City: unknown
Region: unknown
Country: Italy
Internet Service Provider: Irpinia Net-Com SRL
Hostname: unknown
Organization: unknown
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attack | Lines containing failures of 134.90.254.48 Sep 19 18:48:32 smtp-out sshd[10508]: Invalid user admin from 134.90.254.48 port 39444 Sep 19 18:48:33 smtp-out sshd[10508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.90.254.48 Sep 19 18:48:35 smtp-out sshd[10508]: Failed password for invalid user admin from 134.90.254.48 port 39444 ssh2 Sep 19 18:48:39 smtp-out sshd[10508]: Connection closed by invalid user admin 134.90.254.48 port 39444 [preauth] Sep 19 18:48:41 smtp-out sshd[10511]: Invalid user admin from 134.90.254.48 port 39449 Sep 19 18:48:42 smtp-out sshd[10511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.90.254.48 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.90.254.48 |
2020-09-20 20:19:45 |
| attack | Lines containing failures of 134.90.254.48 Sep 19 18:48:32 smtp-out sshd[10508]: Invalid user admin from 134.90.254.48 port 39444 Sep 19 18:48:33 smtp-out sshd[10508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.90.254.48 Sep 19 18:48:35 smtp-out sshd[10508]: Failed password for invalid user admin from 134.90.254.48 port 39444 ssh2 Sep 19 18:48:39 smtp-out sshd[10508]: Connection closed by invalid user admin 134.90.254.48 port 39444 [preauth] Sep 19 18:48:41 smtp-out sshd[10511]: Invalid user admin from 134.90.254.48 port 39449 Sep 19 18:48:42 smtp-out sshd[10511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.90.254.48 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.90.254.48 |
2020-09-20 12:16:23 |
| attackspam | Lines containing failures of 134.90.254.48 Sep 19 18:48:32 smtp-out sshd[10508]: Invalid user admin from 134.90.254.48 port 39444 Sep 19 18:48:33 smtp-out sshd[10508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.90.254.48 Sep 19 18:48:35 smtp-out sshd[10508]: Failed password for invalid user admin from 134.90.254.48 port 39444 ssh2 Sep 19 18:48:39 smtp-out sshd[10508]: Connection closed by invalid user admin 134.90.254.48 port 39444 [preauth] Sep 19 18:48:41 smtp-out sshd[10511]: Invalid user admin from 134.90.254.48 port 39449 Sep 19 18:48:42 smtp-out sshd[10511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.90.254.48 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.90.254.48 |
2020-09-20 04:13:07 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 134.90.254.208 | attack | Automatic report - Port Scan Attack |
2020-07-25 04:45:14 |
| 134.90.254.238 | attack | " " |
2019-09-08 01:50:54 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.90.254.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9944
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.90.254.48. IN A
;; AUTHORITY SECTION:
. 388 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020091901 1800 900 604800 86400
;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 20 04:13:03 CST 2020
;; MSG SIZE rcvd: 11748.254.90.134.in-addr.arpa domain name pointer host-134-90-254-48.geny.it.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
48.254.90.134.in-addr.arpa name = host-134-90-254-48.geny.it.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 46.105.124.52 | attackbots | Aug 3 06:51:14 host sshd\[22758\]: Invalid user mihaela from 46.105.124.52 port 35833 Aug 3 06:51:16 host sshd\[22758\]: Failed password for invalid user mihaela from 46.105.124.52 port 35833 ssh2 ... |
2019-08-03 14:39:48 |
| 124.109.32.106 | attackbotsspam | Aug 3 06:41:06 localhost sshd\[51120\]: Invalid user jobs from 124.109.32.106 port 46954 Aug 3 06:41:06 localhost sshd\[51120\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.109.32.106 ... |
2019-08-03 13:55:20 |
| 185.175.93.105 | attack | Port scan: Attacks repeated for a week |
2019-08-03 14:28:46 |
| 123.231.61.180 | attackspam | Aug 3 07:41:50 ncomp sshd[31207]: Invalid user web from 123.231.61.180 Aug 3 07:41:50 ncomp sshd[31207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.231.61.180 Aug 3 07:41:50 ncomp sshd[31207]: Invalid user web from 123.231.61.180 Aug 3 07:41:53 ncomp sshd[31207]: Failed password for invalid user web from 123.231.61.180 port 21585 ssh2 |
2019-08-03 14:26:48 |
| 177.19.38.12 | attackspambots | Automatic report - Port Scan Attack |
2019-08-03 13:57:12 |
| 211.233.66.61 | attackspambots | Unauthorised access (Aug 3) SRC=211.233.66.61 LEN=44 TTL=235 ID=19142 TCP DPT=445 WINDOW=1024 SYN |
2019-08-03 13:47:02 |
| 218.69.91.84 | attackbotsspam | Aug 3 07:21:02 debian sshd\[8205\]: Invalid user sony from 218.69.91.84 port 33056 Aug 3 07:21:02 debian sshd\[8205\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.69.91.84 ... |
2019-08-03 14:24:14 |
| 42.58.101.36 | attackspam | 2019-08-02T21:00:27.160654ts3.arvenenaske.de sshd[28695]: Invalid user admin from 42.58.101.36 port 51158 2019-08-02T21:00:27.166116ts3.arvenenaske.de sshd[28695]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.58.101.36 user=admin 2019-08-02T21:00:27.167105ts3.arvenenaske.de sshd[28695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.58.101.36 2019-08-02T21:00:27.160654ts3.arvenenaske.de sshd[28695]: Invalid user admin from 42.58.101.36 port 51158 2019-08-02T21:00:28.702876ts3.arvenenaske.de sshd[28695]: Failed password for invalid user admin from 42.58.101.36 port 51158 ssh2 2019-08-02T21:00:29.381132ts3.arvenenaske.de sshd[28695]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.58.101.36 user=admin 2019-08-02T21:00:27.166116ts3.arvenenaske.de sshd[28695]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=........ ------------------------------ |
2019-08-03 14:39:12 |
| 94.23.254.125 | attackspam | Aug 3 06:48:03 SilenceServices sshd[959]: Failed password for root from 94.23.254.125 port 60930 ssh2 Aug 3 06:52:13 SilenceServices sshd[3253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.254.125 Aug 3 06:52:15 SilenceServices sshd[3253]: Failed password for invalid user mapruser from 94.23.254.125 port 58666 ssh2 |
2019-08-03 14:01:35 |
| 46.182.106.190 | attack | Aug 3 07:22:14 [munged] sshd[15926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.182.106.190 user=root Aug 3 07:22:17 [munged] sshd[15926]: Failed password for root from 46.182.106.190 port 36316 ssh2 |
2019-08-03 13:43:32 |
| 59.125.53.191 | attackbots | Portscan or hack attempt detected by psad/fwsnort |
2019-08-03 14:12:46 |
| 178.128.24.129 | attackbots | Aug 3 02:15:22 TORMINT sshd\[4237\]: Invalid user diane from 178.128.24.129 Aug 3 02:15:22 TORMINT sshd\[4237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.24.129 Aug 3 02:15:23 TORMINT sshd\[4237\]: Failed password for invalid user diane from 178.128.24.129 port 43384 ssh2 ... |
2019-08-03 14:36:18 |
| 209.17.96.26 | attack | 3389BruteforceFW21 |
2019-08-03 14:38:44 |
| 210.51.190.236 | attack | DATE:2019-08-03 06:52:10, IP:210.51.190.236, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc) |
2019-08-03 14:04:42 |
| 202.181.215.171 | attack | Invalid user test from 202.181.215.171 port 50412 |
2019-08-03 14:24:40 |