City: Jakarta
Region: Jakarta
Country: Indonesia
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.158.41.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52042
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.158.41.6. IN A
;; AUTHORITY SECTION:
. 585 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019113002 1800 900 604800 86400
;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 03:52:07 CST 2019
;; MSG SIZE rcvd: 116
6.41.158.202.in-addr.arpa domain name pointer www.ptcpi-online.com.
6.41.158.202.in-addr.arpa domain name pointer www.aspacmart.com.
6.41.158.202.in-addr.arpa domain name pointer www.indoprom.net.
6.41.158.202.in-addr.arpa domain name pointer ftp.ird.or.id.
6.41.158.202.in-addr.arpa domain name pointer www.kadinbogor.com.
6.41.158.202.in-addr.arpa domain name pointer commercea.cbn.net.id.
6.41.158.202.in-addr.arpa domain name pointer ftp.commercea.cbn.net.id.
6.41.158.202.in-addr.arpa domain name pointer www.hildco.co.id.
6.41.158.202.in-addr.arpa domain name pointer ftp.kadinbogor.com.
6.41.158.202.in-addr.arpa domain name pointer ftp.three-ss.com.
6.41.158.202.in-addr.arpa domain name pointer ftp.skyrinkjakarta.com.
6.41.158.202.in-addr.arpa domain name pointer ftp.astrido-finance.co.id.
6.41.158.202.in-addr.arpa domain name pointer www.studyline.co.id.
6.41.158.202.in-addr.arpa domain name pointer ftp.riauprovince.com.
6.41.158.202.in-addr.arpa domain name pointer www.cgprtstat.org.
6.41.158.202.in-addr.ar
;; Truncated, retrying in TCP mode.
Server: 100.100.2.136
Address: 100.100.2.136#53
Non-authoritative answer:
6.41.158.202.in-addr.arpa name = ftp.netwave.co.id.
6.41.158.202.in-addr.arpa name = www.three-ss.com.
6.41.158.202.in-addr.arpa name = www.studyline.co.id.
6.41.158.202.in-addr.arpa name = www.ptcpi-online.com.
6.41.158.202.in-addr.arpa name = www.caltex-pacific-indonesia.com.
6.41.158.202.in-addr.arpa name = commercea.cbn.net.id.
6.41.158.202.in-addr.arpa name = ftp.bigg.or.id.
6.41.158.202.in-addr.arpa name = ftp.three-ss.com.
6.41.158.202.in-addr.arpa name = www.indoprom.net.
6.41.158.202.in-addr.arpa name = ftp.sandrafine.co.id.
6.41.158.202.in-addr.arpa name = www.e-propertybiz.com.
6.41.158.202.in-addr.arpa name = ftp.shangbao.co.id.
6.41.158.202.in-addr.arpa name = www.astrido-finance.co.id.
6.41.158.202.in-addr.arpa name = www.icma.or.id.
6.41.158.202.in-addr.arpa name = ftp.aspacmart.com.
6.41.158.202.in-addr.arpa name = www.bigg.or.id.
6.41.158.202.in-addr.arpa name = www.ird.or.id.
6.41.158.202.in-addr.arpa name = www.pikhospital.co.id.
6.41.158.202.in-addr.arpa name = www.ikutlah-aku.org.
6.41.158.202.in-addr.arpa name = www.riauprovince.com.
6.41.158.202.in-addr.arpa name = ftp.indorattanwood.com.
6.41.158.202.in-addr.arpa name = www.shangbao.co.id.
6.41.158.202.in-addr.arpa name = ftp.icma.or.id.
6.41.158.202.in-addr.arpa name = ftp.scl3pl.com.
6.41.158.202.in-addr.arpa name = ftp.enerkon.co.id.
6.41.158.202.in-addr.arpa name = ftp.skyrinkjakarta.com.
6.41.158.202.in-addr.arpa name = www.cgprtstat.org.
6.41.158.202.in-addr.arpa name = www.scl3pl.com.
6.41.158.202.in-addr.arpa name = ftp.ird.or.id.
6.41.158.202.in-addr.arpa name = ftp.ptcpi-online.com.
6.41.158.202.in-addr.arpa name = ftp.kadinbogor.com.
6.41.158.202.in-addr.arpa name = ftp.hildco.co.id.
6.41.158.202.in-addr.arpa name = ftp.pnmi.co.id.
6.41.158.202.in-addr.arpa name = www.enerkon.co.id.
6.41.158.202.in-addr.arpa name = www.pnmi.co.id.
6.41.158.202.in-addr.arpa name = ftp.e-propertybiz.com.
6.41.158.202.in-addr.arpa name =
| IP | Type | Details | Datetime |
|---|---|---|---|
| 213.158.29.179 | attackspambots | $f2bV_matches |
2019-09-09 10:11:14 |
| 141.98.80.80 | attack | 2019-09-09 13:26:00 fixed_plain authenticator failed for \(\[141.98.80.80\]\) \[141.98.80.80\]: 535 Incorrect authentication data \(set_id=chris@thepuddles.net.nz\) 2019-09-09 13:26:05 fixed_plain authenticator failed for \(\[141.98.80.80\]\) \[141.98.80.80\]: 535 Incorrect authentication data \(set_id=chris\) 2019-09-09 14:48:15 fixed_plain authenticator failed for \(\[141.98.80.80\]\) \[141.98.80.80\]: 535 Incorrect authentication data \(set_id=hobo@thepuddles.net.nz\) ... |
2019-09-09 10:51:01 |
| 217.160.15.228 | attackbots | Sep 8 16:39:42 friendsofhawaii sshd\[10843\]: Invalid user admin from 217.160.15.228 Sep 8 16:39:42 friendsofhawaii sshd\[10843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.15.228 Sep 8 16:39:44 friendsofhawaii sshd\[10843\]: Failed password for invalid user admin from 217.160.15.228 port 49713 ssh2 Sep 8 16:45:15 friendsofhawaii sshd\[11314\]: Invalid user teamspeak from 217.160.15.228 Sep 8 16:45:15 friendsofhawaii sshd\[11314\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.15.228 |
2019-09-09 10:49:52 |
| 193.56.28.254 | attackbots | CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found |
2019-09-09 10:27:56 |
| 200.70.56.204 | attackspambots | Sep 9 05:14:19 www sshd\[4825\]: Invalid user user6 from 200.70.56.204Sep 9 05:14:21 www sshd\[4825\]: Failed password for invalid user user6 from 200.70.56.204 port 56528 ssh2Sep 9 05:22:47 www sshd\[5158\]: Invalid user tsbot from 200.70.56.204 ... |
2019-09-09 10:27:31 |
| 87.229.42.62 | attack | Automatic report - Port Scan Attack |
2019-09-09 10:28:17 |
| 89.107.99.176 | attack | 445/tcp 445/tcp 445/tcp... [2019-07-12/09-08]7pkt,1pt.(tcp) |
2019-09-09 10:12:25 |
| 139.59.105.141 | attackbotsspam | Sep 8 09:41:54 hanapaa sshd\[29825\]: Invalid user test from 139.59.105.141 Sep 8 09:41:54 hanapaa sshd\[29825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.105.141 Sep 8 09:41:56 hanapaa sshd\[29825\]: Failed password for invalid user test from 139.59.105.141 port 50680 ssh2 Sep 8 09:46:44 hanapaa sshd\[30258\]: Invalid user 1234567 from 139.59.105.141 Sep 8 09:46:44 hanapaa sshd\[30258\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.105.141 |
2019-09-09 10:45:58 |
| 212.200.165.6 | attackspam | Sep 8 21:42:53 vtv3 sshd\[7772\]: Invalid user gitblit from 212.200.165.6 port 41558 Sep 8 21:42:53 vtv3 sshd\[7772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.200.165.6 Sep 8 21:42:55 vtv3 sshd\[7772\]: Failed password for invalid user gitblit from 212.200.165.6 port 41558 ssh2 Sep 8 21:49:17 vtv3 sshd\[10656\]: Invalid user www from 212.200.165.6 port 46574 Sep 8 21:49:17 vtv3 sshd\[10656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.200.165.6 Sep 8 22:01:42 vtv3 sshd\[16690\]: Invalid user plex from 212.200.165.6 port 56580 Sep 8 22:01:42 vtv3 sshd\[16690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.200.165.6 Sep 8 22:01:45 vtv3 sshd\[16690\]: Failed password for invalid user plex from 212.200.165.6 port 56580 ssh2 Sep 8 22:08:03 vtv3 sshd\[19540\]: Invalid user gpadmin from 212.200.165.6 port 33352 Sep 8 22:08:03 vtv3 sshd\[19540\]: pam_un |
2019-09-09 10:56:53 |
| 106.248.41.245 | attackbots | Sep 9 02:41:18 MK-Soft-VM7 sshd\[701\]: Invalid user oracle from 106.248.41.245 port 58850 Sep 9 02:41:18 MK-Soft-VM7 sshd\[701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Sep 9 02:41:20 MK-Soft-VM7 sshd\[701\]: Failed password for invalid user oracle from 106.248.41.245 port 58850 ssh2 ... |
2019-09-09 10:44:21 |
| 95.179.127.225 | attack | Brute force RDP, port 3389 |
2019-09-09 10:38:04 |
| 180.182.228.200 | attackbotsspam | 26604/udp 8080/tcp [2019-08-27/09-08]2pkt |
2019-09-09 10:47:01 |
| 220.181.108.119 | attack | Automatic report - Banned IP Access |
2019-09-09 10:37:21 |
| 103.102.192.106 | attackbotsspam | Sep 9 01:54:18 localhost sshd\[12120\]: Invalid user vagrant from 103.102.192.106 port 9740 Sep 9 01:54:18 localhost sshd\[12120\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.102.192.106 Sep 9 01:54:21 localhost sshd\[12120\]: Failed password for invalid user vagrant from 103.102.192.106 port 9740 ssh2 |
2019-09-09 10:37:46 |
| 200.23.228.201 | attack | $f2bV_matches |
2019-09-09 10:49:18 |