City: Pontianak
Region: West Kalimantan
Country: Indonesia
Internet Service Provider: PT. Jawa Pos National Network MediaLink
Hostname: unknown
Organization: JAWA POS NATIONAL NETWORK MEDIALINK, PT
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attackspambots | Unauthorized connection attempt detected from IP address 124.109.20.62 to port 445 |
2019-12-16 01:30:45 |
| attackspambots | 445/tcp 445/tcp 445/tcp... [2019-07-26/09-24]10pkt,1pt.(tcp) |
2019-09-25 21:16:54 |
| attackspam | Unauthorised access (Jun 23) SRC=124.109.20.62 LEN=40 TTL=245 ID=45768 TCP DPT=445 WINDOW=1024 SYN Unauthorised access (Jun 19) SRC=124.109.20.62 LEN=40 TTL=245 ID=2952 TCP DPT=445 WINDOW=1024 SYN |
2019-06-24 03:54:59 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 124.109.20.84 | attackspambots | [ 🧯 ] From ymnutefslth@jpnnmedialink.com Thu Nov 07 03:31:03 2019 Received: from mx01-ptk.pontianakpost.co.id ([124.109.20.84]:57978) |
2019-11-07 14:47:49 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.109.20.62
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18964
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.109.20.62. IN A
;; AUTHORITY SECTION:
. 1047 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019061101 1800 900 604800 86400
;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 12 11:01:50 CST 2019
;; MSG SIZE rcvd: 117
Host 62.20.109.124.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 62.20.109.124.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 175.43.58.12 | attackbotsspam | Telnet Server BruteForce Attack |
2019-11-15 04:52:31 |
| 185.43.209.189 | attackbotsspam | Nov 14 21:32:54 andromeda postfix/smtpd\[14736\]: warning: unknown\[185.43.209.189\]: SASL LOGIN authentication failed: authentication failure Nov 14 21:32:54 andromeda postfix/smtpd\[14736\]: warning: unknown\[185.43.209.189\]: SASL LOGIN authentication failed: authentication failure Nov 14 21:32:54 andromeda postfix/smtpd\[14736\]: warning: unknown\[185.43.209.189\]: SASL LOGIN authentication failed: authentication failure Nov 14 21:32:54 andromeda postfix/smtpd\[14736\]: warning: unknown\[185.43.209.189\]: SASL LOGIN authentication failed: authentication failure Nov 14 21:32:54 andromeda postfix/smtpd\[14736\]: warning: unknown\[185.43.209.189\]: SASL LOGIN authentication failed: authentication failure |
2019-11-15 05:04:27 |
| 88.148.12.134 | attackbotsspam | Automatic report - Port Scan Attack |
2019-11-15 05:09:59 |
| 177.17.38.129 | attackspam | Automatic report - Port Scan Attack |
2019-11-15 04:44:54 |
| 45.2.254.52 | attackspambots | scan z |
2019-11-15 04:54:32 |
| 173.201.196.144 | attackspam | Automatic report - XMLRPC Attack |
2019-11-15 04:55:01 |
| 174.138.18.157 | attackbotsspam | Nov 14 11:01:40 askasleikir sshd[30806]: Failed password for invalid user again from 174.138.18.157 port 53792 ssh2 Nov 14 11:10:03 askasleikir sshd[30846]: Failed password for root from 174.138.18.157 port 43540 ssh2 Nov 14 11:14:14 askasleikir sshd[30855]: Failed password for invalid user sliter from 174.138.18.157 port 52530 ssh2 |
2019-11-15 04:48:41 |
| 88.229.13.237 | attack | Automatic report - Port Scan Attack |
2019-11-15 05:05:21 |
| 45.58.139.130 | attackbots | Nov 11 10:01:39 xm3 sshd[4845]: reveeclipse mapping checking getaddrinfo for customer.sharktech.net [45.58.139.130] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 11 10:01:39 xm3 sshd[4845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.58.139.130 user=r.r Nov 11 10:01:41 xm3 sshd[4845]: Failed password for r.r from 45.58.139.130 port 7095 ssh2 Nov 11 10:01:41 xm3 sshd[4845]: Received disconnect from 45.58.139.130: 11: Bye Bye [preauth] Nov 11 10:21:22 xm3 sshd[16154]: reveeclipse mapping checking getaddrinfo for customer.sharktech.net [45.58.139.130] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 11 10:21:22 xm3 sshd[16154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.58.139.130 user=r.r Nov 11 10:21:24 xm3 sshd[16154]: Failed password for r.r from 45.58.139.130 port 58624 ssh2 Nov 11 10:21:24 xm3 sshd[16154]: Received disconnect from 45.58.139.130: 11: Bye Bye [preauth] Nov 11 10:25:04 xm3........ ------------------------------- |
2019-11-15 04:51:40 |
| 103.247.122.122 | attackspambots | Unauthorized connection attempt from IP address 103.247.122.122 on Port 445(SMB) |
2019-11-15 04:55:36 |
| 79.137.24.249 | attackbots | 11/14/2019-09:32:13.745146 79.137.24.249 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433 |
2019-11-15 05:08:54 |
| 149.202.210.31 | attackbots | Invalid user backup from 149.202.210.31 port 39848 |
2019-11-15 04:56:31 |
| 217.138.76.66 | attackspam | Nov 14 17:48:52 server sshd\[17061\]: Invalid user ha from 217.138.76.66 Nov 14 17:48:52 server sshd\[17061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.138.76.66 Nov 14 17:48:54 server sshd\[17061\]: Failed password for invalid user ha from 217.138.76.66 port 56578 ssh2 Nov 14 17:55:11 server sshd\[18952\]: Invalid user dol from 217.138.76.66 Nov 14 17:55:11 server sshd\[18952\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.138.76.66 ... |
2019-11-15 04:32:41 |
| 95.58.205.90 | attackbots | Unauthorized connection attempt from IP address 95.58.205.90 on Port 445(SMB) |
2019-11-15 05:04:57 |
| 195.9.49.210 | attackspambots | Brute force attempt |
2019-11-15 04:44:33 |