City: Shanghai
Region: Shanghai
Country: China
Internet Service Provider: ChinaNet Guangdong Province Network
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attackbots | [Sun Jul 19 02:48:04.926186 2020] [:error] [pid 22715:tid 140632588613376] [client 116.31.140.37:58965] [client 116.31.140.37] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "XxNR9Fcr71isoJ1NnSUOZgAAAcI"]
... |
2020-07-19 07:52:39 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 116.31.140.13 | attack | (ftpd) Failed FTP login from 116.31.140.13 (CN/China/-): 10 in the last 3600 secs |
2020-09-01 06:41:35 |
| 116.31.140.71 | attack | Automatic report - FTP Brute Force |
2019-10-25 16:37:48 |
| 116.31.140.220 | attackbotsspam | FTP: login Brute Force attempt, PTR: PTR record not found |
2019-09-22 00:12:20 |
| 116.31.140.147 | attackspam | Automatic report - Port Scan Attack |
2019-09-11 12:05:49 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.31.140.37
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31440
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.31.140.37. IN A
;; AUTHORITY SECTION:
. 287 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020071801 1800 900 604800 86400
;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 19 07:52:36 CST 2020
;; MSG SIZE rcvd: 117Host 37.140.31.116.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 37.140.31.116.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 222.110.165.141 | attackspambots | (sshd) Failed SSH login from 222.110.165.141 (KR/South Korea/-): 10 in the last 3600 secs |
2020-07-19 01:28:46 |
| 183.236.71.170 | attackbotsspam | 2020-07-18T12:22:51.742881devel sshd[21631]: Invalid user info from 183.236.71.170 port 60714 2020-07-18T12:22:53.576499devel sshd[21631]: Failed password for invalid user info from 183.236.71.170 port 60714 ssh2 2020-07-18T12:36:44.645968devel sshd[23039]: Invalid user stefan from 183.236.71.170 port 52726 |
2020-07-19 01:48:42 |
| 36.250.129.172 | attack | Invalid user admin from 36.250.129.172 port 51402 |
2020-07-19 02:09:24 |
| 138.204.78.249 | attack | Jul 18 17:15:46 mout sshd[313]: Invalid user zhaoshaojing from 138.204.78.249 port 55478 |
2020-07-19 01:36:45 |
| 201.94.236.220 | attackbotsspam | Jul 18 13:12:36 ws19vmsma01 sshd[211998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.94.236.220 Jul 18 13:12:38 ws19vmsma01 sshd[211998]: Failed password for invalid user dba from 201.94.236.220 port 58868 ssh2 ... |
2020-07-19 01:45:55 |
| 180.214.238.55 | attackspambots | Invalid user admin from 180.214.238.55 port 62250 |
2020-07-19 01:49:53 |
| 106.13.82.54 | attack | Invalid user wmg from 106.13.82.54 port 43802 |
2020-07-19 02:01:33 |
| 180.150.92.94 | attackspam | Jul 19 02:53:05 localhost sshd[353445]: Invalid user rt from 180.150.92.94 port 32784 ... |
2020-07-19 01:50:29 |
| 106.12.193.96 | attackbots | Invalid user antena from 106.12.193.96 port 43755 |
2020-07-19 01:40:34 |
| 103.129.223.98 | attack | Jul 18 19:55:10 DAAP sshd[10979]: Invalid user cmt from 103.129.223.98 port 55230 Jul 18 19:55:10 DAAP sshd[10979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.129.223.98 Jul 18 19:55:10 DAAP sshd[10979]: Invalid user cmt from 103.129.223.98 port 55230 Jul 18 19:55:12 DAAP sshd[10979]: Failed password for invalid user cmt from 103.129.223.98 port 55230 ssh2 Jul 18 20:02:16 DAAP sshd[11070]: Invalid user import from 103.129.223.98 port 52572 ... |
2020-07-19 02:02:45 |
| 120.203.160.18 | attackspambots | Jul 18 18:40:20 odroid64 sshd\[1223\]: Invalid user db2inst1 from 120.203.160.18 Jul 18 18:40:20 odroid64 sshd\[1223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.203.160.18 ... |
2020-07-19 01:37:42 |
| 51.75.64.187 | attackbots | (mod_security) mod_security (id:949110) triggered by 51.75.64.187 (FR/France/relay4.tor.ian.sh): 10 in the last 3600 secs; ID: DAN |
2020-07-19 02:06:45 |
| 106.13.101.75 | attack | Invalid user tdr from 106.13.101.75 port 54956 |
2020-07-19 01:40:05 |
| 37.187.104.135 | attack | Jul 18 13:36:22 ws24vmsma01 sshd[214998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.104.135 Jul 18 13:36:25 ws24vmsma01 sshd[214998]: Failed password for invalid user rori from 37.187.104.135 port 54408 ssh2 ... |
2020-07-19 02:09:03 |
| 49.233.130.95 | attackbotsspam | Invalid user hugo from 49.233.130.95 port 41742 |
2020-07-19 02:07:36 |