City: unknown
Region: unknown
Country: Czechia
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 46.253.99.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56420
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;46.253.99.5. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012201 1800 900 604800 86400
;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 07:29:04 CST 2025
;; MSG SIZE rcvd: 104Host 5.99.253.46.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 5.99.253.46.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 24.51.127.161 | attack | Sep 11 10:01:45 vps639187 sshd\[4807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.51.127.161 user=root Sep 11 10:01:47 vps639187 sshd\[4807\]: Failed password for root from 24.51.127.161 port 55944 ssh2 Sep 11 10:01:49 vps639187 sshd\[4809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.51.127.161 user=root ... |
2020-09-11 23:44:59 |
| 176.148.130.19 | attack | Sep 10 22:01:06 ssh2 sshd[18387]: User root from rqp06-h01-176-148-130-19.dsl.sta.abo.bbox.fr not allowed because not listed in AllowUsers Sep 10 22:01:06 ssh2 sshd[18387]: Failed password for invalid user root from 176.148.130.19 port 47558 ssh2 Sep 10 22:01:07 ssh2 sshd[18387]: Connection closed by invalid user root 176.148.130.19 port 47558 [preauth] ... |
2020-09-11 23:35:48 |
| 181.46.164.9 | attackbots | (cxs) cxs mod_security triggered by 181.46.164.9 (AR/Argentina/cpe-181-46-164-9.telecentro-reversos.com.ar): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_CXS; Logs: [Thu Sep 10 18:55:20.401814 2020] [:error] [pid 3943566:tid 47466712020736] [client 181.46.164.9:17461] [client 181.46.164.9] ModSecurity: Access denied with code 403 (phase 2). File "/tmp/20200910-185518-X1padp1cg7rkBOBCfBdcDgAAAA0-file-JRUfUL" rejected by the approver script "/etc/cxs/cxscgi.sh": 0 [file "/etc/apache2/conf.d/modsec_vendor_configs/configserver/00_configserver.conf"] [line "7"] [id "1010101"] [msg "ConfigServer Exploit Scanner (cxs) triggered"] [severity "CRITICAL"] [hostname "gastro-ptuj.si"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "X1padp1cg7rkBOBCfBdcDgAAAA0"], referer: http://gastro-ptuj.si/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php |
2020-09-11 23:34:52 |
| 94.23.9.102 | attackspam | Brute-force attempt banned |
2020-09-12 00:00:58 |
| 109.70.100.39 | attack | 0,58-01/01 [bc01/m20] PostRequest-Spammer scoring: Durban01 |
2020-09-12 00:05:13 |
| 118.69.13.37 | attack | Port Scan detected! ... |
2020-09-11 23:47:09 |
| 99.199.124.94 | attack | SSH/22 MH Probe, BF, Hack - |
2020-09-12 00:02:08 |
| 115.79.138.163 | attackbotsspam | Sep 11 11:27:51 Tower sshd[23800]: Connection from 115.79.138.163 port 44199 on 192.168.10.220 port 22 rdomain "" Sep 11 11:27:53 Tower sshd[23800]: Failed password for root from 115.79.138.163 port 44199 ssh2 Sep 11 11:27:53 Tower sshd[23800]: Received disconnect from 115.79.138.163 port 44199:11: Bye Bye [preauth] Sep 11 11:27:53 Tower sshd[23800]: Disconnected from authenticating user root 115.79.138.163 port 44199 [preauth] |
2020-09-11 23:49:47 |
| 115.99.72.185 | attackbotsspam | /HNAP1/ |
2020-09-11 23:29:07 |
| 149.34.0.135 | attackspam | Sep 11 15:00:54 ssh2 sshd[96778]: User root from 149.34.0.135 not allowed because not listed in AllowUsers Sep 11 15:00:54 ssh2 sshd[96778]: Failed password for invalid user root from 149.34.0.135 port 40124 ssh2 Sep 11 15:00:55 ssh2 sshd[96778]: Connection closed by invalid user root 149.34.0.135 port 40124 [preauth] ... |
2020-09-11 23:33:10 |
| 203.163.244.6 | attackspam | DATE:2020-09-10 18:54:56, IP:203.163.244.6, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2020-09-12 00:00:43 |
| 42.200.78.78 | attackbots | Sep 11 12:19:55 firewall sshd[9674]: Failed password for root from 42.200.78.78 port 32816 ssh2 Sep 11 12:22:24 firewall sshd[9724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.78.78 user=root Sep 11 12:22:27 firewall sshd[9724]: Failed password for root from 42.200.78.78 port 43448 ssh2 ... |
2020-09-11 23:48:11 |
| 121.241.244.92 | attack | fail2ban -- 121.241.244.92 ... |
2020-09-11 23:54:40 |
| 94.102.49.159 | attackspam | Excessive Port-Scanning |
2020-09-11 23:51:01 |
| 84.17.59.41 | attack | 84.17.59.41 - - [10/Sep/2020:18:15:31 +0100] "POST //wp-login.php HTTP/1.1" 200 3626 "https://wpeagledemoblog.com//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" 84.17.59.41 - - [10/Sep/2020:18:15:31 +0100] "POST //wp-login.php HTTP/1.1" 200 3626 "https://wpeagledemoblog.com//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" 84.17.59.41 - - [10/Sep/2020:18:15:31 +0100] "POST //wp-login.php HTTP/1.1" 200 3626 "https://wpeagledemoblog.com//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" ... |
2020-09-11 23:45:44 |