City: unknown
Region: unknown
Country: Taiwan (Province of China)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.72.38.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48896
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;203.72.38.160. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021401 1800 900 604800 86400
;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 15 10:13:48 CST 2025
;; MSG SIZE rcvd: 106160.38.72.203.in-addr.arpa domain name pointer tpe203-160.adsl.dynamic.nctu.edu.tw.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
160.38.72.203.in-addr.arpa name = tpe203-160.adsl.dynamic.nctu.edu.tw.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.197.213.233 | attackbots | Aug 26 11:50:40 marvibiene sshd[2226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 Aug 26 11:50:42 marvibiene sshd[2226]: Failed password for invalid user admin from 138.197.213.233 port 48982 ssh2 |
2020-08-26 18:18:14 |
| 185.151.174.127 | attackspambots | trying to access non-authorized port |
2020-08-26 18:32:10 |
| 106.13.184.128 | attackspambots | Aug 12 19:45:09 ms-srv sshd[20728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.184.128 user=root Aug 12 19:45:11 ms-srv sshd[20728]: Failed password for invalid user root from 106.13.184.128 port 41716 ssh2 |
2020-08-26 18:23:39 |
| 5.62.20.22 | attackbots | 1,42-02/04 [bc01/m65] PostRequest-Spammer scoring: berlin |
2020-08-26 18:44:11 |
| 111.93.235.74 | attack | Aug 26 03:02:44 mockhub sshd[8240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.235.74 Aug 26 03:02:47 mockhub sshd[8240]: Failed password for invalid user teamspeak from 111.93.235.74 port 15070 ssh2 ... |
2020-08-26 18:12:58 |
| 66.249.71.88 | attack | [Wed Aug 26 10:51:02.074181 2020] [:error] [pid 30864:tid 139707023353600] [client 66.249.71.88:52018] [client 66.249.71.88] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-categories/3961-klimatologi/prakiraan-klimatologi/prakiraan-dasarian/prakiraan-dasarian-daerah-potensi-banjir/prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur/prakiraan-dasarian-daerah-potensi-banjir-di-p ... |
2020-08-26 18:12:04 |
| 119.45.54.166 | attack | Invalid user temp from 119.45.54.166 port 45638 |
2020-08-26 18:35:35 |
| 37.140.152.226 | attack | (mod_security) mod_security (id:210740) triggered by 37.140.152.226 (GB/United Kingdom/37-140-152-226.s.yandex.com): 5 in the last 3600 secs |
2020-08-26 18:45:38 |
| 46.151.211.66 | attackspambots | $f2bV_matches |
2020-08-26 18:15:04 |
| 54.37.65.3 | attack | Aug 26 08:50:22 ns382633 sshd\[24621\]: Invalid user laurent from 54.37.65.3 port 34224 Aug 26 08:50:22 ns382633 sshd\[24621\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.65.3 Aug 26 08:50:24 ns382633 sshd\[24621\]: Failed password for invalid user laurent from 54.37.65.3 port 34224 ssh2 Aug 26 08:59:49 ns382633 sshd\[25791\]: Invalid user nat from 54.37.65.3 port 44390 Aug 26 08:59:49 ns382633 sshd\[25791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.65.3 |
2020-08-26 18:09:04 |
| 106.38.33.70 | attackbotsspam | 2020-08-26T05:48:48.7929541495-001 sshd[58130]: Failed password for root from 106.38.33.70 port 40070 ssh2 2020-08-26T05:51:36.8748491495-001 sshd[58287]: Invalid user ken from 106.38.33.70 port 45588 2020-08-26T05:51:36.8782981495-001 sshd[58287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.38.33.70 2020-08-26T05:51:36.8748491495-001 sshd[58287]: Invalid user ken from 106.38.33.70 port 45588 2020-08-26T05:51:38.7207051495-001 sshd[58287]: Failed password for invalid user ken from 106.38.33.70 port 45588 ssh2 2020-08-26T05:54:24.2353001495-001 sshd[58389]: Invalid user cyril from 106.38.33.70 port 51028 ... |
2020-08-26 18:24:40 |
| 206.189.181.12 | attackbots | Brute-Force |
2020-08-26 18:19:49 |
| 195.54.160.183 | attack | [MK-VM6] SSH login failed |
2020-08-26 18:39:16 |
| 218.104.225.140 | attackbots | Aug 26 12:24:53 cho sshd[1662281]: Invalid user jenkins from 218.104.225.140 port 46382 Aug 26 12:24:53 cho sshd[1662281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.104.225.140 Aug 26 12:24:53 cho sshd[1662281]: Invalid user jenkins from 218.104.225.140 port 46382 Aug 26 12:24:55 cho sshd[1662281]: Failed password for invalid user jenkins from 218.104.225.140 port 46382 ssh2 Aug 26 12:28:32 cho sshd[1662468]: Invalid user oracle from 218.104.225.140 port 31246 ... |
2020-08-26 18:37:44 |
| 186.226.216.104 | attackbotsspam | srvr2: (mod_security) mod_security (id:920350) triggered by 186.226.216.104 (BR/-/static-104-216-226-186.8bit.net.br): 1 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/26 05:50:19 [error] 125640#0: *142698 [client 186.226.216.104] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159841381924.516445"] [ref "o0,15v21,15"], client: 186.226.216.104, [redacted] request: "GET / HTTP/1.1" [redacted] |
2020-08-26 18:42:08 |