City: Villavicencio
Region: Departamento del Meta
Country: Colombia
Internet Service Provider: eTb
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 190.93.130.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10430
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;190.93.130.94. IN A
;; AUTHORITY SECTION:
. 415 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019092700 1800 900 604800 86400
;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 28 02:24:45 CST 2019
;; MSG SIZE rcvd: 11794.130.93.190.in-addr.arpa domain name pointer sta-190-93-130-94.static.etb.net.co.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
94.130.93.190.in-addr.arpa name = sta-190-93-130-94.static.etb.net.co.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 37.49.231.163 | attackspambots | *Port Scan* detected from 37.49.231.163 (NL/Netherlands/-). 4 hits in the last 106 seconds |
2020-02-01 08:29:34 |
| 192.241.235.17 | attackspam | 3389/tcp 445/tcp [2020-01-31]2pkt |
2020-02-01 08:36:00 |
| 45.238.204.10 | attackspambots | 23/tcp [2020-01-31]1pkt |
2020-02-01 08:02:45 |
| 18.197.227.255 | attack | [FriJan3121:59:45.9714202020][:error][pid12039:tid47392797755136][client18.197.227.255:55694][client18.197.227.255]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"miaschildrensuisse.org"][uri"/.env"][unique_id"XjSVQTDMu3QNpyBNW2B3PAAAAFI"][FriJan3122:32:55.1687232020][:error][pid12039:tid47392776742656][client18.197.227.255:59146][client18.197.227.255]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|h |
2020-02-01 08:24:43 |
| 35.180.54.189 | attack | AutoReport: Attempting to access '/.env?' (blacklisted keyword '.env') |
2020-02-01 08:17:27 |
| 94.15.129.179 | attack | 23/tcp [2020-01-31]1pkt |
2020-02-01 08:24:18 |
| 87.151.155.14 | attackbotsspam | 37215/tcp [2020-01-31]1pkt |
2020-02-01 08:25:14 |
| 41.65.64.51 | attack | Feb 1 00:41:52 pornomens sshd\[29700\]: Invalid user admin from 41.65.64.51 port 44030 Feb 1 00:41:52 pornomens sshd\[29700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.65.64.51 Feb 1 00:41:54 pornomens sshd\[29700\]: Failed password for invalid user admin from 41.65.64.51 port 44030 ssh2 ... |
2020-02-01 08:00:18 |
| 110.14.163.111 | attackbotsspam | 1433/tcp [2020-01-31]1pkt |
2020-02-01 08:21:28 |
| 37.114.133.26 | attackspambots | Trying ports that it shouldn't be. |
2020-02-01 08:33:07 |
| 190.40.194.181 | attackbotsspam | Unauthorized connection attempt detected from IP address 190.40.194.181 to port 81 [J] |
2020-02-01 08:05:28 |
| 1.214.215.236 | attack | Unauthorized connection attempt detected from IP address 1.214.215.236 to port 2220 [J] |
2020-02-01 08:16:05 |
| 138.68.93.14 | attack | 20 attempts against mh-ssh on cloud |
2020-02-01 08:37:03 |
| 125.25.215.219 | attackbots | 445/tcp [2020-01-31]1pkt |
2020-02-01 08:08:40 |
| 91.92.245.46 | attackspam | 5555/tcp [2020-01-31]1pkt |
2020-02-01 07:55:49 |