City: unknown
Region: unknown
Country: South Africa
Internet Service Provider: Telkom SA Ltd.
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attack | Jul 1 04:17:17 server sshd[21771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.249.167.114 ... |
2019-07-01 11:28:43 |
| attack | Jun 28 15:29:27 penfold sshd[26383]: Invalid user ts3 from 102.249.167.114 port 3864 Jun 28 15:29:27 penfold sshd[26383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.249.167.114 Jun 28 15:29:30 penfold sshd[26383]: Failed password for invalid user ts3 from 102.249.167.114 port 3864 ssh2 Jun 28 15:29:30 penfold sshd[26383]: Received disconnect from 102.249.167.114 port 3864:11: Bye Bye [preauth] Jun 28 15:29:30 penfold sshd[26383]: Disconnected from 102.249.167.114 port 3864 [preauth] Jun 28 15:38:39 penfold sshd[26929]: Connection closed by 102.249.167.114 port 6508 [preauth] Jun 28 15:41:41 penfold sshd[27219]: Connection closed by 102.249.167.114 port 6027 [preauth] Jun 28 15:44:42 penfold sshd[27314]: Connection closed by 102.249.167.114 port 5585 [preauth] Jun 28 15:47:57 penfold sshd[27471]: Connection closed by 102.249.167.114 port 5143 [preauth] Jun 28 15:51:28 penfold sshd[27596]: Connection closed by 102.249.167......... ------------------------------- |
2019-06-29 09:04:49 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.249.167.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55254
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.249.167.114. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019062801 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 29 09:04:43 CST 2019
;; MSG SIZE rcvd: 119114.167.249.102.in-addr.arpa domain name pointer 8ta-249-167-114.telkomadsl.co.za.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
114.167.249.102.in-addr.arpa name = 8ta-249-167-114.telkomadsl.co.za.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 118.70.178.152 | attackbots | Sat, 20 Jul 2019 21:55:33 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 10:11:49 |
| 94.132.37.12 | attackbots | Jul 20 22:21:01 TORMINT sshd\[14066\]: Invalid user servers from 94.132.37.12 Jul 20 22:21:01 TORMINT sshd\[14066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.132.37.12 Jul 20 22:21:04 TORMINT sshd\[14066\]: Failed password for invalid user servers from 94.132.37.12 port 36618 ssh2 ... |
2019-07-21 10:23:29 |
| 177.7.64.156 | attackspam | Sat, 20 Jul 2019 21:55:44 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 09:46:15 |
| 14.183.6.18 | attack | Sat, 20 Jul 2019 21:55:39 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 09:59:19 |
| 185.205.239.226 | attackspam | Sat, 20 Jul 2019 21:55:35 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 10:06:17 |
| 95.67.119.81 | attack | Sat, 20 Jul 2019 21:55:40 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 09:55:55 |
| 125.26.23.33 | attackspambots | Sat, 20 Jul 2019 21:55:26 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 10:29:18 |
| 184.22.113.151 | attackspam | Sat, 20 Jul 2019 21:55:38 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 09:59:42 |
| 101.99.13.17 | attackbotsspam | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 20:46:34,588 INFO [amun_request_handler] PortScan Detected on Port: 445 (101.99.13.17) |
2019-07-21 09:55:33 |
| 37.6.202.227 | attack | Sat, 20 Jul 2019 21:55:37 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 10:03:25 |
| 195.72.230.190 | attackspambots | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 20:45:54,674 INFO [amun_request_handler] PortScan Detected on Port: 445 (195.72.230.190) |
2019-07-21 10:18:54 |
| 5.1.54.8 | attackspam | Sat, 20 Jul 2019 21:55:43 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 09:49:41 |
| 221.162.255.78 | attackspambots | Jul 21 02:12:29 MK-Soft-VM7 sshd\[29067\]: Invalid user demouser from 221.162.255.78 port 47230 Jul 21 02:12:29 MK-Soft-VM7 sshd\[29067\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.162.255.78 Jul 21 02:12:30 MK-Soft-VM7 sshd\[29067\]: Failed password for invalid user demouser from 221.162.255.78 port 47230 ssh2 ... |
2019-07-21 10:18:18 |
| 94.190.187.155 | attackbotsspam | Sat, 20 Jul 2019 21:55:25 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 10:33:32 |
| 180.246.98.175 | attackspambots | Sat, 20 Jul 2019 21:55:41 +0000 likely compromised host or open proxy. ddos rate spidering |
2019-07-21 09:53:42 |