130.61.142.165

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: Oracle Public Cloud

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 9 12:58:59 124388 sshd[10661]: Invalid user jifei from 130.61.142.165 port 36538 Jul 9 12:58:59 124388 sshd[10661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.142.165 Jul 9 12:58:59 124388 sshd[10661]: Invalid user jifei from 130.61.142.165 port 36538 Jul 9 12:59:01 124388 sshd[10661]: Failed password for invalid user jifei from 130.61.142.165 port 36538 ssh2 Jul 9 13:02:00 124388 sshd[10806]: Invalid user king from 130.61.142.165 port 35016	2020-07-09 21:53:51
attack	Jul 8 12:25:34 george sshd[7414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.142.165 Jul 8 12:25:36 george sshd[7414]: Failed password for invalid user admin from 130.61.142.165 port 58030 ssh2 Jul 8 12:28:17 george sshd[7428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.142.165	2020-07-09 02:04:30

Type

Details

Datetime

attack

Jul  9 12:58:59 124388 sshd[10661]: Invalid user jifei from 130.61.142.165 port 36538
Jul  9 12:58:59 124388 sshd[10661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.142.165
Jul  9 12:58:59 124388 sshd[10661]: Invalid user jifei from 130.61.142.165 port 36538
Jul  9 12:59:01 124388 sshd[10661]: Failed password for invalid user jifei from 130.61.142.165 port 36538 ssh2
Jul  9 13:02:00 124388 sshd[10806]: Invalid user king from 130.61.142.165 port 35016

2020-07-09 21:53:51

attack

Jul  8 12:25:34 george sshd[7414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.142.165 
Jul  8 12:25:36 george sshd[7414]: Failed password for invalid user admin from 130.61.142.165 port 58030 ssh2
Jul  8 12:28:17 george sshd[7428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.142.165

2020-07-09 02:04:30

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 130.61.142.165
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32727
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;130.61.142.165.			IN	A

;; AUTHORITY SECTION:
.			168	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070202 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 03 06:58:46 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 165.142.61.130.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 165.142.61.130.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.200.205.218	attackspambots	Unauthorized connection attempt from IP address 186.200.205.218 on Port 445(SMB)	2019-12-06 09:26:41
123.148.208.103	attack	WordPress brute force	2019-12-06 09:53:55
184.169.45.4	attack	Malicious Traffic/Form Submission	2019-12-06 09:15:23
94.153.212.74	attack	Dec 5 15:06:58 tdfoods sshd\[18107\]: Invalid user ts3 from 94.153.212.74 Dec 5 15:06:58 tdfoods sshd\[18107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.153.212.74 Dec 5 15:07:00 tdfoods sshd\[18107\]: Failed password for invalid user ts3 from 94.153.212.74 port 39000 ssh2 Dec 5 15:07:01 tdfoods sshd\[18124\]: Invalid user judge from 94.153.212.74 Dec 5 15:07:01 tdfoods sshd\[18124\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.153.212.74	2019-12-06 09:19:28
189.240.58.174	attackspam	Unauthorized connection attempt from IP address 189.240.58.174 on Port 445(SMB)	2019-12-06 09:42:11
119.29.203.106	attackbots	Dec 5 21:53:58 localhost sshd\[14848\]: Invalid user com from 119.29.203.106 Dec 5 21:53:58 localhost sshd\[14848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.203.106 Dec 5 21:54:00 localhost sshd\[14848\]: Failed password for invalid user com from 119.29.203.106 port 37428 ssh2 Dec 5 22:00:35 localhost sshd\[15332\]: Invalid user nixie from 119.29.203.106 Dec 5 22:00:35 localhost sshd\[15332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.203.106 ...	2019-12-06 09:20:17
182.232.236.154	attackbotsspam	Unauthorized connection attempt from IP address 182.232.236.154 on Port 445(SMB)	2019-12-06 09:15:39
128.199.211.110	attackspam	Dec 6 01:27:15 game-panel sshd[19785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.211.110 Dec 6 01:27:16 game-panel sshd[19785]: Failed password for invalid user cholun from 128.199.211.110 port 41262 ssh2 Dec 6 01:33:52 game-panel sshd[20046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.211.110	2019-12-06 09:53:00
92.246.76.193	attackspam	Dec 6 01:36:44 h2177944 kernel: \[8467781.568737\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.246.76.193 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=9669 PROTO=TCP SPT=57066 DPT=15905 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 6 01:51:08 h2177944 kernel: \[8468645.586197\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.246.76.193 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=37805 PROTO=TCP SPT=57066 DPT=15848 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 6 01:59:31 h2177944 kernel: \[8469148.729968\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.246.76.193 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=43341 PROTO=TCP SPT=57066 DPT=15915 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 6 02:03:20 h2177944 kernel: \[8469376.797822\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.246.76.193 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=35751 PROTO=TCP SPT=57066 DPT=15900 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 6 02:27:27 h2177944 kernel: \[8470823.530689\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.246.76.193 DST=85.214.11	2019-12-06 09:43:57
219.84.236.108	attackspam	Dec 5 21:00:03 goofy sshd\[28806\]: Invalid user pi from 219.84.236.108 Dec 5 21:00:03 goofy sshd\[28806\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.84.236.108 Dec 5 21:00:03 goofy sshd\[28807\]: Invalid user pi from 219.84.236.108 Dec 5 21:00:04 goofy sshd\[28807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.84.236.108 Dec 5 21:00:05 goofy sshd\[28806\]: Failed password for invalid user pi from 219.84.236.108 port 48906 ssh2	2019-12-06 09:55:19
36.91.152.234	attack	Dec 6 01:14:11 *** sshd[19407]: Invalid user summerlin from 36.91.152.234	2019-12-06 09:21:13
118.69.37.58	attack	Unauthorized connection attempt from IP address 118.69.37.58 on Port 445(SMB)	2019-12-06 09:39:39
80.99.58.64	attackbotsspam	Portscan detected	2019-12-06 09:29:05
180.108.46.237	attack	Dec 5 23:18:09 meumeu sshd[2461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.108.46.237 Dec 5 23:18:11 meumeu sshd[2461]: Failed password for invalid user peisert from 180.108.46.237 port 43970 ssh2 Dec 5 23:25:14 meumeu sshd[3664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.108.46.237 ...	2019-12-06 09:45:32
27.79.149.173	attack	Unauthorized connection attempt from IP address 27.79.149.173 on Port 445(SMB)	2019-12-06 09:24:28

Recently Reported IPs

105.226.216.43	192.167.197.30	118.105.222.89	93.81.81.20
72.57.154.73	190.226.13.202	154.120.115.253	40.120.18.159
197.133.226.76	156.222.62.43	61.206.137.52	71.226.82.225
62.28.211.69	186.168.23.72	96.22.50.173	175.127.117.58
39.117.119.56	103.76.211.74	13.57.66.49	190.78.45.8