City: unknown
Region: unknown
Country: Egypt
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 41.45.207.19 | attackbots | HTTP/80/443 Probe, BF, WP, Hack - |
2019-12-23 17:25:51 |
| 41.45.207.240 | attackspambots | Caught in portsentry honeypot |
2019-07-16 17:03:48 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.45.207.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3043
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;41.45.207.216. IN A
;; AUTHORITY SECTION:
. 361 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021301 1800 900 604800 86400
;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 08:42:11 CST 2022
;; MSG SIZE rcvd: 106216.207.45.41.in-addr.arpa domain name pointer host-41.45.207.216.tedata.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
216.207.45.41.in-addr.arpa name = host-41.45.207.216.tedata.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 61.0.136.128 | attackspam | Unauthorized connection attempt from IP address 61.0.136.128 on Port 445(SMB) |
2019-11-15 22:40:03 |
| 138.197.199.249 | attack | Nov 15 15:42:42 meumeu sshd[10060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 15 15:42:45 meumeu sshd[10060]: Failed password for invalid user thorsteinsen from 138.197.199.249 port 48292 ssh2 Nov 15 15:45:58 meumeu sshd[10479]: Failed password for root from 138.197.199.249 port 37908 ssh2 ... |
2019-11-15 22:49:04 |
| 204.12.192.85 | attackbotsspam | Nov 15 07:17:37 mc1 kernel: \[5084926.535069\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=204.12.192.85 DST=159.69.205.51 LEN=52 TOS=0x00 PREC=0x00 TTL=116 ID=22526 DF PROTO=TCP SPT=61939 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Nov 15 07:17:40 mc1 kernel: \[5084929.546570\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=204.12.192.85 DST=159.69.205.51 LEN=52 TOS=0x00 PREC=0x00 TTL=116 ID=28097 DF PROTO=TCP SPT=61939 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Nov 15 07:17:46 mc1 kernel: \[5084935.583004\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=204.12.192.85 DST=159.69.205.51 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=6120 DF PROTO=TCP SPT=61939 DPT=1433 WINDOW=65535 RES=0x00 SYN URGP=0 ... |
2019-11-15 22:18:23 |
| 148.70.17.61 | attack | Nov 15 08:19:02 vpn01 sshd[25716]: Failed password for root from 148.70.17.61 port 57080 ssh2 ... |
2019-11-15 22:30:25 |
| 92.119.160.143 | attackbotsspam | 92.119.160.143 was recorded 49 times by 13 hosts attempting to connect to the following ports: 49382,37319,52431,65282,36639,45508,56486,58078,36031,55449,52797,52069,51341,33432,60102,52190,51429,35778,25786,62705,31681,55381,26820,42043,38181,35352,64084,26975,59002,44587,45874,45917,27909. Incident counter (4h, 24h, all-time): 49, 315, 2521 |
2019-11-15 22:32:32 |
| 95.167.68.202 | attackbots | Unauthorised access (Nov 15) SRC=95.167.68.202 LEN=52 TTL=116 ID=21406 DF TCP DPT=445 WINDOW=8192 SYN |
2019-11-15 22:22:33 |
| 178.128.55.52 | attackspam | Nov 15 14:45:29 XXX sshd[52526]: Invalid user ofsaa from 178.128.55.52 port 53144 |
2019-11-15 22:25:08 |
| 134.175.154.93 | attack | Nov 15 04:40:21 eddieflores sshd\[11884\]: Invalid user maggie123456. from 134.175.154.93 Nov 15 04:40:21 eddieflores sshd\[11884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.154.93 Nov 15 04:40:23 eddieflores sshd\[11884\]: Failed password for invalid user maggie123456. from 134.175.154.93 port 42290 ssh2 Nov 15 04:46:01 eddieflores sshd\[12319\]: Invalid user emmawatson from 134.175.154.93 Nov 15 04:46:01 eddieflores sshd\[12319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.154.93 |
2019-11-15 22:51:06 |
| 112.91.254.3 | attackbotsspam | Nov 14 23:03:55 tdfoods sshd\[28650\]: Invalid user tressy from 112.91.254.3 Nov 14 23:03:55 tdfoods sshd\[28650\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.254.3 Nov 14 23:03:57 tdfoods sshd\[28650\]: Failed password for invalid user tressy from 112.91.254.3 port 40800 ssh2 Nov 14 23:10:04 tdfoods sshd\[29247\]: Invalid user hatsis from 112.91.254.3 Nov 14 23:10:04 tdfoods sshd\[29247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.254.3 |
2019-11-15 22:09:14 |
| 180.120.231.97 | attackspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/180.120.231.97/ CN - 1H : (786) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 180.120.231.97 CIDR : 180.120.0.0/14 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 14 3H - 30 6H - 75 12H - 173 24H - 342 DateTime : 2019-11-15 15:45:59 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-11-15 22:50:18 |
| 210.56.16.74 | attack | Unauthorized connection attempt from IP address 210.56.16.74 on Port 445(SMB) |
2019-11-15 22:32:50 |
| 145.239.86.21 | attack | Nov 15 15:06:20 localhost sshd\[1208\]: Invalid user 14 from 145.239.86.21 port 50460 Nov 15 15:06:20 localhost sshd\[1208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.86.21 Nov 15 15:06:21 localhost sshd\[1208\]: Failed password for invalid user 14 from 145.239.86.21 port 50460 ssh2 |
2019-11-15 22:14:29 |
| 49.235.84.51 | attackbotsspam | Invalid user fruit from 49.235.84.51 port 48034 |
2019-11-15 22:29:56 |
| 117.247.100.151 | attack | Unauthorized connection attempt from IP address 117.247.100.151 on Port 445(SMB) |
2019-11-15 22:41:54 |
| 62.90.235.90 | attackbots | fail2ban |
2019-11-15 22:24:00 |