City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 28.14.44.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58578
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;28.14.44.66. IN A
;; AUTHORITY SECTION:
. 254 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023042901 1800 900 604800 86400
;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 30 08:30:39 CST 2023
;; MSG SIZE rcvd: 104Host 66.44.14.28.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 66.44.14.28.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 201.17.130.197 | attack | Dec 8 12:27:02 server sshd\[702\]: Invalid user test2 from 201.17.130.197 Dec 8 12:27:02 server sshd\[702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.17.130.197 Dec 8 12:27:04 server sshd\[702\]: Failed password for invalid user test2 from 201.17.130.197 port 45873 ssh2 Dec 8 12:44:34 server sshd\[5715\]: Invalid user nachtsheim from 201.17.130.197 Dec 8 12:44:34 server sshd\[5715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.17.130.197 ... |
2019-12-08 18:00:34 |
| 47.111.217.17 | attackspambots | Host Scan |
2019-12-08 18:01:03 |
| 88.214.26.8 | attackbotsspam | UTC: 2019-12-07 pkts: 3 port: 22/tcp |
2019-12-08 17:56:08 |
| 212.50.15.18 | attackbots | Brute force attempt |
2019-12-08 18:18:58 |
| 221.195.189.154 | attack | fail2ban |
2019-12-08 17:45:43 |
| 191.54.4.162 | attackbotsspam | Automatic report - Port Scan Attack |
2019-12-08 17:56:59 |
| 210.18.182.232 | attackspam | Dec 8 11:58:00 server sshd\[24237\]: Invalid user asfg from 210.18.182.232 Dec 8 11:58:00 server sshd\[24237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.18.182.232 Dec 8 11:58:02 server sshd\[24237\]: Failed password for invalid user asfg from 210.18.182.232 port 35636 ssh2 Dec 8 12:08:49 server sshd\[27316\]: Invalid user villanueva from 210.18.182.232 Dec 8 12:08:50 server sshd\[27316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.18.182.232 ... |
2019-12-08 18:23:16 |
| 51.158.98.121 | attack | Automatic report - XMLRPC Attack |
2019-12-08 18:20:00 |
| 138.94.114.238 | attackspambots | Dec 8 10:46:48 microserver sshd[50587]: Invalid user pico from 138.94.114.238 port 46878 Dec 8 10:46:48 microserver sshd[50587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.114.238 Dec 8 10:46:50 microserver sshd[50587]: Failed password for invalid user pico from 138.94.114.238 port 46878 ssh2 Dec 8 10:53:05 microserver sshd[51502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.114.238 user=uucp Dec 8 10:53:07 microserver sshd[51502]: Failed password for uucp from 138.94.114.238 port 45000 ssh2 Dec 8 11:05:42 microserver sshd[53695]: Invalid user hay from 138.94.114.238 port 41250 Dec 8 11:05:42 microserver sshd[53695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.114.238 Dec 8 11:05:44 microserver sshd[53695]: Failed password for invalid user hay from 138.94.114.238 port 41250 ssh2 Dec 8 11:11:58 microserver sshd[54518]: pam_unix(sshd:auth): authentic |
2019-12-08 17:58:20 |
| 66.249.66.144 | attack | Automatic report - Banned IP Access |
2019-12-08 18:16:43 |
| 49.234.42.79 | attackspam | Dec 7 22:26:07 auw2 sshd\[20899\]: Invalid user 123 from 49.234.42.79 Dec 7 22:26:07 auw2 sshd\[20899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.42.79 Dec 7 22:26:09 auw2 sshd\[20899\]: Failed password for invalid user 123 from 49.234.42.79 port 35516 ssh2 Dec 7 22:33:01 auw2 sshd\[21521\]: Invalid user jjjjjjjjj from 49.234.42.79 Dec 7 22:33:01 auw2 sshd\[21521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.42.79 |
2019-12-08 17:45:09 |
| 188.166.1.123 | attackspam | UTC: 2019-12-07 port: 221/tcp |
2019-12-08 17:44:26 |
| 118.24.99.161 | attackbotsspam | Dec 8 10:18:30 sso sshd[32506]: Failed password for root from 118.24.99.161 port 33138 ssh2 ... |
2019-12-08 18:12:58 |
| 188.166.239.106 | attackspam | Dec 8 11:12:43 ns381471 sshd[30045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.239.106 Dec 8 11:12:45 ns381471 sshd[30045]: Failed password for invalid user kincses from 188.166.239.106 port 57449 ssh2 |
2019-12-08 18:20:47 |
| 193.106.31.130 | attackspam | [Sun Dec 08 13:27:55.687057 2019] [:error] [pid 3145:tid 140218334148352] [client 193.106.31.130:63701] [client 193.106.31.130] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/administrator/index.php"] [unique_id "XeyX63kf9NG@cobJeqWM8gAAAAg"]
... |
2019-12-08 17:55:36 |