City: Bangrak
Region: Bangkok
Country: Thailand
Internet Service Provider: InternetEast
Hostname: unknown
Organization: SBN-ISP/AWN-ISP and SBN-NIX/AWN-NIX
Usage Type: Commercial
| Type | Details | Datetime |
|---|---|---|
| attack | TH from gw2.nsspt.co.th [58.64.21.145]:57903 |
2019-07-09 00:15:58 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 58.64.215.150 | attack | Invalid user jessie from 58.64.215.150 port 36484 |
2020-09-30 04:58:16 |
| 58.64.215.150 | attack | 2020-09-29T05:08:14.376157suse-nuc sshd[5216]: User root from 58.64.215.150 not allowed because listed in DenyUsers ... |
2020-09-29 21:06:16 |
| 58.64.215.150 | attack | Connection to SSH Honeypot - Detected by HoneypotDB |
2020-09-29 13:18:54 |
| 58.64.215.151 | attack | Failed password for invalid user wangxx from 58.64.215.151 port 36616 ssh2 |
2020-07-30 21:17:45 |
| 58.64.215.151 | attackspam | Jul 21 08:53:25 vmd26974 sshd[9527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.64.215.151 Jul 21 08:53:26 vmd26974 sshd[9527]: Failed password for invalid user jenkins from 58.64.215.151 port 38312 ssh2 ... |
2020-07-21 15:57:25 |
| 58.64.215.151 | attackbotsspam | Jul 8 02:14:02 Host-KLAX-C sshd[18584]: Invalid user norton from 58.64.215.151 port 38360 ... |
2020-07-08 17:32:45 |
| 58.64.215.150 | attackbots | Jul 8 00:22:40 xeon sshd[33284]: Failed password for invalid user aron from 58.64.215.150 port 54446 ssh2 |
2020-07-08 08:13:22 |
| 58.64.215.154 | attackspam | Apr 20 08:19:11 mail.srvfarm.net postfix/smtpd[2028605]: warning: mail.hkas.edu.hk[58.64.215.154]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 20 08:19:11 mail.srvfarm.net postfix/smtpd[2028605]: lost connection after AUTH from mail.hkas.edu.hk[58.64.215.154] Apr 20 08:19:41 mail.srvfarm.net postfix/smtpd[2026371]: warning: mail.hkas.edu.hk[58.64.215.154]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 20 08:19:41 mail.srvfarm.net postfix/smtpd[2026371]: lost connection after AUTH from mail.hkas.edu.hk[58.64.215.154] Apr 20 08:21:28 mail.srvfarm.net postfix/smtpd[2028603]: warning: mail.hkas.edu.hk[58.64.215.154]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-04-20 15:16:41 |
| 58.64.215.154 | attackspam | (smtpauth) Failed SMTP AUTH login from 58.64.215.154 (HK/Hong Kong/mail.hkas.edu.hk): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-04-19 05:33:29 login authenticator failed for mail.hkas.edu.hk (USER) [58.64.215.154]: 535 Incorrect authentication data (set_id=info@27mc-radio.nl) 2020-04-19 05:33:56 login authenticator failed for mail.hkas.edu.hk (USER) [58.64.215.154]: 535 Incorrect authentication data (set_id=info@msfish-hunter.nl) 2020-04-19 05:40:28 login authenticator failed for mail.hkas.edu.hk (USER) [58.64.215.154]: 535 Incorrect authentication data (set_id=info@dekoningbouw.nl) 2020-04-19 06:09:26 login authenticator failed for mail.hkas.edu.hk (USER) [58.64.215.154]: 535 Incorrect authentication data (set_id=info@brict.it) 2020-04-19 06:19:41 login authenticator failed for mail.hkas.edu.hk (USER) [58.64.215.154]: 535 Incorrect authentication data (set_id=info@elitehosting.nl) |
2020-04-19 13:12:11 |
| 58.64.213.74 | attackspam | 445/tcp 445/tcp 445/tcp... [2019-05-28/07-24]7pkt,1pt.(tcp) |
2019-07-25 02:27:13 |
| 58.64.21.92 | attackbots | Jul 7 19:14:36 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:36 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:42 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:42 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:48 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:49 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:53 aragorn pop3d: LOGIN FAILED, user=admin@131.37, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:53 aragorn pop3d: LOGIN FAILED, user=admin@131.36, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:54 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:55 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ |
2019-07-08 07:21:18 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.64.21.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21221
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.64.21.145. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019070800 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 09 00:15:48 CST 2019
;; MSG SIZE rcvd: 116145.21.64.58.in-addr.arpa domain name pointer gw2.nsspt.co.th.
Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
145.21.64.58.in-addr.arpa name = gw2.nsspt.co.th.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 195.88.184.186 | attackspam | unauthorized connection attempt |
2020-01-25 16:49:32 |
| 91.188.223.249 | attackbots | Unauthorized connection attempt detected from IP address 91.188.223.249 to port 2220 [J] |
2020-01-25 16:39:54 |
| 159.146.11.92 | attack | Unauthorized connection attempt detected from IP address 159.146.11.92 to port 81 [J] |
2020-01-25 16:41:13 |
| 111.230.140.177 | attack | Jan 25 07:59:43 vps691689 sshd[18730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.140.177 Jan 25 07:59:45 vps691689 sshd[18730]: Failed password for invalid user guara from 111.230.140.177 port 38952 ssh2 ... |
2020-01-25 16:25:20 |
| 139.162.109.43 | attackspam | Unauthorised access (Jan 25) SRC=139.162.109.43 LEN=40 TTL=246 ID=54321 TCP DPT=111 WINDOW=65535 SYN Unauthorised access (Jan 23) SRC=139.162.109.43 LEN=40 TTL=246 ID=54321 TCP DPT=111 WINDOW=65535 SYN Unauthorised access (Jan 20) SRC=139.162.109.43 LEN=40 TTL=246 ID=54321 TCP DPT=111 WINDOW=65535 SYN |
2020-01-25 16:45:46 |
| 190.131.201.122 | attackspambots | Jan 24 15:59:03 h2570396 sshd[6983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.131.201.122 user=r.r Jan 24 15:59:06 h2570396 sshd[6983]: Failed password for r.r from 190.131.201.122 port 52354 ssh2 Jan 24 15:59:06 h2570396 sshd[6983]: Received disconnect from 190.131.201.122: 11: Bye Bye [preauth] Jan 24 16:13:04 h2570396 sshd[10209]: Failed password for invalid user vijay from 190.131.201.122 port 50110 ssh2 Jan 24 16:13:04 h2570396 sshd[10209]: Received disconnect from 190.131.201.122: 11: Bye Bye [preauth] Jan 24 16:18:55 h2570396 sshd[10591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.131.201.122 user=r.r Jan 24 16:18:57 h2570396 sshd[10591]: Failed password for r.r from 190.131.201.122 port 51456 ssh2 Jan 24 16:18:57 h2570396 sshd[10591]: Received disconnect from 190.131.201.122: 11: Bye Bye [preauth] Jan 24 16:22:13 h2570396 sshd[10740]: Failed password for invalid........ ------------------------------- |
2020-01-25 16:42:46 |
| 156.212.192.34 | attack | Unauthorized connection attempt detected from IP address 156.212.192.34 to port 22 [J] |
2020-01-25 16:50:11 |
| 136.143.39.82 | attack | Unauthorized connection attempt detected from IP address 136.143.39.82 to port 2220 [J] |
2020-01-25 16:59:41 |
| 200.50.67.105 | attackbotsspam | 21 attempts against mh-ssh on echoip |
2020-01-25 16:47:47 |
| 159.138.150.234 | attack | Automatic report - Banned IP Access |
2020-01-25 16:41:44 |
| 153.37.98.243 | attack | Jan 25 15:23:54 webhost01 sshd[26343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.37.98.243 Jan 25 15:23:56 webhost01 sshd[26343]: Failed password for invalid user develop from 153.37.98.243 port 49076 ssh2 ... |
2020-01-25 16:51:05 |
| 185.23.65.7 | attack | Unauthorized connection attempt detected from IP address 185.23.65.7 to port 23 [J] |
2020-01-25 16:49:12 |
| 222.186.42.155 | attackspam | Unauthorized connection attempt detected from IP address 222.186.42.155 to port 22 [J] |
2020-01-25 16:49:56 |
| 124.89.169.80 | attackbots | Jan 25 09:10:06 debian-2gb-nbg1-2 kernel: \[2199080.766776\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=124.89.169.80 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=43 ID=55268 PROTO=TCP SPT=12787 DPT=23 WINDOW=2508 RES=0x00 SYN URGP=0 |
2020-01-25 17:03:12 |
| 218.92.0.184 | attackspam | Jan 25 08:38:47 marvibiene sshd[45425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.184 user=root Jan 25 08:38:49 marvibiene sshd[45425]: Failed password for root from 218.92.0.184 port 36554 ssh2 Jan 25 08:38:52 marvibiene sshd[45425]: Failed password for root from 218.92.0.184 port 36554 ssh2 Jan 25 08:38:47 marvibiene sshd[45425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.184 user=root Jan 25 08:38:49 marvibiene sshd[45425]: Failed password for root from 218.92.0.184 port 36554 ssh2 Jan 25 08:38:52 marvibiene sshd[45425]: Failed password for root from 218.92.0.184 port 36554 ssh2 ... |
2020-01-25 16:47:22 |