City: Stavropol
Region: Stavropol’ Kray
Country: Russia
Internet Service Provider: Rostelecom
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 5.138.109.171 | attackbotsspam | " " |
2020-02-10 20:34:50 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.138.109.36
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22824
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.138.109.36. IN A
;; AUTHORITY SECTION:
. 468 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020040601 1800 900 604800 86400
;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 07 06:56:33 CST 2020
;; MSG SIZE rcvd: 116Host 36.109.138.5.in-addr.arpa not found: 2(SERVFAIL)
;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.136, trying next server
Server: 100.100.2.138
Address: 100.100.2.138#53
** server can't find 36.109.138.5.in-addr.arpa: SERVFAIL
| IP | Type | Details | Datetime |
|---|---|---|---|
| 117.121.214.50 | attack | SSH brute-force attempt |
2020-04-24 00:14:41 |
| 68.57.187.12 | attack | WEB_SERVER 403 Forbidden |
2020-04-24 00:29:25 |
| 82.135.27.20 | attackspambots | 2020-04-23T17:37:39.995827amanda2.illicoweb.com sshd\[30277\]: Invalid user gp from 82.135.27.20 port 59208 2020-04-23T17:37:40.000756amanda2.illicoweb.com sshd\[30277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-82-135-27-20.customer.m-online.net 2020-04-23T17:37:41.673979amanda2.illicoweb.com sshd\[30277\]: Failed password for invalid user gp from 82.135.27.20 port 59208 ssh2 2020-04-23T17:38:42.031185amanda2.illicoweb.com sshd\[30350\]: Invalid user gitlab-runner from 82.135.27.20 port 44758 2020-04-23T17:38:42.036102amanda2.illicoweb.com sshd\[30350\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-82-135-27-20.customer.m-online.net ... |
2020-04-24 00:15:40 |
| 45.137.152.70 | attackbots | 2020-04-23T15:22:44.152647abusebot-7.cloudsearch.cf sshd[19860]: Invalid user yc from 45.137.152.70 port 35504 2020-04-23T15:22:44.159119abusebot-7.cloudsearch.cf sshd[19860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.137.152.70 2020-04-23T15:22:44.152647abusebot-7.cloudsearch.cf sshd[19860]: Invalid user yc from 45.137.152.70 port 35504 2020-04-23T15:22:46.298792abusebot-7.cloudsearch.cf sshd[19860]: Failed password for invalid user yc from 45.137.152.70 port 35504 ssh2 2020-04-23T15:30:09.358741abusebot-7.cloudsearch.cf sshd[20331]: Invalid user fo from 45.137.152.70 port 50146 2020-04-23T15:30:09.364981abusebot-7.cloudsearch.cf sshd[20331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.137.152.70 2020-04-23T15:30:09.358741abusebot-7.cloudsearch.cf sshd[20331]: Invalid user fo from 45.137.152.70 port 50146 2020-04-23T15:30:11.595017abusebot-7.cloudsearch.cf sshd[20331]: Failed password for i ... |
2020-04-24 00:21:18 |
| 118.31.111.216 | attackbotsspam | GET /router.php HTTP/1.1 <---- WTF? |
2020-04-24 00:16:57 |
| 54.37.157.88 | attackspambots | Apr 23 11:47:07 jane sshd[20786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.157.88 Apr 23 11:47:09 jane sshd[20786]: Failed password for invalid user bw from 54.37.157.88 port 34049 ssh2 ... |
2020-04-24 00:29:57 |
| 101.231.154.154 | attackbotsspam | (sshd) Failed SSH login from 101.231.154.154 (CN/China/-): 5 in the last 3600 secs |
2020-04-24 00:26:06 |
| 51.83.149.192 | attack | Apr 23 17:42:38 vps58358 sshd\[21377\]: Failed password for root from 51.83.149.192 port 33886 ssh2Apr 23 17:44:33 vps58358 sshd\[21407\]: Failed password for root from 51.83.149.192 port 55344 ssh2Apr 23 17:45:10 vps58358 sshd\[21422\]: Invalid user git from 51.83.149.192Apr 23 17:45:12 vps58358 sshd\[21422\]: Failed password for invalid user git from 51.83.149.192 port 35754 ssh2Apr 23 17:45:52 vps58358 sshd\[21435\]: Invalid user hadoop from 51.83.149.192Apr 23 17:45:54 vps58358 sshd\[21435\]: Failed password for invalid user hadoop from 51.83.149.192 port 44394 ssh2 ... |
2020-04-24 00:56:33 |
| 178.45.125.82 | attackspambots | Unauthorized connection attempt from IP address 178.45.125.82 on Port 445(SMB) |
2020-04-24 00:55:33 |
| 139.59.90.31 | attackspambots | 5x Failed Password |
2020-04-24 00:44:39 |
| 37.187.150.194 | attackbots | Automated report - ssh fail2ban: Apr 23 18:09:27 Unable to negotiate with 37.187.150.194 port=54280: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Apr 23 18:10:08 Unable to negotiate with 37.187.150.194 port=57578: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Apr 23 18:10:50 Unable to negotiate with 37.187.150.194 port=60876: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Apr 23 18:11:31 Unable to negotiate with 37.187.150.194 port=35942: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] |
2020-04-24 00:33:49 |
| 62.33.168.46 | attack | SSH Authentication Attempts Exceeded |
2020-04-24 00:20:45 |
| 116.193.159.2 | attackspam | port |
2020-04-24 00:18:12 |
| 79.46.64.104 | attackbotsspam | Unauthorized connection attempt detected from IP address 79.46.64.104 to port 23 |
2020-04-24 00:32:55 |
| 118.24.13.248 | attackbots | Invalid user nexus from 118.24.13.248 port 39812 |
2020-04-24 00:43:07 |