City: Jakarta
Region: Jakarta
Country: Indonesia
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.158.41.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52042
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.158.41.6. IN A
;; AUTHORITY SECTION:
. 585 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019113002 1800 900 604800 86400
;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 03:52:07 CST 2019
;; MSG SIZE rcvd: 116
6.41.158.202.in-addr.arpa domain name pointer www.ptcpi-online.com.
6.41.158.202.in-addr.arpa domain name pointer www.aspacmart.com.
6.41.158.202.in-addr.arpa domain name pointer www.indoprom.net.
6.41.158.202.in-addr.arpa domain name pointer ftp.ird.or.id.
6.41.158.202.in-addr.arpa domain name pointer www.kadinbogor.com.
6.41.158.202.in-addr.arpa domain name pointer commercea.cbn.net.id.
6.41.158.202.in-addr.arpa domain name pointer ftp.commercea.cbn.net.id.
6.41.158.202.in-addr.arpa domain name pointer www.hildco.co.id.
6.41.158.202.in-addr.arpa domain name pointer ftp.kadinbogor.com.
6.41.158.202.in-addr.arpa domain name pointer ftp.three-ss.com.
6.41.158.202.in-addr.arpa domain name pointer ftp.skyrinkjakarta.com.
6.41.158.202.in-addr.arpa domain name pointer ftp.astrido-finance.co.id.
6.41.158.202.in-addr.arpa domain name pointer www.studyline.co.id.
6.41.158.202.in-addr.arpa domain name pointer ftp.riauprovince.com.
6.41.158.202.in-addr.arpa domain name pointer www.cgprtstat.org.
6.41.158.202.in-addr.ar
;; Truncated, retrying in TCP mode.
Server: 100.100.2.136
Address: 100.100.2.136#53
Non-authoritative answer:
6.41.158.202.in-addr.arpa name = ftp.netwave.co.id.
6.41.158.202.in-addr.arpa name = www.three-ss.com.
6.41.158.202.in-addr.arpa name = www.studyline.co.id.
6.41.158.202.in-addr.arpa name = www.ptcpi-online.com.
6.41.158.202.in-addr.arpa name = www.caltex-pacific-indonesia.com.
6.41.158.202.in-addr.arpa name = commercea.cbn.net.id.
6.41.158.202.in-addr.arpa name = ftp.bigg.or.id.
6.41.158.202.in-addr.arpa name = ftp.three-ss.com.
6.41.158.202.in-addr.arpa name = www.indoprom.net.
6.41.158.202.in-addr.arpa name = ftp.sandrafine.co.id.
6.41.158.202.in-addr.arpa name = www.e-propertybiz.com.
6.41.158.202.in-addr.arpa name = ftp.shangbao.co.id.
6.41.158.202.in-addr.arpa name = www.astrido-finance.co.id.
6.41.158.202.in-addr.arpa name = www.icma.or.id.
6.41.158.202.in-addr.arpa name = ftp.aspacmart.com.
6.41.158.202.in-addr.arpa name = www.bigg.or.id.
6.41.158.202.in-addr.arpa name = www.ird.or.id.
6.41.158.202.in-addr.arpa name = www.pikhospital.co.id.
6.41.158.202.in-addr.arpa name = www.ikutlah-aku.org.
6.41.158.202.in-addr.arpa name = www.riauprovince.com.
6.41.158.202.in-addr.arpa name = ftp.indorattanwood.com.
6.41.158.202.in-addr.arpa name = www.shangbao.co.id.
6.41.158.202.in-addr.arpa name = ftp.icma.or.id.
6.41.158.202.in-addr.arpa name = ftp.scl3pl.com.
6.41.158.202.in-addr.arpa name = ftp.enerkon.co.id.
6.41.158.202.in-addr.arpa name = ftp.skyrinkjakarta.com.
6.41.158.202.in-addr.arpa name = www.cgprtstat.org.
6.41.158.202.in-addr.arpa name = www.scl3pl.com.
6.41.158.202.in-addr.arpa name = ftp.ird.or.id.
6.41.158.202.in-addr.arpa name = ftp.ptcpi-online.com.
6.41.158.202.in-addr.arpa name = ftp.kadinbogor.com.
6.41.158.202.in-addr.arpa name = ftp.hildco.co.id.
6.41.158.202.in-addr.arpa name = ftp.pnmi.co.id.
6.41.158.202.in-addr.arpa name = www.enerkon.co.id.
6.41.158.202.in-addr.arpa name = www.pnmi.co.id.
6.41.158.202.in-addr.arpa name = ftp.e-propertybiz.com.
6.41.158.202.in-addr.arpa name =
| IP | Type | Details | Datetime |
|---|---|---|---|
| 167.99.198.85 | attackbots | firewall-block, port(s): 53122/tcp |
2020-07-18 15:52:11 |
| 40.125.74.18 | attackbots | Jul 18 09:33:32 host sshd[8378]: Invalid user admin from 40.125.74.18 port 28674 ... |
2020-07-18 16:29:18 |
| 45.147.161.135 | attack | 0,11-02/02 [bc01/m33] PostRequest-Spammer scoring: nairobi |
2020-07-18 16:00:43 |
| 122.252.234.203 | attackspambots | Auto Detect Rule! proto TCP (SYN), 122.252.234.203:59182->gjan.info:1433, len 40 |
2020-07-18 16:05:37 |
| 212.64.4.3 | attackbots | $f2bV_matches |
2020-07-18 16:21:00 |
| 61.177.172.102 | attackspambots | 2020-07-18T11:18:20.773426lavrinenko.info sshd[16805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.102 user=root 2020-07-18T11:18:22.657826lavrinenko.info sshd[16805]: Failed password for root from 61.177.172.102 port 38898 ssh2 2020-07-18T11:18:20.773426lavrinenko.info sshd[16805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.102 user=root 2020-07-18T11:18:22.657826lavrinenko.info sshd[16805]: Failed password for root from 61.177.172.102 port 38898 ssh2 2020-07-18T11:18:25.315358lavrinenko.info sshd[16805]: Failed password for root from 61.177.172.102 port 38898 ssh2 ... |
2020-07-18 16:19:00 |
| 114.141.55.178 | attackspambots | $f2bV_matches |
2020-07-18 15:48:12 |
| 70.36.100.156 | attack | Unauthorized access detected from black listed ip! |
2020-07-18 15:53:23 |
| 218.92.0.172 | attack | Jul 18 10:28:59 santamaria sshd\[26869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Jul 18 10:29:01 santamaria sshd\[26869\]: Failed password for root from 218.92.0.172 port 9654 ssh2 Jul 18 10:29:20 santamaria sshd\[26871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root ... |
2020-07-18 16:29:34 |
| 80.82.77.212 | attackspam |
|
2020-07-18 15:53:03 |
| 106.12.202.192 | attackbots | Jul 18 06:50:13 journals sshd\[36898\]: Invalid user tesla from 106.12.202.192 Jul 18 06:50:13 journals sshd\[36898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Jul 18 06:50:15 journals sshd\[36898\]: Failed password for invalid user tesla from 106.12.202.192 port 53200 ssh2 Jul 18 06:52:41 journals sshd\[37121\]: Invalid user rajeev from 106.12.202.192 Jul 18 06:52:41 journals sshd\[37121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 ... |
2020-07-18 16:29:50 |
| 120.86.127.45 | attack | Invalid user udk from 120.86.127.45 port 64345 |
2020-07-18 15:58:37 |
| 193.32.126.160 | attackspambots | Tried sshing with brute force. |
2020-07-18 16:08:49 |
| 52.240.54.178 | attack | Jul 18 10:10:31 vpn01 sshd[26863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.240.54.178 Jul 18 10:10:33 vpn01 sshd[26863]: Failed password for invalid user admin from 52.240.54.178 port 24584 ssh2 ... |
2020-07-18 16:12:51 |
| 183.163.205.37 | attackspam | (smtpauth) Failed SMTP AUTH login from 183.163.205.37 (CN/China/-): 5 in the last 3600 secs |
2020-07-18 16:26:59 |