City: Pavia
Region: Lombardy
Country: Italy
Internet Service Provider: unknown
Hostname: unknown
Organization: Telecom Italia
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 80.104.201.188 | attack | Unauthorized connection attempt detected from IP address 80.104.201.188 to port 5555 [J] |
2020-01-16 07:44:25 |
| 80.104.21.68 | attackbots | Port Scan |
2019-10-24 00:33:42 |
| 80.104.202.234 | attack | Brute force attempt |
2019-07-23 16:29:56 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.104.2.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16651
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.104.2.39. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019073002 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 31 04:06:35 CST 2019
;; MSG SIZE rcvd: 11539.2.104.80.in-addr.arpa domain name pointer host39-2-dynamic.104-80-r.retail.telecomitalia.it.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
39.2.104.80.in-addr.arpa name = host39-2-dynamic.104-80-r.retail.telecomitalia.it.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 187.189.125.116 | attackspambots | Unauthorized connection attempt from IP address 187.189.125.116 on Port 445(SMB) |
2019-08-21 13:20:43 |
| 106.12.38.84 | attackspambots | May 25 20:10:09 server sshd\[224319\]: Invalid user sss from 106.12.38.84 May 25 20:10:09 server sshd\[224319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.38.84 May 25 20:10:11 server sshd\[224319\]: Failed password for invalid user sss from 106.12.38.84 port 55840 ssh2 ... |
2019-08-21 13:28:36 |
| 217.74.39.212 | attackspambots | [portscan] Port scan |
2019-08-21 13:21:30 |
| 182.61.133.143 | attackbots | Invalid user event from 182.61.133.143 port 49764 |
2019-08-21 13:53:39 |
| 185.254.122.22 | attackbots | Aug 21 04:12:41 TCP Attack: SRC=185.254.122.22 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=246 PROTO=TCP SPT=45860 DPT=21593 WINDOW=1024 RES=0x00 SYN URGP=0 |
2019-08-21 13:47:52 |
| 119.93.148.90 | attackbotsspam | Unauthorized connection attempt from IP address 119.93.148.90 on Port 445(SMB) |
2019-08-21 14:10:27 |
| 129.204.90.220 | attackbotsspam | Aug 21 06:58:06 mail sshd\[27996\]: Invalid user robert from 129.204.90.220 port 46584 Aug 21 06:58:06 mail sshd\[27996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.90.220 ... |
2019-08-21 14:10:08 |
| 157.230.214.150 | attackspam | Aug 21 00:25:08 ny01 sshd[23931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.214.150 Aug 21 00:25:10 ny01 sshd[23931]: Failed password for invalid user 123456789 from 157.230.214.150 port 40750 ssh2 Aug 21 00:29:18 ny01 sshd[24350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.214.150 |
2019-08-21 12:49:56 |
| 92.119.160.143 | attackbotsspam | Splunk® : port scan detected: Aug 21 01:45:01 testbed kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=92.119.160.143 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x20 TTL=246 ID=61451 PROTO=TCP SPT=48262 DPT=26662 WINDOW=1024 RES=0x00 SYN URGP=0 |
2019-08-21 13:45:48 |
| 209.141.34.95 | attack | Automated report - ssh fail2ban: Aug 21 04:39:29 wrong password, user=root, port=38372, ssh2 Aug 21 04:39:32 wrong password, user=root, port=38372, ssh2 Aug 21 04:39:36 wrong password, user=root, port=38372, ssh2 Aug 21 04:39:40 wrong password, user=root, port=38372, ssh2 |
2019-08-21 13:44:57 |
| 185.211.245.170 | attackbotsspam | Aug 21 07:22:29 relay postfix/smtpd\[14674\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 21 07:22:45 relay postfix/smtpd\[25807\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 21 07:24:00 relay postfix/smtpd\[14628\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 21 07:24:09 relay postfix/smtpd\[14674\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 21 07:26:13 relay postfix/smtpd\[25809\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2019-08-21 13:58:15 |
| 116.203.201.109 | attackbots | 08/21/2019-01:20:45.230424 116.203.201.109 Protocol: 6 ET SCAN Potential SSH Scan |
2019-08-21 13:21:10 |
| 210.120.63.89 | attackspam | Aug 21 06:44:09 ArkNodeAT sshd\[548\]: Invalid user kliencow from 210.120.63.89 Aug 21 06:44:09 ArkNodeAT sshd\[548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.120.63.89 Aug 21 06:44:11 ArkNodeAT sshd\[548\]: Failed password for invalid user kliencow from 210.120.63.89 port 40065 ssh2 |
2019-08-21 13:24:05 |
| 116.111.234.143 | attack | Unauthorized connection attempt from IP address 116.111.234.143 on Port 445(SMB) |
2019-08-21 13:45:24 |
| 113.160.162.184 | attack | Unauthorized connection attempt from IP address 113.160.162.184 on Port 445(SMB) |
2019-08-21 14:09:23 |