116.203.141.92

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Hetzner Online AG

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.203.141.92 - - [02/Jul/2019:16:07:21 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-02 22:14:58
attackspam	Automatic report - Web App Attack	2019-07-02 09:05:45

Type

Details

Datetime

attackspambots

116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
116.203.141.92 - - [02/Jul/2019:16:07:21 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-07-02 22:14:58

attackspam

Automatic report - Web App Attack

2019-07-02 09:05:45

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.203.141.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35534
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.203.141.92.			IN	A

;; AUTHORITY SECTION:
.			944	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070102 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 02 09:05:40 CST 2019
;; MSG SIZE  rcvd: 118

Host info

92.141.203.116.in-addr.arpa domain name pointer static.92.141.203.116.clients.your-server.de.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
92.141.203.116.in-addr.arpa	name = static.92.141.203.116.clients.your-server.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.159.112.177	attackspambots	May 25 13:06:39 web01.agentur-b-2.de postfix/smtpd[202464]: warning: unknown[183.159.112.177]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 25 13:06:39 web01.agentur-b-2.de postfix/smtpd[202464]: lost connection after AUTH from unknown[183.159.112.177] May 25 13:06:47 web01.agentur-b-2.de postfix/smtpd[194355]: warning: unknown[183.159.112.177]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 25 13:06:47 web01.agentur-b-2.de postfix/smtpd[194355]: lost connection after AUTH from unknown[183.159.112.177] May 25 13:06:55 web01.agentur-b-2.de postfix/smtpd[202464]: warning: unknown[183.159.112.177]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-05-26 02:04:00
134.209.71.245	attackspam	$f2bV_matches	2020-05-26 02:05:32
62.234.62.206	attack	May 25 06:29:17 auw2 sshd\[24913\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.62.206 user=root May 25 06:29:19 auw2 sshd\[24913\]: Failed password for root from 62.234.62.206 port 48370 ssh2 May 25 06:32:54 auw2 sshd\[25235\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.62.206 user=root May 25 06:32:56 auw2 sshd\[25235\]: Failed password for root from 62.234.62.206 port 58682 ssh2 May 25 06:36:26 auw2 sshd\[25561\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.62.206 user=root	2020-05-26 01:45:45
85.214.198.36	attack	May 25 15:25:06 XXX sshd[10327]: Invalid user admin from 85.214.198.36 port 45576	2020-05-26 01:42:43
107.170.249.243	attack	May 25 16:00:43 vps sshd[350103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.249.243 user=root May 25 16:00:45 vps sshd[350103]: Failed password for root from 107.170.249.243 port 47604 ssh2 May 25 16:04:32 vps sshd[366021]: Invalid user ginger from 107.170.249.243 port 53186 May 25 16:04:32 vps sshd[366021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.249.243 May 25 16:04:34 vps sshd[366021]: Failed password for invalid user ginger from 107.170.249.243 port 53186 ssh2 ...	2020-05-26 01:49:16
179.61.95.96	attackspambots	May 25 13:10:14 mail.srvfarm.net postfix/smtpd[216668]: warning: unknown[179.61.95.96]: SASL PLAIN authentication failed: May 25 13:10:15 mail.srvfarm.net postfix/smtpd[216668]: lost connection after AUTH from unknown[179.61.95.96] May 25 13:11:09 mail.srvfarm.net postfix/smtps/smtpd[217864]: warning: unknown[179.61.95.96]: SASL PLAIN authentication failed: May 25 13:11:10 mail.srvfarm.net postfix/smtps/smtpd[217864]: lost connection after AUTH from unknown[179.61.95.96] May 25 13:15:34 mail.srvfarm.net postfix/smtps/smtpd[235736]: warning: unknown[179.61.95.96]: SASL PLAIN authentication failed:	2020-05-26 02:04:20
68.183.22.85	attack	$f2bV_matches	2020-05-26 01:32:26
162.243.144.161	attackspam	" "	2020-05-26 01:27:14
187.85.166.21	attackbots	May 25 13:36:38 mail.srvfarm.net postfix/smtpd[235709]: warning: unknown[187.85.166.21]: SASL PLAIN authentication failed: May 25 13:36:38 mail.srvfarm.net postfix/smtpd[235709]: lost connection after AUTH from unknown[187.85.166.21] May 25 13:38:19 mail.srvfarm.net postfix/smtpd[235686]: warning: unknown[187.85.166.21]: SASL PLAIN authentication failed: May 25 13:38:19 mail.srvfarm.net postfix/smtpd[235686]: lost connection after AUTH from unknown[187.85.166.21] May 25 13:45:58 mail.srvfarm.net postfix/smtps/smtpd[236934]: warning: unknown[187.85.166.21]: SASL PLAIN authentication failed:	2020-05-26 02:02:21
80.211.245.129	attackspam	May 25 16:02:35 MainVPS sshd[15808]: Invalid user travel from 80.211.245.129 port 35516 May 25 16:02:35 MainVPS sshd[15808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.245.129 May 25 16:02:35 MainVPS sshd[15808]: Invalid user travel from 80.211.245.129 port 35516 May 25 16:02:37 MainVPS sshd[15808]: Failed password for invalid user travel from 80.211.245.129 port 35516 ssh2 May 25 16:05:45 MainVPS sshd[18314]: Invalid user cron from 80.211.245.129 port 54362 ...	2020-05-26 01:36:09
118.254.113.18	attackspam	"SERVER-WEBAPP GPON Router authentication bypass and command injection attempt"	2020-05-26 01:27:46
103.18.242.69	attack	May 25 13:21:45 mail.srvfarm.net postfix/smtpd[235337]: lost connection after CONNECT from unknown[103.18.242.69] May 25 13:27:24 mail.srvfarm.net postfix/smtps/smtpd[240148]: warning: unknown[103.18.242.69]: SASL PLAIN authentication failed: May 25 13:27:24 mail.srvfarm.net postfix/smtps/smtpd[240148]: lost connection after AUTH from unknown[103.18.242.69] May 25 13:29:32 mail.srvfarm.net postfix/smtps/smtpd[235736]: warning: unknown[103.18.242.69]: SASL PLAIN authentication failed: May 25 13:29:33 mail.srvfarm.net postfix/smtps/smtpd[235736]: lost connection after AUTH from unknown[103.18.242.69]	2020-05-26 02:06:39
185.153.196.230	attackbots	2020-05-25T19:09:17.761124sd-86998 sshd[23709]: Invalid user 0 from 185.153.196.230 port 13890 2020-05-25T19:09:17.982052sd-86998 sshd[23709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.153.196.230 2020-05-25T19:09:17.761124sd-86998 sshd[23709]: Invalid user 0 from 185.153.196.230 port 13890 2020-05-25T19:09:19.988117sd-86998 sshd[23709]: Failed password for invalid user 0 from 185.153.196.230 port 13890 ssh2 2020-05-25T19:09:22.665242sd-86998 sshd[23723]: Invalid user 22 from 185.153.196.230 port 32121 ...	2020-05-26 01:40:12
164.132.44.25	attackspambots	May 25 12:59:55 cdc sshd[9303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.44.25 user=root May 25 12:59:57 cdc sshd[9303]: Failed password for invalid user root from 164.132.44.25 port 55526 ssh2	2020-05-26 01:45:32
114.67.230.163	attack	SSH Brute-Forcing (server2)	2020-05-26 01:28:11

Recently Reported IPs

181.134.81.35	6.85.177.254	41.193.162.21	94.177.176.162
111.53.195.15	139.208.156.48	103.234.96.105	75.75.234.161
186.67.182.30	223.143.240.209	187.87.6.175	191.53.197.147
81.163.248.194	27.187.222.103	122.116.178.207	123.162.189.58
77.247.108.146	185.162.235.157	14.163.209.73	212.8.245.200