City: Durban
Region: KwaZulu-Natal
Country: South Africa
Internet Service Provider: Afrihost (Pty) Ltd
Hostname: unknown
Organization: Afrihost
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | May 6 01:50:38 server sshd\[136559\]: Invalid user www from 169.0.166.54 May 6 01:50:38 server sshd\[136559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.0.166.54 May 6 01:50:41 server sshd\[136559\]: Failed password for invalid user www from 169.0.166.54 port 47265 ssh2 ... |
2019-10-09 12:52:06 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 169.0.166.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20203
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;169.0.166.54. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019050900 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 09 20:59:10 +08 2019
;; MSG SIZE rcvd: 116
54.166.0.169.in-addr.arpa domain name pointer 169-0-166-54.ip.afrihost.co.za.
Server: 67.207.67.3
Address: 67.207.67.3#53
Non-authoritative answer:
54.166.0.169.in-addr.arpa name = 169-0-166-54.ip.afrihost.co.za.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 51.158.65.150 | attackspam | 2020-10-07T22:26:47.559760hostname sshd[45808]: Failed password for root from 51.158.65.150 port 45050 ssh2 ... |
2020-10-08 06:13:22 |
| 45.139.190.17 | attackspam | Oct 8 00:07:42 vps639187 sshd\[29027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.139.190.17 user=root Oct 8 00:07:44 vps639187 sshd\[29027\]: Failed password for root from 45.139.190.17 port 57830 ssh2 Oct 8 00:12:01 vps639187 sshd\[29151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.139.190.17 user=root ... |
2020-10-08 06:40:54 |
| 200.91.160.238 | attack | SSH Invalid Login |
2020-10-08 06:36:13 |
| 179.75.168.219 | attack | 2020-10-06T20:38:01.115666abusebot.cloudsearch.cf sshd[7081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.75.168.219 user=root 2020-10-06T20:38:03.288657abusebot.cloudsearch.cf sshd[7081]: Failed password for root from 179.75.168.219 port 34280 ssh2 2020-10-06T20:38:26.503431abusebot.cloudsearch.cf sshd[7091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.75.168.219 user=root 2020-10-06T20:38:28.438855abusebot.cloudsearch.cf sshd[7091]: Failed password for root from 179.75.168.219 port 39682 ssh2 2020-10-06T20:38:39.203718abusebot.cloudsearch.cf sshd[7097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.75.168.219 user=root 2020-10-06T20:38:40.923379abusebot.cloudsearch.cf sshd[7097]: Failed password for root from 179.75.168.219 port 46934 ssh2 2020-10-06T20:43:01.010406abusebot.cloudsearch.cf sshd[7201]: pam_unix(sshd:auth): authentication failu ... |
2020-10-08 06:21:12 |
| 190.98.193.100 | attackbots | RDP Brute-Force (honeypot 7) |
2020-10-08 06:41:40 |
| 46.8.106.35 | attackspam | fell into ViewStateTrap:berlin |
2020-10-08 06:17:36 |
| 112.85.42.119 | attackbotsspam | 2020-10-07T22:41:10.483139server.espacesoutien.com sshd[29593]: Failed password for root from 112.85.42.119 port 61332 ssh2 2020-10-07T22:41:13.241377server.espacesoutien.com sshd[29593]: Failed password for root from 112.85.42.119 port 61332 ssh2 2020-10-07T22:41:16.429464server.espacesoutien.com sshd[29593]: Failed password for root from 112.85.42.119 port 61332 ssh2 2020-10-07T22:41:19.344390server.espacesoutien.com sshd[29593]: Failed password for root from 112.85.42.119 port 61332 ssh2 ... |
2020-10-08 06:43:53 |
| 92.118.160.45 | attackbotsspam | Found on Binary Defense / proto=6 . srcport=62996 . dstport=5443 . (3940) |
2020-10-08 06:38:02 |
| 83.103.98.211 | attackspam | Oct 7 21:49:30 hosting sshd[1817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83-103-98-211.ip.fastwebnet.it user=root Oct 7 21:49:32 hosting sshd[1817]: Failed password for root from 83.103.98.211 port 19762 ssh2 ... |
2020-10-08 06:32:41 |
| 46.228.205.237 | attackbots | Oct 7 18:51:58 ip-172-31-61-156 sshd[20920]: Failed password for root from 46.228.205.237 port 57924 ssh2 Oct 7 18:56:18 ip-172-31-61-156 sshd[21185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.228.205.237 user=root Oct 7 18:56:21 ip-172-31-61-156 sshd[21185]: Failed password for root from 46.228.205.237 port 34708 ssh2 Oct 7 18:56:18 ip-172-31-61-156 sshd[21185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.228.205.237 user=root Oct 7 18:56:21 ip-172-31-61-156 sshd[21185]: Failed password for root from 46.228.205.237 port 34708 ssh2 ... |
2020-10-08 06:17:22 |
| 177.73.1.67 | attackbotsspam | 1602016983 - 10/06/2020 22:43:03 Host: 177.73.1.67/177.73.1.67 Port: 445 TCP Blocked ... |
2020-10-08 06:21:43 |
| 218.92.0.172 | attackspambots | Oct 7 22:14:33 localhost sshd[111717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Oct 7 22:14:34 localhost sshd[111717]: Failed password for root from 218.92.0.172 port 19169 ssh2 Oct 7 22:14:37 localhost sshd[111717]: Failed password for root from 218.92.0.172 port 19169 ssh2 Oct 7 22:14:33 localhost sshd[111717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Oct 7 22:14:34 localhost sshd[111717]: Failed password for root from 218.92.0.172 port 19169 ssh2 Oct 7 22:14:37 localhost sshd[111717]: Failed password for root from 218.92.0.172 port 19169 ssh2 Oct 7 22:14:33 localhost sshd[111717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Oct 7 22:14:34 localhost sshd[111717]: Failed password for root from 218.92.0.172 port 19169 ssh2 Oct 7 22:14:37 localhost sshd[111717]: Failed pa ... |
2020-10-08 06:15:00 |
| 179.191.87.166 | attackspambots | Lines containing failures of 179.191.87.166 Oct 6 12:15:18 kmh-sql-001-nbg01 sshd[14961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.191.87.166 user=r.r Oct 6 12:15:20 kmh-sql-001-nbg01 sshd[14961]: Failed password for r.r from 179.191.87.166 port 54211 ssh2 Oct 6 12:15:22 kmh-sql-001-nbg01 sshd[14961]: Received disconnect from 179.191.87.166 port 54211:11: Bye Bye [preauth] Oct 6 12:15:22 kmh-sql-001-nbg01 sshd[14961]: Disconnected from authenticating user r.r 179.191.87.166 port 54211 [preauth] Oct 6 12:16:44 kmh-sql-001-nbg01 sshd[15205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.191.87.166 user=r.r Oct 6 12:16:46 kmh-sql-001-nbg01 sshd[15205]: Failed password for r.r from 179.191.87.166 port 35931 ssh2 Oct 6 12:16:48 kmh-sql-001-nbg01 sshd[15205]: Received disconnect from 179.191.87.166 port 35931:11: Bye Bye [preauth] Oct 6 12:16:48 kmh-sql-001-nbg01 sshd[152........ ------------------------------ |
2020-10-08 06:14:07 |
| 142.93.62.231 | attackbots | Oct 7 13:48:33 hosting sshd[12236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.62.231 user=root Oct 7 13:48:35 hosting sshd[12236]: Failed password for root from 142.93.62.231 port 48454 ssh2 ... |
2020-10-08 06:47:50 |
| 175.24.36.114 | attackspam | Oct 7 12:36:35 Tower sshd[41917]: Connection from 175.24.36.114 port 36886 on 192.168.10.220 port 22 rdomain "" Oct 7 12:36:39 Tower sshd[41917]: Failed password for root from 175.24.36.114 port 36886 ssh2 Oct 7 12:36:40 Tower sshd[41917]: Received disconnect from 175.24.36.114 port 36886:11: Bye Bye [preauth] Oct 7 12:36:40 Tower sshd[41917]: Disconnected from authenticating user root 175.24.36.114 port 36886 [preauth] |
2020-10-08 06:31:28 |