City: Oceanside
Region: California
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 68.6.229.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16584
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;68.6.229.0. IN A
;; AUTHORITY SECTION:
. 509 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020021701 1800 900 604800 86400
;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 04:42:54 CST 2020
;; MSG SIZE rcvd: 1140.229.6.68.in-addr.arpa domain name pointer ip68-6-229-0.sd.sd.cox.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
0.229.6.68.in-addr.arpa name = ip68-6-229-0.sd.sd.cox.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 203.110.166.51 | attack | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-04-17 17:34:42 |
| 80.211.67.90 | attack | SSH brute-force: detected 7 distinct usernames within a 24-hour window. |
2020-04-17 17:33:09 |
| 106.12.69.53 | attackbots | distributed sshd attacks |
2020-04-17 17:00:26 |
| 148.66.146.44 | attackspam | $f2bV_matches |
2020-04-17 17:29:58 |
| 162.243.133.68 | attackspam | firewall-block, port(s): 9002/tcp |
2020-04-17 17:08:59 |
| 211.38.132.35 | attack | Apr 17 02:00:47 pixelmemory sshd[773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.38.132.35 Apr 17 02:00:49 pixelmemory sshd[773]: Failed password for invalid user ji from 211.38.132.35 port 44742 ssh2 Apr 17 02:08:33 pixelmemory sshd[2709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.38.132.35 ... |
2020-04-17 17:22:07 |
| 14.232.81.92 | attack | 445/tcp 445/tcp [2020-04-17]2pkt |
2020-04-17 17:24:45 |
| 193.187.116.190 | attack | Apr 17 08:20:14 ns382633 sshd\[1874\]: Invalid user ubuntu from 193.187.116.190 port 40638 Apr 17 08:20:14 ns382633 sshd\[1874\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.187.116.190 Apr 17 08:20:16 ns382633 sshd\[1874\]: Failed password for invalid user ubuntu from 193.187.116.190 port 40638 ssh2 Apr 17 08:23:54 ns382633 sshd\[2182\]: Invalid user nz from 193.187.116.190 port 36142 Apr 17 08:23:54 ns382633 sshd\[2182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.187.116.190 |
2020-04-17 17:06:53 |
| 40.118.102.111 | attackspam | Brute-force attempt banned |
2020-04-17 16:53:50 |
| 164.132.62.233 | attackbotsspam | ssh brute force |
2020-04-17 17:10:31 |
| 51.38.115.161 | attackbots | Invalid user firefart from 51.38.115.161 port 38610 |
2020-04-17 17:17:04 |
| 183.89.214.58 | attackspam | Dovecot Invalid User Login Attempt. |
2020-04-17 16:55:45 |
| 157.245.96.139 | attackbots | CMS (WordPress or Joomla) login attempt. |
2020-04-17 17:13:24 |
| 218.2.0.81 | attackbots | postfix |
2020-04-17 17:12:48 |
| 194.26.29.212 | attackbots | Apr 17 10:41:42 debian-2gb-nbg1-2 kernel: \[9371879.101707\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.212 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=40663 PROTO=TCP SPT=49848 DPT=5230 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-04-17 16:58:53 |