City: unknown
Region: unknown
Country: Croatia
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 195.29.160.247
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26416
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;195.29.160.247. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021500 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 16 00:59:02 CST 2025
;; MSG SIZE rcvd: 107Host 247.160.29.195.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 247.160.29.195.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 150.214.141.180 | attack | SSH Scan |
2019-10-22 01:18:53 |
| 45.136.109.250 | attack | Oct 21 17:14:09 h2177944 kernel: \[4546732.167276\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.250 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=33602 PROTO=TCP SPT=53778 DPT=7218 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 21 17:35:04 h2177944 kernel: \[4547987.132544\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.250 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=16985 PROTO=TCP SPT=53778 DPT=6123 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 21 17:52:38 h2177944 kernel: \[4549040.824621\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.250 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=36382 PROTO=TCP SPT=53778 DPT=6867 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 21 18:07:13 h2177944 kernel: \[4549915.763973\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.250 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=16685 PROTO=TCP SPT=53778 DPT=6821 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 21 18:09:28 h2177944 kernel: \[4550050.369535\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.250 DST=85.214. |
2019-10-22 00:51:36 |
| 52.172.44.97 | attack | Oct 21 03:48:57 kapalua sshd\[3072\]: Invalid user xfs from 52.172.44.97 Oct 21 03:48:57 kapalua sshd\[3072\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.44.97 Oct 21 03:49:00 kapalua sshd\[3072\]: Failed password for invalid user xfs from 52.172.44.97 port 56170 ssh2 Oct 21 03:53:21 kapalua sshd\[3382\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.44.97 user=root Oct 21 03:53:23 kapalua sshd\[3382\]: Failed password for root from 52.172.44.97 port 40586 ssh2 |
2019-10-22 01:07:54 |
| 77.40.3.185 | attackbots | 10/21/2019-16:47:12.629289 77.40.3.185 Protocol: 6 SURICATA SMTP tls rejected |
2019-10-22 01:01:05 |
| 92.222.90.130 | attackspam | (sshd) Failed SSH login from 92.222.90.130 (FR/France/130.ip-92-222-90.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 21 13:24:37 server2 sshd[3746]: Failed password for root from 92.222.90.130 port 46674 ssh2 Oct 21 13:32:33 server2 sshd[3993]: Invalid user lucas from 92.222.90.130 port 52690 Oct 21 13:32:35 server2 sshd[3993]: Failed password for invalid user lucas from 92.222.90.130 port 52690 ssh2 Oct 21 13:36:14 server2 sshd[4072]: Failed password for root from 92.222.90.130 port 35612 ssh2 Oct 21 13:39:49 server2 sshd[4137]: Failed password for root from 92.222.90.130 port 46752 ssh2 |
2019-10-22 01:15:24 |
| 36.92.95.10 | attack | Automatic report - Banned IP Access |
2019-10-22 01:27:18 |
| 45.77.231.250 | attackbotsspam | fail2ban honeypot |
2019-10-22 01:21:54 |
| 31.204.0.181 | attackspam | 52869/tcp 60001/tcp 23/tcp... [2019-08-20/10-21]15pkt,3pt.(tcp) |
2019-10-22 01:06:43 |
| 93.67.106.212 | attack | Oct 21 12:40:13 ms-srv sshd[24445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.67.106.212 |
2019-10-22 00:51:19 |
| 62.234.103.7 | attack | Oct 21 03:43:26 auw2 sshd\[1391\]: Invalid user d from 62.234.103.7 Oct 21 03:43:26 auw2 sshd\[1391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.103.7 Oct 21 03:43:28 auw2 sshd\[1391\]: Failed password for invalid user d from 62.234.103.7 port 53096 ssh2 Oct 21 03:49:42 auw2 sshd\[1958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.103.7 user=root Oct 21 03:49:44 auw2 sshd\[1958\]: Failed password for root from 62.234.103.7 port 34922 ssh2 |
2019-10-22 01:24:01 |
| 120.133.34.162 | attack | SSH Scan |
2019-10-22 01:05:56 |
| 42.113.74.39 | attack | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/42.113.74.39/ VN - 1H : (52) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : VN NAME ASN : ASN18403 IP : 42.113.74.39 CIDR : 42.113.72.0/22 PREFIX COUNT : 2592 UNIQUE IP COUNT : 1397760 ATTACKS DETECTED ASN18403 : 1H - 3 3H - 3 6H - 7 12H - 11 24H - 22 DateTime : 2019-10-21 13:39:56 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-22 01:08:45 |
| 200.127.124.103 | attack | [Mon Oct 21 08:39:32.308634 2019] [:error] [pid 120113] [client 200.127.124.103:44980] [client 200.127.124.103] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "Xa2Y9FfbvTFsWFXYtWfTWQAAAAI"] ... |
2019-10-22 01:26:26 |
| 46.39.73.212 | attack | Automatic report - Port Scan Attack |
2019-10-22 00:45:16 |
| 104.236.63.99 | attack | Automatic report - Banned IP Access |
2019-10-22 00:56:25 |