City: unknown
Region: unknown
Country: Czechia
Internet Service Provider: Inflr.com.br
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | SQL injection attempt. |
2020-04-16 13:03:59 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 93.99.104.106 | attackbots | on port 3389 |
2020-08-28 03:09:16 |
| 93.99.104.103 | attackspam | 20 attempts against mh-misbehave-ban on pine |
2020-06-07 13:04:47 |
| 93.99.104.103 | attack | 20 attempts against mh_ha-misbehave-ban on dawn |
2020-06-06 12:27:06 |
| 93.99.104.103 | attackbotsspam | HTTP SQL Injection Attempt, PTR: vps.asciiwolf.com. |
2020-05-31 01:34:06 |
| 93.99.104.101 | attackspambots | 21 attempts against mh-misbehave-ban on float |
2020-05-20 04:52:10 |
| 93.99.104.213 | attackspam | (mod_security) mod_security (id:211650) triggered by 93.99.104.213 (CZ/Czechia/mmarketing64.tk): 5 in the last 3600 secs |
2020-05-12 17:56:26 |
| 93.99.104.199 | attack | SQL Injection in QueryString parameter: 2 AND (SELECT 8883 FROM(SELECT COUNT(*),CONCAT(0x7178707671,(SELECT (ELT(8883=8883,1))),0x717a766271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) |
2020-05-12 17:45:24 |
| 93.99.104.201 | attackbots | SQL Injection attack |
2020-05-12 15:02:09 |
| 93.99.104.191 | attack | 20 attempts against mh_ha-misbehave-ban on ice |
2020-05-11 22:14:54 |
| 93.99.104.176 | attack | 20 attempts against mh-misbehave-ban on thorn |
2020-05-08 04:41:29 |
| 93.99.104.117 | attackspambots | SQL injection attempt. |
2020-04-20 18:15:20 |
| 93.99.104.103 | attackspambots | 17/Apr/20 02:56:04 #6411981 CRITICAL 114 93.99.104.103 POST /index.php - Cross-site scripting - [SERVER:QUERY_STRING = view=reset&Itemid=101&DJYD%3D4406%20AND%201%3D1%20UNION%20ALL%20SELECT%201%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name%20FROM%20information_schema...] - 17/Apr/20 02:56:10 #7191395 CRITICAL 256 93.99.104.103 POST /index.php - SQL injection - [GET:view = reset) AND (SELECT 5130 FROM(SELECT COUNT(*),CONCAT(0x7178717671,(SELECT (ELT(5130=5130,1))),0x71627a7871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND (8622=8622] - 17/Apr/20 02:56:13 #3881151 CRITICAL 256 93.99.104.103 POST /index.php - SQL injection - [GET:view = reset) AND 8908=CAST((CHR(113)||CHR(120)||CHR(113)||CHR(118)||CHR(113))||(SELECT (CASE WHEN (8908=8908) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(98)||CHR(122)||CHR(120)||CHR(113)) AS NUMER...] - 17/Apr/20 02:56:15 #3189325 CRITICAL 256 93.99.104.103 POST |
2020-04-18 17:06:46 |
| 93.99.104.125 | attack | 20 attempts against mh-misbehave-ban on web2 |
2020-04-11 00:28:57 |
| 93.99.104.137 | attackspam | sql injection via query parameters |
2020-04-10 15:06:28 |
| 93.99.104.103 | attackbots | 200 atempt in 1 min |
2020-04-10 02:36:43 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.99.104.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57628
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.99.104.166. IN A
;; AUTHORITY SECTION:
. 354 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020041501 1800 900 604800 86400
;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 16 13:03:56 CST 2020
;; MSG SIZE rcvd: 117166.104.99.93.in-addr.arpa domain name pointer mmarketing22.tk.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
166.104.99.93.in-addr.arpa name = mmarketing22.tk.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 149.129.63.171 | attack | Sep 15 03:24:48 ny01 sshd[11894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.63.171 Sep 15 03:24:50 ny01 sshd[11894]: Failed password for invalid user wwwrun from 149.129.63.171 port 51972 ssh2 Sep 15 03:29:15 ny01 sshd[13308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.63.171 |
2019-09-15 19:46:42 |
| 128.199.82.144 | attackbotsspam | Sep 15 13:36:07 DAAP sshd[6170]: Invalid user administrator from 128.199.82.144 port 51374 Sep 15 13:36:07 DAAP sshd[6170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.82.144 Sep 15 13:36:07 DAAP sshd[6170]: Invalid user administrator from 128.199.82.144 port 51374 Sep 15 13:36:09 DAAP sshd[6170]: Failed password for invalid user administrator from 128.199.82.144 port 51374 ssh2 ... |
2019-09-15 20:02:16 |
| 185.176.27.34 | attackbots | firewall-block, port(s): 35094/tcp |
2019-09-15 20:03:40 |
| 51.91.8.146 | attackbots | Unauthorized SSH login attempts |
2019-09-15 19:49:33 |
| 191.250.53.38 | attackbots | DATE:2019-09-15 12:45:28, IP:191.250.53.38, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc) |
2019-09-15 19:35:50 |
| 5.74.97.29 | attack | Automatic report - Port Scan Attack |
2019-09-15 20:11:44 |
| 52.175.249.95 | attack | 20 attempts against mh-misbehave-ban on sea.magehost.pro |
2019-09-15 19:58:58 |
| 103.100.168.38 | attackspam | Sep 15 04:32:10 mxgate1 postfix/postscreen[29671]: CONNECT from [103.100.168.38]:56931 to [176.31.12.44]:25 Sep 15 04:32:10 mxgate1 postfix/dnsblog[29674]: addr 103.100.168.38 listed by domain zen.spamhaus.org as 127.0.0.2 Sep 15 04:32:10 mxgate1 postfix/dnsblog[29674]: addr 103.100.168.38 listed by domain zen.spamhaus.org as 127.0.0.9 Sep 15 04:32:10 mxgate1 postfix/dnsblog[29674]: addr 103.100.168.38 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 15 04:32:10 mxgate1 postfix/dnsblog[29674]: addr 103.100.168.38 listed by domain zen.spamhaus.org as 127.0.0.3 Sep 15 04:32:16 mxgate1 postfix/postscreen[29671]: DNSBL rank 2 for [103.100.168.38]:56931 Sep x@x Sep 15 04:32:17 mxgate1 postfix/postscreen[29671]: DISCONNECT [103.100.168.38]:56931 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.100.168.38 |
2019-09-15 20:06:15 |
| 36.67.226.223 | attackspambots | Invalid user arkserver from 36.67.226.223 port 40628 |
2019-09-15 20:10:31 |
| 124.227.196.119 | attack | Sep 14 23:55:03 ny01 sshd[31377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.227.196.119 Sep 14 23:55:06 ny01 sshd[31377]: Failed password for invalid user platnosci from 124.227.196.119 port 49395 ssh2 Sep 14 23:57:43 ny01 sshd[31924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.227.196.119 |
2019-09-15 20:12:56 |
| 49.234.62.163 | attackspambots | Sep 15 04:10:44 fv15 sshd[11139]: Failed password for invalid user uk from 49.234.62.163 port 32872 ssh2 Sep 15 04:10:44 fv15 sshd[11139]: Received disconnect from 49.234.62.163: 11: Bye Bye [preauth] Sep 15 04:22:20 fv15 sshd[3309]: Failed password for invalid user web from 49.234.62.163 port 55354 ssh2 Sep 15 04:22:20 fv15 sshd[3309]: Received disconnect from 49.234.62.163: 11: Bye Bye [preauth] Sep 15 04:26:41 fv15 sshd[8696]: Failed password for invalid user Admin from 49.234.62.163 port 54688 ssh2 Sep 15 04:26:42 fv15 sshd[8696]: Received disconnect from 49.234.62.163: 11: Bye Bye [preauth] Sep 15 04:30:05 fv15 sshd[19363]: Failed password for invalid user login from 49.234.62.163 port 53976 ssh2 Sep 15 04:30:06 fv15 sshd[19363]: Received disconnect from 49.234.62.163: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.234.62.163 |
2019-09-15 19:59:55 |
| 203.192.231.218 | attackspambots | Sep 15 02:47:46 *** sshd[22805]: Invalid user fw from 203.192.231.218 |
2019-09-15 20:16:22 |
| 119.204.168.61 | attackspambots | Sep 15 09:01:01 vpn01 sshd\[5810\]: Invalid user dieter from 119.204.168.61 Sep 15 09:01:01 vpn01 sshd\[5810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.204.168.61 Sep 15 09:01:03 vpn01 sshd\[5810\]: Failed password for invalid user dieter from 119.204.168.61 port 58200 ssh2 |
2019-09-15 19:58:02 |
| 183.157.175.222 | attackbotsspam | Too many connections or unauthorized access detected from Arctic banned ip |
2019-09-15 19:50:06 |
| 221.148.63.118 | attack | $f2bV_matches |
2019-09-15 20:06:54 |