City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 137.85.49.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29333
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;137.85.49.80. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020901 1800 900 604800 86400
;; Query time: 235 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 10 02:25:16 CST 2025
;; MSG SIZE rcvd: 105Host 80.49.85.137.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 80.49.85.137.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 200.150.74.114 | attack | Brute-force attempt banned |
2019-11-27 18:02:10 |
| 92.244.247.141 | attackspambots | Sql/code injection probe |
2019-11-27 18:02:54 |
| 193.188.22.17 | attackspam | RDP Bruteforce |
2019-11-27 18:19:59 |
| 202.92.6.43 | attack | 202.92.6.43 - - \[27/Nov/2019:07:58:40 +0100\] "POST /wp-login.php HTTP/1.0" 200 2406 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.92.6.43 - - \[27/Nov/2019:07:58:43 +0100\] "POST /wp-login.php HTTP/1.0" 200 2364 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.92.6.43 - - \[27/Nov/2019:07:58:47 +0100\] "POST /wp-login.php HTTP/1.0" 200 2374 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-11-27 18:13:28 |
| 141.98.81.117 | attack | <6 unauthorized SSH connections |
2019-11-27 17:44:07 |
| 193.227.199.150 | attack | Nov 27 00:08:17 kapalua sshd\[1963\]: Invalid user jsp from 193.227.199.150 Nov 27 00:08:17 kapalua sshd\[1963\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bay-a.sx5.cable.tolna.net Nov 27 00:08:19 kapalua sshd\[1963\]: Failed password for invalid user jsp from 193.227.199.150 port 49060 ssh2 Nov 27 00:16:28 kapalua sshd\[2815\]: Invalid user derianne from 193.227.199.150 Nov 27 00:16:28 kapalua sshd\[2815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bay-a.sx5.cable.tolna.net |
2019-11-27 18:21:13 |
| 181.188.8.63 | attackspambots | [WedNov2707:26:31.9005172019][:error][pid769:tid47011409766144][client181.188.8.63:37244][client181.188.8.63]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles\(disablethisruleifyourequireaccesstofilesthatendwith.sql\)"][severity"CRITICAL"][hostname"sopconsulting.ch"][uri"/3.sql"][unique_id"Xd4XFxvyAdLbgwOQSD8NiwAAAFY"][WedNov2707:26:37.7623692019][:error][pid964:tid47011378247424][client181.188.8.63:37293][client181.188.8.63]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles\(disablethisruleifyourequireaccesstofilesthatendwith.sql\)"][severity"CR |
2019-11-27 18:07:06 |
| 179.216.25.89 | attack | Nov 26 20:52:50 auw2 sshd\[2377\]: Invalid user ekebeg from 179.216.25.89 Nov 26 20:52:50 auw2 sshd\[2377\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.216.25.89 Nov 26 20:52:52 auw2 sshd\[2377\]: Failed password for invalid user ekebeg from 179.216.25.89 port 62229 ssh2 Nov 26 20:57:54 auw2 sshd\[2784\]: Invalid user ttest from 179.216.25.89 Nov 26 20:57:54 auw2 sshd\[2784\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.216.25.89 |
2019-11-27 17:49:11 |
| 125.212.217.214 | attack | Portscan or hack attempt detected by psad/fwsnort |
2019-11-27 17:51:10 |
| 162.246.107.56 | attackspambots | Nov 26 22:28:13 hanapaa sshd\[17288\]: Invalid user tairraz from 162.246.107.56 Nov 26 22:28:13 hanapaa sshd\[17288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.246.107.56 Nov 26 22:28:15 hanapaa sshd\[17288\]: Failed password for invalid user tairraz from 162.246.107.56 port 57656 ssh2 Nov 26 22:35:33 hanapaa sshd\[17867\]: Invalid user toshie123 from 162.246.107.56 Nov 26 22:35:33 hanapaa sshd\[17867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.246.107.56 |
2019-11-27 18:11:31 |
| 145.128.2.164 | attackbotsspam | RDP Bruteforce |
2019-11-27 18:05:06 |
| 124.116.92.8 | attackspam | Fail2Ban - FTP Abuse Attempt |
2019-11-27 18:22:10 |
| 218.92.0.133 | attack | 2019-11-27T10:37:06.101344scmdmz1 sshd\[1534\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.133 user=root 2019-11-27T10:37:08.093302scmdmz1 sshd\[1534\]: Failed password for root from 218.92.0.133 port 58600 ssh2 2019-11-27T10:37:11.069427scmdmz1 sshd\[1534\]: Failed password for root from 218.92.0.133 port 58600 ssh2 ... |
2019-11-27 17:41:06 |
| 51.38.231.36 | attackbots | Nov 26 23:31:36 hpm sshd\[26042\]: Invalid user darrell from 51.38.231.36 Nov 26 23:31:36 hpm sshd\[26042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.ip-51-38-231.eu Nov 26 23:31:39 hpm sshd\[26042\]: Failed password for invalid user darrell from 51.38.231.36 port 57212 ssh2 Nov 26 23:37:48 hpm sshd\[26557\]: Invalid user cognitive from 51.38.231.36 Nov 26 23:37:48 hpm sshd\[26557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.ip-51-38-231.eu |
2019-11-27 17:39:59 |
| 216.211.99.23 | attack | leo_www |
2019-11-27 18:09:01 |