City: unknown
Region: unknown
Country: Korea (the Republic of)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.61.91.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21399
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;211.61.91.134. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020201 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 03 13:22:36 CST 2025
;; MSG SIZE rcvd: 106Host 134.91.61.211.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 134.91.61.211.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 114.203.21.13 | attackspam | TCP Port Scanning |
2020-03-02 03:27:12 |
| 80.211.128.151 | attackspam | Mar 1 16:31:25 server sshd\[31893\]: Invalid user HTTP from 80.211.128.151 Mar 1 16:31:25 server sshd\[31893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.128.151 Mar 1 16:31:27 server sshd\[31893\]: Failed password for invalid user HTTP from 80.211.128.151 port 57660 ssh2 Mar 1 16:46:39 server sshd\[2243\]: Invalid user zhengpinwen from 80.211.128.151 Mar 1 16:46:39 server sshd\[2243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.128.151 ... |
2020-03-02 03:17:45 |
| 221.151.112.217 | attack | Mar 1 19:09:18 mail postfix/smtpd[19034]: warning: unknown[221.151.112.217]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 1 19:09:26 mail postfix/smtpd[19037]: warning: unknown[221.151.112.217]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 1 19:09:37 mail postfix/smtpd[19040]: warning: unknown[221.151.112.217]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-03-02 03:28:15 |
| 34.212.128.86 | attack | \[Sun Mar 01 17:38:22 2020\] \[error\] \[client 34.212.128.86\] ModSecurity: collection_retrieve_ex: Unable to retrieve collection \(name "global", key "global"\). Use SecDataDir to define data directory first. \[hostname "167.114.2.187"\] \[uri "/w00tw00t.at.blackhats.romanian.anti-sec:\)"\] \[unique_id "XlvW7qdyArsAABPfNvQAAAAA"\] \[Sun Mar 01 17:38:22 2020\] \[error\] \[client 34.212.128.86\] ModSecurity: collection_retrieve_ex: Unable to retrieve collection \(name "ip", key "34.212.128.86_28782b907f7d9bde163d4b5ff7f449d84f6dddaa"\). Use SecDataDir to define data directory first. \[hostname "167.114.2.187"\] \[uri "/w00tw00t.at.blackhats.romanian.anti-sec:\)"\] \[unique_id "XlvW7qdyArsAABPfNvQAAAAA"\] \[Sun Mar 01 17:38:22 2020\] \[error\] \[client 34.212.128.86\] ModSecurity: Warning. Matched phrase "zmeu" at REQUEST_HEADERS:User-Agent. \[file "/etc/httpd/conf/modsecurity.d/rules/REQUEST-913-SCANNER-DETECTION.conf"\] \[line "59"\] \[id "913100"\] \[rev "2"\] \[msg "Found Use |
2020-03-02 03:19:56 |
| 192.241.213.126 | attackbots | 2020-02-17 22:23:15 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[192.241.213.126] input="EHLO zg0213a-61 " |
2020-03-02 03:31:57 |
| 218.92.0.145 | attackbots | Mar 1 16:13:28 firewall sshd[9448]: Failed password for root from 218.92.0.145 port 2199 ssh2 Mar 1 16:13:42 firewall sshd[9448]: error: maximum authentication attempts exceeded for root from 218.92.0.145 port 2199 ssh2 [preauth] Mar 1 16:13:42 firewall sshd[9448]: Disconnecting: Too many authentication failures [preauth] ... |
2020-03-02 03:15:40 |
| 51.77.220.183 | attackbots | Feb 16 14:24:18 raspberrypi sshd[4269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.220.183 |
2020-03-02 03:10:47 |
| 128.199.220.207 | attackspambots | Mar 1 sshd[28377]: Invalid user oracle from 128.199.220.207 port 40032 |
2020-03-02 03:45:07 |
| 202.78.64.107 | attackbots | Mar 1 20:22:01 eventyay sshd[17634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.78.64.107 Mar 1 20:22:04 eventyay sshd[17634]: Failed password for invalid user 159.89.167.109 - SSH-2.0-Ope.SSH_7.6p1 Ubuntu-4ubuntu0.3\r from 202.78.64.107 port 38818 ssh2 Mar 1 20:26:38 eventyay sshd[17673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.78.64.107 ... |
2020-03-02 03:29:04 |
| 201.253.223.176 | attackspam | Unauthorized connection attempt detected from IP address 201.253.223.176 to port 23 [J] |
2020-03-02 03:13:12 |
| 118.186.203.34 | attack | Unauthorized connection attempt detected from IP address 118.186.203.34 to port 1433 [J] |
2020-03-02 03:41:01 |
| 188.166.211.194 | attackbots | suspicious action Sun, 01 Mar 2020 14:50:00 -0300 |
2020-03-02 03:41:58 |
| 163.172.251.80 | attackspam | Mar 1 18:24:46 ncomp sshd[23324]: Invalid user bf1942server from 163.172.251.80 Mar 1 18:24:46 ncomp sshd[23324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.251.80 Mar 1 18:24:46 ncomp sshd[23324]: Invalid user bf1942server from 163.172.251.80 Mar 1 18:24:48 ncomp sshd[23324]: Failed password for invalid user bf1942server from 163.172.251.80 port 37200 ssh2 |
2020-03-02 03:38:35 |
| 193.32.161.12 | attack | Fail2Ban Ban Triggered |
2020-03-02 03:30:18 |
| 112.85.42.182 | attackbots | Mar 1 20:16:31 v22018076622670303 sshd\[20053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.182 user=root Mar 1 20:16:34 v22018076622670303 sshd\[20053\]: Failed password for root from 112.85.42.182 port 64707 ssh2 Mar 1 20:16:37 v22018076622670303 sshd\[20053\]: Failed password for root from 112.85.42.182 port 64707 ssh2 ... |
2020-03-02 03:51:29 |