City: Zalău
Region: Judetul Salaj
Country: Romania
Internet Service Provider: unknown
Hostname: unknown
Organization: Starnetrans Srl
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.42.83.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36431
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;89.42.83.140. IN A
;; AUTHORITY SECTION:
. 1723 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019062100 1800 900 604800 86400
;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 21 17:17:24 CST 2019
;; MSG SIZE rcvd: 116140.83.42.89.in-addr.arpa domain name pointer static-89-42-83-140.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
140.83.42.89.in-addr.arpa name = static-89-42-83-140.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 77.242.76.218 | attack | Scanning random ports - tries to find possible vulnerable services |
2019-06-22 16:18:55 |
| 210.245.90.208 | attackspambots | www.handydirektreparatur.de 210.245.90.208 \[22/Jun/2019:06:29:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 5667 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 210.245.90.208 \[22/Jun/2019:06:29:56 +0200\] "POST /wp-login.php HTTP/1.1" 200 5623 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-06-22 17:04:44 |
| 195.20.197.222 | attack | [portscan] Port scan |
2019-06-22 16:35:58 |
| 220.130.202.128 | attackspam | SSH Bruteforce |
2019-06-22 16:30:30 |
| 194.150.15.70 | attackspam | Jun 22 11:10:16 mail sshd\[30291\]: Invalid user wpyan from 194.150.15.70 Jun 22 11:10:16 mail sshd\[30291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.150.15.70 Jun 22 11:10:19 mail sshd\[30291\]: Failed password for invalid user wpyan from 194.150.15.70 port 41335 ssh2 ... |
2019-06-22 17:13:25 |
| 87.17.241.78 | attackbots | Jun 21 01:59:37 server3 sshd[778207]: Invalid user admin from 87.17.241.78 Jun 21 01:59:37 server3 sshd[778208]: Invalid user admin from 87.17.241.78 Jun 21 01:59:40 server3 sshd[778208]: Failed password for invalid user admin from 87.17.241.78 port 40906 ssh2 Jun 21 01:59:40 server3 sshd[778207]: Failed password for invalid user admin from 87.17.241.78 port 40868 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=87.17.241.78 |
2019-06-22 16:47:03 |
| 112.119.84.101 | attack | Trying to (more than 3 packets) bruteforce (not open) telnet port 23 |
2019-06-22 16:49:12 |
| 112.252.101.147 | attackspam | firewall-block, port(s): 2323/tcp |
2019-06-22 16:54:06 |
| 91.183.90.237 | attackspam | Jun 22 07:12:58 cp sshd[14198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.183.90.237 |
2019-06-22 17:11:15 |
| 196.52.43.112 | attack | " " |
2019-06-22 17:12:26 |
| 5.196.137.213 | attackbotsspam | SSH-Bruteforce |
2019-06-22 17:07:22 |
| 152.44.100.141 | attack | NAME : BLAZINGSEO-US-77 CIDR : 152.44.106.0/24 | STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack USA - California - block certain countries :) IP: 152.44.100.141 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl |
2019-06-22 17:17:09 |
| 184.105.139.69 | attackbotsspam | 22.06.2019 04:30:55 Connection to port 19 blocked by firewall |
2019-06-22 17:02:17 |
| 206.189.166.172 | attack | Jun 22 08:03:00 thevastnessof sshd[5517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.166.172 ... |
2019-06-22 16:34:20 |
| 103.73.181.10 | attack | Scanning random ports - tries to find possible vulnerable services |
2019-06-22 16:36:58 |