城市(city): unknown
省份(region): unknown
国家(country): Uganda
运营商(isp): National Information Technology Authority Uganda
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Government
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackspam | port scan and connect, tcp 1433 (ms-sql-s) |
2019-11-12 23:18:45 |
| attack | firewall-block, port(s): 1433/tcp |
2019-11-07 21:37:45 |
| attackspam | Unauthorised access (Oct 14) SRC=154.72.193.254 LEN=40 TTL=239 ID=37336 TCP DPT=1433 WINDOW=1024 SYN |
2019-10-14 19:51:51 |
| attackspam | Unauthorized connection attempt from IP address 154.72.193.254 on Port 445(SMB) |
2019-09-01 16:31:21 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.72.193.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9254
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.72.193.254. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019050101 1800 900 604800 86400
;; Query time: 4 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 02:42:50 +08 2019
;; MSG SIZE rcvd: 118
254.193.72.154.in-addr.arpa domain name pointer printer.soliton.co.ug.
Server: 67.207.67.3
Address: 67.207.67.3#53
Non-authoritative answer:
254.193.72.154.in-addr.arpa name = printer.soliton.co.ug.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 159.89.201.59 | attackbotsspam | Automatic report - Banned IP Access |
2019-11-30 02:29:10 |
| 91.9.139.174 | attackspam | SSHScan |
2019-11-30 02:42:07 |
| 54.38.241.162 | attack | Nov 29 18:35:14 eventyay sshd[11310]: Failed password for backup from 54.38.241.162 port 44768 ssh2 Nov 29 18:39:14 eventyay sshd[11389]: Failed password for root from 54.38.241.162 port 50218 ssh2 ... |
2019-11-30 02:19:38 |
| 104.131.29.92 | attackspam | ssh failed login |
2019-11-30 02:28:50 |
| 182.140.233.162 | attackbots | " " |
2019-11-30 02:20:16 |
| 185.209.0.51 | attack | 11/29/2019-12:49:16.196886 185.209.0.51 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-11-30 02:26:27 |
| 80.82.65.90 | attackspam | 11/29/2019-18:25:41.339226 80.82.65.90 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-11-30 02:40:06 |
| 65.151.188.128 | attackbots | Nov 29 18:40:14 vps647732 sshd[10898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.151.188.128 Nov 29 18:40:16 vps647732 sshd[10898]: Failed password for invalid user merna from 65.151.188.128 port 52584 ssh2 ... |
2019-11-30 02:43:25 |
| 106.54.142.84 | attack | Nov 29 18:24:55 *** sshd[14244]: User backup from 106.54.142.84 not allowed because not listed in AllowUsers |
2019-11-30 02:54:31 |
| 80.75.14.93 | attackspam | port scan/probe/communication attempt |
2019-11-30 02:35:49 |
| 83.171.107.216 | attackbots | $f2bV_matches |
2019-11-30 02:53:44 |
| 221.238.192.25 | attackspambots | blacklist username admin Invalid user admin from 221.238.192.25 port 60655 |
2019-11-30 02:27:14 |
| 62.234.91.237 | attackbots | 2019-10-31T11:53:45.859916suse-nuc sshd[26491]: Invalid user tp from 62.234.91.237 port 56808 ... |
2019-11-30 02:50:04 |
| 195.244.162.100 | attackspambots | 400 BAD REQUEST |
2019-11-30 02:42:32 |
| 14.215.165.133 | attackbots | 2019-11-29T19:24:38.005699scmdmz1 sshd\[22149\]: Invalid user eirill from 14.215.165.133 port 33934 2019-11-29T19:24:38.008285scmdmz1 sshd\[22149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.215.165.133 2019-11-29T19:24:40.696294scmdmz1 sshd\[22149\]: Failed password for invalid user eirill from 14.215.165.133 port 33934 ssh2 ... |
2019-11-30 02:26:40 |