City: Surabaya
Region: East Java
Country: Indonesia
Internet Service Provider: Esia
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 202.148.12.90 | attack | VNC brute force attack detected by fail2ban |
2020-07-04 12:49:23 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.148.12.250
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38149
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;202.148.12.250. IN A
;; AUTHORITY SECTION:
. 589 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022071002 1800 900 604800 86400
;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 11 09:01:05 CST 2022
;; MSG SIZE rcvd: 107250.12.148.202.in-addr.arpa domain name pointer dnet-012250.dnetsurabaya.id.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
250.12.148.202.in-addr.arpa name = dnet-012250.dnetsurabaya.id.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 200.44.229.214 | attackbots | Zeroshell Net Services Remote Command Execution Vulnerability, PTR: 200.44.229-214.dyn.dsl.cantv.net. |
2020-07-26 04:55:35 |
| 195.204.16.82 | attackbots | Invalid user xe from 195.204.16.82 port 43662 |
2020-07-26 05:18:52 |
| 124.88.37.161 | attack | Exploited Host. |
2020-07-26 05:05:14 |
| 124.152.118.131 | attack | Invalid user mdb from 124.152.118.131 port 3217 |
2020-07-26 05:22:04 |
| 142.93.200.206 | attack | port scan and connect, tcp 10000 (snet-sensor-mgmt) |
2020-07-26 04:56:53 |
| 24.30.67.145 | attackspam | Brute force attempt |
2020-07-26 05:18:23 |
| 180.76.55.119 | attack | Invalid user zhao from 180.76.55.119 port 60146 |
2020-07-26 05:20:40 |
| 147.135.133.88 | attackspam | Invalid user dublin from 147.135.133.88 port 38132 |
2020-07-26 05:12:51 |
| 103.246.240.30 | attack | 2020-07-25T22:29:16.619052v22018076590370373 sshd[8920]: Invalid user prueba from 103.246.240.30 port 57106 2020-07-25T22:29:16.627038v22018076590370373 sshd[8920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.246.240.30 2020-07-25T22:29:16.619052v22018076590370373 sshd[8920]: Invalid user prueba from 103.246.240.30 port 57106 2020-07-25T22:29:18.682950v22018076590370373 sshd[8920]: Failed password for invalid user prueba from 103.246.240.30 port 57106 ssh2 2020-07-25T22:33:27.646264v22018076590370373 sshd[14171]: Invalid user splunk from 103.246.240.30 port 40656 ... |
2020-07-26 05:15:04 |
| 124.49.79.101 | attackbotsspam | Exploited Host. |
2020-07-26 05:10:52 |
| 50.255.64.233 | attackbots | Jul 25 17:12:22 haigwepa sshd[14795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.255.64.233 Jul 25 17:12:24 haigwepa sshd[14795]: Failed password for invalid user mariana from 50.255.64.233 port 48700 ssh2 ... |
2020-07-26 05:06:46 |
| 112.80.35.2 | attackbots | Invalid user lishuai from 112.80.35.2 port 65534 |
2020-07-26 05:11:51 |
| 49.87.30.158 | attackspambots | Netgear DGN Device Remote Command Execution Vulnerability , PTR: PTR record not found |
2020-07-26 05:07:18 |
| 159.65.134.146 | attack | Jul 25 22:53:18 vmd26974 sshd[1571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.134.146 Jul 25 22:53:20 vmd26974 sshd[1571]: Failed password for invalid user bob from 159.65.134.146 port 51614 ssh2 ... |
2020-07-26 05:02:43 |
| 46.146.240.185 | attackspambots | Jul 25 19:49:13 xeon sshd[9416]: Failed password for invalid user temp123 from 46.146.240.185 port 53165 ssh2 |
2020-07-26 05:13:36 |