City: Council Bluffs
Region: Iowa
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.59.148.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57264
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;34.59.148.50. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025011001 1800 900 604800 86400
;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 11 02:55:57 CST 2025
;; MSG SIZE rcvd: 10550.148.59.34.in-addr.arpa domain name pointer 50.148.59.34.bc.googleusercontent.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
50.148.59.34.in-addr.arpa name = 50.148.59.34.bc.googleusercontent.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 165.22.187.76 | attackbots | 06/06/2020-12:44:20.272935 165.22.187.76 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-06-07 02:04:58 |
| 222.173.12.35 | attackspam | Jun 6 10:31:24 firewall sshd[18565]: Failed password for root from 222.173.12.35 port 44921 ssh2 Jun 6 10:33:28 firewall sshd[18612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.173.12.35 user=root Jun 6 10:33:29 firewall sshd[18612]: Failed password for root from 222.173.12.35 port 21574 ssh2 ... |
2020-06-07 01:33:57 |
| 78.189.151.107 | attackspambots | [Sat Jun 06 19:29:32.249843 2020] [:error] [pid 10153:tid 140368939824896] [client 78.189.151.107:35100] [client 78.189.151.107] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XtuMLKGxEHVU1NBsQcdV4QAAAh0"] ... |
2020-06-07 01:36:07 |
| 183.136.225.45 | attackspambots |
|
2020-06-07 02:03:58 |
| 148.251.48.231 | attackspambots |
|
2020-06-07 02:05:29 |
| 216.254.186.76 | attackspambots | Jun 6 17:17:20 odroid64 sshd\[19884\]: User root from 216.254.186.76 not allowed because not listed in AllowUsers Jun 6 17:17:20 odroid64 sshd\[19884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.254.186.76 user=root ... |
2020-06-07 01:37:48 |
| 139.59.90.0 | attack | scans 2 times in preceeding hours on the ports (in chronological order) 22226 8223 |
2020-06-07 02:06:23 |
| 218.43.121.42 | attack | scans 2 times in preceeding hours on the ports (in chronological order) 17621 17621 |
2020-06-07 01:54:11 |
| 78.164.6.53 | attackspam | Automatic report - Port Scan Attack |
2020-06-07 01:28:29 |
| 74.56.131.113 | attack | 20 attempts against mh-ssh on echoip |
2020-06-07 01:33:26 |
| 121.42.142.188 | attackbotsspam | 121.42.142.188 - - [06/Jun/2020:06:29:36 -0600] "HEAD /dede/login.php HTTP/1.1" 301 235 "-" "-" ... |
2020-06-07 01:32:10 |
| 5.62.41.135 | attackbots | [munged]::80 5.62.41.135 - - [06/Jun/2020:14:29:10 +0200] "POST /[munged]: HTTP/1.1" 200 5565 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" [munged]::80 5.62.41.135 - - [06/Jun/2020:14:29:11 +0200] "POST /[munged]: HTTP/1.1" 200 5564 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" [munged]::80 5.62.41.135 - - [06/Jun/2020:14:29:11 +0200] "POST /[munged]: HTTP/1.1" 200 5564 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" [munged]::80 5.62.41.135 - - [06/Jun/2020:14:29:11 +0200] "POST /[munged]: HTTP/1.1" 200 5564 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" [munged]::80 5.62.41.135 - - [06/Jun/2020:14:29:11 +0200] "P |
2020-06-07 02:02:01 |
| 168.158.8.28 | attackbotsspam | Ref: mx Logwatch report |
2020-06-07 01:45:22 |
| 93.108.242.140 | attack | (sshd) Failed SSH login from 93.108.242.140 (PT/Portugal/140.242.108.93.rev.vodafone.pt): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 6 19:08:57 amsweb01 sshd[13106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 user=root Jun 6 19:08:59 amsweb01 sshd[13106]: Failed password for root from 93.108.242.140 port 13258 ssh2 Jun 6 19:25:48 amsweb01 sshd[15387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 user=root Jun 6 19:25:50 amsweb01 sshd[15387]: Failed password for root from 93.108.242.140 port 36509 ssh2 Jun 6 19:29:14 amsweb01 sshd[15866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 user=root |
2020-06-07 01:50:11 |
| 128.199.134.165 | attack |
|
2020-06-07 02:07:06 |