City: unknown
Region: unknown
Country: Korea (the Republic of)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.0.145.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35776
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;124.0.145.192. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021100 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 11 13:49:40 CST 2025
;; MSG SIZE rcvd: 106
Host 192.145.0.124.in-addr.arpa not found: 2(SERVFAIL)
;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 192.145.0.124.in-addr.arpa: SERVFAIL
| IP | Type | Details | Datetime |
|---|---|---|---|
| 86.252.251.146 | attackbotsspam | Invalid user teamspeak1 from 86.252.251.146 port 34870 |
2020-03-23 22:14:59 |
| 89.129.17.5 | attackspambots | Mar 23 08:17:31 ws12vmsma01 sshd[39392]: Invalid user yasuda from 89.129.17.5 Mar 23 08:17:34 ws12vmsma01 sshd[39392]: Failed password for invalid user yasuda from 89.129.17.5 port 57050 ssh2 Mar 23 08:23:25 ws12vmsma01 sshd[40294]: Invalid user ruman from 89.129.17.5 ... |
2020-03-23 22:09:05 |
| 5.255.253.25 | attackbots | [Mon Mar 23 18:44:10.449303 2020] [:error] [pid 10526:tid 139645939312384] [client 5.255.253.25:44367] [client 5.255.253.25] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnihCgUkPLKnP9@8s07hFwAAAtA"] ... |
2020-03-23 21:45:43 |
| 103.10.30.207 | attackspam | k+ssh-bruteforce |
2020-03-23 21:50:39 |
| 5.132.115.161 | attack | $f2bV_matches |
2020-03-23 22:15:24 |
| 46.105.100.224 | attackspambots | GET /wp-login.php |
2020-03-23 21:51:49 |
| 92.118.37.61 | attack | scans 12 times in preceeding hours on the ports (in chronological order) 9685 54996 14503 9938 1034 8228 1389 28357 9528 2012 20181 24769 resulting in total of 29 scans from 92.118.37.0/24 block. |
2020-03-23 22:19:26 |
| 60.249.76.85 | attack | Unauthorized connection attempt from IP address 60.249.76.85 on Port 445(SMB) |
2020-03-23 21:55:42 |
| 210.47.163.200 | attackspam | [Sat Feb 22 18:34:11 2020] - Syn Flood From IP: 210.47.163.200 Port: 6000 |
2020-03-23 22:10:30 |
| 123.235.18.142 | attackbotsspam | [Sat Feb 22 20:42:05 2020] - Syn Flood From IP: 123.235.18.142 Port: 4013 |
2020-03-23 22:05:42 |
| 179.191.67.142 | attackbots | Unauthorized connection attempt from IP address 179.191.67.142 on Port 445(SMB) |
2020-03-23 22:28:52 |
| 91.238.9.69 | attackbotsspam | Spam |
2020-03-23 22:30:04 |
| 184.105.247.254 | attack | Mar 23 07:33:48 debian-2gb-nbg1-2 kernel: \[7204318.399955\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.247.254 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=36547 DPT=6379 WINDOW=65535 RES=0x00 SYN URGP=0 |
2020-03-23 21:56:22 |
| 138.197.89.212 | attackbots | Mar 23 10:07:33 ip-172-31-62-245 sshd\[22949\]: Invalid user adrianne from 138.197.89.212\ Mar 23 10:07:36 ip-172-31-62-245 sshd\[22949\]: Failed password for invalid user adrianne from 138.197.89.212 port 51322 ssh2\ Mar 23 10:11:10 ip-172-31-62-245 sshd\[23051\]: Invalid user ii from 138.197.89.212\ Mar 23 10:11:12 ip-172-31-62-245 sshd\[23051\]: Failed password for invalid user ii from 138.197.89.212 port 39072 ssh2\ Mar 23 10:14:45 ip-172-31-62-245 sshd\[23065\]: Invalid user konrad from 138.197.89.212\ |
2020-03-23 21:50:04 |
| 185.135.81.60 | attackbots | Mar 22 21:30:06 web1 sshd\[7191\]: Invalid user lm from 185.135.81.60 Mar 22 21:30:06 web1 sshd\[7191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.135.81.60 Mar 22 21:30:08 web1 sshd\[7191\]: Failed password for invalid user lm from 185.135.81.60 port 45806 ssh2 Mar 22 21:36:59 web1 sshd\[7943\]: Invalid user admin from 185.135.81.60 Mar 22 21:36:59 web1 sshd\[7943\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.135.81.60 |
2020-03-23 22:05:13 |