City: unknown
Region: unknown
Country: United States of America (the)
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 214.240.137.230
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53796
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;214.240.137.230. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025013101 1800 900 604800 86400
;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 01 02:35:52 CST 2025
;; MSG SIZE rcvd: 108b'Host 230.137.240.214.in-addr.arpa not found: 2(SERVFAIL)
'server can't find 214.240.137.230.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 190.78.205.114 | attack | 20/9/5@12:53:06: FAIL: Alarm-Intrusion address from=190.78.205.114 ... |
2020-09-06 21:27:43 |
| 165.90.3.122 | attack | [Sun Sep 06 03:13:25.153543 2020] [:error] [pid 2754:tid 140397330274048] [client 165.90.3.122:65500] [client 165.90.3.122] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "X1PxZdlmuncnyx65RuMHlQAAAGU"]
... |
2020-09-06 21:31:49 |
| 165.232.112.170 | attackspam | 2020-09-05T19:36:05.095721shield sshd\[32745\]: Invalid user servers from 165.232.112.170 port 55900 2020-09-05T19:36:05.105007shield sshd\[32745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.232.112.170 2020-09-05T19:36:06.796873shield sshd\[32745\]: Failed password for invalid user servers from 165.232.112.170 port 55900 ssh2 2020-09-05T19:36:43.956440shield sshd\[32767\]: Invalid user servers from 165.232.112.170 port 40820 2020-09-05T19:36:43.965182shield sshd\[32767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.232.112.170 |
2020-09-06 22:07:01 |
| 112.13.200.154 | attack | Sep 6 09:43:21 vps-51d81928 sshd[257760]: Invalid user admin from 112.13.200.154 port 4270 Sep 6 09:43:23 vps-51d81928 sshd[257760]: Failed password for invalid user admin from 112.13.200.154 port 4270 ssh2 Sep 6 09:45:59 vps-51d81928 sshd[257792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.13.200.154 user=root Sep 6 09:46:01 vps-51d81928 sshd[257792]: Failed password for root from 112.13.200.154 port 4271 ssh2 Sep 6 09:48:47 vps-51d81928 sshd[257826]: Invalid user admin from 112.13.200.154 port 4272 ... |
2020-09-06 21:33:48 |
| 164.163.25.207 | attackspam | Automatic report - Banned IP Access |
2020-09-06 22:04:36 |
| 222.186.175.212 | attackspambots | $f2bV_matches |
2020-09-06 22:10:06 |
| 138.122.97.118 | attackspambots | Sep 5 16:17:25 mailman postfix/smtpd[11570]: warning: unknown[138.122.97.118]: SASL PLAIN authentication failed: authentication failure |
2020-09-06 21:30:25 |
| 182.122.68.93 | attackspambots | Sep 4 18:37:38 www sshd[31209]: reveeclipse mapping checking getaddrinfo for hn.kd.ny.adsl [182.122.68.93] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 4 18:37:38 www sshd[31209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.122.68.93 user=r.r Sep 4 18:37:40 www sshd[31209]: Failed password for r.r from 182.122.68.93 port 8412 ssh2 Sep 4 18:37:40 www sshd[31209]: Received disconnect from 182.122.68.93: 11: Bye Bye [preauth] Sep 4 18:47:18 www sshd[31678]: reveeclipse mapping checking getaddrinfo for hn.kd.ny.adsl [182.122.68.93] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 4 18:47:18 www sshd[31678]: Invalid user admin from 182.122.68.93 Sep 4 18:47:18 www sshd[31678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.122.68.93 Sep 4 18:47:20 www sshd[31678]: Failed password for invalid user admin from 182.122.68.93 port 59448 ssh2 Sep 4 18:47:21 www sshd[31678]: Received disconnec........ ------------------------------- |
2020-09-06 21:42:53 |
| 185.220.101.203 | attackbotsspam | $f2bV_matches |
2020-09-06 22:05:00 |
| 14.160.52.58 | attack | Dovecot Invalid User Login Attempt. |
2020-09-06 21:56:13 |
| 201.57.40.70 | attackbots | Sep 6 16:00:20 marvibiene sshd[6831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.57.40.70 Sep 6 16:00:21 marvibiene sshd[6831]: Failed password for invalid user natsu from 201.57.40.70 port 39826 ssh2 |
2020-09-06 22:06:30 |
| 222.186.42.7 | attack | Sep 6 13:51:46 rush sshd[17538]: Failed password for root from 222.186.42.7 port 24464 ssh2 Sep 6 13:51:56 rush sshd[17540]: Failed password for root from 222.186.42.7 port 25906 ssh2 ... |
2020-09-06 21:57:43 |
| 157.230.42.11 | attack | Sep 5 18:34:24 ns382633 sshd\[28910\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.11 user=root Sep 5 18:34:26 ns382633 sshd\[28910\]: Failed password for root from 157.230.42.11 port 56584 ssh2 Sep 5 18:59:20 ns382633 sshd\[501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.11 user=root Sep 5 18:59:22 ns382633 sshd\[501\]: Failed password for root from 157.230.42.11 port 47282 ssh2 Sep 5 19:21:29 ns382633 sshd\[4417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.11 user=root |
2020-09-06 21:40:30 |
| 157.230.2.208 | attackbots | $f2bV_matches |
2020-09-06 21:36:49 |
| 187.85.29.54 | attack |
|
2020-09-06 22:01:18 |