City: unknown
Region: unknown
Country: Egypt
Internet Service Provider: Egyptian Universities Network
Hostname: unknown
Organization: unknown
Usage Type: University/College/School
| Type | Details | Datetime |
|---|---|---|
| attackspam | MultiHost/MultiPort Probe, Scan, Hack - |
2019-11-28 03:02:50 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 195.246.57.116 | attackbotsspam | ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 60 |
2020-10-01 06:59:36 |
| 195.246.57.116 | attackspambots | ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 60 |
2020-09-30 23:24:02 |
| 195.246.57.116 | attackspambots | [N10.H1.VM1] Port Scanner Detected Blocked by UFW |
2020-08-13 20:37:54 |
| 195.246.57.116 | attack | 1433/tcp 445/tcp... [2020-02-27/04-13]13pkt,2pt.(tcp) |
2020-04-14 00:12:03 |
| 195.246.57.116 | attackspam | Scanning random ports - tries to find possible vulnerable services |
2020-02-21 09:09:22 |
| 195.246.57.116 | attackbots | Honeypot attack, port: 445, PTR: PTR record not found |
2020-01-13 15:12:30 |
| 195.246.57.116 | attack | Unauthorized connection attempt detected from IP address 195.246.57.116 to port 1433 |
2019-12-29 01:20:38 |
| 195.246.57.116 | attackbots | Unauthorized connection attempt detected from IP address 195.246.57.116 to port 445 |
2019-12-15 06:08:12 |
| 195.246.57.114 | attack | 11/17/2019-23:52:21.000788 195.246.57.114 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433 |
2019-11-18 14:09:26 |
| 195.246.57.116 | attack | [SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08050931) |
2019-08-05 21:22:11 |
| 195.246.57.116 | attackbots | 445/tcp 445/tcp 445/tcp... [2019-05-16/07-15]6pkt,1pt.(tcp) |
2019-07-16 07:51:54 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 195.246.57.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5469
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;195.246.57.2. IN A
;; AUTHORITY SECTION:
. 364 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019112701 1800 900 604800 86400
;; Query time: 978 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 28 03:06:32 CST 2019
;; MSG SIZE rcvd: 116
Host 2.57.246.195.in-addr.arpa not found: 2(SERVFAIL)
;; Got SERVFAIL reply from 100.100.2.136, trying next server
** server can't find 2.57.246.195.in-addr.arpa: SERVFAIL
| IP | Type | Details | Datetime |
|---|---|---|---|
| 201.92.96.173 | attackspam | 20 attempts against mh-ssh on ice |
2020-07-14 00:30:42 |
| 180.116.127.143 | attackspam | DATE:2020-07-13 14:21:11, IP:180.116.127.143, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-07-14 00:36:24 |
| 51.89.136.104 | attackbotsspam | Jul 13 15:24:54 mintao sshd\[5414\]: Address 51.89.136.104 maps to ip-51-89-136.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!\ Jul 13 15:24:54 mintao sshd\[5414\]: Invalid user work from 51.89.136.104\ |
2020-07-14 00:26:33 |
| 192.241.238.241 | attackspam | scans once in preceeding hours on the ports (in chronological order) 5601 resulting in total of 59 scans from 192.241.128.0/17 block. |
2020-07-13 23:57:07 |
| 190.99.197.244 | attackbots | Email rejected due to spam filtering |
2020-07-14 00:21:48 |
| 112.122.77.221 | attack | Port scan denied |
2020-07-13 23:47:56 |
| 98.143.148.45 | attackspam | (sshd) Failed SSH login from 98.143.148.45 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 13 18:33:09 srv sshd[6447]: Invalid user cyrille from 98.143.148.45 port 58226 Jul 13 18:33:11 srv sshd[6447]: Failed password for invalid user cyrille from 98.143.148.45 port 58226 ssh2 Jul 13 18:45:51 srv sshd[6758]: Invalid user openelec from 98.143.148.45 port 58390 Jul 13 18:45:52 srv sshd[6758]: Failed password for invalid user openelec from 98.143.148.45 port 58390 ssh2 Jul 13 18:50:21 srv sshd[6824]: Invalid user facturacion from 98.143.148.45 port 56148 |
2020-07-14 00:31:41 |
| 193.112.5.66 | attackspam | $f2bV_matches |
2020-07-14 00:16:52 |
| 124.226.28.24 | attackbotsspam | DATE:2020-07-13 14:21:25, IP:124.226.28.24, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq) |
2020-07-14 00:22:12 |
| 27.66.213.200 | attackspambots | Email rejected due to spam filtering |
2020-07-14 00:19:38 |
| 45.5.209.144 | attackspam | Automatic report - Port Scan Attack |
2020-07-14 00:24:52 |
| 222.186.190.17 | attack | Jul 13 17:09:48 rocket sshd[28115]: Failed password for root from 222.186.190.17 port 57798 ssh2 Jul 13 17:12:32 rocket sshd[28518]: Failed password for root from 222.186.190.17 port 14551 ssh2 ... |
2020-07-14 00:12:58 |
| 2.50.44.29 | attack | Jul 13 14:21:25 serwer sshd\[21903\]: Invalid user nagesh from 2.50.44.29 port 49243 Jul 13 14:21:25 serwer sshd\[21903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.50.44.29 Jul 13 14:21:27 serwer sshd\[21903\]: Failed password for invalid user nagesh from 2.50.44.29 port 49243 ssh2 ... |
2020-07-14 00:25:55 |
| 76.231.147.191 | attackspambots | Port scan denied |
2020-07-13 23:55:05 |
| 92.118.160.21 | attackspam | Port scan denied |
2020-07-14 00:05:06 |