City: Medyka
Region: Podkarpackie
Country: Poland
Internet Service Provider: Netia
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.128.3.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51559
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;85.128.3.39. IN A
;; AUTHORITY SECTION:
. 207 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023010600 1800 900 604800 86400
;; Query time: 43 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 07 00:07:52 CST 2023
;; MSG SIZE rcvd: 10439.3.128.85.in-addr.arpa domain name pointer 85-128-3-39.static.ip.netia.com.pl.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
39.3.128.85.in-addr.arpa name = 85-128-3-39.static.ip.netia.com.pl.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 64.227.62.250 | attackbotsspam | "Unauthorized connection attempt on SSHD detected" |
2020-08-13 18:36:08 |
| 222.87.0.79 | attackspam | Aug 13 05:46:00 [host] sshd[18302]: pam_unix(sshd: Aug 13 05:46:02 [host] sshd[18302]: Failed passwor Aug 13 05:48:42 [host] sshd[18397]: pam_unix(sshd: |
2020-08-13 18:22:26 |
| 139.219.234.171 | attackbotsspam | Aug 13 05:47:56 kh-dev-server sshd[3487]: Failed password for root from 139.219.234.171 port 10112 ssh2 ... |
2020-08-13 18:50:55 |
| 106.55.167.58 | attackbotsspam | $f2bV_matches |
2020-08-13 18:44:39 |
| 176.31.245.48 | attack | Brute-Force |
2020-08-13 18:31:40 |
| 222.186.30.112 | attackbotsspam | Aug 13 13:15:19 server2 sshd\[29075\]: User root from 222.186.30.112 not allowed because not listed in AllowUsers Aug 13 13:15:21 server2 sshd\[29079\]: User root from 222.186.30.112 not allowed because not listed in AllowUsers Aug 13 13:15:27 server2 sshd\[29087\]: User root from 222.186.30.112 not allowed because not listed in AllowUsers Aug 13 13:20:09 server2 sshd\[29474\]: User root from 222.186.30.112 not allowed because not listed in AllowUsers Aug 13 13:22:48 server2 sshd\[29592\]: User root from 222.186.30.112 not allowed because not listed in AllowUsers Aug 13 13:23:19 server2 sshd\[29630\]: User root from 222.186.30.112 not allowed because not listed in AllowUsers |
2020-08-13 18:32:55 |
| 192.241.230.18 | attackbots | TCP port : 6667 |
2020-08-13 18:45:35 |
| 89.248.174.166 | attackspambots | 89.248.174.166 - - \[13/Aug/2020:06:04:11 +0200\] "GET / HTTP/1.1" 200 396 "-" "Mozilla/5.0 zgrab/0.x" ... |
2020-08-13 18:34:37 |
| 114.79.19.223 | attackbots | [Thu Aug 13 10:47:47.880065 2020] [:error] [pid 6782:tid 140397710505728] [client 114.79.19.223:45013] [client 114.79.19.223] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php"] [unique_id "XzS34702rmmayZvC0xQrTgABaAM"], referer: https://www.google.com/
... |
2020-08-13 18:55:48 |
| 122.117.211.210 | attackspam | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-08-13 18:19:47 |
| 149.202.55.18 | attackbotsspam | Aug 13 11:18:44 rocket sshd[8347]: Failed password for root from 149.202.55.18 port 46058 ssh2 Aug 13 11:22:43 rocket sshd[8925]: Failed password for root from 149.202.55.18 port 58592 ssh2 ... |
2020-08-13 18:30:52 |
| 123.108.252.170 | attackbotsspam | 123.108.252.170 - - [13/Aug/2020:05:47:48 +0200] "GET /awstats.pl?framename=mainright&output=refererpages HTTP/1.0" 404 280 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36" |
2020-08-13 18:57:02 |
| 119.29.240.238 | attack | Aug 13 08:18:31 ns382633 sshd\[20145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.240.238 user=root Aug 13 08:18:33 ns382633 sshd\[20145\]: Failed password for root from 119.29.240.238 port 20030 ssh2 Aug 13 08:33:22 ns382633 sshd\[22790\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.240.238 user=root Aug 13 08:33:24 ns382633 sshd\[22790\]: Failed password for root from 119.29.240.238 port 43482 ssh2 Aug 13 08:39:23 ns382633 sshd\[23850\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.240.238 user=root |
2020-08-13 18:34:23 |
| 14.98.213.14 | attack | Aug 13 06:30:39 scw-tender-jepsen sshd[2458]: Failed password for root from 14.98.213.14 port 34886 ssh2 |
2020-08-13 18:33:44 |
| 183.111.96.20 | attack | Aug 13 13:10:37 journals sshd\[83847\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.111.96.20 user=root Aug 13 13:10:39 journals sshd\[83847\]: Failed password for root from 183.111.96.20 port 38110 ssh2 Aug 13 13:13:25 journals sshd\[83990\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.111.96.20 user=root Aug 13 13:13:27 journals sshd\[83990\]: Failed password for root from 183.111.96.20 port 32922 ssh2 Aug 13 13:16:16 journals sshd\[84267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.111.96.20 user=root ... |
2020-08-13 18:28:38 |