City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.42.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44009
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.18.42.160. IN A
;; AUTHORITY SECTION:
. 157 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022051902 1800 900 604800 86400
;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 20 11:43:35 CST 2022
;; MSG SIZE rcvd: 106Host 160.42.18.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 160.42.18.104.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 202.77.40.212 | attackbots | Attempted connection to port 22. |
2020-03-19 02:59:27 |
| 37.139.16.94 | attackspambots | leo_www |
2020-03-19 03:08:05 |
| 106.58.169.162 | attackspambots | [ssh] SSH attack |
2020-03-19 02:52:50 |
| 2606:4700:20::681a:56 | spam | AGAIN and AGAIN and ALWAYS the same REGISTRARS as namecheap.com, whoisguard.com, namesilo.com, privacyguardian.org and cloudflare.com TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual... And Link as usual by bit.ly to delette IMMEDIATELY too ! MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord ! surfsupport.club => namecheap.com => whoisguard.com surfsupport.club => 192.64.119.6 162.255.119.153 => namecheap.com https://www.mywot.com/scorecard/surfsupport.club https://www.mywot.com/scorecard/namecheap.com https://www.mywot.com/scorecard/whoisguard.com https://en.asytech.cn/check-ip/162.255.119.153 AS USUAL since few days for PHISHING and SCAM send to : http://bit.ly/412dd4z which resend to : https://enticingse.com/fr-carrefour/?s1=16T&s2=d89bb555-d96f-468b-b60b-1dc635000f2b&s3=&s4=&s5=&Fname=&Lname=&Email=#/0 enticingse.com => namesilo.com => privacyguardian.org enticingse.com => 104.27.177.33 104.27.177.33 => cloudflare.com namesilo.com => 104.17.175.85 privacyguardian.org => 2606:4700:20::681a:56 => cloudflare.com https://www.mywot.com/scorecard/enticingse.com https://www.mywot.com/scorecard/namesilo.com https://www.mywot.com/scorecard/privacyguardian.org https://www.mywot.com/scorecard/cloudflare.com https://en.asytech.cn/check-ip/104.27.177.33 https://en.asytech.cn/check-ip/2606:4700:20::681a:56 |
2020-03-19 03:06:56 |
| 113.141.70.200 | attackbotsspam | 1433/tcp 445/tcp... [2020-01-19/03-18]7pkt,2pt.(tcp) |
2020-03-19 03:26:13 |
| 61.182.232.38 | attackbots | 2020-03-18T18:13:29.641312randservbullet-proofcloud-66.localdomain sshd[11605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.182.232.38 user=root 2020-03-18T18:13:31.493636randservbullet-proofcloud-66.localdomain sshd[11605]: Failed password for root from 61.182.232.38 port 51350 ssh2 2020-03-18T18:34:07.518565randservbullet-proofcloud-66.localdomain sshd[11694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.182.232.38 user=root 2020-03-18T18:34:09.662012randservbullet-proofcloud-66.localdomain sshd[11694]: Failed password for root from 61.182.232.38 port 58714 ssh2 ... |
2020-03-19 03:01:51 |
| 211.169.249.231 | attackbots | Mar 18 19:44:38 roki sshd[28223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.231 user=root Mar 18 19:44:40 roki sshd[28223]: Failed password for root from 211.169.249.231 port 60924 ssh2 Mar 18 19:45:10 roki sshd[28263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.231 user=root Mar 18 19:45:12 roki sshd[28263]: Failed password for root from 211.169.249.231 port 38300 ssh2 Mar 18 19:45:27 roki sshd[28282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.231 user=root ... |
2020-03-19 03:16:04 |
| 206.189.140.72 | attack | SSH Brute-Force attacks |
2020-03-19 02:56:32 |
| 31.14.142.162 | attackspambots | Mar 18 19:32:25 ns3042688 sshd\[15578\]: Invalid user cpanelphpmyadmin from 31.14.142.162 Mar 18 19:32:25 ns3042688 sshd\[15578\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.14.142.162 Mar 18 19:32:27 ns3042688 sshd\[15578\]: Failed password for invalid user cpanelphpmyadmin from 31.14.142.162 port 39403 ssh2 Mar 18 19:36:38 ns3042688 sshd\[15939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.14.142.162 user=root Mar 18 19:36:40 ns3042688 sshd\[15939\]: Failed password for root from 31.14.142.162 port 49656 ssh2 ... |
2020-03-19 03:01:01 |
| 119.108.35.161 | attack | Automatic report - Port Scan Attack |
2020-03-19 03:05:16 |
| 138.128.209.35 | attackbots | $f2bV_matches |
2020-03-19 03:13:41 |
| 103.205.69.55 | attackbots | 1584536859 - 03/18/2020 14:07:39 Host: 103.205.69.55/103.205.69.55 Port: 445 TCP Blocked |
2020-03-19 03:05:41 |
| 185.129.5.18 | attackspam | Honeypot attack, port: 445, PTR: PTR record not found |
2020-03-19 03:17:52 |
| 218.92.0.201 | attack | Mar 18 18:45:33 vpn01 sshd[15674]: Failed password for root from 218.92.0.201 port 49759 ssh2 ... |
2020-03-19 03:15:28 |
| 141.8.142.180 | attack | [Thu Mar 19 01:09:39.567987 2020] [:error] [pid 21327:tid 139998034278144] [client 141.8.142.180:58741] [client 141.8.142.180] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnJj46fks8iqMveAsGOWFwAAAAI"] ... |
2020-03-19 03:06:41 |