City: Seebad Heringsdorf
Region: Mecklenburg-Vorpommern
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 74.114.30.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53439
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;74.114.30.68. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021300 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 18:36:52 CST 2025
;; MSG SIZE rcvd: 10568.30.114.74.in-addr.arpa domain name pointer 68.30.114.74.bc.googleusercontent.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
68.30.114.74.in-addr.arpa name = 68.30.114.74.bc.googleusercontent.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 206.253.224.75 | attackbots | srvr2: (mod_security) mod_security (id:920350) triggered by 206.253.224.75 (DE/-/-): 1 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/28 11:08:29 [error] 377966#0: *172733 [client 206.253.224.75] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/robots.txt"] [unique_id "159860570966.376346"] [ref "o0,14v160,14"], client: 206.253.224.75, [redacted] request: "GET /robots.txt HTTP/1.1" [redacted] |
2020-08-28 17:40:04 |
| 111.230.200.244 | attack | Port scanning [2 denied] |
2020-08-28 17:51:53 |
| 209.159.195.253 | attack | Brute forcing email accounts |
2020-08-28 17:43:13 |
| 18.222.134.172 | attackbots | Aug 28 07:40:11 hosting sshd[28501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-18-222-134-172.us-east-2.compute.amazonaws.com Aug 28 07:40:11 hosting sshd[28501]: Invalid user apitest from 18.222.134.172 port 56338 Aug 28 07:40:13 hosting sshd[28501]: Failed password for invalid user apitest from 18.222.134.172 port 56338 ssh2 Aug 28 08:02:10 hosting sshd[30575]: Invalid user teamspeak from 18.222.134.172 port 38868 ... |
2020-08-28 17:11:41 |
| 27.150.22.44 | attackbots | Aug 28 10:03:19 gw1 sshd[14417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.150.22.44 Aug 28 10:03:21 gw1 sshd[14417]: Failed password for invalid user odoo from 27.150.22.44 port 55160 ssh2 ... |
2020-08-28 17:47:32 |
| 180.76.175.164 | attackspambots | Aug 28 05:01:37 jumpserver sshd[63022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.175.164 user=root Aug 28 05:01:39 jumpserver sshd[63022]: Failed password for root from 180.76.175.164 port 34156 ssh2 Aug 28 05:05:05 jumpserver sshd[63031]: Invalid user jmjo from 180.76.175.164 port 40932 ... |
2020-08-28 17:10:31 |
| 150.136.208.168 | attackspambots | 2020-08-28T09:25:06.868008dmca.cloudsearch.cf sshd[24904]: Invalid user git from 150.136.208.168 port 44276 2020-08-28T09:25:06.872471dmca.cloudsearch.cf sshd[24904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.208.168 2020-08-28T09:25:06.868008dmca.cloudsearch.cf sshd[24904]: Invalid user git from 150.136.208.168 port 44276 2020-08-28T09:25:09.200400dmca.cloudsearch.cf sshd[24904]: Failed password for invalid user git from 150.136.208.168 port 44276 ssh2 2020-08-28T09:31:33.536214dmca.cloudsearch.cf sshd[25243]: Invalid user kt from 150.136.208.168 port 52492 2020-08-28T09:31:33.541306dmca.cloudsearch.cf sshd[25243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.208.168 2020-08-28T09:31:33.536214dmca.cloudsearch.cf sshd[25243]: Invalid user kt from 150.136.208.168 port 52492 2020-08-28T09:31:35.663547dmca.cloudsearch.cf sshd[25243]: Failed password for invalid user kt from 150.136.208 ... |
2020-08-28 17:51:04 |
| 94.28.101.166 | attackspam | SSH Login Bruteforce |
2020-08-28 17:22:29 |
| 118.99.94.96 | attack | Brute Force |
2020-08-28 17:35:36 |
| 178.62.117.106 | attackspambots | Aug 28 08:34:38 l02a sshd[12980]: Invalid user sammy from 178.62.117.106 Aug 28 08:34:38 l02a sshd[12980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.117.106 Aug 28 08:34:38 l02a sshd[12980]: Invalid user sammy from 178.62.117.106 Aug 28 08:34:40 l02a sshd[12980]: Failed password for invalid user sammy from 178.62.117.106 port 35265 ssh2 |
2020-08-28 17:46:53 |
| 193.148.18.89 | attackspambots | Automatic report - Port Scan Attack |
2020-08-28 17:46:08 |
| 115.79.109.73 | attackspambots | Port probing on unauthorized port 445 |
2020-08-28 17:47:14 |
| 45.129.33.152 | attackspam | firewall-block, port(s): 20609/tcp, 20625/tcp |
2020-08-28 17:20:11 |
| 41.218.221.22 | attackbotsspam | Telnet Honeypot -> Telnet Bruteforce / Login |
2020-08-28 17:25:07 |
| 218.4.176.106 | attackspam | Icarus honeypot on github |
2020-08-28 17:09:24 |