City: unknown
Region: unknown
Country: Argentina
Internet Service Provider: Telecom Argentina S.A.
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attackspambots | SSH auth scanning - multiple failed logins |
2020-10-11 01:09:26 |
| attackbotsspam | SSH login attempts. |
2020-10-10 17:01:08 |
| attack | (sshd) Failed SSH login from 200.45.147.129 (AR/Argentina/host129.200-45-147.telecom.net.ar): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 7 07:24:32 server sshd[8827]: Invalid user rawlinson from 200.45.147.129 port 63109 Sep 7 07:24:34 server sshd[8827]: Failed password for invalid user rawlinson from 200.45.147.129 port 63109 ssh2 Sep 7 07:35:18 server sshd[12721]: Failed password for root from 200.45.147.129 port 29462 ssh2 Sep 7 07:38:01 server sshd[13549]: Failed password for root from 200.45.147.129 port 44226 ssh2 Sep 7 07:40:42 server sshd[15000]: Failed password for root from 200.45.147.129 port 36018 ssh2 |
2020-09-08 01:18:02 |
| attack | ... |
2020-09-07 16:42:33 |
| attackbots | Aug 27 11:02:32 ip40 sshd[19535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Aug 27 11:02:33 ip40 sshd[19535]: Failed password for invalid user test from 200.45.147.129 port 49947 ssh2 ... |
2020-08-27 20:15:59 |
| attack | Aug 11 18:47:51 ny01 sshd[18013]: Failed password for root from 200.45.147.129 port 6851 ssh2 Aug 11 18:52:39 ny01 sshd[18567]: Failed password for root from 200.45.147.129 port 20302 ssh2 |
2020-08-12 07:29:18 |
| attackbots | Aug 7 22:09:00 game-panel sshd[19181]: Failed password for root from 200.45.147.129 port 4591 ssh2 Aug 7 22:13:46 game-panel sshd[19536]: Failed password for root from 200.45.147.129 port 10974 ssh2 |
2020-08-08 06:37:03 |
| attackbotsspam | Jul 29 23:30:17 ns381471 sshd[7335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Jul 29 23:30:20 ns381471 sshd[7335]: Failed password for invalid user wanghaiqiang from 200.45.147.129 port 10044 ssh2 |
2020-07-30 05:31:27 |
| attackbotsspam | Invalid user production from 200.45.147.129 port 29876 |
2020-07-26 15:45:15 |
| attack | 2020-07-24T05:48:01.374339vps1033 sshd[15047]: Invalid user dmg from 200.45.147.129 port 5857 2020-07-24T05:48:01.379115vps1033 sshd[15047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host129.200-45-147.telecom.net.ar 2020-07-24T05:48:01.374339vps1033 sshd[15047]: Invalid user dmg from 200.45.147.129 port 5857 2020-07-24T05:48:03.403190vps1033 sshd[15047]: Failed password for invalid user dmg from 200.45.147.129 port 5857 ssh2 2020-07-24T05:53:05.576055vps1033 sshd[25968]: Invalid user max from 200.45.147.129 port 51485 ... |
2020-07-24 14:23:34 |
| attackbotsspam | 841. On Jul 16 2020 experienced a Brute Force SSH login attempt -> 6 unique times by 200.45.147.129. |
2020-07-17 08:27:57 |
| attack | Jul 9 15:21:39 electroncash sshd[27516]: Invalid user db2bep from 200.45.147.129 port 44031 Jul 9 15:21:39 electroncash sshd[27516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Jul 9 15:21:39 electroncash sshd[27516]: Invalid user db2bep from 200.45.147.129 port 44031 Jul 9 15:21:42 electroncash sshd[27516]: Failed password for invalid user db2bep from 200.45.147.129 port 44031 ssh2 Jul 9 15:25:34 electroncash sshd[28511]: Invalid user johhny from 200.45.147.129 port 44933 ... |
2020-07-09 21:38:47 |
| attackbotsspam | Jul 7 06:49:49 lnxweb61 sshd[20384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 |
2020-07-07 18:42:22 |
| attackbotsspam | Jun 30 11:30:05 server1 sshd\[11271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 user=brian Jun 30 11:30:07 server1 sshd\[11271\]: Failed password for brian from 200.45.147.129 port 55387 ssh2 Jun 30 11:32:58 server1 sshd\[13231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 user=root Jun 30 11:33:00 server1 sshd\[13231\]: Failed password for root from 200.45.147.129 port 61380 ssh2 Jun 30 11:35:56 server1 sshd\[15334\]: Invalid user mpiuser from 200.45.147.129 ... |
2020-07-02 01:44:41 |
| attack | Jun 27 00:15:00 mail sshd[20581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Jun 27 00:15:02 mail sshd[20581]: Failed password for invalid user xx from 200.45.147.129 port 49261 ssh2 ... |
2020-06-27 09:04:47 |
| attack | Jun 25 22:58:44 dignus sshd[9500]: Invalid user hxy from 200.45.147.129 port 20121 Jun 25 22:58:44 dignus sshd[9500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Jun 25 22:58:46 dignus sshd[9500]: Failed password for invalid user hxy from 200.45.147.129 port 20121 ssh2 Jun 25 23:03:03 dignus sshd[9857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 user=root Jun 25 23:03:05 dignus sshd[9857]: Failed password for root from 200.45.147.129 port 19490 ssh2 ... |
2020-06-26 17:15:53 |
| attack | Jun 22 13:16:52 game-panel sshd[1315]: Failed password for root from 200.45.147.129 port 47330 ssh2 Jun 22 13:18:05 game-panel sshd[1430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Jun 22 13:18:07 game-panel sshd[1430]: Failed password for invalid user dmp from 200.45.147.129 port 40916 ssh2 |
2020-06-22 23:05:33 |
| attackspam | Jun 20 17:49:21 ip-172-31-61-156 sshd[23656]: Invalid user deploy from 200.45.147.129 Jun 20 17:49:22 ip-172-31-61-156 sshd[23656]: Failed password for invalid user deploy from 200.45.147.129 port 29751 ssh2 Jun 20 17:49:21 ip-172-31-61-156 sshd[23656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Jun 20 17:49:21 ip-172-31-61-156 sshd[23656]: Invalid user deploy from 200.45.147.129 Jun 20 17:49:22 ip-172-31-61-156 sshd[23656]: Failed password for invalid user deploy from 200.45.147.129 port 29751 ssh2 ... |
2020-06-21 03:32:02 |
| attack | Jun 19 14:13:56 mellenthin sshd[27579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Jun 19 14:13:58 mellenthin sshd[27579]: Failed password for invalid user mdh from 200.45.147.129 port 18371 ssh2 |
2020-06-20 01:32:49 |
| attackbotsspam | SSH Brute Force |
2020-05-11 07:27:29 |
| attackspam | Observed on multiple hosts. |
2020-05-05 14:16:17 |
| attackbotsspam | Apr 29 15:08:20 XXX sshd[16504]: Invalid user cta from 200.45.147.129 port 39496 |
2020-04-30 08:09:07 |
| attackbotsspam | Apr 28 05:48:01 mail sshd\[10742\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 user=root Apr 28 05:48:03 mail sshd\[10742\]: Failed password for root from 200.45.147.129 port 17091 ssh2 Apr 28 05:55:13 mail sshd\[10818\]: Invalid user teamspeak from 200.45.147.129 Apr 28 05:55:13 mail sshd\[10818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 ... |
2020-04-28 12:02:09 |
| attack | 5x Failed Password |
2020-04-23 20:27:23 |
| attackbotsspam | Apr 23 07:57:45 cloud sshd[26861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Apr 23 07:57:46 cloud sshd[26861]: Failed password for invalid user ubuntu from 200.45.147.129 port 63208 ssh2 |
2020-04-23 14:15:26 |
| attack | Apr 22 21:24:51 srv01 sshd[3820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 user=root Apr 22 21:24:53 srv01 sshd[3820]: Failed password for root from 200.45.147.129 port 6034 ssh2 Apr 22 21:28:37 srv01 sshd[4125]: Invalid user admin from 200.45.147.129 port 58477 Apr 22 21:28:37 srv01 sshd[4125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Apr 22 21:28:37 srv01 sshd[4125]: Invalid user admin from 200.45.147.129 port 58477 Apr 22 21:28:39 srv01 sshd[4125]: Failed password for invalid user admin from 200.45.147.129 port 58477 ssh2 ... |
2020-04-23 03:56:27 |
| attack | Apr 20 16:25:03 pve1 sshd[18168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.45.147.129 Apr 20 16:25:05 pve1 sshd[18168]: Failed password for invalid user admin123 from 200.45.147.129 port 20100 ssh2 ... |
2020-04-20 23:50:37 |
| attack | Apr 10 04:01:52 pkdns2 sshd\[64913\]: Invalid user test from 200.45.147.129Apr 10 04:01:54 pkdns2 sshd\[64913\]: Failed password for invalid user test from 200.45.147.129 port 40528 ssh2Apr 10 04:06:28 pkdns2 sshd\[65173\]: Invalid user sdtdserver from 200.45.147.129Apr 10 04:06:30 pkdns2 sshd\[65173\]: Failed password for invalid user sdtdserver from 200.45.147.129 port 28987 ssh2Apr 10 04:10:53 pkdns2 sshd\[65380\]: Invalid user ubuntu from 200.45.147.129Apr 10 04:10:55 pkdns2 sshd\[65380\]: Failed password for invalid user ubuntu from 200.45.147.129 port 34463 ssh2 ... |
2020-04-10 09:14:41 |
| attackspambots | $f2bV_matches |
2020-04-08 07:27:56 |
| attack | Apr 4 01:54:13 vps647732 sshd[4224]: Failed password for root from 200.45.147.129 port 49694 ssh2 ... |
2020-04-04 08:16:17 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 200.45.147.45 | attack | Automatic report - Port Scan Attack |
2019-07-24 13:43:37 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.45.147.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31671
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.45.147.129. IN A
;; AUTHORITY SECTION:
. 445 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020011400 1800 900 604800 86400
;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 14 16:01:48 CST 2020
;; MSG SIZE rcvd: 118
129.147.45.200.in-addr.arpa domain name pointer host129.200-45-147.telecom.net.ar.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
129.147.45.200.in-addr.arpa name = host129.200-45-147.telecom.net.ar.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 88.84.200.139 | attack | Sep 2 19:57:22 aat-srv002 sshd[30063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.84.200.139 Sep 2 19:57:25 aat-srv002 sshd[30063]: Failed password for invalid user programmer from 88.84.200.139 port 41746 ssh2 Sep 2 20:01:10 aat-srv002 sshd[30172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.84.200.139 Sep 2 20:01:13 aat-srv002 sshd[30172]: Failed password for invalid user informix from 88.84.200.139 port 34435 ssh2 ... |
2019-09-03 10:31:21 |
| 37.59.43.215 | attackspambots | VoIP Brute Force - 37.59.43.215 - Auto Report ... |
2019-09-03 10:46:11 |
| 1.169.30.17 | attackbots | Telnet Server BruteForce Attack |
2019-09-03 10:49:32 |
| 157.230.41.137 | attack | 2019-09-03T02:40:17.319468abusebot-6.cloudsearch.cf sshd\[2021\]: Invalid user zantis from 157.230.41.137 port 39922 |
2019-09-03 10:47:58 |
| 187.8.159.140 | attack | Sep 2 13:15:16 php2 sshd\[11461\]: Invalid user web from 187.8.159.140 Sep 2 13:15:16 php2 sshd\[11461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.8.159.140 Sep 2 13:15:18 php2 sshd\[11461\]: Failed password for invalid user web from 187.8.159.140 port 44691 ssh2 Sep 2 13:20:28 php2 sshd\[11909\]: Invalid user np from 187.8.159.140 Sep 2 13:20:28 php2 sshd\[11909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.8.159.140 |
2019-09-03 11:10:22 |
| 93.113.110.112 | attackspam | 93.113.110.112 - - [03/Sep/2019:02:07:33 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.113.110.112 - - [03/Sep/2019:02:07:33 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.113.110.112 - - [03/Sep/2019:02:07:33 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.113.110.112 - - [03/Sep/2019:02:07:34 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.113.110.112 - - [03/Sep/2019:02:07:34 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.113.110.112 - - [03/Sep/2019:02:07:34 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2019-09-03 11:09:05 |
| 68.183.227.74 | attack | Sep 3 02:35:19 web8 sshd\[6434\]: Invalid user webmaster from 68.183.227.74 Sep 3 02:35:19 web8 sshd\[6434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.227.74 Sep 3 02:35:21 web8 sshd\[6434\]: Failed password for invalid user webmaster from 68.183.227.74 port 36412 ssh2 Sep 3 02:39:54 web8 sshd\[8782\]: Invalid user manager from 68.183.227.74 Sep 3 02:39:54 web8 sshd\[8782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.227.74 |
2019-09-03 10:56:50 |
| 141.98.9.67 | attackspambots | Sep 3 04:58:39 webserver postfix/smtpd\[13964\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 04:59:35 webserver postfix/smtpd\[13964\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 05:00:31 webserver postfix/smtpd\[13964\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 05:01:26 webserver postfix/smtpd\[13574\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 05:02:22 webserver postfix/smtpd\[13574\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2019-09-03 11:02:21 |
| 178.62.252.89 | attackbots | Automatic report - Banned IP Access |
2019-09-03 10:28:18 |
| 107.172.193.134 | attack | Sep 2 16:39:50 hpm sshd\[21036\]: Invalid user oracle from 107.172.193.134 Sep 2 16:39:50 hpm sshd\[21036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=skylab.blackvortex.com.mx Sep 2 16:39:52 hpm sshd\[21036\]: Failed password for invalid user oracle from 107.172.193.134 port 56981 ssh2 Sep 2 16:44:10 hpm sshd\[21376\]: Invalid user lovemba from 107.172.193.134 Sep 2 16:44:10 hpm sshd\[21376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=skylab.blackvortex.com.mx |
2019-09-03 11:08:42 |
| 94.177.215.195 | attack | Sep 3 02:29:54 hb sshd\[15192\]: Invalid user 123 from 94.177.215.195 Sep 3 02:29:54 hb sshd\[15192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.215.195 Sep 3 02:29:56 hb sshd\[15192\]: Failed password for invalid user 123 from 94.177.215.195 port 56180 ssh2 Sep 3 02:34:01 hb sshd\[15527\]: Invalid user ts2 from 94.177.215.195 Sep 3 02:34:01 hb sshd\[15527\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.215.195 |
2019-09-03 10:38:05 |
| 153.35.93.7 | attack | Sep 3 05:58:09 itv-usvr-01 sshd[6058]: Invalid user wking from 153.35.93.7 Sep 3 05:58:09 itv-usvr-01 sshd[6058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.35.93.7 Sep 3 05:58:09 itv-usvr-01 sshd[6058]: Invalid user wking from 153.35.93.7 Sep 3 05:58:10 itv-usvr-01 sshd[6058]: Failed password for invalid user wking from 153.35.93.7 port 58344 ssh2 Sep 3 06:04:57 itv-usvr-01 sshd[6279]: Invalid user abc1 from 153.35.93.7 |
2019-09-03 10:53:09 |
| 14.140.192.7 | attackbotsspam | Sep 3 04:22:22 mail sshd\[13905\]: Invalid user css from 14.140.192.7 port 61648 Sep 3 04:22:22 mail sshd\[13905\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.140.192.7 Sep 3 04:22:24 mail sshd\[13905\]: Failed password for invalid user css from 14.140.192.7 port 61648 ssh2 Sep 3 04:22:52 mail sshd\[13967\]: Invalid user ftp1 from 14.140.192.7 port 49451 Sep 3 04:22:52 mail sshd\[13967\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.140.192.7 |
2019-09-03 11:05:32 |
| 138.121.161.198 | attack | Sep 3 04:19:20 bouncer sshd\[18354\]: Invalid user admin from 138.121.161.198 port 45456 Sep 3 04:19:20 bouncer sshd\[18354\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.161.198 Sep 3 04:19:22 bouncer sshd\[18354\]: Failed password for invalid user admin from 138.121.161.198 port 45456 ssh2 ... |
2019-09-03 10:38:30 |
| 192.3.209.173 | attack | Sep 2 22:30:35 TORMINT sshd\[13276\]: Invalid user jeff from 192.3.209.173 Sep 2 22:30:35 TORMINT sshd\[13276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.3.209.173 Sep 2 22:30:37 TORMINT sshd\[13276\]: Failed password for invalid user jeff from 192.3.209.173 port 34884 ssh2 ... |
2019-09-03 10:33:51 |