City: unknown
Region: unknown
Country: None
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.232.254.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3608
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;42.232.254.70. IN A
;; AUTHORITY SECTION:
. 289 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400
;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 17:31:49 CST 2022
;; MSG SIZE rcvd: 10670.254.232.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
70.254.232.42.in-addr.arpa name = hn.kd.ny.adsl.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 117.54.4.86 | attackspambots | Feb 3 06:50:59 legacy sshd[14926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.54.4.86 Feb 3 06:51:01 legacy sshd[14926]: Failed password for invalid user xdp from 117.54.4.86 port 58102 ssh2 Feb 3 06:54:48 legacy sshd[15152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.54.4.86 ... |
2020-02-03 13:58:27 |
| 142.4.211.200 | attackbotsspam | Automatic report - XMLRPC Attack |
2020-02-03 13:51:16 |
| 51.83.73.160 | attack | Feb 3 06:20:23 legacy sshd[12873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.73.160 Feb 3 06:20:25 legacy sshd[12873]: Failed password for invalid user weblogic from 51.83.73.160 port 54500 ssh2 Feb 3 06:23:23 legacy sshd[13158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.73.160 ... |
2020-02-03 13:42:46 |
| 162.245.81.36 | attackbots | Unauthorized connection attempt detected from IP address 162.245.81.36 to port 3389 [J] |
2020-02-03 13:53:18 |
| 145.239.95.241 | attackbots | Feb 3 10:16:44 gw1 sshd[1157]: Failed password for root from 145.239.95.241 port 45468 ssh2 ... |
2020-02-03 13:31:35 |
| 51.38.32.230 | attackspam | Feb 2 20:05:13 sachi sshd\[18723\]: Invalid user admin from 51.38.32.230 Feb 2 20:05:13 sachi sshd\[18723\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=server.ikadocteur.com Feb 2 20:05:15 sachi sshd\[18723\]: Failed password for invalid user admin from 51.38.32.230 port 33878 ssh2 Feb 2 20:08:00 sachi sshd\[18769\]: Invalid user sfukaya from 51.38.32.230 Feb 2 20:08:00 sachi sshd\[18769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=server.ikadocteur.com |
2020-02-03 14:11:17 |
| 49.235.90.120 | attackbots | Feb 3 00:10:11 plusreed sshd[31896]: Invalid user luke from 49.235.90.120 ... |
2020-02-03 13:43:14 |
| 196.192.110.64 | attackspam | Unauthorized connection attempt detected from IP address 196.192.110.64 to port 2220 [J] |
2020-02-03 13:39:39 |
| 198.91.86.83 | attackspam | Feb 3 05:15:21 *** sshd[26819]: User root from 198.91.86.83 not allowed because not listed in AllowUsers |
2020-02-03 13:34:11 |
| 221.228.242.13 | attack | Feb 3 05:54:46 ns3042688 courier-imapd: LOGIN FAILED, method=PLAIN, ip=\[::ffff:221.228.242.13\] ... |
2020-02-03 13:30:20 |
| 198.211.104.28 | attack | POST User-Agent: Mozilla/5.0 400 10087 - |
2020-02-03 14:01:11 |
| 104.245.145.53 | attackspambots | (From mattson.christal@gmail.com) "YOGI ON THE GREEN", A #1 INTERNATIONAL BEST-SELLING BOOK IN THREE CATEGORIES. Yogi on the Green was written to help golfers of all abilities, to hopefully improve on their physical and mental games. It has been proven in many Medical Journals, that when one improves on their physical being they also improve on their mental awareness, "Yogi On The Green" is a guide to improving Golfers physical and mental abilities, both on the Golf Course and perhaps even their daily lives. http://bit.ly/yogionthegreen |
2020-02-03 13:35:40 |
| 185.176.27.178 | attackspambots | Feb 3 06:50:34 h2177944 kernel: \[3907163.934999\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.178 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=28752 PROTO=TCP SPT=49146 DPT=16817 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 3 06:50:34 h2177944 kernel: \[3907163.935013\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.178 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=28752 PROTO=TCP SPT=49146 DPT=16817 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 3 06:51:23 h2177944 kernel: \[3907212.670717\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.178 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=27739 PROTO=TCP SPT=49146 DPT=19161 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 3 06:51:23 h2177944 kernel: \[3907212.670731\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.178 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=27739 PROTO=TCP SPT=49146 DPT=19161 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 3 06:53:37 h2177944 kernel: \[3907346.936789\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.178 DST=85. |
2020-02-03 13:54:44 |
| 27.224.137.232 | attackspambots | [Mon Feb 03 11:54:41.470846 2020] [:error] [pid 4380:tid 140558393710336] [client 27.224.137.232:55554] [client 27.224.137.232] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "XjenkQgZoeDztBDPYjXx0gAAAfM"]
... |
2020-02-03 13:35:16 |
| 134.209.158.0 | attack | RDP Bruteforce |
2020-02-03 13:42:11 |