City: unknown
Region: unknown
Country: Italy
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 2.42.212.159 | attack | Repeated RDP login failures. Last user: administrator |
2020-06-11 23:27:58 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.42.212.65
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8693
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.42.212.65. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012300 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 24 01:01:30 CST 2025
;; MSG SIZE rcvd: 104
65.212.42.2.in-addr.arpa domain name pointer net-2-42-212-65.cust.vodafonedsl.it.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
65.212.42.2.in-addr.arpa name = net-2-42-212-65.cust.vodafonedsl.it.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 123.125.21.125 | attack | Oct 5 20:17:03 Ubuntu-1404-trusty-64-minimal sshd\[31773\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.125.21.125 user=root Oct 5 20:17:05 Ubuntu-1404-trusty-64-minimal sshd\[31773\]: Failed password for root from 123.125.21.125 port 44414 ssh2 Oct 5 20:24:28 Ubuntu-1404-trusty-64-minimal sshd\[4678\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.125.21.125 user=root Oct 5 20:24:30 Ubuntu-1404-trusty-64-minimal sshd\[4678\]: Failed password for root from 123.125.21.125 port 46334 ssh2 Oct 5 20:28:13 Ubuntu-1404-trusty-64-minimal sshd\[5729\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.125.21.125 user=root |
2020-10-06 06:02:53 |
| 119.28.13.251 | attack | 2020-10-05T23:47:59.715971vps773228.ovh.net sshd[8969]: Failed password for root from 119.28.13.251 port 45044 ssh2 2020-10-05T23:52:11.861281vps773228.ovh.net sshd[9024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.13.251 user=root 2020-10-05T23:52:13.727011vps773228.ovh.net sshd[9024]: Failed password for root from 119.28.13.251 port 48973 ssh2 2020-10-05T23:56:03.759407vps773228.ovh.net sshd[9117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.13.251 user=root 2020-10-05T23:56:05.137702vps773228.ovh.net sshd[9117]: Failed password for root from 119.28.13.251 port 52902 ssh2 ... |
2020-10-06 05:58:32 |
| 109.110.51.31 | attack |
|
2020-10-06 05:59:42 |
| 85.209.0.103 | attackbots | Oct 6 09:14:37 localhost sshd[1201456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.209.0.103 user=root Oct 6 09:14:39 localhost sshd[1201456]: Failed password for root from 85.209.0.103 port 57624 ssh2 ... |
2020-10-06 06:18:55 |
| 163.19.200.153 | attack | 2020-10-05 13:38:42.560833-0500 localhost screensharingd[20506]: Authentication: FAILED :: User Name: N/A :: Viewer Address: 163.19.200.153 :: Type: VNC DES |
2020-10-06 06:10:21 |
| 122.51.10.222 | attackspam | Oct 5 23:15:22 router sshd[11173]: Failed password for root from 122.51.10.222 port 49318 ssh2 Oct 5 23:20:27 router sshd[11242]: Failed password for root from 122.51.10.222 port 48460 ssh2 ... |
2020-10-06 06:16:31 |
| 174.204.206.159 | attack | Brute forcing email accounts |
2020-10-06 06:25:01 |
| 111.231.88.39 | attack | SSH login attempts. |
2020-10-06 05:50:18 |
| 200.54.242.46 | attackbotsspam | Failed password for invalid user root from 200.54.242.46 port 56600 ssh2 |
2020-10-06 05:53:20 |
| 31.181.127.23 | attackspam | 445/tcp 445/tcp [2020-10-04]2pkt |
2020-10-06 06:15:56 |
| 125.45.76.152 | attack | Oct 4 22:40:22 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=125.45.76.152 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=43634 DF PROTO=TCP SPT=57002 DPT=80 WINDOW=29040 RES=0x00 SYN URGP=0 Oct 4 22:40:23 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=125.45.76.152 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=43635 DF PROTO=TCP SPT=57002 DPT=80 WINDOW=29040 RES=0x00 SYN URGP=0 Oct 4 22:40:25 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=125.45.76.152 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=43636 DF PROTO=TCP SPT=57002 DPT=80 WINDOW=29040 RES=0x00 SYN URGP=0 |
2020-10-06 05:52:10 |
| 59.42.37.213 | attackspam | 2020-10-05T01:12:24.004360mail.standpoint.com.ua sshd[7094]: Failed password for root from 59.42.37.213 port 6259 ssh2 2020-10-05T01:14:17.868094mail.standpoint.com.ua sshd[7343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.42.37.213 user=root 2020-10-05T01:14:19.552962mail.standpoint.com.ua sshd[7343]: Failed password for root from 59.42.37.213 port 7175 ssh2 2020-10-05T01:16:12.524068mail.standpoint.com.ua sshd[7608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.42.37.213 user=root 2020-10-05T01:16:14.329398mail.standpoint.com.ua sshd[7608]: Failed password for root from 59.42.37.213 port 7740 ssh2 ... |
2020-10-06 06:05:31 |
| 103.90.190.54 | attackbots | fail2ban -- 103.90.190.54 ... |
2020-10-06 06:12:11 |
| 49.233.26.110 | attackspam | Oct 5 18:36:17 roki-contabo sshd\[29531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.26.110 user=root Oct 5 18:36:19 roki-contabo sshd\[29531\]: Failed password for root from 49.233.26.110 port 56118 ssh2 Oct 5 18:43:07 roki-contabo sshd\[29763\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.26.110 user=root Oct 5 18:43:09 roki-contabo sshd\[29763\]: Failed password for root from 49.233.26.110 port 60322 ssh2 Oct 5 18:47:34 roki-contabo sshd\[1136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.26.110 user=root ... |
2020-10-06 06:17:48 |
| 139.59.40.240 | attackbotsspam | Oct 6 00:07:06 rancher-0 sshd[488183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root Oct 6 00:07:08 rancher-0 sshd[488183]: Failed password for root from 139.59.40.240 port 56898 ssh2 ... |
2020-10-06 06:15:31 |