City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 30.38.213.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25297
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;30.38.213.129. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2024111700 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 17 22:10:24 CST 2024
;; MSG SIZE rcvd: 106Host 129.213.38.30.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 129.213.38.30.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 185.50.149.25 | attack | May 2 01:29:19 web01.agentur-b-2.de postfix/smtpd[924855]: warning: unknown[185.50.149.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 2 01:29:19 web01.agentur-b-2.de postfix/smtpd[924855]: lost connection after AUTH from unknown[185.50.149.25] May 2 01:29:24 web01.agentur-b-2.de postfix/smtpd[930008]: lost connection after CONNECT from unknown[185.50.149.25] May 2 01:29:32 web01.agentur-b-2.de postfix/smtpd[924855]: warning: unknown[185.50.149.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 2 01:29:32 web01.agentur-b-2.de postfix/smtpd[924855]: lost connection after AUTH from unknown[185.50.149.25] |
2020-05-02 07:32:43 |
| 51.68.123.198 | attackbotsspam | May 2 01:15:07 ns3164893 sshd[21592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.123.198 May 2 01:15:09 ns3164893 sshd[21592]: Failed password for invalid user sakinah from 51.68.123.198 port 37996 ssh2 ... |
2020-05-02 07:55:35 |
| 220.127.177.166 | attackbots | port 23 |
2020-05-02 07:53:15 |
| 96.42.239.196 | attackspambots | TCP src-port=50746 dst-port=25 Listed on abuseat-org barracuda spamcop (Project Honey Pot rated Suspicious) (375) |
2020-05-02 07:48:15 |
| 1.163.210.86 | attackbots | Port probing on unauthorized port 23 |
2020-05-02 07:33:59 |
| 164.77.117.10 | attackbots | May 2 00:54:01 icinga sshd[44372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.77.117.10 May 2 00:54:02 icinga sshd[44372]: Failed password for invalid user markc from 164.77.117.10 port 39018 ssh2 May 2 01:09:22 icinga sshd[4856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.77.117.10 ... |
2020-05-02 07:21:36 |
| 58.217.159.126 | attack | [Fri May 01 21:15:48 2020] - DDoS Attack From IP: 58.217.159.126 Port: 50953 |
2020-05-02 07:45:43 |
| 159.89.133.144 | attackspam | Invalid user george from 159.89.133.144 port 59918 |
2020-05-02 07:30:00 |
| 66.249.73.70 | attackspam | [Sat May 02 04:05:54.495075 2020] [:error] [pid 15500:tid 139985436071680] [client 66.249.73.70:41670] [client 66.249.73.70] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/normal-klimatologi/202-normal-curah-hujan-musim/normal-curah-hujan-musim-kemarau"] [unique_id "XqyPMj7hpe3084F2lqe53QAAAcI"] ... |
2020-05-02 07:38:34 |
| 200.55.196.142 | attackspambots | Apr 30 12:09:14 www sshd[12742]: reveeclipse mapping checking getaddrinfo for static.200.55.196.142.gtdinternet.com [200.55.196.142] failed - POSSIBLE BREAK-IN ATTEMPT! Apr 30 12:09:14 www sshd[12742]: Invalid user action from 200.55.196.142 Apr 30 12:09:14 www sshd[12742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.55.196.142 Apr 30 12:09:16 www sshd[12742]: Failed password for invalid user action from 200.55.196.142 port 38542 ssh2 Apr 30 12:09:17 www sshd[12742]: Received disconnect from 200.55.196.142: 11: Bye Bye [preauth] Apr 30 12:18:45 www sshd[12825]: reveeclipse mapping checking getaddrinfo for static.200.55.196.142.gtdinternet.com [200.55.196.142] failed - POSSIBLE BREAK-IN ATTEMPT! Apr 30 12:18:45 www sshd[12825]: Invalid user uu from 200.55.196.142 Apr 30 12:18:45 www sshd[12825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.55.196.142 Apr 30 12:18:47 www sshd[........ ------------------------------- |
2020-05-02 07:39:24 |
| 49.232.69.39 | attackspam | (sshd) Failed SSH login from 49.232.69.39 (CN/China/-): 5 in the last 3600 secs |
2020-05-02 07:20:37 |
| 91.126.233.223 | attackbotsspam | TCP src-port=50283 dst-port=25 Listed on dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (373) |
2020-05-02 07:56:22 |
| 164.115.81.68 | attackbots | 20/5/1@16:11:51: FAIL: Alarm-Network address from=164.115.81.68 ... |
2020-05-02 07:28:26 |
| 139.59.18.197 | attackspambots | SSH Bruteforce attack |
2020-05-02 07:37:23 |
| 198.27.122.201 | attackbotsspam | Invalid user sirius from 198.27.122.201 port 47384 |
2020-05-02 07:32:14 |