City: unknown
Region: unknown
Country: Norway
Internet Service Provider: University of Tromso
Hostname: unknown
Organization: unknown
Usage Type: University/College/School
| Type | Details | Datetime |
|---|---|---|
| attack | Invalid user alice from 129.242.219.106 port 50574 |
2020-02-25 21:33:34 |
| attackspam | Feb 18 14:50:42 vps46666688 sshd[4127]: Failed password for root from 129.242.219.106 port 56254 ssh2 ... |
2020-02-19 01:56:30 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.242.219.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63655
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.242.219.106. IN A
;; AUTHORITY SECTION:
. 374 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020021802 1800 900 604800 86400
;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 01:56:27 CST 2020
;; MSG SIZE rcvd: 119106.219.242.129.in-addr.arpa domain name pointer inf2310.td.org.uit.no.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
106.219.242.129.in-addr.arpa name = inf2310.td.org.uit.no.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 200.108.139.242 | attackbotsspam | Aug 25 11:48:51 XXX sshd[23405]: Invalid user backup from 200.108.139.242 port 33902 |
2020-08-25 20:54:33 |
| 182.253.226.88 | attackbotsspam | Aug 25 11:20:11 XXX sshd[54444]: Invalid user dummy from 182.253.226.88 port 58884 |
2020-08-25 20:51:24 |
| 106.13.34.131 | attack | Aug 25 13:52:35 minden010 sshd[14444]: Failed password for root from 106.13.34.131 port 44995 ssh2 Aug 25 13:56:13 minden010 sshd[14833]: Failed password for root from 106.13.34.131 port 35046 ssh2 ... |
2020-08-25 20:38:53 |
| 94.102.51.17 | attack | scans 11 times in preceeding hours on the ports (in chronological order) 6575 6772 8929 7701 4159 6526 5399 6974 6369 6380 5704 resulting in total of 66 scans from 94.102.48.0/20 block. |
2020-08-25 20:59:43 |
| 23.29.80.56 | attackbots | Unauthorized connection attempt detected, IP banned. |
2020-08-25 20:26:30 |
| 200.41.86.59 | attackbots | Aug 25 11:24:20 XXX sshd[54461]: Invalid user pgadmin from 200.41.86.59 port 51104 |
2020-08-25 20:46:20 |
| 218.92.0.251 | attackspam | Aug 25 08:52:15 NPSTNNYC01T sshd[21696]: Failed password for root from 218.92.0.251 port 50502 ssh2 Aug 25 08:52:29 NPSTNNYC01T sshd[21696]: error: maximum authentication attempts exceeded for root from 218.92.0.251 port 50502 ssh2 [preauth] Aug 25 08:52:36 NPSTNNYC01T sshd[21710]: Failed password for root from 218.92.0.251 port 16447 ssh2 ... |
2020-08-25 21:03:20 |
| 164.52.24.172 | attackspam | Port scan: Attack repeated for 24 hours |
2020-08-25 20:37:46 |
| 178.46.209.174 | attackspam | Auto Detect Rule! proto TCP (SYN), 178.46.209.174:2050->gjan.info:23, len 40 |
2020-08-25 20:22:13 |
| 157.245.178.61 | attackspam | Aug 25 14:37:12 server sshd[43874]: Failed password for root from 157.245.178.61 port 36400 ssh2 Aug 25 14:40:47 server sshd[45789]: Failed password for invalid user www from 157.245.178.61 port 40560 ssh2 Aug 25 14:44:29 server sshd[47656]: Failed password for root from 157.245.178.61 port 44710 ssh2 |
2020-08-25 20:47:58 |
| 88.98.254.133 | attackbotsspam | Aug 25 14:15:03 home sshd[513682]: Failed password for root from 88.98.254.133 port 36244 ssh2 Aug 25 14:18:04 home sshd[514683]: Invalid user nagios from 88.98.254.133 port 60796 Aug 25 14:18:04 home sshd[514683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.98.254.133 Aug 25 14:18:04 home sshd[514683]: Invalid user nagios from 88.98.254.133 port 60796 Aug 25 14:18:05 home sshd[514683]: Failed password for invalid user nagios from 88.98.254.133 port 60796 ssh2 ... |
2020-08-25 20:31:08 |
| 103.4.217.139 | attackbots | Aug 25 18:29:19 dhoomketu sshd[2653372]: Invalid user infortec from 103.4.217.139 port 46738 Aug 25 18:29:19 dhoomketu sshd[2653372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.4.217.139 Aug 25 18:29:19 dhoomketu sshd[2653372]: Invalid user infortec from 103.4.217.139 port 46738 Aug 25 18:29:22 dhoomketu sshd[2653372]: Failed password for invalid user infortec from 103.4.217.139 port 46738 ssh2 Aug 25 18:33:41 dhoomketu sshd[2653533]: Invalid user hlds from 103.4.217.139 port 43636 ... |
2020-08-25 21:04:07 |
| 162.196.204.142 | attack | Aug 25 13:48:07 vpn01 sshd[16571]: Failed password for root from 162.196.204.142 port 53036 ssh2 ... |
2020-08-25 20:47:35 |
| 49.233.90.66 | attackspam | Aug 25 13:56:37 Invalid user amavis from 49.233.90.66 port 48856 |
2020-08-25 20:27:53 |
| 173.201.196.146 | attackspam | 173.201.196.146 - - [25/Aug/2020:12:24:47 +0000] "POST /wp-login.php HTTP/1.1" 200 2075 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 173.201.196.146 - - [25/Aug/2020:12:24:50 +0000] "POST /wp-login.php HTTP/1.1" 200 2074 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 173.201.196.146 - - [25/Aug/2020:12:24:52 +0000] "POST /wp-login.php HTTP/1.1" 200 2071 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 173.201.196.146 - - [25/Aug/2020:12:24:55 +0000] "POST /wp-login.php HTTP/1.1" 200 2072 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 173.201.196.146 - - [25/Aug/2020:12:24:57 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" |
2020-08-25 20:34:22 |