City: Cape Town
Region: Western Cape
Country: South Africa
Internet Service Provider: Vodacom
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attackspam | Apr 30 03:10:17 gw1 sshd[30946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.0.202.246 Apr 30 03:10:18 gw1 sshd[30946]: Failed password for invalid user lgardner from 41.0.202.246 port 42464 ssh2 ... |
2020-04-30 06:15:05 |
| attack | Apr 20 21:44:00 server sshd[20286]: Failed password for root from 41.0.202.246 port 34390 ssh2 Apr 20 21:50:31 server sshd[21788]: Failed password for root from 41.0.202.246 port 42170 ssh2 Apr 20 21:57:01 server sshd[23369]: Failed password for root from 41.0.202.246 port 49966 ssh2 |
2020-04-21 04:55:41 |
| attackspambots | (sshd) Failed SSH login from 41.0.202.246 (ZA/South Africa/mail.kga.co.za): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 13 20:05:48 ubnt-55d23 sshd[5445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.0.202.246 user=root Apr 13 20:05:51 ubnt-55d23 sshd[5445]: Failed password for root from 41.0.202.246 port 46312 ssh2 |
2020-04-14 05:59:57 |
| attackspam | 2020-04-10T08:16:44.185602centos sshd[5653]: Invalid user mongodb from 41.0.202.246 port 44616 2020-04-10T08:16:46.490012centos sshd[5653]: Failed password for invalid user mongodb from 41.0.202.246 port 44616 ssh2 2020-04-10T08:23:36.333238centos sshd[6103]: Invalid user user from 41.0.202.246 port 55252 ... |
2020-04-10 16:39:13 |
| attackbots | Apr 9 10:23:31 cloud sshd[3296]: Failed password for admin from 41.0.202.246 port 33586 ssh2 Apr 9 10:36:31 cloud sshd[3459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.0.202.246 |
2020-04-09 18:49:32 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.0.202.246
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25255
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.0.202.246. IN A
;; AUTHORITY SECTION:
. 369 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020040402 1800 900 604800 86400
;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 05 05:18:12 CST 2020
;; MSG SIZE rcvd: 116
246.202.0.41.in-addr.arpa domain name pointer mail.kga.co.za.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
246.202.0.41.in-addr.arpa name = mail.kga.co.za.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 159.203.141.208 | attackspam | Sep 1 23:17:18 markkoudstaal sshd[22096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.141.208 Sep 1 23:17:20 markkoudstaal sshd[22096]: Failed password for invalid user orca from 159.203.141.208 port 47050 ssh2 Sep 1 23:21:10 markkoudstaal sshd[22453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.141.208 |
2019-09-02 05:57:46 |
| 106.12.24.170 | attack | $f2bV_matches |
2019-09-02 05:28:02 |
| 182.72.31.173 | attack | Unauthorized connection attempt from IP address 182.72.31.173 on Port 445(SMB) |
2019-09-02 05:44:50 |
| 77.247.110.147 | attackbotsspam | 09/01/2019-13:32:09.130040 77.247.110.147 Protocol: 17 ET SCAN Sipvicious Scan |
2019-09-02 05:43:48 |
| 185.175.93.14 | attackspam | 09/01/2019-15:56:04.002972 185.175.93.14 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-09-02 05:38:01 |
| 54.38.33.186 | attackbots | "Fail2Ban detected SSH brute force attempt" |
2019-09-02 05:28:18 |
| 77.224.207.206 | attack | Automatic report - Port Scan Attack |
2019-09-02 05:12:07 |
| 62.94.206.57 | attackspam | Sep 1 21:11:35 hb sshd\[26042\]: Invalid user acacia from 62.94.206.57 Sep 1 21:11:35 hb sshd\[26042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-206-57.sn1.clouditalia.com Sep 1 21:11:36 hb sshd\[26042\]: Failed password for invalid user acacia from 62.94.206.57 port 40506 ssh2 Sep 1 21:16:20 hb sshd\[26393\]: Invalid user nexus from 62.94.206.57 Sep 1 21:16:20 hb sshd\[26393\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-206-57.sn1.clouditalia.com |
2019-09-02 05:32:35 |
| 114.85.3.57 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2019-09-02 05:58:11 |
| 152.231.29.79 | attackspam | Caught in portsentry honeypot |
2019-09-02 05:53:10 |
| 138.68.94.173 | attack | 2019-09-01T19:27:06.454199 sshd[24641]: Invalid user akee from 138.68.94.173 port 48562 2019-09-01T19:27:06.469367 sshd[24641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2019-09-01T19:27:06.454199 sshd[24641]: Invalid user akee from 138.68.94.173 port 48562 2019-09-01T19:27:08.106099 sshd[24641]: Failed password for invalid user akee from 138.68.94.173 port 48562 ssh2 2019-09-01T19:32:29.041252 sshd[24718]: Invalid user cody from 138.68.94.173 port 37338 ... |
2019-09-02 05:51:14 |
| 186.237.53.198 | attackspam | Brute forcing RDP port 3389 |
2019-09-02 05:15:20 |
| 121.7.127.92 | attackspam | Sep 1 07:58:02 wbs sshd\[1866\]: Invalid user netadmin from 121.7.127.92 Sep 1 07:58:02 wbs sshd\[1866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bb121-7-127-92.singnet.com.sg Sep 1 07:58:05 wbs sshd\[1866\]: Failed password for invalid user netadmin from 121.7.127.92 port 44376 ssh2 Sep 1 08:03:01 wbs sshd\[2315\]: Invalid user 12345 from 121.7.127.92 Sep 1 08:03:01 wbs sshd\[2315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bb121-7-127-92.singnet.com.sg |
2019-09-02 05:18:44 |
| 106.75.216.98 | attack | Sep 1 23:59:39 server sshd\[3794\]: Invalid user joe from 106.75.216.98 port 44350 Sep 1 23:59:39 server sshd\[3794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.216.98 Sep 1 23:59:41 server sshd\[3794\]: Failed password for invalid user joe from 106.75.216.98 port 44350 ssh2 Sep 2 00:04:20 server sshd\[6513\]: Invalid user prueba from 106.75.216.98 port 59010 Sep 2 00:04:20 server sshd\[6513\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.216.98 |
2019-09-02 05:16:35 |
| 117.214.232.45 | attack | Unauthorized connection attempt from IP address 117.214.232.45 on Port 445(SMB) |
2019-09-02 05:11:33 |