City: unknown
Region: unknown
Country: Indonesia
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 39.229.197.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 931
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;39.229.197.125. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012201 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 04:57:50 CST 2025
;; MSG SIZE rcvd: 107Host 125.197.229.39.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 125.197.229.39.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 60.191.66.222 | attackbotsspam | [Tue Feb 18 03:30:13.580508 2020] [:error] [pid 23895:tid 140024737482496] [client 60.191.66.222:55068] [client 60.191.66.222] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/manager/html"] [unique_id "Xkr31TlGuh6-3HVBtJy1@gAAAHI"] ... |
2020-02-18 05:29:58 |
| 213.238.246.156 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2020-02-18 05:06:22 |
| 45.17.160.244 | attackbots | 2020-02-17T19:28:00.211070ns386461 sshd\[3800\]: Invalid user testing from 45.17.160.244 port 44980 2020-02-17T19:28:00.215652ns386461 sshd\[3800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45-17-160-244.lightspeed.tukrga.sbcglobal.net 2020-02-17T19:28:02.185789ns386461 sshd\[3800\]: Failed password for invalid user testing from 45.17.160.244 port 44980 ssh2 2020-02-17T19:48:25.582021ns386461 sshd\[22430\]: Invalid user rob from 45.17.160.244 port 45038 2020-02-17T19:48:25.586856ns386461 sshd\[22430\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45-17-160-244.lightspeed.tukrga.sbcglobal.net ... |
2020-02-18 05:11:12 |
| 175.138.53.38 | attackspambots | port scan and connect, tcp 23 (telnet) |
2020-02-18 05:14:13 |
| 94.177.250.221 | attackbotsspam | $f2bV_matches |
2020-02-18 05:09:26 |
| 138.68.243.208 | attackspam | 2019-12-28T06:00:24.757900suse-nuc sshd[23524]: Invalid user flashx from 138.68.243.208 port 41920 ... |
2020-02-18 05:12:54 |
| 91.245.225.98 | attack | Feb 17 22:10:05 mout sshd[6980]: Invalid user bitnami@123 from 91.245.225.98 port 35192 |
2020-02-18 05:15:33 |
| 106.13.15.122 | attackbots | 2019-10-27T09:30:58.766331suse-nuc sshd[20188]: Invalid user fq from 106.13.15.122 port 49212 ... |
2020-02-18 05:25:12 |
| 131.0.31.126 | attack | Unauthorized connection attempt from IP address 131.0.31.126 on Port 445(SMB) |
2020-02-18 05:31:00 |
| 113.178.194.65 | attack | Unauthorized connection attempt from IP address 113.178.194.65 on Port 445(SMB) |
2020-02-18 05:07:35 |
| 213.109.235.231 | attackbots | IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking. |
2020-02-18 05:05:37 |
| 85.187.244.12 | attackspam | Unauthorized connection attempt from IP address 85.187.244.12 on Port 445(SMB) |
2020-02-18 05:15:52 |
| 165.227.93.39 | attackbotsspam | SSH login attempts. |
2020-02-18 05:05:07 |
| 66.181.161.78 | attackspam | Unauthorized connection attempt from IP address 66.181.161.78 on Port 445(SMB) |
2020-02-18 05:38:11 |
| 36.85.3.149 | attackbots | Unauthorized connection attempt from IP address 36.85.3.149 on Port 445(SMB) |
2020-02-18 05:39:14 |