City: Santa Rosa
Region: California
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 64.142.3.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59372
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;64.142.3.107. IN A
;; AUTHORITY SECTION:
. 228 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022120800 1800 900 604800 86400
;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 08 20:34:24 CST 2022
;; MSG SIZE rcvd: 105107.3.142.64.in-addr.arpa domain name pointer 64-142-3-107.dedicated.static.sonic.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
107.3.142.64.in-addr.arpa name = 64-142-3-107.dedicated.static.sonic.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 103.219.112.1 | attack | scans 2 times in preceeding hours on the ports (in chronological order) 15662 15662 |
2020-07-06 23:19:26 |
| 185.175.93.23 | attack | Jul 6 16:54:58 debian-2gb-nbg1-2 kernel: \[16305906.863639\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.23 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=18603 PROTO=TCP SPT=46011 DPT=5913 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-07-06 23:22:46 |
| 111.161.66.250 | attackbotsspam |
|
2020-07-06 23:18:09 |
| 83.97.20.164 | attack | scans once in preceeding hours on the ports (in chronological order) 1434 resulting in total of 9 scans from 83.97.20.0/24 block. |
2020-07-06 23:28:22 |
| 222.186.61.191 | attackspam | scans once in preceeding hours on the ports (in chronological order) 1611 resulting in total of 3 scans from 222.184.0.0/13 block. |
2020-07-06 23:21:24 |
| 180.149.125.152 | attackspam | probes 4 times on the port 8888 |
2020-07-06 23:10:50 |
| 139.59.141.196 | attackbots | 139.59.141.196 - - \[06/Jul/2020:16:56:09 +0200\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - \[06/Jul/2020:16:56:10 +0200\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - \[06/Jul/2020:16:56:10 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-07-06 23:03:42 |
| 171.245.116.76 | attackbotsspam | SSH brute-force attempt |
2020-07-06 22:53:45 |
| 114.156.3.171 | attackspam | scans 20 times in preceeding hours on the ports (in chronological order) 49152 5555 37426 9000 9092 2379 9200 5000 1434 5432 10250 5916 5009 27017 9001 2222 3478 1935 37193 5540 |
2020-07-06 23:17:35 |
| 223.247.153.213 | attackspambots | scans 2 times in preceeding hours on the ports (in chronological order) 3389 3389 |
2020-07-06 23:04:01 |
| 157.245.81.162 | attack |
|
2020-07-06 23:13:59 |
| 103.216.171.78 | attackspambots | probes 4 times on the port 8291 8728 |
2020-07-06 23:19:46 |
| 180.149.125.141 | attack | probes 4 times on the port 8888 |
2020-07-06 23:11:26 |
| 41.225.16.156 | attack | Jul 6 13:51:59 rocket sshd[18182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.225.16.156 Jul 6 13:52:00 rocket sshd[18182]: Failed password for invalid user ymn from 41.225.16.156 port 45638 ssh2 Jul 6 13:55:29 rocket sshd[18490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.225.16.156 ... |
2020-07-06 23:01:24 |
| 185.156.73.45 | attackbotsspam | scans 2 times in preceeding hours on the ports (in chronological order) 3560 3731 resulting in total of 79 scans from 185.156.72.0/22 block. |
2020-07-06 23:24:03 |