City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 199.249.19.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;199.249.19.42. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021900 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 16:18:32 CST 2025
;; MSG SIZE rcvd: 106Host 42.19.249.199.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 42.19.249.199.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.27.177.33 | spam | AGAIN and AGAIN and ALWAYS the same REGISTRARS as namecheap.com, whoisguard.com, namesilo.com, privacyguardian.org and cloudflare.com TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual... And Link as usual by bit.ly to delette IMMEDIATELY too ! MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord ! surfsupport.club => namecheap.com => whoisguard.com surfsupport.club => 192.64.119.6 162.255.119.153 => namecheap.com https://www.mywot.com/scorecard/surfsupport.club https://www.mywot.com/scorecard/namecheap.com https://www.mywot.com/scorecard/whoisguard.com https://en.asytech.cn/check-ip/162.255.119.153 AS USUAL since few days for PHISHING and SCAM send to : http://bit.ly/412dd4z which resend to : https://enticingse.com/fr-carrefour/?s1=16T&s2=d89bb555-d96f-468b-b60b-1dc635000f2b&s3=&s4=&s5=&Fname=&Lname=&Email=#/0 enticingse.com => namesilo.com => privacyguardian.org enticingse.com => 104.27.177.33 104.27.177.33 => cloudflare.com namesilo.com => 104.17.175.85 privacyguardian.org => 2606:4700:20::681a:56 => cloudflare.com https://www.mywot.com/scorecard/enticingse.com https://www.mywot.com/scorecard/namesilo.com https://www.mywot.com/scorecard/privacyguardian.org https://www.mywot.com/scorecard/cloudflare.com https://en.asytech.cn/check-ip/104.27.177.33 https://en.asytech.cn/check-ip/2606:4700:20::681a:56 |
2020-03-19 03:07:11 |
| 106.12.123.239 | attack | Mar 18 20:22:00 www5 sshd\[53689\]: Invalid user sysbackup from 106.12.123.239 Mar 18 20:22:00 www5 sshd\[53689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.123.239 Mar 18 20:22:02 www5 sshd\[53689\]: Failed password for invalid user sysbackup from 106.12.123.239 port 44130 ssh2 ... |
2020-03-19 02:35:45 |
| 222.186.173.215 | attackbots | SSH_scan |
2020-03-19 03:07:42 |
| 193.37.255.114 | attack | " " |
2020-03-19 02:36:39 |
| 156.203.181.0 | attackspam | 20/3/18@09:07:51: FAIL: Alarm-Telnet address from=156.203.181.0 ... |
2020-03-19 02:56:51 |
| 141.8.142.180 | attack | [Thu Mar 19 01:09:39.567987 2020] [:error] [pid 21327:tid 139998034278144] [client 141.8.142.180:58741] [client 141.8.142.180] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnJj46fks8iqMveAsGOWFwAAAAI"] ... |
2020-03-19 03:06:41 |
| 77.75.37.51 | attack | Mar 17 21:55:44 archiv sshd[18836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=server-77.75.37.51.radore.net.tr user=r.r Mar 17 21:55:46 archiv sshd[18836]: Failed password for r.r from 77.75.37.51 port 42283 ssh2 Mar 17 21:55:46 archiv sshd[18836]: Received disconnect from 77.75.37.51 port 42283:11: Bye Bye [preauth] Mar 17 21:55:46 archiv sshd[18836]: Disconnected from 77.75.37.51 port 42283 [preauth] Mar 17 22:10:23 archiv sshd[19177]: Invalid user takaki from 77.75.37.51 port 53790 Mar 17 22:10:23 archiv sshd[19177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=server-77.75.37.51.radore.net.tr Mar 17 22:10:26 archiv sshd[19177]: Failed password for invalid user takaki from 77.75.37.51 port 53790 ssh2 Mar 17 22:10:26 archiv sshd[19177]: Received disconnect from 77.75.37.51 port 53790:11: Bye Bye [preauth] Mar 17 22:10:26 archiv sshd[19177]: Disconnected from 77.75.37.51 port 5379........ ------------------------------- |
2020-03-19 03:06:21 |
| 87.250.224.91 | attackspambots | [Wed Mar 18 21:17:44.677793 2020] [:error] [pid 465:tid 140504909158144] [client 87.250.224.91:43463] [client 87.250.224.91] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnItiI@IaBs9pCUIQ0YxCwAAAbo"] ... |
2020-03-19 02:32:00 |
| 188.166.23.215 | attack | Mar 18 19:14:22 vpn01 sshd[16449]: Failed password for root from 188.166.23.215 port 52234 ssh2 ... |
2020-03-19 02:55:29 |
| 2606:4700:20::681a:56 | spam | AGAIN and AGAIN and ALWAYS the same REGISTRARS as namecheap.com, whoisguard.com, namesilo.com, privacyguardian.org and cloudflare.com TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual... And Link as usual by bit.ly to delette IMMEDIATELY too ! MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord ! surfsupport.club => namecheap.com => whoisguard.com surfsupport.club => 192.64.119.6 162.255.119.153 => namecheap.com https://www.mywot.com/scorecard/surfsupport.club https://www.mywot.com/scorecard/namecheap.com https://www.mywot.com/scorecard/whoisguard.com https://en.asytech.cn/check-ip/162.255.119.153 AS USUAL since few days for PHISHING and SCAM send to : http://bit.ly/412dd4z which resend to : https://enticingse.com/fr-carrefour/?s1=16T&s2=d89bb555-d96f-468b-b60b-1dc635000f2b&s3=&s4=&s5=&Fname=&Lname=&Email=#/0 enticingse.com => namesilo.com => privacyguardian.org enticingse.com => 104.27.177.33 104.27.177.33 => cloudflare.com namesilo.com => 104.17.175.85 privacyguardian.org => 2606:4700:20::681a:56 => cloudflare.com https://www.mywot.com/scorecard/enticingse.com https://www.mywot.com/scorecard/namesilo.com https://www.mywot.com/scorecard/privacyguardian.org https://www.mywot.com/scorecard/cloudflare.com https://en.asytech.cn/check-ip/104.27.177.33 https://en.asytech.cn/check-ip/2606:4700:20::681a:56 |
2020-03-19 03:06:56 |
| 177.144.135.2 | attackspambots | SSH login attempts with user root. |
2020-03-19 03:08:41 |
| 190.117.62.241 | attack | Brute-force attempt banned |
2020-03-19 02:42:46 |
| 122.51.25.34 | attack | $f2bV_matches |
2020-03-19 02:51:03 |
| 177.72.13.80 | attackspambots | SSH login attempts with user root. |
2020-03-19 03:02:17 |
| 113.184.40.133 | attackbotsspam | Honeypot attack, port: 81, PTR: static.vnpt.vn. |
2020-03-19 02:39:27 |