City: unknown
Region: unknown
Country: unknown
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.128.114.146
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47571
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;138.128.114.146. IN A
;; AUTHORITY SECTION:
. 599 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400
;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:25:55 CST 2022
;; MSG SIZE rcvd: 108146.114.128.138.in-addr.arpa domain name pointer ff3010.zethasknorsea.info.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
146.114.128.138.in-addr.arpa name = ff3010.zethasknorsea.info.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 180.248.42.118 | attack | [Mon Jul 06 10:47:45.531237 2020] [:error] [pid 8347:tid 140335213434624] [client 180.248.42.118:17835] [client 180.248.42.118] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/sitemap/82-peralatan-observasi-klimatologi/555555575-lokasi-penakar-hujan-manual-ombrometer-di-jawa-timur"] [unique_id "XwKe4SP1VR3su@ShYTtSRQACSgI"], referer: https://www.google.com/
... |
2020-07-06 19:41:20 |
| 45.240.100.251 | attackspambots | Unauthorized connection attempt detected from IP address 45.240.100.251 to port 9530 |
2020-07-06 20:31:03 |
| 203.110.95.119 | attack | Attempted connection to port 445. |
2020-07-06 20:33:27 |
| 114.67.104.66 | attack | Jul 6 05:47:36 vpn01 sshd[4599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.104.66 Jul 6 05:47:38 vpn01 sshd[4599]: Failed password for invalid user dark from 114.67.104.66 port 48508 ssh2 ... |
2020-07-06 19:53:11 |
| 121.60.119.227 | attackspambots | 20 attempts against mh-ssh on bolt |
2020-07-06 20:15:35 |
| 141.98.10.197 | attack | Jul 6 07:07:23 ws12vmsma01 sshd[47164]: Failed password for invalid user admin from 141.98.10.197 port 44395 ssh2 Jul 6 07:09:00 ws12vmsma01 sshd[47432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.197 user=root Jul 6 07:09:02 ws12vmsma01 sshd[47432]: Failed password for root from 141.98.10.197 port 46239 ssh2 ... |
2020-07-06 20:25:01 |
| 178.32.221.225 | attack | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-07-06 20:16:29 |
| 185.175.93.17 | attackspam | 07/06/2020-06:51:40.843894 185.175.93.17 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2020-07-06 20:39:29 |
| 112.172.147.34 | attack | Jul 6 11:29:36 Ubuntu-1404-trusty-64-minimal sshd\[17697\]: Invalid user edu01 from 112.172.147.34 Jul 6 11:29:36 Ubuntu-1404-trusty-64-minimal sshd\[17697\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.172.147.34 Jul 6 11:29:38 Ubuntu-1404-trusty-64-minimal sshd\[17697\]: Failed password for invalid user edu01 from 112.172.147.34 port 20025 ssh2 Jul 6 11:37:50 Ubuntu-1404-trusty-64-minimal sshd\[25792\]: Invalid user test05 from 112.172.147.34 Jul 6 11:37:50 Ubuntu-1404-trusty-64-minimal sshd\[25792\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.172.147.34 |
2020-07-06 19:42:11 |
| 45.64.126.103 | attackspam | 2020-07-06T09:15:23.957674dmca.cloudsearch.cf sshd[1805]: Invalid user xuh from 45.64.126.103 port 49584 2020-07-06T09:15:23.963118dmca.cloudsearch.cf sshd[1805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.64.126.103 2020-07-06T09:15:23.957674dmca.cloudsearch.cf sshd[1805]: Invalid user xuh from 45.64.126.103 port 49584 2020-07-06T09:15:26.525033dmca.cloudsearch.cf sshd[1805]: Failed password for invalid user xuh from 45.64.126.103 port 49584 ssh2 2020-07-06T09:19:41.695190dmca.cloudsearch.cf sshd[1983]: Invalid user dstserver from 45.64.126.103 port 41558 2020-07-06T09:19:41.700613dmca.cloudsearch.cf sshd[1983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.64.126.103 2020-07-06T09:19:41.695190dmca.cloudsearch.cf sshd[1983]: Invalid user dstserver from 45.64.126.103 port 41558 2020-07-06T09:19:44.338993dmca.cloudsearch.cf sshd[1983]: Failed password for invalid user dstserver from 45.64.126.10 ... |
2020-07-06 20:39:00 |
| 123.117.77.166 | attackspam | Jul 6 05:46:58 icinga sshd[7930]: Failed password for root from 123.117.77.166 port 47621 ssh2 Jul 6 05:47:00 icinga sshd[7934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.117.77.166 Jul 6 05:47:02 icinga sshd[7934]: Failed password for invalid user local from 123.117.77.166 port 47706 ssh2 ... |
2020-07-06 20:18:44 |
| 95.31.119.204 | attackbotsspam | Attempted connection to port 445. |
2020-07-06 20:24:34 |
| 211.103.10.237 | attackbotsspam |
|
2020-07-06 20:11:17 |
| 51.254.220.20 | attackspam | Jul 6 05:47:20 srv sshd[3835]: Failed password for root from 51.254.220.20 port 60034 ssh2 |
2020-07-06 20:05:15 |
| 13.79.165.124 | attackbots | Attempted connection to port 3389. |
2020-07-06 19:57:16 |