City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 214.45.215.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29521
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;214.45.215.243. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025011001 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 11 12:39:35 CST 2025
;; MSG SIZE rcvd: 107b'Host 243.215.45.214.in-addr.arpa not found: 2(SERVFAIL)
'server can't find 214.45.215.243.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 2606:4700:20::681a:56 | spam | AGAIN and AGAIN and ALWAYS the same REGISTRARS as namecheap.com, whoisguard.com, namesilo.com, privacyguardian.org and cloudflare.com TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual... And Link as usual by bit.ly to delette IMMEDIATELY too ! MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord ! surfsupport.club => namecheap.com => whoisguard.com surfsupport.club => 192.64.119.6 162.255.119.153 => namecheap.com https://www.mywot.com/scorecard/surfsupport.club https://www.mywot.com/scorecard/namecheap.com https://www.mywot.com/scorecard/whoisguard.com https://en.asytech.cn/check-ip/162.255.119.153 AS USUAL since few days for PHISHING and SCAM send to : http://bit.ly/412dd4z which resend to : https://enticingse.com/fr-carrefour/?s1=16T&s2=d89bb555-d96f-468b-b60b-1dc635000f2b&s3=&s4=&s5=&Fname=&Lname=&Email=#/0 enticingse.com => namesilo.com => privacyguardian.org enticingse.com => 104.27.177.33 104.27.177.33 => cloudflare.com namesilo.com => 104.17.175.85 privacyguardian.org => 2606:4700:20::681a:56 => cloudflare.com https://www.mywot.com/scorecard/enticingse.com https://www.mywot.com/scorecard/namesilo.com https://www.mywot.com/scorecard/privacyguardian.org https://www.mywot.com/scorecard/cloudflare.com https://en.asytech.cn/check-ip/104.27.177.33 https://en.asytech.cn/check-ip/2606:4700:20::681a:56 |
2020-03-19 03:06:56 |
| 171.247.109.207 | attack | Honeypot attack, port: 5555, PTR: dynamic-ip-adsl.viettel.vn. |
2020-03-19 02:37:02 |
| 94.154.88.215 | attackbotsspam | 1584536874 - 03/18/2020 14:07:54 Host: 94.154.88.215/94.154.88.215 Port: 445 TCP Blocked |
2020-03-19 02:54:26 |
| 141.8.142.180 | attack | [Thu Mar 19 01:09:39.567987 2020] [:error] [pid 21327:tid 139998034278144] [client 141.8.142.180:58741] [client 141.8.142.180] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnJj46fks8iqMveAsGOWFwAAAAI"] ... |
2020-03-19 03:06:41 |
| 194.184.198.62 | attack | Mar 18 18:50:54 sd-53420 sshd\[15645\]: User root from 194.184.198.62 not allowed because none of user's groups are listed in AllowGroups Mar 18 18:50:54 sd-53420 sshd\[15645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.184.198.62 user=root Mar 18 18:50:57 sd-53420 sshd\[15645\]: Failed password for invalid user root from 194.184.198.62 port 51593 ssh2 Mar 18 18:55:28 sd-53420 sshd\[17170\]: Invalid user alok from 194.184.198.62 Mar 18 18:55:28 sd-53420 sshd\[17170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.184.198.62 ... |
2020-03-19 03:04:55 |
| 138.97.20.24 | attack | Honeypot attack, port: 445, PTR: static-138-97-20-24.camontelecom.net.br. |
2020-03-19 03:12:59 |
| 45.32.9.147 | attackbotsspam | Invalid user ftptest from 45.32.9.147 port 55562 |
2020-03-19 03:11:27 |
| 14.166.183.188 | attack | Honeypot attack, port: 445, PTR: static.vnpt.vn. |
2020-03-19 03:04:01 |
| 223.205.242.166 | attackspam | Honeypot attack, port: 445, PTR: mx-ll-223.205.242-166.dynamic.3bb.in.th. |
2020-03-19 02:44:43 |
| 37.139.16.94 | attackspambots | leo_www |
2020-03-19 03:08:05 |
| 106.12.123.239 | attack | Mar 18 20:22:00 www5 sshd\[53689\]: Invalid user sysbackup from 106.12.123.239 Mar 18 20:22:00 www5 sshd\[53689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.123.239 Mar 18 20:22:02 www5 sshd\[53689\]: Failed password for invalid user sysbackup from 106.12.123.239 port 44130 ssh2 ... |
2020-03-19 02:35:45 |
| 192.99.147.77 | attack | 192.99.147.77 - - [18/Mar/2020:15:19:32 +0100] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.147.77 - - [18/Mar/2020:15:19:33 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.147.77 - - [18/Mar/2020:17:15:17 +0100] "GET /wp-login.php HTTP/1.1" 200 6582 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-03-19 02:46:57 |
| 177.144.135.2 | attackspambots | SSH login attempts with user root. |
2020-03-19 03:08:41 |
| 47.50.246.114 | attackbotsspam | Mar 18 19:07:57 santamaria sshd\[22995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.50.246.114 user=root Mar 18 19:07:59 santamaria sshd\[22995\]: Failed password for root from 47.50.246.114 port 37276 ssh2 Mar 18 19:10:18 santamaria sshd\[23102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.50.246.114 user=root ... |
2020-03-19 02:57:47 |
| 200.59.127.191 | attack | 20/3/18@09:08:02: FAIL: Alarm-Telnet address from=200.59.127.191 ... |
2020-03-19 02:46:44 |