City: unknown
Region: unknown
Country: United States of America
Internet Service Provider: Amazon Technologies Inc.
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | Brute force VPN server |
2020-06-26 08:00:31 |
| attack | Brute force attack against VPN service |
2020-04-12 19:00:47 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 52.42.253.100 | attack | 11/26/2019-11:29:07.732906 52.42.253.100 Protocol: 6 SURICATA TLS invalid record/traffic |
2019-11-26 18:47:12 |
| 52.42.253.100 | attackspambots | 11/25/2019-10:02:02.227775 52.42.253.100 Protocol: 6 SURICATA TLS invalid record/traffic |
2019-11-25 18:12:29 |
| 52.42.253.100 | attack | 11/25/2019-06:20:02.050391 52.42.253.100 Protocol: 6 SURICATA TLS invalid record/traffic |
2019-11-25 13:20:50 |
| 52.42.233.100 | attackbotsspam | As always with amazon web services |
2019-10-03 04:37:17 |
| 52.42.226.175 | attack | hacker |
2019-06-23 21:11:22 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.42.2.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32188
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.42.2.56. IN A
;; AUTHORITY SECTION:
. 574 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020041200 1800 900 604800 86400
;; Query time: 331 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 12 19:00:44 CST 2020
;; MSG SIZE rcvd: 11456.2.42.52.in-addr.arpa domain name pointer ec2-52-42-2-56.us-west-2.compute.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
56.2.42.52.in-addr.arpa name = ec2-52-42-2-56.us-west-2.compute.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 212.70.149.50 | attack | Jun 25 22:39:18 mail postfix/smtpd\[15780\]: warning: unknown\[212.70.149.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 25 22:39:49 mail postfix/smtpd\[15648\]: warning: unknown\[212.70.149.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 25 22:40:20 mail postfix/smtpd\[15780\]: warning: unknown\[212.70.149.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 25 23:10:53 mail postfix/smtpd\[17241\]: warning: unknown\[212.70.149.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ |
2020-06-26 05:22:35 |
| 116.232.52.152 | attack | Unauthorized connection attempt from IP address 116.232.52.152 on Port 445(SMB) |
2020-06-26 05:51:14 |
| 79.172.236.146 | attackspam | Jun 25 22:21:18 mail.srvfarm.net postfix/smtps/smtpd[2072919]: warning: unknown[79.172.236.146]: SASL PLAIN authentication failed: Jun 25 22:21:18 mail.srvfarm.net postfix/smtps/smtpd[2072919]: lost connection after AUTH from unknown[79.172.236.146] Jun 25 22:28:17 mail.srvfarm.net postfix/smtpd[2075642]: warning: unknown[79.172.236.146]: SASL PLAIN authentication failed: Jun 25 22:28:17 mail.srvfarm.net postfix/smtpd[2075642]: lost connection after AUTH from unknown[79.172.236.146] Jun 25 22:28:45 mail.srvfarm.net postfix/smtpd[2075638]: warning: unknown[79.172.236.146]: SASL PLAIN authentication failed: |
2020-06-26 05:32:33 |
| 192.141.79.156 | attackspambots | Jun 25 22:12:53 mail.srvfarm.net postfix/smtpd[2056273]: warning: unknown[192.141.79.156]: SASL PLAIN authentication failed: Jun 25 22:12:53 mail.srvfarm.net postfix/smtpd[2056273]: lost connection after AUTH from unknown[192.141.79.156] Jun 25 22:14:51 mail.srvfarm.net postfix/smtpd[2072454]: warning: unknown[192.141.79.156]: SASL PLAIN authentication failed: Jun 25 22:14:52 mail.srvfarm.net postfix/smtpd[2072454]: lost connection after AUTH from unknown[192.141.79.156] Jun 25 22:22:04 mail.srvfarm.net postfix/smtpd[2071445]: warning: unknown[192.141.79.156]: SASL PLAIN authentication failed: |
2020-06-26 05:23:07 |
| 185.143.72.25 | attackspam | 2020-06-26T06:10:42.397456mx1.h3z.jp postfix/smtpd[24568]: warning: unknown[185.143.72.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-26T06:11:36.473999mx1.h3z.jp postfix/smtpd[24568]: warning: unknown[185.143.72.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-26T06:12:31.225156mx1.h3z.jp postfix/smtpd[24568]: warning: unknown[185.143.72.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-06-26 05:15:50 |
| 193.35.48.18 | attack | Jun 25 22:44:57 mailserver postfix/smtps/smtpd[80189]: disconnect from unknown[193.35.48.18] Jun 25 22:44:57 mailserver postfix/smtps/smtpd[80189]: connect from unknown[193.35.48.18] Jun 25 22:45:03 mailserver postfix/smtps/smtpd[80195]: connect from unknown[193.35.48.18] Jun 25 22:45:03 mailserver postfix/smtps/smtpd[80189]: lost connection after AUTH from unknown[193.35.48.18] Jun 25 22:45:03 mailserver postfix/smtps/smtpd[80189]: disconnect from unknown[193.35.48.18] Jun 25 22:45:10 mailserver postfix/smtps/smtpd[80195]: lost connection after AUTH from unknown[193.35.48.18] Jun 25 22:45:10 mailserver postfix/smtps/smtpd[80195]: disconnect from unknown[193.35.48.18] Jun 25 22:45:30 mailserver postfix/anvil[80136]: statistics: max connection rate 3/60s for (smtps:193.35.48.18) at Jun 25 22:45:04 Jun 25 22:53:25 mailserver postfix/smtps/smtpd[80255]: connect from unknown[193.35.48.18] Jun 25 22:53:26 mailserver dovecot: auth-worker(80258): sql([hidden],193.35.48.18): unknown user |
2020-06-26 05:13:07 |
| 186.216.67.57 | attack | Jun 25 22:28:00 mail.srvfarm.net postfix/smtpd[2071450]: warning: unknown[186.216.67.57]: SASL PLAIN authentication failed: Jun 25 22:28:01 mail.srvfarm.net postfix/smtpd[2071450]: lost connection after AUTH from unknown[186.216.67.57] Jun 25 22:28:32 mail.srvfarm.net postfix/smtpd[2072901]: warning: unknown[186.216.67.57]: SASL PLAIN authentication failed: Jun 25 22:28:33 mail.srvfarm.net postfix/smtpd[2072901]: lost connection after AUTH from unknown[186.216.67.57] Jun 25 22:36:58 mail.srvfarm.net postfix/smtpd[2073915]: warning: unknown[186.216.67.57]: SASL PLAIN authentication failed: |
2020-06-26 05:26:42 |
| 188.75.190.194 | attackbotsspam | Jun 25 22:07:09 mail.srvfarm.net postfix/smtpd[2071450]: warning: unknown[188.75.190.194]: SASL PLAIN authentication failed: Jun 25 22:07:09 mail.srvfarm.net postfix/smtpd[2071450]: lost connection after AUTH from unknown[188.75.190.194] Jun 25 22:12:35 mail.srvfarm.net postfix/smtpd[2071449]: warning: unknown[188.75.190.194]: SASL PLAIN authentication failed: Jun 25 22:12:35 mail.srvfarm.net postfix/smtpd[2071449]: lost connection after AUTH from unknown[188.75.190.194] Jun 25 22:13:12 mail.srvfarm.net postfix/smtpd[2072454]: warning: unknown[188.75.190.194]: SASL PLAIN authentication failed: |
2020-06-26 05:38:14 |
| 132.148.167.225 | attack | WordPress login Brute force / Web App Attack on client site. |
2020-06-26 05:48:00 |
| 187.109.171.213 | attackbotsspam | Jun 25 22:18:57 mail.srvfarm.net postfix/smtpd[2073913]: warning: unknown[187.109.171.213]: SASL PLAIN authentication failed: Jun 25 22:18:58 mail.srvfarm.net postfix/smtpd[2073913]: lost connection after AUTH from unknown[187.109.171.213] Jun 25 22:20:38 mail.srvfarm.net postfix/smtps/smtpd[2072917]: warning: unknown[187.109.171.213]: SASL PLAIN authentication failed: Jun 25 22:20:39 mail.srvfarm.net postfix/smtps/smtpd[2072917]: lost connection after AUTH from unknown[187.109.171.213] Jun 25 22:25:39 mail.srvfarm.net postfix/smtps/smtpd[2075571]: warning: unknown[187.109.171.213]: SASL PLAIN authentication failed: |
2020-06-26 05:25:40 |
| 94.74.134.239 | attackbotsspam | Jun 25 22:16:36 mail.srvfarm.net postfix/smtpd[2072678]: warning: unknown[94.74.134.239]: SASL PLAIN authentication failed: Jun 25 22:16:36 mail.srvfarm.net postfix/smtpd[2072678]: lost connection after AUTH from unknown[94.74.134.239] Jun 25 22:17:31 mail.srvfarm.net postfix/smtps/smtpd[2071633]: warning: unknown[94.74.134.239]: SASL PLAIN authentication failed: Jun 25 22:17:31 mail.srvfarm.net postfix/smtps/smtpd[2071633]: lost connection after AUTH from unknown[94.74.134.239] Jun 25 22:18:39 mail.srvfarm.net postfix/smtpd[2071449]: warning: unknown[94.74.134.239]: SASL PLAIN authentication failed: |
2020-06-26 05:31:31 |
| 186.216.64.245 | attackspam | Jun 25 22:29:49 mail.srvfarm.net postfix/smtps/smtpd[2072912]: warning: unknown[186.216.64.245]: SASL PLAIN authentication failed: Jun 25 22:29:50 mail.srvfarm.net postfix/smtps/smtpd[2072912]: lost connection after AUTH from unknown[186.216.64.245] Jun 25 22:35:52 mail.srvfarm.net postfix/smtps/smtpd[2075564]: warning: unknown[186.216.64.245]: SASL PLAIN authentication failed: Jun 25 22:35:53 mail.srvfarm.net postfix/smtps/smtpd[2075564]: lost connection after AUTH from unknown[186.216.64.245] Jun 25 22:36:16 mail.srvfarm.net postfix/smtps/smtpd[2075568]: warning: unknown[186.216.64.245]: SASL PLAIN authentication failed: |
2020-06-26 05:27:04 |
| 91.236.172.19 | attackspam | Jun 25 22:16:06 mail.srvfarm.net postfix/smtpd[2071450]: warning: unknown[91.236.172.19]: SASL PLAIN authentication failed: Jun 25 22:16:06 mail.srvfarm.net postfix/smtpd[2071450]: lost connection after AUTH from unknown[91.236.172.19] Jun 25 22:16:17 mail.srvfarm.net postfix/smtpd[2073223]: warning: unknown[91.236.172.19]: SASL PLAIN authentication failed: Jun 25 22:16:17 mail.srvfarm.net postfix/smtpd[2073223]: lost connection after AUTH from unknown[91.236.172.19] Jun 25 22:17:04 mail.srvfarm.net postfix/smtps/smtpd[2058632]: warning: unknown[91.236.172.19]: SASL PLAIN authentication failed: |
2020-06-26 05:31:52 |
| 114.33.170.182 | attack | Honeypot attack, port: 81, PTR: 114-33-170-182.HINET-IP.hinet.net. |
2020-06-26 05:48:16 |
| 187.85.209.172 | attackspambots | Jun 25 22:30:58 mail.srvfarm.net postfix/smtpd[2073225]: warning: unknown[187.85.209.172]: SASL PLAIN authentication failed: Jun 25 22:30:59 mail.srvfarm.net postfix/smtpd[2073225]: lost connection after AUTH from unknown[187.85.209.172] Jun 25 22:33:16 mail.srvfarm.net postfix/smtpd[2072454]: warning: unknown[187.85.209.172]: SASL PLAIN authentication failed: Jun 25 22:33:16 mail.srvfarm.net postfix/smtpd[2072454]: lost connection after AUTH from unknown[187.85.209.172] Jun 25 22:38:45 mail.srvfarm.net postfix/smtpd[2072454]: warning: unknown[187.85.209.172]: SASL PLAIN authentication failed: |
2020-06-26 05:14:04 |