City: Johannesburg
Region: Gauteng
Country: South Africa
Internet Service Provider: MTN
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 105.213.180.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34407
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;105.213.180.106. IN A
;; AUTHORITY SECTION:
. 556 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022030100 1800 900 604800 86400
;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 01 15:48:37 CST 2022
;; MSG SIZE rcvd: 108106.180.213.105.in-addr.arpa domain name pointer 105-213-180-106.access.mtnbusiness.co.za.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
106.180.213.105.in-addr.arpa name = 105-213-180-106.access.mtnbusiness.co.za.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 2.236.136.193 | attackspam | Automatic report - Port Scan Attack |
2020-08-01 02:55:34 |
| 91.82.85.85 | attackspam | (sshd) Failed SSH login from 91.82.85.85 (HU/Hungary/smtp.nyuszikaaaaa.hu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 31 16:45:39 amsweb01 sshd[26152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.82.85.85 user=root Jul 31 16:45:41 amsweb01 sshd[26152]: Failed password for root from 91.82.85.85 port 38322 ssh2 Jul 31 16:53:24 amsweb01 sshd[27364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.82.85.85 user=root Jul 31 16:53:25 amsweb01 sshd[27364]: Failed password for root from 91.82.85.85 port 35166 ssh2 Jul 31 16:56:49 amsweb01 sshd[27890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.82.85.85 user=root |
2020-08-01 02:59:41 |
| 194.152.42.132 | attackspambots | Unauthorized connection attempt from IP address 194.152.42.132 on Port 445(SMB) |
2020-08-01 02:39:59 |
| 118.24.151.254 | attackbots | Lines containing failures of 118.24.151.254 Jul 29 08:48:28 shared04 sshd[4719]: Invalid user caikj from 118.24.151.254 port 59132 Jul 29 08:48:28 shared04 sshd[4719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.151.254 Jul 29 08:48:30 shared04 sshd[4719]: Failed password for invalid user caikj from 118.24.151.254 port 59132 ssh2 Jul 29 08:48:30 shared04 sshd[4719]: Received disconnect from 118.24.151.254 port 59132:11: Bye Bye [preauth] Jul 29 08:48:30 shared04 sshd[4719]: Disconnected from invalid user caikj 118.24.151.254 port 59132 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=118.24.151.254 |
2020-08-01 02:45:26 |
| 87.245.129.114 | attackspam | Unauthorized connection attempt from IP address 87.245.129.114 on Port 445(SMB) |
2020-08-01 02:51:27 |
| 126.113.12.130 | attack | Unauthorized connection attempt from IP address 126.113.12.130 on Port 445(SMB) |
2020-08-01 02:29:10 |
| 42.194.158.215 | attackbotsspam | SSH/22 MH Probe, BF, Hack - |
2020-08-01 02:56:59 |
| 37.49.230.126 | attackspam | Jul 31 18:42:13 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=37.49.230.126 DST=79.143.186.54 LEN=52 TOS=0x02 PREC=0x00 TTL=122 ID=11465 DF PROTO=TCP SPT=62372 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Jul 31 18:42:16 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=37.49.230.126 DST=79.143.186.54 LEN=52 TOS=0x02 PREC=0x00 TTL=122 ID=11466 DF PROTO=TCP SPT=62372 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Jul 31 18:42:22 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=37.49.230.126 DST=79.143.186.54 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=11467 DF PROTO=TCP SPT=62372 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0 |
2020-08-01 02:31:20 |
| 197.52.20.230 | attackbots | Unauthorized connection attempt from IP address 197.52.20.230 on Port 445(SMB) |
2020-08-01 02:47:29 |
| 92.50.143.166 | attack | Unauthorized connection attempt from IP address 92.50.143.166 on Port 445(SMB) |
2020-08-01 02:48:07 |
| 49.235.149.108 | attack | Jul 31 20:07:04 hosting sshd[19290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.149.108 user=root Jul 31 20:07:06 hosting sshd[19290]: Failed password for root from 49.235.149.108 port 46386 ssh2 ... |
2020-08-01 02:24:02 |
| 119.226.77.246 | attackspam | Unauthorized connection attempt from IP address 119.226.77.246 on Port 445(SMB) |
2020-08-01 02:50:54 |
| 64.225.47.162 | attack | Jul 31 04:46:16 web1 sshd\[16628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.47.162 user=root Jul 31 04:46:18 web1 sshd\[16628\]: Failed password for root from 64.225.47.162 port 59014 ssh2 Jul 31 04:51:51 web1 sshd\[17006\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.47.162 user=root Jul 31 04:51:52 web1 sshd\[17006\]: Failed password for root from 64.225.47.162 port 53532 ssh2 Jul 31 04:55:14 web1 sshd\[17278\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.47.162 user=root |
2020-08-01 02:27:44 |
| 193.176.182.43 | attack | Bruteforce detected by fail2ban |
2020-08-01 02:39:00 |
| 124.232.133.205 | attackbotsspam | Jul 31 11:58:34 rush sshd[9118]: Failed password for root from 124.232.133.205 port 4611 ssh2 Jul 31 12:00:29 rush sshd[9144]: Failed password for root from 124.232.133.205 port 14356 ssh2 ... |
2020-08-01 02:40:47 |