City: unknown
Region: unknown
Country: Japan
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.242.92.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25229
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;49.242.92.249. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022000 1800 900 604800 86400
;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 17:30:56 CST 2025
;; MSG SIZE rcvd: 106Host 249.92.242.49.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 249.92.242.49.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 112.252.64.117 | attack | Unauthorised access (Jun 29) SRC=112.252.64.117 LEN=40 TTL=49 ID=15067 TCP DPT=23 WINDOW=34033 SYN |
2019-06-30 11:14:37 |
| 188.75.122.213 | attack | port scan and connect, tcp 23 (telnet) |
2019-06-30 10:46:03 |
| 213.133.3.8 | attack | 2019-06-30T04:02:11.743671cavecanem sshd[5524]: Invalid user raoul from 213.133.3.8 port 54407 2019-06-30T04:02:11.745970cavecanem sshd[5524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.133.3.8 2019-06-30T04:02:11.743671cavecanem sshd[5524]: Invalid user raoul from 213.133.3.8 port 54407 2019-06-30T04:02:13.658576cavecanem sshd[5524]: Failed password for invalid user raoul from 213.133.3.8 port 54407 ssh2 2019-06-30T04:03:44.393294cavecanem sshd[5921]: Invalid user ethos from 213.133.3.8 port 34693 2019-06-30T04:03:44.395638cavecanem sshd[5921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.133.3.8 2019-06-30T04:03:44.393294cavecanem sshd[5921]: Invalid user ethos from 213.133.3.8 port 34693 2019-06-30T04:03:46.078510cavecanem sshd[5921]: Failed password for invalid user ethos from 213.133.3.8 port 34693 ssh2 2019-06-30T04:05:13.241648cavecanem sshd[6303]: Invalid user syslog from 213.133.3.8 ... |
2019-06-30 10:55:05 |
| 167.86.109.221 | attackspam | scan z |
2019-06-30 10:59:49 |
| 113.160.37.4 | attackspam | Jun 30 03:54:17 XXX sshd[20884]: Invalid user hadoop from 113.160.37.4 port 54150 |
2019-06-30 10:53:29 |
| 89.231.108.143 | attack | Lines containing failures of 89.231.108.143 Jun 26 00:06:51 mellenthin sshd[26270]: Did not receive identification string from 89.231.108.143 port 54766 Jun 26 00:12:54 mellenthin sshd[26438]: Received disconnect from 89.231.108.143 port 56574:11: Bye Bye [preauth] Jun 26 00:12:54 mellenthin sshd[26438]: Disconnected from 89.231.108.143 port 56574 [preauth] Jun 26 00:27:02 mellenthin sshd[26575]: Invalid user admin from 89.231.108.143 port 58968 Jun 26 00:27:02 mellenthin sshd[26575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.231.108.143 Jun 26 00:27:05 mellenthin sshd[26575]: Failed password for invalid user admin from 89.231.108.143 port 58968 ssh2 Jun 26 00:27:05 mellenthin sshd[26575]: Received disconnect from 89.231.108.143 port 58968:11: Bye Bye [preauth] Jun 26 00:27:05 mellenthin sshd[26575]: Disconnected from invalid user admin 89.231.108.143 port 58968 [preauth] Jun 26 00:31:45 mellenthin sshd[26615]: Invalid use........ ------------------------------ |
2019-06-30 10:55:43 |
| 94.176.76.74 | attackbots | Unauthorised access (Jun 30) SRC=94.176.76.74 LEN=40 TTL=244 ID=44939 DF TCP DPT=23 WINDOW=14600 SYN |
2019-06-30 11:20:56 |
| 51.75.169.169 | attackspam | [SatJun2920:48:28.0520392019][:error][pid29926:tid47129061897984][client51.75.169.169:52558][client51.75.169.169]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"206"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"archivioamarca.ch"][uri"/administrator/index.php"][unique_id"XReyfJfcWKlFwIVqgC7m5wAAAI0"][SatJun2920:48:28.3314512019][:error][pid29922:tid47129072404224][client51.75.169.169:52712][client51.75.169.169]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"206"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICA |
2019-06-30 11:08:49 |
| 123.103.52.9 | attackbots | *Port Scan* detected from 123.103.52.9 (CN/China/123.103.52.9-BJ-CNC). 4 hits in the last 35 seconds |
2019-06-30 11:22:38 |
| 140.129.1.237 | attack | Jun 30 03:38:12 debian sshd\[26565\]: Invalid user test from 140.129.1.237 port 37624 Jun 30 03:38:12 debian sshd\[26565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.129.1.237 ... |
2019-06-30 11:00:21 |
| 46.209.45.58 | attackspam | 2019-06-29T18:48:12.879067abusebot-8.cloudsearch.cf sshd\[31867\]: Invalid user gerald from 46.209.45.58 port 44324 |
2019-06-30 11:13:09 |
| 51.77.242.176 | attackspambots | Automatic report generated by Wazuh |
2019-06-30 11:26:06 |
| 5.196.75.47 | attackspam | [ssh] SSH attack |
2019-06-30 10:54:07 |
| 187.86.200.34 | attackspambots | 19/6/29@14:48:19: FAIL: Alarm-Intrusion address from=187.86.200.34 ... |
2019-06-30 11:10:39 |
| 185.176.26.18 | attackspambots | 30.06.2019 02:18:39 Connection to port 4630 blocked by firewall |
2019-06-30 10:43:23 |