City: unknown
Region: unknown
Country: Egypt
Internet Service Provider: TE Data
Hostname: unknown
Organization: unknown
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attack | Invalid user admin from 41.45.142.147 port 43408 |
2019-08-23 21:33:57 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.45.142.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16418
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.45.142.147. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019082300 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 23 21:33:43 CST 2019
;; MSG SIZE rcvd: 117
147.142.45.41.in-addr.arpa domain name pointer host-41.45.142.147.tedata.net.
Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
147.142.45.41.in-addr.arpa name = host-41.45.142.147.tedata.net.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 185.175.93.34 | attackbots | ET DROP Dshield Block Listed Source group 1 - port: 3383 proto: TCP cat: Misc Attack |
2020-04-17 05:52:31 |
| 185.53.88.180 | attackbots | 185.53.88.180 was recorded 7 times by 7 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 7, 18, 18 |
2020-04-17 05:53:50 |
| 101.206.235.14 | attackspam | 2020-04-17T07:15:05.771025luisaranguren sshd[1082827]: Invalid user ftpuser from 101.206.235.14 port 60676 2020-04-17T07:15:07.704541luisaranguren sshd[1082827]: Failed password for invalid user ftpuser from 101.206.235.14 port 60676 ssh2 ... |
2020-04-17 05:37:54 |
| 203.147.104.32 | attackbotsspam | ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic |
2020-04-17 05:48:55 |
| 89.248.168.112 | attackbotsspam | 23/tcp 21/tcp 9080/tcp... [2020-02-17/04-16]177pkt,16pt.(tcp) |
2020-04-17 06:00:01 |
| 221.176.177.46 | attackbots | ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic |
2020-04-17 05:46:56 |
| 184.106.81.166 | attackbots | ET SCAN Sipvicious Scan - port: 5060 proto: UDP cat: Attempted Information Leak |
2020-04-17 05:54:36 |
| 71.6.146.130 | attackspam | ET CINS Active Threat Intelligence Poor Reputation IP group 59 - port: 20547 proto: TCP cat: Misc Attack |
2020-04-17 06:05:10 |
| 112.85.42.94 | attackbots | SSH Brute Force |
2020-04-17 05:35:23 |
| 106.13.140.33 | attack | SSH Brute Force |
2020-04-17 05:36:47 |
| 178.128.13.87 | attackbotsspam | SSH Brute Force |
2020-04-17 05:29:06 |
| 49.235.104.204 | attackspam | SSH Brute Force |
2020-04-17 05:43:23 |
| 91.121.2.33 | attack | SSH Brute Force |
2020-04-17 05:39:31 |
| 77.247.108.119 | attack | Apr 16 22:39:53 debian-2gb-nbg1-2 kernel: \[9328572.212794\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=77.247.108.119 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x20 TTL=242 ID=46563 PROTO=TCP SPT=44971 DPT=5038 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-04-17 06:03:51 |
| 92.63.194.15 | attack | ET DROP Dshield Block Listed Source group 1 - port: 10000 proto: TCP cat: Misc Attack |
2020-04-17 05:59:15 |