City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 56.95.114.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40814
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;56.95.114.136. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025030100 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 01 19:44:44 CST 2025
;; MSG SIZE rcvd: 106Host 136.114.95.56.in-addr.arpa not found: 2(SERVFAIL)
server can't find 56.95.114.136.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 106.127.185.224 | attackspam | Unauthorized connection attempt detected from IP address 106.127.185.224 to port 23 |
2020-06-30 13:30:23 |
| 20.44.216.74 | attackspam | 2020-06-30T05:07:30.581228shield sshd\[32568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.44.216.74 user=root 2020-06-30T05:07:33.039101shield sshd\[32568\]: Failed password for root from 20.44.216.74 port 57552 ssh2 2020-06-30T05:11:04.256828shield sshd\[1320\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.44.216.74 user=root 2020-06-30T05:11:06.092452shield sshd\[1320\]: Failed password for root from 20.44.216.74 port 34292 ssh2 2020-06-30T05:14:41.728989shield sshd\[2713\]: Invalid user db2fenc1 from 20.44.216.74 port 39362 |
2020-06-30 13:27:58 |
| 139.170.150.254 | attack | $f2bV_matches |
2020-06-30 13:04:45 |
| 111.72.197.7 | attackspam | Jun 30 06:38:05 srv01 postfix/smtpd\[18745\]: warning: unknown\[111.72.197.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 30 06:38:18 srv01 postfix/smtpd\[18745\]: warning: unknown\[111.72.197.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 30 06:38:34 srv01 postfix/smtpd\[18745\]: warning: unknown\[111.72.197.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 30 06:38:54 srv01 postfix/smtpd\[18745\]: warning: unknown\[111.72.197.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 30 06:39:05 srv01 postfix/smtpd\[18745\]: warning: unknown\[111.72.197.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-06-30 13:14:59 |
| 134.255.234.21 | attackspam | Failed password for invalid user blake from 134.255.234.21 port 39890 ssh2 |
2020-06-30 13:28:58 |
| 61.144.125.66 | attackspambots | Fail2Ban Ban Triggered |
2020-06-30 13:21:19 |
| 37.187.197.113 | attackspambots | CMS (WordPress or Joomla) login attempt. |
2020-06-30 13:46:59 |
| 78.155.219.101 | attack | 2020-06-30T05:01:31.364771shield sshd\[30761\]: Invalid user etm from 78.155.219.101 port 41046 2020-06-30T05:01:31.369590shield sshd\[30761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.155.219.101 2020-06-30T05:01:33.210093shield sshd\[30761\]: Failed password for invalid user etm from 78.155.219.101 port 41046 ssh2 2020-06-30T05:06:42.053047shield sshd\[32345\]: Invalid user des from 78.155.219.101 port 39508 2020-06-30T05:06:42.057324shield sshd\[32345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.155.219.101 |
2020-06-30 13:20:33 |
| 190.144.79.157 | attackbotsspam | SSH Bruteforce attack |
2020-06-30 13:31:45 |
| 66.249.79.8 | attack | [Tue Jun 30 11:22:57.859545 2020] [:error] [pid 6519:tid 140076688553728] [client 66.249.79.8:39959] [client 66.249.79.8] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/indeks-presipitasi-terstandarisasi-spi-3-bulanan-di-propinsi-jawa-timur/3906-indeks-presipitasi-terstandarisasi-spi-3-bulanan-di-propinsi-jawa-timur-tahun-2018/108-indeks-presipitasi-terstandarisasi-spi-3-bulanan-di-propinsi-jawa-timur-tahun-2018"] [ ... |
2020-06-30 13:47:30 |
| 185.121.69.14 | attackspambots | 185.121.69.14 - - [30/Jun/2020:05:55:48 +0200] "GET / HTTP/1.0" 400 0 "-" "-" |
2020-06-30 13:04:08 |
| 123.23.53.174 | attackbotsspam | 20/6/29@23:55:11: FAIL: Alarm-Network address from=123.23.53.174 ... |
2020-06-30 13:44:52 |
| 180.244.121.211 | attack | 20/6/29@23:55:38: FAIL: Alarm-Network address from=180.244.121.211 ... |
2020-06-30 13:19:01 |
| 119.96.94.136 | attackspambots | Jun 30 06:24:36 srv-ubuntu-dev3 sshd[25803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.94.136 user=root Jun 30 06:24:38 srv-ubuntu-dev3 sshd[25803]: Failed password for root from 119.96.94.136 port 36696 ssh2 Jun 30 06:27:55 srv-ubuntu-dev3 sshd[30113]: Invalid user default from 119.96.94.136 Jun 30 06:27:55 srv-ubuntu-dev3 sshd[30113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.94.136 Jun 30 06:27:55 srv-ubuntu-dev3 sshd[30113]: Invalid user default from 119.96.94.136 Jun 30 06:27:56 srv-ubuntu-dev3 sshd[30113]: Failed password for invalid user default from 119.96.94.136 port 52118 ssh2 Jun 30 06:31:20 srv-ubuntu-dev3 sshd[33490]: Invalid user dsv from 119.96.94.136 Jun 30 06:31:20 srv-ubuntu-dev3 sshd[33490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.94.136 Jun 30 06:31:20 srv-ubuntu-dev3 sshd[33490]: Invalid user dsv from 119. ... |
2020-06-30 13:05:13 |
| 103.76.19.41 | attackbotsspam | 1593489323 - 06/30/2020 05:55:23 Host: 103.76.19.41/103.76.19.41 Port: 445 TCP Blocked |
2020-06-30 13:33:16 |