City: North Bergen
Region: New Jersey
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 167.99.149.11 | attack | Automatic report generated by Wazuh |
2020-10-10 03:56:19 |
| 167.99.149.11 | attack | can 167.99.149.11 [09/Oct/2020:18:09:47 "-" "POST /wp-login.php 200 5780 167.99.149.11 [09/Oct/2020:18:42:33 "-" "GET /wp-login.php 200 9378 167.99.149.11 [09/Oct/2020:18:42:40 "-" "POST /wp-login.php 200 9495 |
2020-10-09 19:52:36 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.99.149.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58381
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;167.99.149.55. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025073100 1800 900 604800 86400
;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 01 01:00:21 CST 2025
;; MSG SIZE rcvd: 10655.149.99.167.in-addr.arpa domain name pointer portscanner-nyc1-05.prod.cyberresilience.io.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
55.149.99.167.in-addr.arpa name = portscanner-nyc1-05.prod.cyberresilience.io.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 202.104.122.149 | attackbots | Invalid user test2 from 202.104.122.149 port 45334 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 Failed password for invalid user test2 from 202.104.122.149 port 45334 ssh2 Invalid user superadmin from 202.104.122.149 port 45310 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 |
2019-10-18 19:20:27 |
| 116.196.87.71 | attackbots | Oct 18 13:00:10 vps691689 sshd[2885]: Failed password for root from 116.196.87.71 port 43850 ssh2 Oct 18 13:04:59 vps691689 sshd[2991]: Failed password for root from 116.196.87.71 port 53052 ssh2 ... |
2019-10-18 19:18:35 |
| 117.135.131.123 | attackspam | Automatic report - Banned IP Access |
2019-10-18 19:13:22 |
| 192.42.116.14 | attackbots | 2019-10-18T11:14:36.547507abusebot.cloudsearch.cf sshd\[15272\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=this-is-a-tor-exit-node-hviv114.hviv.nl user=root |
2019-10-18 19:20:50 |
| 106.13.73.76 | attackbotsspam | Oct 17 21:43:26 auw2 sshd\[13410\]: Invalid user aainftp from 106.13.73.76 Oct 17 21:43:26 auw2 sshd\[13410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.73.76 Oct 17 21:43:27 auw2 sshd\[13410\]: Failed password for invalid user aainftp from 106.13.73.76 port 39012 ssh2 Oct 17 21:48:59 auw2 sshd\[13911\]: Invalid user payroll from 106.13.73.76 Oct 17 21:49:00 auw2 sshd\[13911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.73.76 |
2019-10-18 19:24:57 |
| 106.12.196.28 | attackbots | ssh failed login |
2019-10-18 19:13:42 |
| 103.224.240.97 | attackspam | Unauthorised access (Oct 18) SRC=103.224.240.97 LEN=40 PREC=0x20 TTL=243 ID=3556 TCP DPT=445 WINDOW=1024 SYN |
2019-10-18 19:12:44 |
| 35.246.15.29 | attackspambots | Oct 18 08:49:35 MK-Soft-Root1 sshd[19016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.246.15.29 Oct 18 08:49:36 MK-Soft-Root1 sshd[19016]: Failed password for invalid user esbuser from 35.246.15.29 port 34614 ssh2 ... |
2019-10-18 18:58:07 |
| 118.24.83.41 | attackbotsspam | Oct 18 10:39:50 markkoudstaal sshd[7474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.83.41 Oct 18 10:39:52 markkoudstaal sshd[7474]: Failed password for invalid user ramesh from 118.24.83.41 port 39066 ssh2 Oct 18 10:44:42 markkoudstaal sshd[7971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.83.41 |
2019-10-18 19:14:51 |
| 218.95.167.16 | attack | Oct 18 05:00:39 TORMINT sshd\[23616\]: Invalid user tibero2 from 218.95.167.16 Oct 18 05:00:39 TORMINT sshd\[23616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.95.167.16 Oct 18 05:00:42 TORMINT sshd\[23616\]: Failed password for invalid user tibero2 from 218.95.167.16 port 47622 ssh2 ... |
2019-10-18 19:26:17 |
| 198.108.66.28 | attackbotsspam | 3389BruteforceFW23 |
2019-10-18 18:56:53 |
| 139.155.21.46 | attackspambots | SSH brutforce |
2019-10-18 19:09:13 |
| 104.236.224.69 | attack | Oct 18 05:52:34 ws19vmsma01 sshd[144495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.224.69 Oct 18 05:52:36 ws19vmsma01 sshd[144495]: Failed password for invalid user chuai from 104.236.224.69 port 38391 ssh2 ... |
2019-10-18 19:12:26 |
| 188.166.34.129 | attack | $f2bV_matches |
2019-10-18 19:02:32 |
| 157.245.162.212 | attackspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/157.245.162.212/ US - 1H : (243) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN394362 IP : 157.245.162.212 CIDR : 157.245.128.0/17 PREFIX COUNT : 16 UNIQUE IP COUNT : 58368 WYKRYTE ATAKI Z ASN394362 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 3 DateTime : 2019-10-18 05:44:47 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery |
2019-10-18 18:59:07 |