City: unknown
Region: unknown
Country: Singapore
Internet Service Provider: StarHub Internet Pte Ltd
Hostname: unknown
Organization: unknown
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attack | Jan 2 06:07:37 debian-2gb-nbg1-2 kernel: \[200987.596049\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=27.54.42.19 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=234 ID=6509 PROTO=TCP SPT=49401 DPT=622 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-01-02 14:11:44 |
| attackspambots | Jan 1 15:54:46 debian-2gb-nbg1-2 kernel: \[149818.187169\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=27.54.42.19 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=59214 PROTO=TCP SPT=56805 DPT=522 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-01-01 23:01:29 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.54.42.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42242
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.54.42.19. IN A
;; AUTHORITY SECTION:
. 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020010100 1800 900 604800 86400
;; Query time: 1 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: Wed Jan 01 23:09:41 CST 2020
;; MSG SIZE rcvd: 115
Host 19.42.54.27.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 19.42.54.27.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 106.75.7.70 | attackspam | Apr 1 06:07:43 markkoudstaal sshd[21571]: Failed password for root from 106.75.7.70 port 51156 ssh2 Apr 1 06:10:46 markkoudstaal sshd[22003]: Failed password for root from 106.75.7.70 port 54974 ssh2 |
2020-04-01 13:41:24 |
| 81.34.85.25 | attackspam | Apr 1 05:54:31 web1 postfix/smtpd\[794\]: warning: 25.red-81-34-85.dynamicip.rima-tde.net\[81.34.85.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 1 05:54:37 web1 postfix/smtpd\[794\]: warning: 25.red-81-34-85.dynamicip.rima-tde.net\[81.34.85.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 1 05:54:47 web1 postfix/smtpd\[794\]: warning: 25.red-81-34-85.dynamicip.rima-tde.net\[81.34.85.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-04-01 13:28:36 |
| 125.161.130.18 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 01-04-2020 04:55:09. |
2020-04-01 13:18:17 |
| 73.135.120.130 | attackspam | Automatic report - SSH Brute-Force Attack |
2020-04-01 13:28:55 |
| 182.189.212.62 | attackspam | Apr 1 05:55:05 debian-2gb-nbg1-2 kernel: \[7972355.139167\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=182.189.212.62 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=3211 PROTO=TCP SPT=42766 DPT=26 WINDOW=53366 RES=0x00 SYN URGP=0 |
2020-04-01 13:21:33 |
| 168.187.106.132 | attackspambots | Attempt to attack host OS, exploiting network vulnerabilities, on 01-04-2020 04:55:10. |
2020-04-01 13:14:32 |
| 123.18.120.236 | attackbotsspam | Attempt to attack host OS, exploiting network vulnerabilities, on 01-04-2020 04:55:09. |
2020-04-01 13:19:39 |
| 192.34.57.113 | attackbots | Apr 1 06:54:29 vpn01 sshd[18744]: Failed password for root from 192.34.57.113 port 40146 ssh2 ... |
2020-04-01 13:42:41 |
| 138.128.9.91 | attackspam | (From webmasterdesigners4u@gmail.com) Hello, Making it big on the Web can be tough on businesses - this much I know. All my clients, before meeting me, were having the same problems as you with your website. It's definitely okay with the basic features, but it lacks the upgraded design that just pleases Google. If you want to make it big this year and actually make a ton of profit from your digital assets, reach out to me today. I am an independent Web designer and SEO expert, and I can help you improve your website's performance from within and from without. If you are interested, I'll send you my portfolio and tell you how my skills can help your website become more beautiful and efficient. The rates of my services are relatively cheap that even small companies can afford them. Please let me know if you're interested so that I can give you a free consultation via a phone call. I look forward to speaking with you soon. - Mario Ferguson |
2020-04-01 13:32:11 |
| 106.12.48.78 | attackbots | k+ssh-bruteforce |
2020-04-01 13:25:14 |
| 95.178.157.192 | attackbotsspam | Telnetd brute force attack detected by fail2ban |
2020-04-01 13:51:14 |
| 198.98.52.100 | attack | April 01 2020, 05:22:02 [sshd] - Banned from the Cipher Host hosting platform by Fail2ban. |
2020-04-01 13:42:22 |
| 190.52.112.37 | attackspambots | Apr 1 03:56:27 powerpi2 sshd[16960]: Failed password for root from 190.52.112.37 port 59057 ssh2 Apr 1 04:01:00 powerpi2 sshd[17188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.52.112.37 user=root Apr 1 04:01:02 powerpi2 sshd[17188]: Failed password for root from 190.52.112.37 port 51228 ssh2 ... |
2020-04-01 13:43:00 |
| 180.76.141.184 | attackspam | Mar 31 19:34:23 hanapaa sshd\[8039\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.141.184 user=root Mar 31 19:34:25 hanapaa sshd\[8039\]: Failed password for root from 180.76.141.184 port 38386 ssh2 Mar 31 19:39:35 hanapaa sshd\[8358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.141.184 user=root Mar 31 19:39:36 hanapaa sshd\[8358\]: Failed password for root from 180.76.141.184 port 39198 ssh2 Mar 31 19:44:22 hanapaa sshd\[8667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.141.184 user=root |
2020-04-01 13:46:39 |
| 146.88.240.4 | attackbotsspam | 146.88.240.4 was recorded 139 times by 12 hosts attempting to connect to the following ports: 5353,11211,1434,123,1194,17,27960,520,5093,161,1900,69,1701,111. Incident counter (4h, 24h, all-time): 139, 313, 67775 |
2020-04-01 13:47:00 |