City: Johannesburg
Region: Gauteng
Country: South Africa
Internet Service Provider: Telkom SA Ltd.
Hostname: unknown
Organization: Telkom-Internet
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attack | 2019-07-03 15:03:07 unexpected disconnection while reading SMTP command from (105-225-148-162.east.dsl.telkomsa.net) [105.225.13.116]:11320 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-03 15:03:43 unexpected disconnection while reading SMTP command from (105-225-148-162.east.dsl.telkomsa.net) [105.225.13.116]:36750 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-03 15:04:25 unexpected disconnection while reading SMTP command from (105-225-148-162.east.dsl.telkomsa.net) [105.225.13.116]:1247 I=[10.100.18.20]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=105.225.13.116 |
2019-07-04 00:48:12 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 105.225.130.220 | attack | Automatic report - Port Scan Attack |
2020-02-20 07:19:38 |
| 105.225.139.21 | attack | Automatic report - Port Scan Attack |
2019-11-06 13:57:29 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 105.225.13.116
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32392
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;105.225.13.116. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019070301 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 04 00:48:00 CST 2019
;; MSG SIZE rcvd: 118116.13.225.105.in-addr.arpa domain name pointer 13-225-105-116.north.dsl.telkomsa.net.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
116.13.225.105.in-addr.arpa name = 13-225-105-116.north.dsl.telkomsa.net.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.224.126.168 | attack | Sep 12 14:48:48 thevastnessof sshd[3452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.224.126.168 ... |
2019-09-13 04:25:15 |
| 34.80.37.61 | attackbots | Sep 12 16:01:10 plusreed sshd[10070]: Invalid user admin01 from 34.80.37.61 ... |
2019-09-13 04:07:44 |
| 209.59.174.4 | attackbots | Sep 12 21:02:07 ns37 sshd[7201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.59.174.4 |
2019-09-13 04:00:13 |
| 167.71.219.185 | attackbotsspam | Sep 12 08:25:47 vtv3 sshd\[22701\]: Invalid user redmine from 167.71.219.185 port 46326 Sep 12 08:25:47 vtv3 sshd\[22701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.219.185 Sep 12 08:25:49 vtv3 sshd\[22701\]: Failed password for invalid user redmine from 167.71.219.185 port 46326 ssh2 Sep 12 08:32:13 vtv3 sshd\[25856\]: Invalid user sftpuser from 167.71.219.185 port 52212 Sep 12 08:32:13 vtv3 sshd\[25856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.219.185 Sep 12 08:44:51 vtv3 sshd\[32550\]: Invalid user postgres from 167.71.219.185 port 35760 Sep 12 08:44:51 vtv3 sshd\[32550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.219.185 Sep 12 08:44:53 vtv3 sshd\[32550\]: Failed password for invalid user postgres from 167.71.219.185 port 35760 ssh2 Sep 12 08:51:16 vtv3 sshd\[3785\]: Invalid user update from 167.71.219.185 port 41622 Sep 12 08:51:16 vtv |
2019-09-13 04:12:07 |
| 193.169.255.131 | attackbots | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-12 17:14:40,750 INFO [amun_request_handler] PortScan Detected on Port: 25 (193.169.255.131) |
2019-09-13 03:48:28 |
| 82.221.128.73 | attack | 10443/tcp 20122/tcp 20022/tcp... [2019-07-12/09-11]227pkt,59pt.(tcp) |
2019-09-13 03:45:31 |
| 47.180.89.23 | attackspam | Sep 12 16:49:18 DAAP sshd[29182]: Invalid user 12 from 47.180.89.23 port 43132 ... |
2019-09-13 03:53:40 |
| 119.235.48.204 | attackbots | SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM - |
2019-09-13 03:49:00 |
| 157.245.10.184 | attackspambots | Sep 12 10:03:26 aiointranet sshd\[5317\]: Invalid user 321 from 157.245.10.184 Sep 12 10:03:26 aiointranet sshd\[5317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.10.184 Sep 12 10:03:27 aiointranet sshd\[5317\]: Failed password for invalid user 321 from 157.245.10.184 port 35366 ssh2 Sep 12 10:09:08 aiointranet sshd\[5843\]: Invalid user 123456 from 157.245.10.184 Sep 12 10:09:08 aiointranet sshd\[5843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.10.184 |
2019-09-13 04:12:57 |
| 139.59.13.223 | attack | $f2bV_matches |
2019-09-13 03:44:53 |
| 185.81.157.220 | attack | 445/tcp 445/tcp [2019-09-10/11]2pkt |
2019-09-13 04:11:06 |
| 190.196.190.242 | attackbots | Unauthorised access (Sep 12) SRC=190.196.190.242 LEN=40 TOS=0x10 PREC=0x40 TTL=53 ID=39345 TCP DPT=8080 WINDOW=65233 SYN Unauthorised access (Sep 12) SRC=190.196.190.242 LEN=40 TOS=0x10 PREC=0x40 TTL=53 ID=61200 TCP DPT=8080 WINDOW=51222 SYN Unauthorised access (Sep 11) SRC=190.196.190.242 LEN=40 TOS=0x10 PREC=0x40 TTL=53 ID=25109 TCP DPT=8080 WINDOW=65233 SYN |
2019-09-13 03:53:59 |
| 201.174.182.159 | attack | Brute force attempt |
2019-09-13 03:43:09 |
| 138.68.223.69 | attack | 20/tcp 27017/tcp 35025/tcp... [2019-09-08/11]4pkt,3pt.(tcp),1pt.(udp) |
2019-09-13 04:08:09 |
| 199.217.115.14 | attackbots | Invalid user tomcat from 199.217.115.14 port 34940 |
2019-09-13 03:56:47 |