 17:59:03 |
| 106.13.101.115 | attack | Port scan on 3 port(s): 2375 2376 4243 |
2019-12-05 18:01:50 |
| 199.193.7.24 | attackspam | 199.193.7.24 was recorded 5 times by 1 hosts attempting to connect to the following ports: 33434. Incident counter (4h, 24h, all-time): 5, 67, 370 |
2019-12-05 17:53:35 |
| 195.154.157.16 | attackspambots | [munged]::443 195.154.157.16 - - [05/Dec/2019:10:29:17 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 195.154.157.16 - - [05/Dec/2019:10:29:17 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 195.154.157.16 - - [05/Dec/2019:10:29:28 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 195.154.157.16 - - [05/Dec/2019:10:29:29 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 195.154.157.16 - - [05/Dec/2019:10:29:29 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 195.154.157.16 - - [05/Dec/2019:10:29:35 +0100] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11 |
2019-12-05 18:13:06 |
| 123.125.71.108 | attackbots | Bad bot/spoofed identity |
2019-12-05 17:48:00 |
| 46.229.168.161 | attackspam | Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools |
2019-12-05 18:00:31 |
| 202.105.136.106 | attack | Dec 5 16:50:12 webhost01 sshd[20545]: Failed password for root from 202.105.136.106 port 44500 ssh2 ... |
2019-12-05 18:00:46 |
| 200.29.108.214 | attackspambots | 2019-12-05T09:32:15.301687abusebot-5.cloudsearch.cf sshd\[8354\]: Invalid user www from 200.29.108.214 port 23873 |
2019-12-05 17:57:40 |
| 106.12.190.104 | attackspam | Dec 5 10:36:17 ns3042688 sshd\[2823\]: Invalid user chaylock from 106.12.190.104 Dec 5 10:36:17 ns3042688 sshd\[2823\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.190.104 Dec 5 10:36:19 ns3042688 sshd\[2823\]: Failed password for invalid user chaylock from 106.12.190.104 port 37554 ssh2 Dec 5 10:42:25 ns3042688 sshd\[8798\]: Invalid user celena from 106.12.190.104 Dec 5 10:42:25 ns3042688 sshd\[8798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.190.104 ... |
2019-12-05 17:52:22 |