City: unknown
Region: unknown
Country: Indonesia
Internet Service Provider: PT Fajar Techno System
Hostname: unknown
Organization: PT Fajar Techno System
Usage Type: Commercial
| Type | Details | Datetime |
|---|---|---|
| attack | A spam email was sent from this SMTP server. This kind of spam emails had the following features.: - They attempted to camouflage the SMTP server with a KDDI's legitimate server. - The domain of URLs in the messages was best-self.info (103.212.223.59). |
2019-11-17 06:01:31 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.121.43.21 | attackspambots | Unauthorized connection attempt detected from IP address 45.121.43.21 to port 23 |
2020-01-01 23:40:05 |
| 45.121.43.226 | attackbots | email spam |
2019-12-19 18:41:40 |
| 45.121.43.21 | attackspambots | email spam |
2019-11-05 22:13:22 |
| 45.121.43.226 | attackspam | proto=tcp . spt=42314 . dpt=25 . (listed on Github Combined on 3 lists ) (462) |
2019-07-14 00:09:30 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.121.43.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29476
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.121.43.4. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019060801 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 09 03:26:05 CST 2019
;; MSG SIZE rcvd: 115
Host 4.43.121.45.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 4.43.121.45.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 113.103.193.15 | attack | Sep 8 12:18:41 s64-1 sshd[10749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.103.193.15 Sep 8 12:18:43 s64-1 sshd[10749]: Failed password for invalid user hadoop from 113.103.193.15 port 1081 ssh2 Sep 8 12:28:37 s64-1 sshd[10841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.103.193.15 ... |
2019-09-08 18:54:31 |
| 183.91.87.242 | attackspam | 445/tcp 445/tcp 445/tcp... [2019-07-18/09-08]6pkt,1pt.(tcp) |
2019-09-08 17:56:03 |
| 123.125.71.72 | attackspambots | Request to REST API denied |
2019-09-08 18:43:35 |
| 213.32.91.37 | attack | Sep 8 00:05:22 php1 sshd\[21883\]: Invalid user iamroot from 213.32.91.37 Sep 8 00:05:22 php1 sshd\[21883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.91.37 Sep 8 00:05:24 php1 sshd\[21883\]: Failed password for invalid user iamroot from 213.32.91.37 port 44926 ssh2 Sep 8 00:09:55 php1 sshd\[22313\]: Invalid user password123 from 213.32.91.37 Sep 8 00:09:55 php1 sshd\[22313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.91.37 |
2019-09-08 18:12:53 |
| 106.12.12.7 | attack | Sep 8 11:16:14 server01 sshd\[8540\]: Invalid user hadoop from 106.12.12.7 Sep 8 11:16:14 server01 sshd\[8540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Sep 8 11:16:16 server01 sshd\[8540\]: Failed password for invalid user hadoop from 106.12.12.7 port 55106 ssh2 ... |
2019-09-08 18:22:42 |
| 223.252.6.13 | attackspambots | proto=tcp . spt=58592 . dpt=25 . (listed on Blocklist de Sep 07) (823) |
2019-09-08 17:53:40 |
| 34.94.105.181 | attackspambots | Sep 8 10:15:17 localhost sshd\[1491\]: Invalid user ubuntu from 34.94.105.181 port 34636 Sep 8 10:15:17 localhost sshd\[1491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.94.105.181 Sep 8 10:15:19 localhost sshd\[1491\]: Failed password for invalid user ubuntu from 34.94.105.181 port 34636 ssh2 |
2019-09-08 19:07:50 |
| 128.199.162.108 | attack | Reported by AbuseIPDB proxy server. |
2019-09-08 19:10:28 |
| 218.92.0.147 | attackbotsspam | 2019-09-08T08:43:29.003491abusebot-4.cloudsearch.cf sshd\[30743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.147 user=root |
2019-09-08 17:54:15 |
| 61.19.23.30 | attack | Sep 8 06:10:16 plusreed sshd[2494]: Invalid user 1234 from 61.19.23.30 ... |
2019-09-08 18:24:57 |
| 45.227.253.117 | attack | Sep 8 12:19:05 mail postfix/smtpd\[24301\]: warning: unknown\[45.227.253.117\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 12:19:14 mail postfix/smtpd\[26177\]: warning: unknown\[45.227.253.117\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 12:20:30 mail postfix/smtpd\[26179\]: warning: unknown\[45.227.253.117\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2019-09-08 18:46:22 |
| 84.55.90.177 | attackbots | 23/tcp 23/tcp 2323/tcp [2019-08-31/09-08]3pkt |
2019-09-08 18:52:13 |
| 104.152.168.16 | attackbots | WordPress login Brute force / Web App Attack on client site. |
2019-09-08 18:18:55 |
| 103.9.159.59 | attack | Sep 8 00:53:51 php1 sshd\[8805\]: Invalid user teamspeakpass from 103.9.159.59 Sep 8 00:53:51 php1 sshd\[8805\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.9.159.59 Sep 8 00:53:52 php1 sshd\[8805\]: Failed password for invalid user teamspeakpass from 103.9.159.59 port 60052 ssh2 Sep 8 00:59:56 php1 sshd\[9827\]: Invalid user sftpuser123 from 103.9.159.59 Sep 8 00:59:56 php1 sshd\[9827\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.9.159.59 |
2019-09-08 19:09:14 |
| 103.94.130.4 | attack | Sep 8 10:09:45 root sshd[10120]: Failed password for root from 103.94.130.4 port 59833 ssh2 Sep 8 10:26:38 root sshd[10243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.130.4 Sep 8 10:26:40 root sshd[10243]: Failed password for invalid user test from 103.94.130.4 port 53390 ssh2 ... |
2019-09-08 18:13:58 |