City: unknown
Region: unknown
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.57.36.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7194
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;116.57.36.42. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025022701 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 03:08:27 CST 2025
;; MSG SIZE rcvd: 105Host 42.36.57.116.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 42.36.57.116.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.122.98.169 | attack | Sep 5 11:52:47 mailman postfix/smtpd[29352]: warning: unknown[138.122.98.169]: SASL PLAIN authentication failed: authentication failure |
2020-09-06 05:26:36 |
| 192.35.168.218 | attackspam | Icarus honeypot on github |
2020-09-06 05:34:15 |
| 190.14.47.108 | attackbotsspam | failed_logins |
2020-09-06 05:25:49 |
| 163.172.40.236 | attackspambots | 163.172.40.236 - - [06/Sep/2020:00:48:10 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ... |
2020-09-06 05:17:17 |
| 66.240.192.138 | attackbotsspam | Scan ports |
2020-09-06 05:33:28 |
| 5.188.206.194 | attack | Sep 5 23:27:25 ncomp postfix/smtpd[8896]: warning: unknown[5.188.206.194]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 23:27:51 ncomp postfix/smtpd[8896]: warning: unknown[5.188.206.194]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 23:28:03 ncomp postfix/smtpd[8896]: warning: unknown[5.188.206.194]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-09-06 05:35:31 |
| 193.169.255.40 | attackbotsspam | Sep 5 21:49:39 mail postfix/smtpd\[30679\]: warning: unknown\[193.169.255.40\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 5 21:49:45 mail postfix/smtpd\[30680\]: warning: unknown\[193.169.255.40\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 5 21:49:55 mail postfix/smtpd\[30679\]: warning: unknown\[193.169.255.40\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 5 21:50:05 mail postfix/smtpd\[30680\]: warning: unknown\[193.169.255.40\]: SASL LOGIN authentication failed: Connection lost to authentication server\ |
2020-09-06 05:25:08 |
| 207.244.252.113 | attackspam | (From nick@send.sohbetlal.com) I'm sending you a message from your website. I wanted to ask a question about your business and the credit card processing fees you pay every month. You shouldn't be paying 1.5% to 2.5% in Credit Card Processing Fees anymore. New laws are on your side. Your processor isn't telling you everything. Why are they hiding the lower fee options? Merchants working with us are switching to our Unlimited Flat-Fee Processing for only $24.99 per month. We make it easy. And UNLIMITED. Process any amount of cards for the same flat price each month. No contracts. No surprises. No hidden fees. We'll even start you off with a terminal at no cost. September 2020 Limited Time Promotion: Email us today to qualify: - Free Equipment (2x Terminals). - No Contracts. - No Cancellation Fees. - Try Without Obligation. Give us a phone number where we can call you with more information. Reply to this email or send a quick message saying "I'm interested" by clicking this link: |
2020-09-06 05:31:14 |
| 222.186.175.163 | attackspambots | Sep 5 23:04:34 santamaria sshd\[10059\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Sep 5 23:04:37 santamaria sshd\[10059\]: Failed password for root from 222.186.175.163 port 45972 ssh2 Sep 5 23:04:40 santamaria sshd\[10059\]: Failed password for root from 222.186.175.163 port 45972 ssh2 ... |
2020-09-06 05:05:04 |
| 45.225.110.227 | attackbots | Automatic report - Port Scan Attack |
2020-09-06 05:09:24 |
| 107.189.11.163 | attackspambots | [SID1] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically. |
2020-09-06 05:37:06 |
| 190.128.171.250 | attackspambots | (sshd) Failed SSH login from 190.128.171.250 (PY/Paraguay/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 5 14:54:36 server5 sshd[23953]: Invalid user bimba from 190.128.171.250 Sep 5 14:54:36 server5 sshd[23953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.128.171.250 Sep 5 14:54:37 server5 sshd[23953]: Failed password for invalid user bimba from 190.128.171.250 port 35060 ssh2 Sep 5 15:01:00 server5 sshd[26884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.128.171.250 user=root Sep 5 15:01:01 server5 sshd[26884]: Failed password for root from 190.128.171.250 port 51076 ssh2 |
2020-09-06 05:08:36 |
| 165.90.3.122 | attack | [Sun Sep 06 03:13:25.153543 2020] [:error] [pid 2754:tid 140397330274048] [client 165.90.3.122:65500] [client 165.90.3.122] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "X1PxZdlmuncnyx65RuMHlQAAAGU"]
... |
2020-09-06 05:24:44 |
| 140.246.65.111 | attackbots | RDP brute force attack detected by fail2ban |
2020-09-06 05:05:31 |
| 157.55.39.140 | attackbots | Automatic report - Banned IP Access |
2020-09-06 05:36:38 |