City: Los Angeles
Region: California
Country: United States
Internet Service Provider: Zenlayer Inc
Hostname: unknown
Organization: Zenlayer Inc
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspambots |
|
2020-09-19 23:04:33 |
| attack | Hit honeypot r. |
2020-09-19 14:53:50 |
| attack | HTTP_USER_AGENT Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
2020-09-19 06:30:40 |
| attack | IP 128.14.134.170 attacked honeypot on port: 80 at 7/7/2020 8:40:24 PM |
2020-07-08 18:50:36 |
| attackbotsspam | Fail2Ban Ban Triggered |
2020-06-26 19:43:27 |
| attackbotsspam | Automatic report - Banned IP Access |
2020-05-30 02:53:29 |
| attackbots | T: f2b 404 5x |
2020-05-21 19:42:01 |
| attackspambots | 128.14.134.170 - - [09/Apr/2020:14:03:00 +0300] "GET /solr/ HTTP/1.1" 404 1391 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" |
2020-04-10 02:58:39 |
| attackbots | inbound access attempt |
2020-04-07 14:46:55 |
| attack | Tried to access a non-existent page https://74.124.202.33/cgi-bin/config.exp IP: 128.14.134.170 Hostname: survey.internet-census.org |
2020-04-07 05:48:26 |
| attack | Malicious brute force vulnerability hacking attacks |
2020-03-31 17:25:30 |
| attackspam | scan r |
2020-03-22 18:58:45 |
| attack | Unauthorized connection attempt detected from IP address 128.14.134.170 to port 21 [J] |
2020-01-26 16:53:42 |
| attackspam | Unauthorized connection attempt detected from IP address 128.14.134.170 to port 8080 |
2020-01-11 14:54:33 |
| attackspambots | [09/Jan/2020:01:30:25 -0500] "GET / HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" |
2020-01-11 01:32:27 |
| attackspam | ... |
2019-12-26 03:15:56 |
| attackspambots | scan z |
2019-12-22 15:48:32 |
| attackspambots | port scan and connect, tcp 8443 (https-alt) |
2019-11-28 09:22:41 |
| attackbots | Malicious brute force vulnerability hacking attacks |
2019-11-05 03:04:00 |
| attack | port scan and connect, tcp 80 (http) |
2019-11-03 04:51:16 |
| attackbotsspam | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-27 19:04:55,943 INFO [amun_request_handler] PortScan Detected on Port: 8443 (128.14.134.170) |
2019-08-28 12:03:57 |
| attack | GET /secure/ContactAdministrators!default.jspa HTTP/1.1 |
2019-08-09 18:45:44 |
| attackspambots | port scan and connect, tcp 80 (http) |
2019-08-08 17:13:56 |
| attackbots | Port scan and direct access per IP instead of hostname |
2019-07-28 16:50:58 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 128.14.134.58 | attackspambots | " " |
2020-09-15 22:32:38 |
| 128.14.134.58 | attackspambots | " " |
2020-09-15 14:29:16 |
| 128.14.134.58 | attack | " " |
2020-09-15 06:38:28 |
| 128.14.134.134 | attackbots |
|
2020-09-15 01:27:48 |
| 128.14.134.134 | attack | SIP/5060 Probe, BF, Hack - |
2020-09-14 17:11:10 |
| 128.14.134.134 | attackbots |
|
2020-09-02 22:00:09 |
| 128.14.134.134 | attack | 2020-09-01 04:45 Unauthorized connection attempt to IMAP/POP |
2020-09-02 13:51:33 |
| 128.14.134.134 | attackbotsspam |
|
2020-09-02 06:52:11 |
| 128.14.134.134 | attackspam | [20/Aug/2020:12:41:42 -0400] "GET / HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" [20/Aug/2020:12:41:43 -0400] "GET / HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" |
2020-08-22 01:50:24 |
| 128.14.134.134 | attack | HTTP_USER_AGENT Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
2020-08-12 07:37:21 |
| 128.14.134.134 | attackspambots | Fail2Ban Ban Triggered |
2020-07-15 02:35:59 |
| 128.14.134.134 | attack | Automatic report - Banned IP Access |
2020-06-15 21:05:27 |
| 128.14.134.134 | attackspambots | Blocked until: 2020.07.19 18:20:04 TCPMSS DPT=8090 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=42663 PROTO=TCP WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-06-03 04:05:01 |
| 128.14.134.134 | attack | nginx/IPasHostname/a4a6f |
2020-06-02 15:32:40 |
| 128.14.134.134 | attackspam | port scan and connect, tcp 443 (https) |
2020-05-22 14:30:28 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.14.134.170
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43123
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.14.134.170. IN A
;; AUTHORITY SECTION:
. 2913 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019041001 1800 900 604800 86400
;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 11 02:15:05 +08 2019
;; MSG SIZE rcvd: 118
Host 170.134.14.128.in-addr.arpa not found: 2(SERVFAIL)
;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 170.134.14.128.in-addr.arpa: SERVFAIL
| IP | Type | Details | Datetime |
|---|---|---|---|
| 134.209.245.44 | attack | Jun 9 09:31:30 * sshd[31414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.245.44 Jun 9 09:31:31 * sshd[31414]: Failed password for invalid user tssound from 134.209.245.44 port 47270 ssh2 |
2020-06-09 15:50:40 |
| 183.63.87.236 | attackbots | 2020-06-09T03:44:14.095337abusebot.cloudsearch.cf sshd[27651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.63.87.236 user=root 2020-06-09T03:44:15.837660abusebot.cloudsearch.cf sshd[27651]: Failed password for root from 183.63.87.236 port 33258 ssh2 2020-06-09T03:48:55.704779abusebot.cloudsearch.cf sshd[28019]: Invalid user ine from 183.63.87.236 port 57702 2020-06-09T03:48:55.712480abusebot.cloudsearch.cf sshd[28019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.63.87.236 2020-06-09T03:48:55.704779abusebot.cloudsearch.cf sshd[28019]: Invalid user ine from 183.63.87.236 port 57702 2020-06-09T03:48:57.695941abusebot.cloudsearch.cf sshd[28019]: Failed password for invalid user ine from 183.63.87.236 port 57702 ssh2 2020-06-09T03:52:31.413738abusebot.cloudsearch.cf sshd[28241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.63.87.236 user=root 2020- ... |
2020-06-09 15:59:45 |
| 116.1.149.196 | attack | Jun 9 07:15:47 nextcloud sshd\[20903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 user=root Jun 9 07:15:48 nextcloud sshd\[20903\]: Failed password for root from 116.1.149.196 port 55184 ssh2 Jun 9 07:20:00 nextcloud sshd\[25291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 user=root |
2020-06-09 15:47:52 |
| 106.12.178.228 | attack | (sshd) Failed SSH login from 106.12.178.228 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 9 05:44:23 amsweb01 sshd[31799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.178.228 user=admin Jun 9 05:44:24 amsweb01 sshd[31799]: Failed password for admin from 106.12.178.228 port 59828 ssh2 Jun 9 05:49:56 amsweb01 sshd[32728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.178.228 user=root Jun 9 05:49:58 amsweb01 sshd[32728]: Failed password for root from 106.12.178.228 port 57494 ssh2 Jun 9 05:52:35 amsweb01 sshd[925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.178.228 user=root |
2020-06-09 15:58:29 |
| 40.65.99.119 | attackspambots | Jun 9 09:40:19 server sshd[30301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.65.99.119 Jun 9 09:40:21 server sshd[30301]: Failed password for invalid user awanjiru from 40.65.99.119 port 53744 ssh2 Jun 9 09:45:18 server sshd[30709]: Failed password for root from 40.65.99.119 port 56698 ssh2 ... |
2020-06-09 15:56:35 |
| 134.209.178.109 | attackbots | SSH Brute Force |
2020-06-09 15:24:43 |
| 123.206.190.82 | attackspambots | SSH login attempts. |
2020-06-09 15:46:00 |
| 195.54.161.41 | attackspambots | Jun 9 09:04:52 debian-2gb-nbg1-2 kernel: \[13945028.108301\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.161.41 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=15088 PROTO=TCP SPT=42792 DPT=4943 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-06-09 15:42:45 |
| 62.234.167.126 | attackbots | Jun 9 05:50:51 [host] sshd[5892]: pam_unix(sshd:a Jun 9 05:50:53 [host] sshd[5892]: Failed password Jun 9 05:52:58 [host] sshd[5973]: Invalid user yt |
2020-06-09 15:46:27 |
| 52.231.54.157 | attack | SSH bruteforce |
2020-06-09 15:36:55 |
| 141.98.81.6 | attackbotsspam | $f2bV_matches |
2020-06-09 16:05:24 |
| 200.68.12.164 | attackspam | Unauthorized connection attempt detected from IP address 200.68.12.164 to port 9530 |
2020-06-09 15:29:53 |
| 65.49.20.67 | attack | SSH login attempts. |
2020-06-09 15:23:47 |
| 201.211.91.150 | attack | IP 201.211.91.150 attacked honeypot on port: 1434 at 6/9/2020 4:52:25 AM |
2020-06-09 15:55:17 |
| 188.166.246.46 | attackbots | Jun 9 12:15:09 dhoomketu sshd[593051]: Failed password for root from 188.166.246.46 port 49094 ssh2 Jun 9 12:18:53 dhoomketu sshd[593142]: Invalid user bex from 188.166.246.46 port 48704 Jun 9 12:18:53 dhoomketu sshd[593142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.246.46 Jun 9 12:18:53 dhoomketu sshd[593142]: Invalid user bex from 188.166.246.46 port 48704 Jun 9 12:18:55 dhoomketu sshd[593142]: Failed password for invalid user bex from 188.166.246.46 port 48704 ssh2 ... |
2020-06-09 15:26:46 |