City: unknown
Region: unknown
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.96.234.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37637
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;91.96.234.2. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022200 1800 900 604800 86400
;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 22 20:55:54 CST 2025
;; MSG SIZE rcvd: 1042.234.96.91.in-addr.arpa domain name pointer dyndsl-091-096-234-002.ewe-ip-backbone.de.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
2.234.96.91.in-addr.arpa name = dyndsl-091-096-234-002.ewe-ip-backbone.de.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 82.159.138.57 | attackbots | Dec 14 11:38:01 ny01 sshd[17613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.159.138.57 Dec 14 11:38:03 ny01 sshd[17613]: Failed password for invalid user kun from 82.159.138.57 port 21276 ssh2 Dec 14 11:43:40 ny01 sshd[18145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.159.138.57 |
2019-12-15 01:14:22 |
| 177.37.160.195 | attackbots | 1576334638 - 12/14/2019 15:43:58 Host: 177.37.160.195/177.37.160.195 Port: 445 TCP Blocked |
2019-12-15 01:23:27 |
| 80.82.64.73 | attackbotsspam | Port scan on 9 port(s): 55875 56474 56515 56598 56647 57479 57966 58734 59241 |
2019-12-15 01:53:05 |
| 118.25.39.110 | attackbotsspam | Dec 14 04:57:47 php1 sshd\[14916\]: Invalid user 4e3w2q from 118.25.39.110 Dec 14 04:57:47 php1 sshd\[14916\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.39.110 Dec 14 04:57:48 php1 sshd\[14916\]: Failed password for invalid user 4e3w2q from 118.25.39.110 port 34458 ssh2 Dec 14 05:06:34 php1 sshd\[15814\]: Invalid user jxdxidc0206\)@\)\^ from 118.25.39.110 Dec 14 05:06:34 php1 sshd\[15814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.39.110 |
2019-12-15 01:28:01 |
| 188.166.54.199 | attackbotsspam | Dec 14 07:35:44 hanapaa sshd\[21725\]: Invalid user admin from 188.166.54.199 Dec 14 07:35:44 hanapaa sshd\[21725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.54.199 Dec 14 07:35:45 hanapaa sshd\[21725\]: Failed password for invalid user admin from 188.166.54.199 port 47158 ssh2 Dec 14 07:41:17 hanapaa sshd\[22415\]: Invalid user josias from 188.166.54.199 Dec 14 07:41:17 hanapaa sshd\[22415\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.54.199 |
2019-12-15 01:52:49 |
| 185.220.101.35 | attackspambots | GET /wallet.dat |
2019-12-15 01:32:08 |
| 103.23.224.121 | attack | GET /wp-login.php |
2019-12-15 01:51:23 |
| 31.202.101.40 | attackspambots | XMLRPC script access attempt: "GET /xmlrpc.php" |
2019-12-15 01:45:37 |
| 68.183.234.160 | attackbots | (mod_security) mod_security (id:920170) triggered by 68.183.234.160 (SG/Singapore/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Dec 14 10:50:32.575118 2019] [:error] [pid 65819:tid 47884326278912] [client 68.183.234.160:14224] [client 68.183.234.160] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^0?$" against "REQUEST_HEADERS:Content-Length" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "143"] [id "920170"] [rev "1"] [msg "GET or HEAD Request with Body Content."] [data "19058"] [severity "CRITICAL"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "cjthedj97.me"] [uri "/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php"] [unique_id "XfUEyDP6KGgpsQxizTF8PgAAAJc"] |
2019-12-15 01:39:21 |
| 47.74.230.86 | attackspam | Invalid user electra from 47.74.230.86 port 49854 |
2019-12-15 01:53:32 |
| 85.90.166.50 | attack | POST /login/ Attempting to login via port 2083. No user agent. |
2019-12-15 01:37:40 |
| 68.183.217.198 | attack | xmlrpc attack |
2019-12-15 01:23:59 |
| 158.174.122.199 | attack | 158.174.122.199 - - [13/Dec/2019:22:24:31 +0200] "GET /backup/backup.dat HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" |
2019-12-15 01:48:41 |
| 222.186.42.4 | attackspambots | Dec 14 18:51:29 vpn01 sshd[27442]: Failed password for root from 222.186.42.4 port 9184 ssh2 Dec 14 18:51:42 vpn01 sshd[27442]: error: maximum authentication attempts exceeded for root from 222.186.42.4 port 9184 ssh2 [preauth] ... |
2019-12-15 01:55:34 |
| 191.33.162.104 | attack | Dec 14 06:44:23 h2040555 sshd[21730]: reveeclipse mapping checking getaddrinfo for 191.33.162.104.static.adsl.gvt.net.br [191.33.162.104] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 14 06:44:23 h2040555 sshd[21730]: Invalid user lighthall from 191.33.162.104 Dec 14 06:44:23 h2040555 sshd[21730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.33.162.104 Dec 14 06:44:25 h2040555 sshd[21730]: Failed password for invalid user lighthall from 191.33.162.104 port 56870 ssh2 Dec 14 06:44:26 h2040555 sshd[21730]: Received disconnect from 191.33.162.104: 11: Bye Bye [preauth] Dec 14 06:52:31 h2040555 sshd[22017]: reveeclipse mapping checking getaddrinfo for 191.33.162.104.static.adsl.gvt.net.br [191.33.162.104] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 14 06:52:31 h2040555 sshd[22017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.33.162.104 user=r.r Dec 14 06:52:34 h2040555 sshd[22017]: Failed........ ------------------------------- |
2019-12-15 01:13:19 |