City: Ashaiman
Region: Greater Accra Region
Country: Ghana
Internet Service Provider: Y-Zone Service
Hostname: unknown
Organization: unknown
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attackbotsspam | Sep 17 12:53:03 mail.srvfarm.net postfix/smtpd[18902]: warning: unknown[41.139.11.128]: SASL PLAIN authentication failed: Sep 17 12:53:03 mail.srvfarm.net postfix/smtpd[18902]: lost connection after AUTH from unknown[41.139.11.128] Sep 17 12:56:00 mail.srvfarm.net postfix/smtps/smtpd[19071]: warning: unknown[41.139.11.128]: SASL PLAIN authentication failed: Sep 17 12:56:00 mail.srvfarm.net postfix/smtps/smtpd[19071]: lost connection after AUTH from unknown[41.139.11.128] Sep 17 13:01:26 mail.srvfarm.net postfix/smtpd[18571]: warning: unknown[41.139.11.128]: SASL PLAIN authentication failed: |
2020-09-18 01:42:39 |
| attack | Sep 16 18:29:59 mail.srvfarm.net postfix/smtpd[3602399]: warning: unknown[41.139.11.128]: SASL PLAIN authentication failed: Sep 16 18:29:59 mail.srvfarm.net postfix/smtpd[3602399]: lost connection after AUTH from unknown[41.139.11.128] Sep 16 18:30:16 mail.srvfarm.net postfix/smtpd[3601766]: warning: unknown[41.139.11.128]: SASL PLAIN authentication failed: Sep 16 18:30:16 mail.srvfarm.net postfix/smtpd[3601766]: lost connection after AUTH from unknown[41.139.11.128] Sep 16 18:35:17 mail.srvfarm.net postfix/smtps/smtpd[3601498]: warning: unknown[41.139.11.128]: SASL PLAIN authentication failed: |
2020-09-17 17:44:09 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 41.139.11.150 | attackbots | Oct 8 16:33:59 mail.srvfarm.net postfix/smtps/smtpd[3748181]: warning: unknown[41.139.11.150]: SASL PLAIN authentication failed: Oct 8 16:33:59 mail.srvfarm.net postfix/smtps/smtpd[3748181]: lost connection after AUTH from unknown[41.139.11.150] Oct 8 16:36:34 mail.srvfarm.net postfix/smtps/smtpd[3750954]: warning: unknown[41.139.11.150]: SASL PLAIN authentication failed: Oct 8 16:36:34 mail.srvfarm.net postfix/smtps/smtpd[3750954]: lost connection after AUTH from unknown[41.139.11.150] Oct 8 16:41:40 mail.srvfarm.net postfix/smtps/smtpd[3751242]: warning: unknown[41.139.11.150]: SASL PLAIN authentication failed: |
2020-10-09 01:38:56 |
| 41.139.11.150 | attackspambots | Autoban 41.139.11.150 AUTH/CONNECT |
2020-10-08 17:35:42 |
| 41.139.11.145 | attack | Sep 16 18:48:08 mail.srvfarm.net postfix/smtpd[3603171]: warning: unknown[41.139.11.145]: SASL PLAIN authentication failed: Sep 16 18:48:08 mail.srvfarm.net postfix/smtpd[3603171]: lost connection after AUTH from unknown[41.139.11.145] Sep 16 18:49:15 mail.srvfarm.net postfix/smtpd[3602401]: warning: unknown[41.139.11.145]: SASL PLAIN authentication failed: Sep 16 18:49:15 mail.srvfarm.net postfix/smtpd[3602401]: lost connection after AUTH from unknown[41.139.11.145] Sep 16 18:54:06 mail.srvfarm.net postfix/smtps/smtpd[3607473]: warning: unknown[41.139.11.145]: SASL PLAIN authentication failed: |
2020-09-18 01:42:25 |
| 41.139.11.145 | attack | Sep 16 18:48:08 mail.srvfarm.net postfix/smtpd[3603171]: warning: unknown[41.139.11.145]: SASL PLAIN authentication failed: Sep 16 18:48:08 mail.srvfarm.net postfix/smtpd[3603171]: lost connection after AUTH from unknown[41.139.11.145] Sep 16 18:49:15 mail.srvfarm.net postfix/smtpd[3602401]: warning: unknown[41.139.11.145]: SASL PLAIN authentication failed: Sep 16 18:49:15 mail.srvfarm.net postfix/smtpd[3602401]: lost connection after AUTH from unknown[41.139.11.145] Sep 16 18:54:06 mail.srvfarm.net postfix/smtps/smtpd[3607473]: warning: unknown[41.139.11.145]: SASL PLAIN authentication failed: |
2020-09-17 17:43:52 |
| 41.139.11.61 | attackbots | Aug 16 05:19:37 mail.srvfarm.net postfix/smtpd[1888825]: warning: unknown[41.139.11.61]: SASL PLAIN authentication failed: Aug 16 05:19:37 mail.srvfarm.net postfix/smtpd[1888825]: lost connection after AUTH from unknown[41.139.11.61] Aug 16 05:26:25 mail.srvfarm.net postfix/smtpd[1875198]: warning: unknown[41.139.11.61]: SASL PLAIN authentication failed: Aug 16 05:26:25 mail.srvfarm.net postfix/smtpd[1875198]: lost connection after AUTH from unknown[41.139.11.61] Aug 16 05:27:18 mail.srvfarm.net postfix/smtps/smtpd[1888818]: warning: unknown[41.139.11.61]: SASL PLAIN authentication failed: |
2020-08-16 13:09:07 |
| 41.139.11.159 | attack | Aug 15 00:27:23 mail.srvfarm.net postfix/smtpd[907544]: warning: unknown[41.139.11.159]: SASL PLAIN authentication failed: Aug 15 00:27:23 mail.srvfarm.net postfix/smtpd[907544]: lost connection after AUTH from unknown[41.139.11.159] Aug 15 00:34:27 mail.srvfarm.net postfix/smtps/smtpd[908453]: warning: unknown[41.139.11.159]: SASL PLAIN authentication failed: Aug 15 00:34:27 mail.srvfarm.net postfix/smtps/smtpd[908453]: lost connection after AUTH from unknown[41.139.11.159] Aug 15 00:37:03 mail.srvfarm.net postfix/smtpd[908819]: warning: unknown[41.139.11.159]: SASL PLAIN authentication failed: |
2020-08-15 17:12:20 |
| 41.139.11.35 | attack | Jun 16 05:01:34 mail.srvfarm.net postfix/smtps/smtpd[916122]: warning: unknown[41.139.11.35]: SASL PLAIN authentication failed: Jun 16 05:01:34 mail.srvfarm.net postfix/smtps/smtpd[916122]: lost connection after AUTH from unknown[41.139.11.35] Jun 16 05:04:42 mail.srvfarm.net postfix/smtps/smtpd[913342]: warning: unknown[41.139.11.35]: SASL PLAIN authentication failed: Jun 16 05:04:42 mail.srvfarm.net postfix/smtps/smtpd[913342]: lost connection after AUTH from unknown[41.139.11.35] Jun 16 05:08:20 mail.srvfarm.net postfix/smtps/smtpd[916121]: lost connection after CONNECT from unknown[41.139.11.35] |
2020-06-16 17:44:34 |
| 41.139.11.115 | attackbots | Jun 16 05:05:27 mail.srvfarm.net postfix/smtps/smtpd[914306]: lost connection after CONNECT from unknown[41.139.11.115] Jun 16 05:08:23 mail.srvfarm.net postfix/smtps/smtpd[935138]: lost connection after CONNECT from unknown[41.139.11.115] Jun 16 05:11:32 mail.srvfarm.net postfix/smtpd[935207]: warning: unknown[41.139.11.115]: SASL PLAIN authentication failed: Jun 16 05:11:32 mail.srvfarm.net postfix/smtpd[935207]: lost connection after AUTH from unknown[41.139.11.115] Jun 16 05:12:00 mail.srvfarm.net postfix/smtps/smtpd[938181]: lost connection after CONNECT from unknown[41.139.11.115] |
2020-06-16 17:30:30 |
| 41.139.11.160 | attackspambots | Jun 16 05:25:33 mail.srvfarm.net postfix/smtpd[921341]: warning: unknown[41.139.11.160]: SASL PLAIN authentication failed: Jun 16 05:25:33 mail.srvfarm.net postfix/smtpd[921341]: lost connection after AUTH from unknown[41.139.11.160] Jun 16 05:30:56 mail.srvfarm.net postfix/smtps/smtpd[937456]: warning: unknown[41.139.11.160]: SASL PLAIN authentication failed: Jun 16 05:30:56 mail.srvfarm.net postfix/smtps/smtpd[937456]: lost connection after AUTH from unknown[41.139.11.160] Jun 16 05:34:51 mail.srvfarm.net postfix/smtpd[935205]: warning: unknown[41.139.11.160]: SASL PLAIN authentication failed: |
2020-06-16 15:49:27 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.139.11.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46645
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.139.11.128. IN A
;; AUTHORITY SECTION:
. 241 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020091602 1800 900 604800 86400
;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 17 08:53:26 CST 2020
;; MSG SIZE rcvd: 117Host 128.11.139.41.in-addr.arpa not found: 2(SERVFAIL)
;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 128.11.139.41.in-addr.arpa: SERVFAIL
| IP | Type | Details | Datetime |
|---|---|---|---|
| 23.94.133.72 | attack | Automatic report - Banned IP Access |
2019-10-09 06:09:50 |
| 207.46.13.16 | attack | Automatic report - Banned IP Access |
2019-10-09 06:19:28 |
| 159.65.148.115 | attackbots | Oct 8 22:03:16 ArkNodeAT sshd\[12431\]: Invalid user Toxic123 from 159.65.148.115 Oct 8 22:03:16 ArkNodeAT sshd\[12431\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.148.115 Oct 8 22:03:18 ArkNodeAT sshd\[12431\]: Failed password for invalid user Toxic123 from 159.65.148.115 port 54516 ssh2 |
2019-10-09 06:20:35 |
| 193.169.39.254 | attackbots | Oct 8 23:31:09 SilenceServices sshd[18769]: Failed password for root from 193.169.39.254 port 41430 ssh2 Oct 8 23:35:21 SilenceServices sshd[19881]: Failed password for root from 193.169.39.254 port 51222 ssh2 |
2019-10-09 05:58:40 |
| 108.179.224.77 | attackbots | WordPress brute force |
2019-10-09 06:01:47 |
| 178.128.59.109 | attack | Oct 6 06:29:06 econome sshd[13793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.59.109 user=r.r Oct 6 06:29:09 econome sshd[13793]: Failed password for r.r from 178.128.59.109 port 44262 ssh2 Oct 6 06:29:09 econome sshd[13793]: Received disconnect from 178.128.59.109: 11: Bye Bye [preauth] Oct 6 06:33:29 econome sshd[14183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.59.109 user=r.r Oct 6 06:33:31 econome sshd[14183]: Failed password for r.r from 178.128.59.109 port 55956 ssh2 Oct 6 06:33:31 econome sshd[14183]: Received disconnect from 178.128.59.109: 11: Bye Bye [preauth] Oct 6 06:37:40 econome sshd[14545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.59.109 user=r.r .... truncated .... Oct 6 06:29:06 econome sshd[13793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser........ ------------------------------- |
2019-10-09 06:02:30 |
| 201.131.155.188 | attackspam | Unauthorized connection attempt from IP address 201.131.155.188 on Port 445(SMB) |
2019-10-09 06:24:03 |
| 117.0.35.153 | attackspam | Oct 8 16:03:38 aragorn sshd[15832]: Invalid user znakomstvo-club from 117.0.35.153 Oct 8 16:03:40 aragorn sshd[15834]: Invalid user nagios from 117.0.35.153 ... |
2019-10-09 06:10:19 |
| 216.57.228.2 | attackbots | wp bruteforce |
2019-10-09 06:04:17 |
| 173.56.69.86 | attackspambots | port scan and connect, tcp 1433 (ms-sql-s) |
2019-10-09 05:59:57 |
| 218.92.0.182 | attackspambots | Oct 8 10:03:16 web9 sshd\[25806\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.182 user=root Oct 8 10:03:18 web9 sshd\[25806\]: Failed password for root from 218.92.0.182 port 58851 ssh2 Oct 8 10:03:20 web9 sshd\[25806\]: Failed password for root from 218.92.0.182 port 58851 ssh2 Oct 8 10:03:33 web9 sshd\[25847\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.182 user=root Oct 8 10:03:35 web9 sshd\[25847\]: Failed password for root from 218.92.0.182 port 16020 ssh2 |
2019-10-09 06:15:18 |
| 197.253.6.249 | attackbotsspam | Oct 8 11:30:37 wbs sshd\[20966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.6.249 user=root Oct 8 11:30:39 wbs sshd\[20966\]: Failed password for root from 197.253.6.249 port 37557 ssh2 Oct 8 11:35:23 wbs sshd\[21395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.6.249 user=root Oct 8 11:35:25 wbs sshd\[21395\]: Failed password for root from 197.253.6.249 port 57758 ssh2 Oct 8 11:40:17 wbs sshd\[21936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.6.249 user=root |
2019-10-09 05:56:10 |
| 204.48.19.178 | attack | Oct 9 00:12:47 localhost sshd\[745\]: Invalid user P4rol4@1234 from 204.48.19.178 port 33994 Oct 9 00:12:47 localhost sshd\[745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.19.178 Oct 9 00:12:49 localhost sshd\[745\]: Failed password for invalid user P4rol4@1234 from 204.48.19.178 port 33994 ssh2 |
2019-10-09 06:18:44 |
| 42.104.97.228 | attack | Oct 8 22:00:19 game-panel sshd[18643]: Failed password for root from 42.104.97.228 port 14937 ssh2 Oct 8 22:03:39 game-panel sshd[18729]: Failed password for root from 42.104.97.228 port 42383 ssh2 Oct 8 22:06:54 game-panel sshd[18863]: Failed password for root from 42.104.97.228 port 26333 ssh2 |
2019-10-09 06:13:21 |
| 124.123.102.122 | attackbotsspam | Unauthorized connection attempt from IP address 124.123.102.122 on Port 445(SMB) |
2019-10-09 06:30:36 |