City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 136.138.191.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 430
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;136.138.191.13. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012200 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 22 19:18:37 CST 2025
;; MSG SIZE rcvd: 107Host 13.191.138.136.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 13.191.138.136.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 181.74.252.158 | attack | "XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES: |
2020-09-03 01:41:20 |
| 159.69.109.52 | attack | [WedSep0213:38:46.2904952020][:error][pid25872:tid47161287251712][client159.69.109.52:55406][client159.69.109.52]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"ilgiornaledelticino.ch"][uri"/feed/"][unique_id"X0@ERtM@KfeytzC1EdM0iQAAAUM"][WedSep0213:38:46.8015672020][:error][pid25807:tid47161381267200][client159.69.109.52:55560][client159.69.109.52]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname |
2020-09-03 01:41:53 |
| 13.75.79.124 | attackspambots | ɢᴇᴛ ᴛʜᴇ ʙʀᴀɪɴ sᴜᴘᴘʟᴇᴍᴇɴᴛ ᴛʜᴀᴛ ɪs sᴇɴᴅɪɴɢ sʜᴏᴄᴋ-ᴡᴀᴠᴇs ᴛʜʀᴏᴜɢʜ ᴛʜᴇ ᴍᴇᴅɪᴄᴀʟ ɪɴᴅᴜsᴛʀʏ. |
2020-09-03 01:24:03 |
| 103.59.113.193 | attackbots | Sep 2 18:27:29 *hidden* sshd[26329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.59.113.193 Sep 2 18:27:31 *hidden* sshd[26329]: Failed password for invalid user ljq from 103.59.113.193 port 35530 ssh2 Sep 2 18:37:44 *hidden* sshd[28156]: Invalid user liyan from 103.59.113.193 port 51044 |
2020-09-03 01:25:59 |
| 212.52.131.9 | attack | Repeated brute force against a port |
2020-09-03 01:39:03 |
| 95.169.6.47 | attackbotsspam | Sep 2 20:56:24 NG-HHDC-SVS-001 sshd[26531]: Invalid user deploy from 95.169.6.47 ... |
2020-09-03 01:46:57 |
| 162.247.76.152 | attackspam | $f2bV_matches |
2020-09-03 01:23:32 |
| 192.99.34.42 | attack | 192.99.34.42 - - [02/Sep/2020:09:17:15 +0100] "POST /wp-login.php HTTP/1.1" 200 5249 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [02/Sep/2020:09:20:17 +0100] "POST /wp-login.php HTTP/1.1" 200 5249 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [02/Sep/2020:09:23:18 +0100] "POST /wp-login.php HTTP/1.1" 200 5249 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ... |
2020-09-03 01:53:32 |
| 54.38.156.63 | attackbotsspam | Invalid user mma from 54.38.156.63 port 49840 |
2020-09-03 01:40:50 |
| 47.50.158.234 | attack | 47.50.158.234 (US/United States/047-050-158-234.biz.spectrum.com), 4 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 1 12:43:30 internal2 sshd[26833]: Invalid user admin from 47.50.158.234 port 49186 Sep 1 12:42:34 internal2 sshd[26169]: Invalid user admin from 69.123.199.82 port 47535 Sep 1 12:42:34 internal2 sshd[26179]: Invalid user admin from 69.123.199.82 port 47552 Sep 1 12:42:36 internal2 sshd[26190]: Invalid user admin from 69.123.199.82 port 47563 IP Addresses Blocked: |
2020-09-03 01:33:49 |
| 93.142.179.65 | attackspam | "XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES: |
2020-09-03 01:46:06 |
| 83.8.234.209 | attackspam | xmlrpc attack |
2020-09-03 01:42:25 |
| 125.27.211.120 | attackspam | 1598978616 - 09/01/2020 18:43:36 Host: 125.27.211.120/125.27.211.120 Port: 445 TCP Blocked |
2020-09-03 01:26:57 |
| 185.207.154.124 | attackspam | IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking. |
2020-09-03 01:34:55 |
| 197.39.95.168 | attack | 197.39.95.168 - - [02/Sep/2020:15:32:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 259 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 197.39.95.168 - - [02/Sep/2020:15:32:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 259 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 197.39.95.168 - - [02/Sep/2020:15:32:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 259 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 197.39.95.168 - - [02/Sep/2020:15:32:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 259 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 197.39.95.168 - - [02/Sep/2020:15:32:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 259 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071 ... |
2020-09-03 01:48:03 |