City: Leer
Region: Niedersachsen
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.16.146.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57256
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;85.16.146.169. IN A
;; AUTHORITY SECTION:
. 600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022122800 1800 900 604800 86400
;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 28 14:15:07 CST 2022
;; MSG SIZE rcvd: 106169.146.16.85.in-addr.arpa domain name pointer dyndsl-085-016-146-169.ewe-ip-backbone.de.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
169.146.16.85.in-addr.arpa name = dyndsl-085-016-146-169.ewe-ip-backbone.de.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 69.171.251.2 | attackbotsspam | [Tue Aug 04 16:24:52.737225 2020] [:error] [pid 14894:tid 140628092200704] [client 69.171.251.2:40208] [client 69.171.251.2] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/filter_and_sort.webp"] [unique_id "XykpZD91R1FPAUbVCY2u6gACdgM"] ... |
2020-08-04 20:57:19 |
| 192.35.168.226 | attackspambots | Automatic report - Banned IP Access |
2020-08-04 20:55:02 |
| 61.12.67.133 | attack | Aug 4 14:34:30 ip106 sshd[9436]: Failed password for root from 61.12.67.133 port 45316 ssh2 ... |
2020-08-04 20:47:19 |
| 185.202.2.147 | attack | SSH Bruteforce Attempt on Honeypot |
2020-08-04 20:49:59 |
| 123.108.50.164 | attackbotsspam | 2020-08-04T14:02:04+0200 Failed SSH Authentication/Brute Force Attack. (Server 10) |
2020-08-04 21:09:14 |
| 58.102.31.36 | attackspam | Aug 4 11:20:20 sip sshd[1186479]: Failed password for root from 58.102.31.36 port 57850 ssh2 Aug 4 11:24:58 sip sshd[1186524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.102.31.36 user=root Aug 4 11:25:00 sip sshd[1186524]: Failed password for root from 58.102.31.36 port 37414 ssh2 ... |
2020-08-04 20:51:01 |
| 47.93.32.159 | attackspambots | Aug 3 02:36:12 xxxxxxx8 sshd[827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.93.32.159 user=r.r Aug 3 02:36:14 xxxxxxx8 sshd[827]: Failed password for r.r from 47.93.32.159 port 55114 ssh2 Aug 3 02:55:55 xxxxxxx8 sshd[2301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.93.32.159 user=r.r Aug 3 02:55:57 xxxxxxx8 sshd[2301]: Failed password for r.r from 47.93.32.159 port 42288 ssh2 Aug 3 03:00:21 xxxxxxx8 sshd[2604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.93.32.159 user=r.r Aug 3 03:00:23 xxxxxxx8 sshd[2604]: Failed password for r.r from 47.93.32.159 port 53128 ssh2 Aug 3 03:04:51 xxxxxxx8 sshd[2728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.93.32.159 user=r.r Aug 3 03:04:53 xxxxxxx8 sshd[2728]: Failed password for r.r from 47.93.32.159 port 35748 ssh2 Aug 3 03:09:20........ ------------------------------ |
2020-08-04 20:24:01 |
| 112.133.232.76 | attack | *Port Scan* detected from 112.133.232.76 (IN/India/Delhi/New Delhi/-). 4 hits in the last 65 seconds |
2020-08-04 20:46:58 |
| 222.186.30.112 | attackspambots | Aug 4 14:34:58 piServer sshd[11595]: Failed password for root from 222.186.30.112 port 34586 ssh2 Aug 4 14:35:01 piServer sshd[11595]: Failed password for root from 222.186.30.112 port 34586 ssh2 Aug 4 14:35:05 piServer sshd[11595]: Failed password for root from 222.186.30.112 port 34586 ssh2 ... |
2020-08-04 20:36:35 |
| 13.72.107.84 | attackbots | Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-04T11:52:45Z and 2020-08-04T12:04:18Z |
2020-08-04 20:41:51 |
| 74.208.228.35 | attackspambots | "XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES: |
2020-08-04 20:33:10 |
| 69.116.62.74 | attackspambots | $f2bV_matches |
2020-08-04 20:31:45 |
| 134.209.173.240 | attackbots | TCP port : 5900 |
2020-08-04 20:43:21 |
| 64.225.102.125 | attackbotsspam | Aug 4 11:10:21 roki sshd[2852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.102.125 user=root Aug 4 11:10:23 roki sshd[2852]: Failed password for root from 64.225.102.125 port 55402 ssh2 Aug 4 11:21:13 roki sshd[3603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.102.125 user=root Aug 4 11:21:15 roki sshd[3603]: Failed password for root from 64.225.102.125 port 38892 ssh2 Aug 4 11:24:55 roki sshd[3858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.102.125 user=root ... |
2020-08-04 20:54:45 |
| 106.12.68.244 | attackbotsspam | Aug 4 07:25:01 vps46666688 sshd[6008]: Failed password for root from 106.12.68.244 port 33214 ssh2 ... |
2020-08-04 20:54:22 |