City: unknown
Region: unknown
Country: Indonesia
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.66.205.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65092
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;116.66.205.50. IN A
;; AUTHORITY SECTION:
. 19 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400
;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 17:50:41 CST 2022
;; MSG SIZE rcvd: 10650.205.66.116.in-addr.arpa domain name pointer 50.205.66.116.cni.net.id.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
50.205.66.116.in-addr.arpa name = 50.205.66.116.cni.net.id.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 158.69.204.172 | attackbotsspam | Automatic report - Banned IP Access |
2019-10-27 19:13:46 |
| 54.180.174.220 | attackspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/54.180.174.220/ SG - 1H : (6) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : SG NAME ASN : ASN16509 IP : 54.180.174.220 CIDR : 54.180.0.0/15 PREFIX COUNT : 3006 UNIQUE IP COUNT : 26434816 ATTACKS DETECTED ASN16509 : 1H - 2 3H - 2 6H - 2 12H - 2 24H - 2 DateTime : 2019-10-27 04:45:23 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery |
2019-10-27 19:26:52 |
| 104.168.134.59 | attackspambots | Oct 27 11:20:47 server sshd\[12138\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hwsrv-536529.hostwindsdns.com user=root Oct 27 11:20:49 server sshd\[12138\]: Failed password for root from 104.168.134.59 port 56154 ssh2 Oct 27 11:35:12 server sshd\[15951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hwsrv-536529.hostwindsdns.com user=root Oct 27 11:35:14 server sshd\[15951\]: Failed password for root from 104.168.134.59 port 47198 ssh2 Oct 27 11:44:13 server sshd\[18150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hwsrv-536529.hostwindsdns.com user=root ... |
2019-10-27 19:02:55 |
| 18.18.248.17 | attackspam | detected by Fail2Ban |
2019-10-27 19:25:07 |
| 221.148.45.168 | attackbots | 2019-10-27T06:28:06.006985abusebot-2.cloudsearch.cf sshd\[25886\]: Invalid user k from 221.148.45.168 port 50331 |
2019-10-27 19:07:56 |
| 103.131.200.96 | attackbotsspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/103.131.200.96/ TH - 1H : (20) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TH NAME ASN : ASN138156 IP : 103.131.200.96 CIDR : 103.131.200.0/24 PREFIX COUNT : 4 UNIQUE IP COUNT : 1024 ATTACKS DETECTED ASN138156 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-27 04:46:30 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery |
2019-10-27 18:52:54 |
| 106.245.255.19 | attackbotsspam | [Aegis] @ 2019-10-27 10:27:11 0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack |
2019-10-27 19:29:25 |
| 189.115.103.21 | attackspam | 2019-10-27T05:01:14.8130941495-001 sshd\[20094\]: Invalid user newadmin3 from 189.115.103.21 port 37173 2019-10-27T05:01:14.8215031495-001 sshd\[20094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.115.103.21 2019-10-27T05:01:16.3757001495-001 sshd\[20094\]: Failed password for invalid user newadmin3 from 189.115.103.21 port 37173 ssh2 2019-10-27T05:06:58.5867321495-001 sshd\[20261\]: Invalid user passw0rd from 189.115.103.21 port 56198 2019-10-27T05:06:58.5909671495-001 sshd\[20261\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.115.103.21 2019-10-27T05:07:00.3707381495-001 sshd\[20261\]: Failed password for invalid user passw0rd from 189.115.103.21 port 56198 ssh2 ... |
2019-10-27 19:25:30 |
| 201.1.190.62 | attack | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/201.1.190.62/ BR - 1H : (119) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN27699 IP : 201.1.190.62 CIDR : 201.1.128.0/17 PREFIX COUNT : 267 UNIQUE IP COUNT : 6569728 ATTACKS DETECTED ASN27699 : 1H - 7 3H - 11 6H - 11 12H - 15 24H - 16 DateTime : 2019-10-27 04:45:39 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-27 19:14:58 |
| 93.147.22.31 | attackspambots | [Sun Oct 27 03:57:56.979974 2019] [:error] [pid 151897] [client 93.147.22.31:53017] [client 93.147.22.31] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "XbU-9LW6A9R9-yAWAwJaTAAAAAU"] ... |
2019-10-27 19:26:07 |
| 5.249.145.73 | attack | Oct 27 10:32:24 MK-Soft-VM5 sshd[2169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.145.73 Oct 27 10:32:26 MK-Soft-VM5 sshd[2169]: Failed password for invalid user tsidc from 5.249.145.73 port 55512 ssh2 ... |
2019-10-27 18:57:44 |
| 114.220.176.106 | attack | Oct 27 05:35:59 herz-der-gamer sshd[4900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.220.176.106 user=root Oct 27 05:36:01 herz-der-gamer sshd[4900]: Failed password for root from 114.220.176.106 port 55405 ssh2 Oct 27 05:50:14 herz-der-gamer sshd[5174]: Invalid user magic from 114.220.176.106 port 54958 ... |
2019-10-27 19:01:22 |
| 147.135.255.107 | attackspam | Oct 26 19:32:29 php1 sshd\[19904\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.255.107 user=root Oct 26 19:32:32 php1 sshd\[19904\]: Failed password for root from 147.135.255.107 port 55114 ssh2 Oct 26 19:36:06 php1 sshd\[20181\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.255.107 user=root Oct 26 19:36:08 php1 sshd\[20181\]: Failed password for root from 147.135.255.107 port 36580 ssh2 Oct 26 19:39:31 php1 sshd\[20588\]: Invalid user oracle from 147.135.255.107 |
2019-10-27 19:03:14 |
| 95.191.243.128 | attackbotsspam | Chat Spam |
2019-10-27 19:07:17 |
| 159.65.231.86 | attackbotsspam | Oct 27 01:19:21 h2065291 sshd[4823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.231.86 user=r.r Oct 27 01:19:23 h2065291 sshd[4823]: Failed password for r.r from 159.65.231.86 port 48670 ssh2 Oct 27 01:19:23 h2065291 sshd[4823]: Received disconnect from 159.65.231.86: 11: Bye Bye [preauth] Oct 27 01:42:55 h2065291 sshd[5622]: Invalid user NetLinx from 159.65.231.86 Oct 27 01:42:55 h2065291 sshd[5622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.231.86 Oct 27 01:42:57 h2065291 sshd[5622]: Failed password for invalid user NetLinx from 159.65.231.86 port 40954 ssh2 Oct 27 01:42:57 h2065291 sshd[5622]: Received disconnect from 159.65.231.86: 11: Bye Bye [preauth] Oct 27 01:46:24 h2065291 sshd[5634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.231.86 user=r.r Oct 27 01:46:26 h2065291 sshd[5634]: Failed password for r.r f........ ------------------------------- |
2019-10-27 19:23:00 |