City: unknown
Region: unknown
Country: Singapore
Internet Service Provider: Alibaba.com Singapore E-Commerce Private Limited
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | Unauthorized connection attempt detected from IP address 149.129.58.243 to port 2323 [J] |
2020-02-04 01:34:32 |
| attack | DATE:2020-01-20 14:07:57, IP:149.129.58.243, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-01-20 21:32:46 |
| attackbots | Unauthorized connection attempt detected from IP address 149.129.58.243 to port 23 [J] |
2020-01-13 00:02:00 |
| attackbots | Automatic report - Banned IP Access |
2019-12-29 07:10:20 |
| attackbots | Bruteforce on SSH Honeypot |
2019-12-09 03:04:10 |
| attackspambots | 2019-11-11T01:20:58.391934ns547587 sshd\[30129\]: Invalid user plexuser from 149.129.58.243 port 36902 2019-11-11T01:20:58.645858ns547587 sshd\[30129\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.58.243 2019-11-11T01:21:00.985369ns547587 sshd\[30129\]: Failed password for invalid user plexuser from 149.129.58.243 port 36902 ssh2 2019-11-11T01:21:02.738565ns547587 sshd\[30247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.58.243 user=root ... |
2019-11-11 20:43:10 |
| attackspam | 19/9/13@07:11:11: FAIL: IoT-SSH address from=149.129.58.243 ... |
2019-09-14 04:05:18 |
| attackspambots | Aug 8 15:10:15 master sshd[5560]: Failed password for invalid user plexuser from 149.129.58.243 port 43646 ssh2 |
2019-08-08 20:17:40 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.129.58.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17417
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.129.58.243. IN A
;; AUTHORITY SECTION:
. 2780 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019080800 1800 900 604800 86400
;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 20:17:32 CST 2019
;; MSG SIZE rcvd: 118
Host 243.58.129.149.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 243.58.129.149.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 159.65.196.65 | attack | trying to access non-authorized port |
2020-05-06 23:43:34 |
| 49.234.192.24 | attackbotsspam | May 6 16:33:11 sxvn sshd[628231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.192.24 |
2020-05-06 23:59:45 |
| 178.71.184.252 | attackspam | 0,30-04/31 [bc15/m21] PostRequest-Spammer scoring: essen |
2020-05-06 23:47:42 |
| 45.170.220.83 | attackbotsspam | Fail2Ban Ban Triggered |
2020-05-07 00:08:21 |
| 34.89.215.144 | attackspam | " " |
2020-05-06 23:52:31 |
| 103.69.197.4 | attackspam | Unauthorized connection attempt from IP address 103.69.197.4 on Port 445(SMB) |
2020-05-06 23:49:02 |
| 151.80.34.219 | attack | May 6 14:52:46 ns3033917 sshd[17607]: Invalid user demo from 151.80.34.219 port 9224 May 6 14:52:48 ns3033917 sshd[17607]: Failed password for invalid user demo from 151.80.34.219 port 9224 ssh2 May 6 15:48:53 ns3033917 sshd[18054]: Invalid user arkserver from 151.80.34.219 port 9224 ... |
2020-05-06 23:50:11 |
| 88.12.116.189 | attackbotsspam | May 6 11:04:46 XXX sshd[560]: Invalid user user from 88.12.116.189 port 34458 |
2020-05-07 00:16:52 |
| 187.109.253.246 | attackspambots | "fail2ban match" |
2020-05-07 00:06:04 |
| 158.69.206.223 | attack | 2020-05-05 11:47:06 server sshd[42121]: Failed password for invalid user wn from 158.69.206.223 port 44477 ssh2 |
2020-05-07 00:22:59 |
| 46.101.113.206 | attack | (sshd) Failed SSH login from 46.101.113.206 (DE/Germany/-): 5 in the last 3600 secs |
2020-05-06 23:55:19 |
| 23.247.33.61 | attack | (sshd) Failed SSH login from 23.247.33.61 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 6 13:52:46 amsweb01 sshd[16016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.247.33.61 user=root May 6 13:52:48 amsweb01 sshd[16016]: Failed password for root from 23.247.33.61 port 43514 ssh2 May 6 13:57:38 amsweb01 sshd[16646]: Invalid user xv from 23.247.33.61 port 39374 May 6 13:57:40 amsweb01 sshd[16646]: Failed password for invalid user xv from 23.247.33.61 port 39374 ssh2 May 6 14:00:10 amsweb01 sshd[16965]: User admin from 23.247.33.61 not allowed because not listed in AllowUsers |
2020-05-06 23:41:01 |
| 94.102.50.155 | attackspambots | ET DROP Dshield Block Listed Source group 1 - port: 50222 proto: TCP cat: Misc Attack |
2020-05-06 23:51:39 |
| 104.198.176.196 | attackbotsspam | May 6 13:58:06 haigwepa sshd[8005]: Failed password for root from 104.198.176.196 port 42206 ssh2 May 6 14:02:57 haigwepa sshd[8310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.198.176.196 ... |
2020-05-07 00:11:15 |
| 201.49.127.212 | attackbots | SSH Brute-Force. Ports scanning. |
2020-05-06 23:56:04 |