City: unknown
Region: unknown
Country: Mexico
Internet Service Provider: Universidad Nacional Autonoma de Mexico
Hostname: unknown
Organization: unknown
Usage Type: University/College/School
| Type | Details | Datetime |
|---|---|---|
| attackspambots | Sep 23 08:54:25 v22018076622670303 sshd\[8089\]: Invalid user site from 132.248.102.42 port 37584 Sep 23 08:54:25 v22018076622670303 sshd\[8089\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.248.102.42 Sep 23 08:54:27 v22018076622670303 sshd\[8089\]: Failed password for invalid user site from 132.248.102.42 port 37584 ssh2 ... |
2019-09-23 14:56:21 |
| attack | ssh failed login |
2019-09-22 16:30:28 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 132.248.102.44 | attackbotsspam | 2020-06-17T19:22:32.074794devel sshd[11061]: Failed password for invalid user vagrant from 132.248.102.44 port 47822 ssh2 2020-06-17T19:33:50.112745devel sshd[13329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.248.102.44 user=root 2020-06-17T19:33:51.924718devel sshd[13329]: Failed password for root from 132.248.102.44 port 44648 ssh2 |
2020-06-18 08:02:44 |
| 132.248.102.44 | attackspambots | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-05-30 22:08:21 |
| 132.248.102.44 | attackbots | Automatic report - Banned IP Access |
2020-05-28 05:01:31 |
| 132.248.102.44 | attackbotsspam | 2020-05-25T22:47:42.312111vivaldi2.tree2.info sshd[25880]: Failed password for root from 132.248.102.44 port 43642 ssh2 2020-05-25T22:51:32.611452vivaldi2.tree2.info sshd[26187]: Invalid user www from 132.248.102.44 2020-05-25T22:51:32.623096vivaldi2.tree2.info sshd[26187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.248.102.44 2020-05-25T22:51:32.611452vivaldi2.tree2.info sshd[26187]: Invalid user www from 132.248.102.44 2020-05-25T22:51:34.443507vivaldi2.tree2.info sshd[26187]: Failed password for invalid user www from 132.248.102.44 port 49680 ssh2 ... |
2020-05-26 00:24:45 |
| 132.248.102.44 | attackspam | May 20 19:33:40 home sshd[6563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.248.102.44 May 20 19:33:42 home sshd[6563]: Failed password for invalid user llc from 132.248.102.44 port 35594 ssh2 May 20 19:37:38 home sshd[7228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.248.102.44 ... |
2020-05-21 01:42:44 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.248.102.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42057
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.248.102.42. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019050501 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon May 06 05:27:57 +08 2019
;; MSG SIZE rcvd: 118
42.102.248.132.in-addr.arpa domain name pointer laboratoriosistemas.cuautitlan2.unam.mx.
Server: 67.207.67.3
Address: 67.207.67.3#53
Non-authoritative answer:
42.102.248.132.in-addr.arpa name = laboratoriosistemas.cuautitlan2.unam.mx.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 1.214.156.163 | attackbots | 2020-04-11T23:47:30.728997suse-nuc sshd[9422]: User root from 1.214.156.163 not allowed because listed in DenyUsers ... |
2020-09-26 21:06:44 |
| 106.13.93.199 | attackbots | Sep 26 15:41:33 dignus sshd[22467]: Failed password for invalid user ralph from 106.13.93.199 port 48116 ssh2 Sep 26 15:44:35 dignus sshd[22747]: Invalid user max from 106.13.93.199 port 58926 Sep 26 15:44:35 dignus sshd[22747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.93.199 Sep 26 15:44:37 dignus sshd[22747]: Failed password for invalid user max from 106.13.93.199 port 58926 ssh2 Sep 26 15:47:40 dignus sshd[23015]: Invalid user thomas from 106.13.93.199 port 41504 ... |
2020-09-26 20:51:27 |
| 79.137.72.171 | attack | Triggered by Fail2Ban at Ares web server |
2020-09-26 21:14:35 |
| 1.214.215.236 | attackbotsspam | 2020-02-08T17:55:11.140063suse-nuc sshd[32729]: Invalid user upm from 1.214.215.236 port 36664 ... |
2020-09-26 21:04:51 |
| 217.126.115.60 | attackspam | 217.126.115.60 (ES/Spain/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 26 07:47:22 server4 sshd[7209]: Failed password for root from 104.248.159.69 port 55854 ssh2 Sep 26 07:53:15 server4 sshd[10600]: Failed password for root from 217.126.115.60 port 35564 ssh2 Sep 26 07:55:13 server4 sshd[11653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.246.20 user=root Sep 26 07:47:20 server4 sshd[7209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.159.69 user=root Sep 26 07:48:27 server4 sshd[7777]: Failed password for root from 65.49.223.231 port 51076 ssh2 Sep 26 07:49:17 server4 sshd[8149]: Failed password for root from 217.126.115.60 port 55026 ssh2 IP Addresses Blocked: 104.248.159.69 (SG/Singapore/-) |
2020-09-26 20:49:39 |
| 51.81.32.236 | attackbotsspam | Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-09-26 21:18:58 |
| 159.89.236.71 | attack | " " |
2020-09-26 20:53:28 |
| 58.50.120.21 | attackbotsspam | Lines containing failures of 58.50.120.21 Sep 25 13:58:47 neweola sshd[10255]: Invalid user ftpuser from 58.50.120.21 port 9671 Sep 25 13:58:47 neweola sshd[10255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.50.120.21 Sep 25 13:58:49 neweola sshd[10255]: Failed password for invalid user ftpuser from 58.50.120.21 port 9671 ssh2 Sep 25 13:58:50 neweola sshd[10255]: Received disconnect from 58.50.120.21 port 9671:11: Bye Bye [preauth] Sep 25 13:58:50 neweola sshd[10255]: Disconnected from invalid user ftpuser 58.50.120.21 port 9671 [preauth] Sep 25 14:12:58 neweola sshd[10910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.50.120.21 user=r.r Sep 25 14:13:01 neweola sshd[10910]: Failed password for r.r from 58.50.120.21 port 43355 ssh2 Sep 25 14:13:02 neweola sshd[10910]: Received disconnect from 58.50.120.21 port 43355:11: Bye Bye [preauth] Sep 25 14:13:02 neweola sshd[10910]: Dis........ ------------------------------ |
2020-09-26 20:57:49 |
| 205.185.114.216 | attackspam | *Port Scan* detected from 205.185.114.216 (US/United States/-). 11 hits in the last 126 seconds |
2020-09-26 20:36:04 |
| 1.220.65.85 | attack | 2020-07-31T04:44:17.899227suse-nuc sshd[15292]: User root from 1.220.65.85 not allowed because listed in DenyUsers ... |
2020-09-26 20:55:58 |
| 144.34.207.90 | attack | SSH/22 MH Probe, BF, Hack - |
2020-09-26 21:10:11 |
| 176.106.132.131 | attackspambots | "Unauthorized connection attempt on SSHD detected" |
2020-09-26 21:05:11 |
| 222.186.180.6 | attack | Sep 26 08:58:18 NPSTNNYC01T sshd[17827]: Failed password for root from 222.186.180.6 port 29606 ssh2 Sep 26 08:58:21 NPSTNNYC01T sshd[17827]: Failed password for root from 222.186.180.6 port 29606 ssh2 Sep 26 08:58:25 NPSTNNYC01T sshd[17827]: Failed password for root from 222.186.180.6 port 29606 ssh2 Sep 26 08:58:31 NPSTNNYC01T sshd[17827]: error: maximum authentication attempts exceeded for root from 222.186.180.6 port 29606 ssh2 [preauth] ... |
2020-09-26 21:16:11 |
| 1.234.13.176 | attackspambots | Invalid user user12 from 1.234.13.176 port 52656 |
2020-09-26 20:42:39 |
| 152.32.166.83 | attackbotsspam | Invalid user ark from 152.32.166.83 port 46812 |
2020-09-26 20:37:11 |