City: unknown
Region: unknown
Country: None
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.248.34.219 | attack | 2020/06/30 14:47:45 [error] 20617#20617: *3577399 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 104.248.34.219, server: _, request: "GET /wp-login.php HTTP/1.1", host: "1-2-dsl.net" 2020/06/30 14:47:45 [error] 20617#20617: *3577400 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 104.248.34.219, server: _, request: "GET /wp-login.php HTTP/1.1", host: "1-2-dsl.org" |
2020-07-01 21:38:38 |
| 104.248.34.219 | attackbots | 104.248.34.219 - - [14/Jun/2020:14:43:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 11040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/Jun/2020:14:47:37 +0200] "POST /xmlrpc.php HTTP/1.1" 403 9565 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-06-14 23:57:53 |
| 104.248.34.219 | attackbotsspam | 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2009 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ... |
2020-05-15 04:04:32 |
| 104.248.34.192 | attackbotsspam | Feb 9 08:59:09 MK-Soft-VM8 sshd[28974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Feb 9 08:59:11 MK-Soft-VM8 sshd[28974]: Failed password for invalid user phi from 104.248.34.192 port 45958 ssh2 ... |
2020-02-09 16:23:24 |
| 104.248.34.192 | attackbotsspam | Feb 9 00:22:32 game-panel sshd[7635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Feb 9 00:22:33 game-panel sshd[7635]: Failed password for invalid user zql from 104.248.34.192 port 38890 ssh2 Feb 9 00:25:22 game-panel sshd[7754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 |
2020-02-09 08:33:10 |
| 104.248.34.192 | attackspambots | Unauthorized connection attempt detected from IP address 104.248.34.192 to port 2220 [J] |
2020-02-06 02:07:07 |
| 104.248.34.192 | attackspam | Jan 27 08:35:41 ns381471 sshd[19625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Jan 27 08:35:44 ns381471 sshd[19625]: Failed password for invalid user es from 104.248.34.192 port 57222 ssh2 |
2020-01-27 17:10:59 |
| 104.248.34.192 | attackspam | Unauthorized connection attempt detected from IP address 104.248.34.192 to port 2220 [J] |
2020-01-22 00:53:16 |
| 104.248.34.192 | attack | Brute SSH |
2020-01-14 20:41:14 |
| 104.248.34.192 | attackspambots | SSH-BruteForce |
2020-01-07 08:47:43 |
| 104.248.34.192 | attack | Dec 25 15:34:32 localhost sshd[34987]: Failed password for invalid user lexst from 104.248.34.192 port 40436 ssh2 Dec 25 15:52:01 localhost sshd[35954]: Failed password for invalid user petryna from 104.248.34.192 port 53592 ssh2 Dec 25 15:54:27 localhost sshd[36194]: Failed password for invalid user bagnato from 104.248.34.192 port 47490 ssh2 |
2019-12-26 01:05:58 |
| 104.248.34.192 | attack | [ssh] SSH attack |
2019-12-19 02:15:32 |
| 104.248.34.192 | attack | Dec 17 11:46:50 php1 sshd\[24898\]: Invalid user roberts from 104.248.34.192 Dec 17 11:46:50 php1 sshd\[24898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Dec 17 11:46:52 php1 sshd\[24898\]: Failed password for invalid user roberts from 104.248.34.192 port 32942 ssh2 Dec 17 11:52:58 php1 sshd\[25510\]: Invalid user admin from 104.248.34.192 Dec 17 11:52:58 php1 sshd\[25510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 |
2019-12-18 06:17:22 |
| 104.248.34.192 | attackbots | Dec 13 05:50:10 localhost sshd\[1358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 user=root Dec 13 05:50:12 localhost sshd\[1358\]: Failed password for root from 104.248.34.192 port 48630 ssh2 Dec 13 05:56:09 localhost sshd\[1995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 user=root |
2019-12-13 13:15:04 |
| 104.248.34.43 | attackspambots | Port scan attempt detected by AWS-CCS, CTS, India |
2019-07-15 18:04:26 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.34.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.248.34.166. IN A
;; AUTHORITY SECTION:
. 560 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022030301 1800 900 604800 86400
;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 02:02:18 CST 2022
;; MSG SIZE rcvd: 107
Host 166.34.248.104.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 166.34.248.104.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 190.85.71.129 | attack | May 11 19:18:40 vps647732 sshd[2697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.71.129 May 11 19:18:42 vps647732 sshd[2697]: Failed password for invalid user test from 190.85.71.129 port 53893 ssh2 ... |
2020-05-12 01:21:20 |
| 106.13.99.51 | attack | 2020-05-11T16:56:57.979579shield sshd\[5007\]: Invalid user operador from 106.13.99.51 port 46596 2020-05-11T16:56:57.983515shield sshd\[5007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.51 2020-05-11T16:56:59.721206shield sshd\[5007\]: Failed password for invalid user operador from 106.13.99.51 port 46596 ssh2 2020-05-11T17:01:02.128837shield sshd\[5877\]: Invalid user share from 106.13.99.51 port 41820 2020-05-11T17:01:02.132561shield sshd\[5877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.51 |
2020-05-12 01:09:15 |
| 196.21.175.54 | attackspam | Invalid user test2 from 196.21.175.54 port 55056 |
2020-05-12 01:26:35 |
| 14.183.204.225 | attackbotsspam | Automatic report - SSH Brute-Force Attack |
2020-05-12 01:12:05 |
| 14.165.210.61 | attackbots | Lines containing failures of 14.165.210.61 May 11 13:51:06 shared06 sshd[14029]: Did not receive identification string from 14.165.210.61 port 52339 May 11 13:51:10 shared06 sshd[14032]: Invalid user ubnt from 14.165.210.61 port 52450 May 11 13:51:10 shared06 sshd[14032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.165.210.61 May 11 13:51:13 shared06 sshd[14032]: Failed password for invalid user ubnt from 14.165.210.61 port 52450 ssh2 May 11 13:51:13 shared06 sshd[14032]: Connection closed by invalid user ubnt 14.165.210.61 port 52450 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.165.210.61 |
2020-05-12 01:31:30 |
| 123.31.32.150 | attack | SSH brute-force attempt |
2020-05-12 01:45:52 |
| 222.186.15.18 | attackspambots | May 11 12:39:46 ny01 sshd[25400]: Failed password for root from 222.186.15.18 port 21384 ssh2 May 11 12:42:44 ny01 sshd[25747]: Failed password for root from 222.186.15.18 port 19816 ssh2 |
2020-05-12 01:03:14 |
| 159.203.112.185 | attackspam | May 11 16:12:40 v22018086721571380 sshd[2241]: Failed password for invalid user vsb_pgsql from 159.203.112.185 port 56088 ssh2 |
2020-05-12 01:20:15 |
| 82.125.161.192 | attackbots | May 11 13:46:10 xxxx sshd[11890]: Invalid user pi from 82.125.161.192 May 11 13:46:10 xxxx sshd[11888]: Invalid user pi from 82.125.161.192 May 11 13:46:10 xxxx sshd[11890]: Failed none for invalid user pi from 82.125.161.192 port 35676 ssh2 May 11 13:46:10 xxxx sshd[11888]: Failed none for invalid user pi from 82.125.161.192 port 35670 ssh2 May 11 13:46:12 xxxx sshd[11888]: Failed password for invalid user pi from 82.125.161.192 port 35670 ssh2 May 11 13:46:12 xxxx sshd[11890]: Failed password for invalid user pi from 82.125.161.192 port 35676 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=82.125.161.192 |
2020-05-12 01:13:42 |
| 202.69.56.214 | attackbotsspam | [Mon May 11 07:24:18 2020] - Syn Flood From IP: 202.69.56.214 Port: 62816 |
2020-05-12 01:38:34 |
| 174.138.40.149 | attackbots | 6379/tcp [2020-05-11]1pkt |
2020-05-12 01:47:49 |
| 77.232.100.253 | attack | May 11 15:08:45 vlre-nyc-1 sshd\[24391\]: Invalid user administrator from 77.232.100.253 May 11 15:08:45 vlre-nyc-1 sshd\[24391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.232.100.253 May 11 15:08:47 vlre-nyc-1 sshd\[24391\]: Failed password for invalid user administrator from 77.232.100.253 port 43266 ssh2 May 11 15:13:01 vlre-nyc-1 sshd\[24477\]: Invalid user joan from 77.232.100.253 May 11 15:13:01 vlre-nyc-1 sshd\[24477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.232.100.253 ... |
2020-05-12 01:15:53 |
| 198.108.66.229 | attack | May 11 14:04:45 debian-2gb-nbg1-2 kernel: \[11457552.785132\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.108.66.229 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=32 ID=42934 PROTO=TCP SPT=21149 DPT=9180 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-05-12 01:06:31 |
| 46.242.61.39 | attack | 20/5/11@08:04:09: FAIL: Alarm-Network address from=46.242.61.39 ... |
2020-05-12 01:46:33 |
| 106.75.157.90 | attackbotsspam | May 11 14:04:53 sxvn sshd[686883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.157.90 |
2020-05-12 00:59:28 |