City: Naples
Region: Regione Campania
Country: Italy
Internet Service Provider: Vodafone
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 2.45.100.120 | attack | Automatic report - Banned IP Access |
2020-08-20 19:12:17 |
| 2.45.100.120 | attack | Automatic report - Banned IP Access |
2020-07-24 06:23:55 |
| 2.45.100.120 | attack | Unauthorized connection attempt detected from IP address 2.45.100.120 to port 88 |
2020-03-17 19:34:31 |
| 2.45.100.208 | attackbotsspam | unauthorized connection attempt |
2020-02-04 17:20:48 |
| 2.45.100.208 | attack | [portscan] tcp/23 [TELNET] *(RWIN=18808)(11190859) |
2019-11-19 18:36:10 |
| 2.45.100.208 | attackspambots | Automatic report - Port Scan Attack |
2019-10-18 03:35:34 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.45.100.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25035
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.45.100.109. IN A
;; AUTHORITY SECTION:
. 366 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022100602 1800 900 604800 86400
;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 07 08:11:42 CST 2022
;; MSG SIZE rcvd: 105109.100.45.2.in-addr.arpa domain name pointer net-2-45-100-109.cust.vodafonedsl.it.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
109.100.45.2.in-addr.arpa name = net-2-45-100-109.cust.vodafonedsl.it.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 213.14.177.253 | attack | Splunk® : port scan detected: Aug 22 15:27:58 testbed kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=213.14.177.253 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=10539 PROTO=TCP SPT=48102 DPT=60001 WINDOW=34014 RES=0x00 SYN URGP=0 |
2019-08-23 10:04:59 |
| 221.132.17.74 | attackbots | Aug 22 12:26:48 hanapaa sshd\[27655\]: Invalid user langton from 221.132.17.74 Aug 22 12:26:48 hanapaa sshd\[27655\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.132.17.74 Aug 22 12:26:50 hanapaa sshd\[27655\]: Failed password for invalid user langton from 221.132.17.74 port 40408 ssh2 Aug 22 12:31:47 hanapaa sshd\[28083\]: Invalid user mokua from 221.132.17.74 Aug 22 12:31:47 hanapaa sshd\[28083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.132.17.74 |
2019-08-23 09:46:42 |
| 62.210.172.134 | attackbotsspam | $f2bV_matches |
2019-08-23 10:07:46 |
| 110.6.28.222 | attack | Unauthorised access (Aug 22) SRC=110.6.28.222 LEN=40 TTL=49 ID=59806 TCP DPT=8080 WINDOW=29226 SYN |
2019-08-23 10:12:36 |
| 213.230.209.140 | attackspam | Aug 23 00:43:22 hcbbdb sshd\[3360\]: Invalid user serge from 213.230.209.140 Aug 23 00:43:22 hcbbdb sshd\[3360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vm0.vlt.gr4d3.uk Aug 23 00:43:24 hcbbdb sshd\[3360\]: Failed password for invalid user serge from 213.230.209.140 port 34918 ssh2 Aug 23 00:47:17 hcbbdb sshd\[3785\]: Invalid user winston from 213.230.209.140 Aug 23 00:47:17 hcbbdb sshd\[3785\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vm0.vlt.gr4d3.uk |
2019-08-23 09:55:07 |
| 185.211.245.169 | attack | Tried to gain admin acces to a Wordpress instance via indoxploit. Then tried to send spam using xrumer. |
2019-08-23 09:32:39 |
| 149.202.164.82 | attackbots | Invalid user ts from 149.202.164.82 port 34634 |
2019-08-23 09:54:04 |
| 159.65.8.104 | attackspam | *Port Scan* detected from 159.65.8.104 (SG/Singapore/-). 4 hits in the last 120 seconds |
2019-08-23 09:48:54 |
| 47.104.17.216 | attackspambots | SS5,DEF GET /phpmyadmin/index.php |
2019-08-23 09:34:30 |
| 148.81.16.135 | attackspambots | (sshd) Failed SSH login from 148.81.16.135 (-): 5 in the last 3600 secs |
2019-08-23 10:02:44 |
| 167.71.215.72 | attackspam | Aug 23 02:39:29 microserver sshd[43034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.215.72 Aug 23 02:39:31 microserver sshd[43034]: Failed password for invalid user telnetd from 167.71.215.72 port 54249 ssh2 Aug 23 02:44:17 microserver sshd[43650]: Invalid user phil from 167.71.215.72 port 38005 Aug 23 02:44:17 microserver sshd[43650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.215.72 Aug 23 02:58:26 microserver sshd[45484]: Invalid user chris from 167.71.215.72 port 25918 Aug 23 02:58:26 microserver sshd[45484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.215.72 Aug 23 02:58:28 microserver sshd[45484]: Failed password for invalid user chris from 167.71.215.72 port 25918 ssh2 Aug 23 03:03:11 microserver sshd[46133]: Invalid user judge from 167.71.215.72 port 50726 Aug 23 03:03:11 microserver sshd[46133]: pam_unix(sshd:auth): authentication failure; logname= |
2019-08-23 09:53:01 |
| 187.111.55.34 | attack | Try access to SMTP/POP/IMAP server. |
2019-08-23 09:26:17 |
| 117.211.32.20 | attackspambots | Lines containing failures of 117.211.32.20 Aug 22 21:15:06 hwd04 sshd[21015]: Did not receive identification string from 117.211.32.20 port 49431 Aug 22 21:15:10 hwd04 sshd[21018]: Invalid user tech from 117.211.32.20 port 56855 Aug 22 21:15:10 hwd04 sshd[21018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.211.32.20 Aug 22 21:15:12 hwd04 sshd[21018]: Failed password for invalid user tech from 117.211.32.20 port 56855 ssh2 Aug 22 21:15:12 hwd04 sshd[21018]: Connection closed by invalid user tech 117.211.32.20 port 56855 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.211.32.20 |
2019-08-23 09:40:48 |
| 150.95.110.73 | attack | [Aegis] @ 2019-08-23 00:59:40 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack |
2019-08-23 09:57:03 |
| 36.89.146.252 | attack | Aug 22 21:24:14 xeon sshd[58562]: Failed password for invalid user engel from 36.89.146.252 port 51816 ssh2 |
2019-08-23 10:01:42 |