City: Lages
Region: Santa Catarina
Country: Brazil
Internet Service Provider: NDDigital S/A Software
Hostname: unknown
Organization: NDDigital S/A Software
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attackbots | $f2bV_matches |
2019-08-18 01:42:43 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.94.211.170 | attackbots | Jul 30 05:24:00 mail.srvfarm.net postfix/smtps/smtpd[3699995]: warning: unknown[138.94.211.170]: SASL PLAIN authentication failed: Jul 30 05:24:01 mail.srvfarm.net postfix/smtps/smtpd[3699995]: lost connection after AUTH from unknown[138.94.211.170] Jul 30 05:28:38 mail.srvfarm.net postfix/smtps/smtpd[3701941]: warning: unknown[138.94.211.170]: SASL PLAIN authentication failed: Jul 30 05:28:39 mail.srvfarm.net postfix/smtps/smtpd[3701941]: lost connection after AUTH from unknown[138.94.211.170] Jul 30 05:32:59 mail.srvfarm.net postfix/smtps/smtpd[3703278]: warning: unknown[138.94.211.170]: SASL PLAIN authentication failed: |
2020-07-30 18:13:43 |
| 138.94.211.171 | attack | Jul 16 05:30:47 mail.srvfarm.net postfix/smtpd[700170]: warning: unknown[138.94.211.171]: SASL PLAIN authentication failed: Jul 16 05:30:47 mail.srvfarm.net postfix/smtpd[700170]: lost connection after AUTH from unknown[138.94.211.171] Jul 16 05:34:23 mail.srvfarm.net postfix/smtpd[699500]: warning: unknown[138.94.211.171]: SASL PLAIN authentication failed: Jul 16 05:34:23 mail.srvfarm.net postfix/smtpd[699500]: lost connection after AUTH from unknown[138.94.211.171] Jul 16 05:38:39 mail.srvfarm.net postfix/smtps/smtpd[702672]: warning: unknown[138.94.211.171]: SASL PLAIN authentication failed: |
2020-07-16 16:00:10 |
| 138.94.211.232 | attack | Try access to SMTP/POP/IMAP server. |
2019-08-28 06:02:49 |
| 138.94.211.164 | attack | $f2bV_matches |
2019-08-20 16:08:32 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.94.211.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15692
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.94.211.204. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019081700 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 18 01:42:34 CST 2019
;; MSG SIZE rcvd: 118Host 204.211.94.138.in-addr.arpa. not found: 3(NXDOMAIN)Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 204.211.94.138.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 197.205.0.144 | attackbotsspam | Honeypot attack, port: 23, PTR: PTR record not found |
2019-11-27 20:38:22 |
| 23.254.203.51 | attackspambots | Tried sshing with brute force. |
2019-11-27 20:36:02 |
| 112.85.42.185 | attack | 2019-11-27T11:42:25.395021scmdmz1 sshd\[7515\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.185 user=root 2019-11-27T11:42:27.728303scmdmz1 sshd\[7515\]: Failed password for root from 112.85.42.185 port 46610 ssh2 2019-11-27T11:42:29.904864scmdmz1 sshd\[7515\]: Failed password for root from 112.85.42.185 port 46610 ssh2 ... |
2019-11-27 20:31:33 |
| 220.201.34.248 | attackbotsspam | [portscan] tcp/23 [TELNET] *(RWIN=14699)(11271302) |
2019-11-27 20:12:31 |
| 170.106.37.121 | attackspam | Port scan: Attack repeated for 24 hours |
2019-11-27 20:07:29 |
| 112.29.172.224 | attack | Nov 27 12:13:56 server2 sshd\[25926\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers Nov 27 12:13:57 server2 sshd\[25939\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers Nov 27 12:14:10 server2 sshd\[25967\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers Nov 27 12:18:04 server2 sshd\[26266\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers Nov 27 12:19:08 server2 sshd\[26273\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers Nov 27 12:21:53 server2 sshd\[26522\]: User root from 112.29.172.224 not allowed because not listed in AllowUsers |
2019-11-27 20:23:50 |
| 36.155.114.151 | attack | Nov 27 11:44:21 srv206 sshd[29071]: Invalid user baughan from 36.155.114.151 Nov 27 11:44:21 srv206 sshd[29071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.114.151 Nov 27 11:44:21 srv206 sshd[29071]: Invalid user baughan from 36.155.114.151 Nov 27 11:44:23 srv206 sshd[29071]: Failed password for invalid user baughan from 36.155.114.151 port 39129 ssh2 ... |
2019-11-27 20:15:02 |
| 209.17.97.26 | attackbots | Automatic report - Banned IP Access |
2019-11-27 20:27:11 |
| 14.241.131.110 | attackbotsspam | Honeypot attack, port: 445, PTR: static.vnpt.vn. |
2019-11-27 20:29:50 |
| 157.41.171.191 | attackbots | Brute-force attack to non-existent web resources |
2019-11-27 20:19:38 |
| 139.162.80.77 | attackspambots | Connection by 139.162.80.77 on port: 119 got caught by honeypot at 11/27/2019 5:22:13 AM |
2019-11-27 20:43:11 |
| 145.239.82.192 | attackspam | ssh failed login |
2019-11-27 20:28:04 |
| 116.74.109.143 | attackbots | Honeypot attack, port: 23, PTR: 109.74.116.143.hathway.com. |
2019-11-27 20:37:28 |
| 177.53.105.79 | attack | Honeypot attack, port: 23, PTR: 177-53-105-79.jotaftelecom.com.br. |
2019-11-27 20:14:44 |
| 116.212.131.27 | attack | SPF Fail sender not permitted to send mail for @17guagua.com / Sent mail to target address hacked/leaked from abandonia in 2016 |
2019-11-27 20:31:07 |