City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.248.27.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24763
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.248.27.39. IN A
;; AUTHORITY SECTION:
. 490 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020083000 1800 900 604800 86400
;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 30 19:33:41 CST 2020
;; MSG SIZE rcvd: 11639.27.248.54.in-addr.arpa domain name pointer ec2-54-248-27-39.ap-northeast-1.compute.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
39.27.248.54.in-addr.arpa name = ec2-54-248-27-39.ap-northeast-1.compute.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 14.111.88.16 | attackbotsspam | Unauthorised access (Sep 6) SRC=14.111.88.16 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=55959 TCP DPT=8080 WINDOW=45653 SYN Unauthorised access (Sep 6) SRC=14.111.88.16 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=12530 TCP DPT=8080 WINDOW=37468 SYN Unauthorised access (Sep 6) SRC=14.111.88.16 LEN=40 TOS=0x10 PREC=0x40 TTL=48 ID=34977 TCP DPT=8080 WINDOW=45653 SYN Unauthorised access (Sep 6) SRC=14.111.88.16 LEN=40 TOS=0x10 PREC=0x40 TTL=48 ID=30150 TCP DPT=8080 WINDOW=35396 SYN Unauthorised access (Sep 2) SRC=14.111.88.16 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=59914 TCP DPT=8080 WINDOW=20812 SYN |
2019-09-07 05:23:16 |
| 149.129.214.48 | attack | Sep 6 18:17:34 zulu1842 sshd[772]: Invalid user servers from 149.129.214.48 Sep 6 18:17:34 zulu1842 sshd[772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.214.48 Sep 6 18:17:35 zulu1842 sshd[772]: Failed password for invalid user servers from 149.129.214.48 port 38888 ssh2 Sep 6 18:17:35 zulu1842 sshd[772]: Received disconnect from 149.129.214.48: 11: Bye Bye [preauth] Sep 6 18:27:28 zulu1842 sshd[1419]: Invalid user steam from 149.129.214.48 Sep 6 18:27:28 zulu1842 sshd[1419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.214.48 Sep 6 18:27:30 zulu1842 sshd[1419]: Failed password for invalid user steam from 149.129.214.48 port 54240 ssh2 Sep 6 18:27:31 zulu1842 sshd[1419]: Received disconnect from 149.129.214.48: 11: Bye Bye [preauth] Sep 6 18:32:17 zulu1842 sshd[1754]: Invalid user deploy from 149.129.214.48 Sep 6 18:32:17 zulu1842 sshd[1754]: pam_unix(ssh........ ------------------------------- |
2019-09-07 05:20:34 |
| 117.6.125.61 | attackspambots | Unauthorized connection attempt from IP address 117.6.125.61 on Port 445(SMB) |
2019-09-07 05:43:34 |
| 94.99.64.186 | attackbotsspam | Unauthorized connection attempt from IP address 94.99.64.186 on Port 445(SMB) |
2019-09-07 05:24:25 |
| 136.232.4.138 | attackspam | Unauthorized connection attempt from IP address 136.232.4.138 on Port 445(SMB) |
2019-09-07 05:36:45 |
| 108.171.196.71 | attackbotsspam | Unauthorized connection attempt from IP address 108.171.196.71 on Port 445(SMB) |
2019-09-07 05:47:10 |
| 218.98.26.175 | attackspam | Sep 7 00:25:07 www4 sshd\[39078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.175 user=root Sep 7 00:25:08 www4 sshd\[39078\]: Failed password for root from 218.98.26.175 port 11382 ssh2 Sep 7 00:25:16 www4 sshd\[39237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.175 user=root ... |
2019-09-07 05:27:50 |
| 103.50.37.17 | attackbots | Sep 6 19:08:26 SilenceServices sshd[9651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.50.37.17 Sep 6 19:08:28 SilenceServices sshd[9651]: Failed password for invalid user testuser from 103.50.37.17 port 45849 ssh2 Sep 6 19:11:28 SilenceServices sshd[10845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.50.37.17 |
2019-09-07 05:52:33 |
| 125.160.135.12 | attackbots | Unauthorized connection attempt from IP address 125.160.135.12 on Port 445(SMB) |
2019-09-07 05:54:01 |
| 58.145.168.162 | attack | Sep 6 23:50:58 meumeu sshd[21768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.145.168.162 Sep 6 23:51:01 meumeu sshd[21768]: Failed password for invalid user server1 from 58.145.168.162 port 54635 ssh2 Sep 6 23:55:23 meumeu sshd[22497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.145.168.162 ... |
2019-09-07 05:58:05 |
| 31.13.144.45 | attackbotsspam | Unauthorized connection attempt from IP address 31.13.144.45 on Port 445(SMB) |
2019-09-07 05:42:29 |
| 93.47.195.158 | attackbots | Unauthorized connection attempt from IP address 93.47.195.158 on Port 445(SMB) |
2019-09-07 05:55:53 |
| 105.224.226.248 | attack | Automatic report - Port Scan Attack |
2019-09-07 05:30:33 |
| 118.68.105.223 | attackbotsspam | SSH invalid-user multiple login try |
2019-09-07 05:55:34 |
| 12.7.109.254 | attackbotsspam | 2019-09-02T15:57:54.124267 X postfix/smtpd[30182]: NOQUEUE: reject: RCPT from unknown[12.7.109.254]: 554 5.7.1 Service unavailable; Client host [12.7.109.254] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?12.7.109.254; from= |
2019-09-07 05:49:20 |