City: unknown
Region: unknown
Country: None
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.175.114.36
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48165
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;93.175.114.36. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022400 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 24 18:05:42 CST 2025
;; MSG SIZE rcvd: 10636.114.175.93.in-addr.arpa domain name pointer h11436.man.tk-internet.pl.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
36.114.175.93.in-addr.arpa name = h11436.man.tk-internet.pl.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 82.125.211.136 | attackspambots | detected by Fail2Ban |
2020-03-21 09:17:29 |
| 66.220.149.15 | attackbotsspam | [Sat Mar 21 05:06:54.238367 2020] [:error] [pid 15471:tid 140719603767040] [client 66.220.149.15:51164] [client 66.220.149.15] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman/555557941-prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman-di-jawa-timur-untuk-bulan-mei-2020-update-dari-analisis-bulan-februari-2020"] [unique_id "XnU@fnSgGZCQuiPkFx7dHAAAAAE"] ... |
2020-03-21 09:02:55 |
| 5.189.140.225 | attack | Lines containing failures of 5.189.140.225 Mar 20 02:59:28 icinga sshd[28972]: Did not receive identification string from 5.189.140.225 port 55544 Mar 20 03:02:32 icinga sshd[29789]: Did not receive identification string from 5.189.140.225 port 33060 Mar 20 03:04:11 icinga sshd[30255]: Invalid user admin from 5.189.140.225 port 38496 Mar 20 03:04:11 icinga sshd[30255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.189.140.225 Mar 20 03:04:13 icinga sshd[30255]: Failed password for invalid user admin from 5.189.140.225 port 38496 ssh2 Mar 20 03:04:13 icinga sshd[30255]: Received disconnect from 5.189.140.225 port 38496:11: Normal Shutdown, Thank you for playing [preauth] Mar 20 03:04:13 icinga sshd[30255]: Disconnected from invalid user admin 5.189.140.225 port 38496 [preauth] Mar 20 03:04:45 icinga sshd[30424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.189.140.225 user=r.r Mar 20........ ------------------------------ |
2020-03-21 08:55:24 |
| 144.217.83.201 | attackbots | SSH-BruteForce |
2020-03-21 09:00:12 |
| 49.233.134.252 | attackspambots | Mar 21 00:46:00 mail sshd[25277]: Invalid user keithtan from 49.233.134.252 ... |
2020-03-21 08:34:42 |
| 216.14.172.164 | attackspambots | Mar 21 01:27:58 [host] sshd[26070]: Invalid user n Mar 21 01:27:58 [host] sshd[26070]: pam_unix(sshd: Mar 21 01:28:00 [host] sshd[26070]: Failed passwor |
2020-03-21 08:50:06 |
| 162.214.4.32 | attack | xmlrpc attack |
2020-03-21 08:53:35 |
| 192.3.135.29 | attackspam | (From steve@steveconstable.com) Hello, I am writing in hopes of finding the appropriate person who handles marketing? If it makes sense to talk, let me know how your calendar looks. Steve Constable New Media Services is a digital marketing agency which specializes in online customer acquisition in local search for service-based businesses and also in e-commerce product sales with a national reach. Some of my past Fortune 500 clients include: IBM, Motorola, Microsoft Advertising and AT&T. I also work with medium sized businesses in local search. As an introduction to my services, I can prepare a FREE website analysis report for you at your request. Simply reply back with the url you want evaluated and the words “YES, send me the report” and expect to hear from me soon. I will analyze your website and report back to you my findings and create a custom tailored strategy to improve your website experience for your clients, which will ultimately result in more leads and sales for your business. In the |
2020-03-21 08:38:16 |
| 218.92.0.171 | attackspam | Mar 21 01:33:07 srv206 sshd[8388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root Mar 21 01:33:09 srv206 sshd[8388]: Failed password for root from 218.92.0.171 port 51253 ssh2 ... |
2020-03-21 08:35:19 |
| 119.82.240.122 | attackspambots | Invalid user ftp1 from 119.82.240.122 port 41950 |
2020-03-21 08:43:10 |
| 14.232.243.10 | attackspambots | 2020-03-21T00:29:37.023716shield sshd\[27697\]: Invalid user znyjjszx from 14.232.243.10 port 64286 2020-03-21T00:29:37.030581shield sshd\[27697\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.232.243.10 2020-03-21T00:29:38.515326shield sshd\[27697\]: Failed password for invalid user znyjjszx from 14.232.243.10 port 64286 ssh2 2020-03-21T00:34:21.141096shield sshd\[29098\]: Invalid user teste from 14.232.243.10 port 50352 2020-03-21T00:34:21.145313shield sshd\[29098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.232.243.10 |
2020-03-21 08:46:08 |
| 43.225.151.142 | attack | Invalid user ofisher from 43.225.151.142 port 38696 |
2020-03-21 08:49:06 |
| 49.88.112.55 | attackspam | Mar 21 02:06:18 *host* sshd\[4186\]: Unable to negotiate with 49.88.112.55 port 50604: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 \[preauth\] |
2020-03-21 09:08:49 |
| 222.186.30.248 | attackbotsspam | Mar 21 01:33:28 dcd-gentoo sshd[16585]: User root from 222.186.30.248 not allowed because none of user's groups are listed in AllowGroups Mar 21 01:33:30 dcd-gentoo sshd[16585]: error: PAM: Authentication failure for illegal user root from 222.186.30.248 Mar 21 01:33:28 dcd-gentoo sshd[16585]: User root from 222.186.30.248 not allowed because none of user's groups are listed in AllowGroups Mar 21 01:33:30 dcd-gentoo sshd[16585]: error: PAM: Authentication failure for illegal user root from 222.186.30.248 Mar 21 01:33:28 dcd-gentoo sshd[16585]: User root from 222.186.30.248 not allowed because none of user's groups are listed in AllowGroups Mar 21 01:33:30 dcd-gentoo sshd[16585]: error: PAM: Authentication failure for illegal user root from 222.186.30.248 Mar 21 01:33:30 dcd-gentoo sshd[16585]: Failed keyboard-interactive/pam for invalid user root from 222.186.30.248 port 61919 ssh2 ... |
2020-03-21 08:37:48 |
| 152.0.60.46 | attack | Mar 20 20:52:55 plusreed sshd[20591]: Invalid user penelope from 152.0.60.46 Mar 20 20:52:55 plusreed sshd[20591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.0.60.46 Mar 20 20:52:55 plusreed sshd[20591]: Invalid user penelope from 152.0.60.46 Mar 20 20:52:56 plusreed sshd[20591]: Failed password for invalid user penelope from 152.0.60.46 port 54456 ssh2 Mar 20 20:59:36 plusreed sshd[22199]: Invalid user brad from 152.0.60.46 ... |
2020-03-21 09:10:50 |