City: Frankfurt am Main
Region: Hessen
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 130.61.17.2 | attackspambots | 130.61.17.2 - - [02/May/2020:10:32:26 +0300] "GET /home.asp HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 130.61.17.2 - - [02/May/2020:10:32:26 +0300] "GET /login.cgi?uri= HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 130.61.17.2 - - [02/May/2020:10:32:26 +0300] "GET /vpn/index.html HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" ... |
2020-05-02 23:28:31 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 130.61.0.0 - 130.61.255.255
CIDR: 130.61.0.0/16
NetName: OC-195
NetHandle: NET-130-61-0-0-1
Parent: NET130 (NET-130-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Oracle Corporation (ORACLE-4)
RegDate: 2016-10-31
Updated: 2017-11-27
Ref: https://rdap.arin.net/registry/ip/130.61.0.0
OrgName: Oracle Corporation
OrgId: ORACLE-4
Address: 2300 Oracle Way
Address: Attn: Domain Administrator
City: Austin
StateProv: TX
PostalCode: 78741
Country: US
RegDate: 1988-04-29
Updated: 2024-11-07
Ref: https://rdap.arin.net/registry/entity/ORACLE-4
OrgTechHandle: ORACL1-ARIN
OrgTechName: ORACLE NIS
OrgTechPhone: +1-800-633-0738
OrgTechEmail: domain-contact_ww_grp@oracle.com
OrgTechRef: https://rdap.arin.net/registry/entity/ORACL1-ARIN
OrgRoutingHandle: ORACL2-ARIN
OrgRoutingName: ORACLEROUTING
OrgRoutingPhone: +1-800-392-2999
OrgRoutingEmail: network-contact_ww@oracle.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ORACL2-ARIN
OrgAbuseHandle: NISAM-ARIN
OrgAbuseName: Network Information Systems Abuse Management
OrgAbusePhone: +1-800-633-0738
OrgAbuseEmail: network-contact_ww_grp@oracle.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/NISAM-ARIN
# end
# start
NetRange: 130.61.0.0 - 130.61.255.255
CIDR: 130.61.0.0/16
NetName: OOC-195
NetHandle: NET-130-61-0-0-2
Parent: OC-195 (NET-130-61-0-0-1)
NetType: Reassigned
OriginAS:
Organization: Oracle Public Cloud (OC-195)
RegDate: 2017-12-01
Updated: 2017-12-01
Ref: https://rdap.arin.net/registry/ip/130.61.0.0
OrgName: Oracle Public Cloud
OrgId: OC-195
Address: 1501 4th Ave
Address: #1800
City: Seattle
StateProv: WA
PostalCode: 98101
Country: US
RegDate: 2016-04-06
Updated: 2021-01-13
Ref: https://rdap.arin.net/registry/entity/OC-195
OrgAbuseHandle: OBMO-ARIN
OrgAbuseName: Oracle Bare Metal Operations
OrgAbusePhone: +1-512-712-7403
OrgAbuseEmail: abuse@oracleemaildelivery.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/OBMO-ARIN
OrgRoutingHandle: ORACL2-ARIN
OrgRoutingName: ORACLEROUTING
OrgRoutingPhone: +1-800-392-2999
OrgRoutingEmail: network-contact_ww@oracle.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ORACL2-ARIN
OrgTechHandle: OBMO-ARIN
OrgTechName: Oracle Bare Metal Operations
OrgTechPhone: +1-512-712-7403
OrgTechEmail: abuse@oracleemaildelivery.com
OrgTechRef: https://rdap.arin.net/registry/entity/OBMO-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 130.61.17.31
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36270
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;130.61.17.31. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026030300 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 03 16:31:21 CST 2026
;; MSG SIZE rcvd: 105Host 31.17.61.130.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 31.17.61.130.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 51.83.76.36 | attack | 5x Failed Password |
2019-11-26 08:46:27 |
| 45.171.196.248 | attackspambots | Nov 26 00:43:34 www sshd\[53713\]: Failed password for root from 45.171.196.248 port 38000 ssh2Nov 26 00:43:53 www sshd\[53715\]: Failed password for root from 45.171.196.248 port 38011 ssh2Nov 26 00:44:13 www sshd\[53720\]: Failed password for root from 45.171.196.248 port 38024 ssh2 ... |
2019-11-26 09:15:12 |
| 79.137.33.20 | attackspambots | $f2bV_matches |
2019-11-26 08:56:06 |
| 218.54.175.51 | attackspam | Invalid user x from 218.54.175.51 port 57489 |
2019-11-26 08:56:30 |
| 49.88.112.114 | attackspambots | Nov 25 15:02:49 tdfoods sshd\[32249\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Nov 25 15:02:51 tdfoods sshd\[32249\]: Failed password for root from 49.88.112.114 port 55217 ssh2 Nov 25 15:02:54 tdfoods sshd\[32249\]: Failed password for root from 49.88.112.114 port 55217 ssh2 Nov 25 15:02:56 tdfoods sshd\[32249\]: Failed password for root from 49.88.112.114 port 55217 ssh2 Nov 25 15:03:37 tdfoods sshd\[32330\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root |
2019-11-26 09:14:24 |
| 222.186.175.182 | attackspambots | Nov 26 01:59:20 dcd-gentoo sshd[25169]: User root from 222.186.175.182 not allowed because none of user's groups are listed in AllowGroups Nov 26 01:59:23 dcd-gentoo sshd[25169]: error: PAM: Authentication failure for illegal user root from 222.186.175.182 Nov 26 01:59:20 dcd-gentoo sshd[25169]: User root from 222.186.175.182 not allowed because none of user's groups are listed in AllowGroups Nov 26 01:59:23 dcd-gentoo sshd[25169]: error: PAM: Authentication failure for illegal user root from 222.186.175.182 Nov 26 01:59:20 dcd-gentoo sshd[25169]: User root from 222.186.175.182 not allowed because none of user's groups are listed in AllowGroups Nov 26 01:59:23 dcd-gentoo sshd[25169]: error: PAM: Authentication failure for illegal user root from 222.186.175.182 Nov 26 01:59:23 dcd-gentoo sshd[25169]: Failed keyboard-interactive/pam for invalid user root from 222.186.175.182 port 20922 ssh2 ... |
2019-11-26 09:03:43 |
| 79.117.24.251 | attack | PHI,WP GET /wp-login.php GET /wp-login.php |
2019-11-26 08:53:38 |
| 165.22.28.230 | attack | 212.218.19.43 165.22.28.230 \[26/Nov/2019:01:28:52 +0100\] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 532 "-" "ZmEu" 212.218.19.43 165.22.28.230 \[26/Nov/2019:01:28:52 +0100\] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 532 "-" "ZmEu" 212.218.19.43 165.22.28.230 \[26/Nov/2019:01:28:52 +0100\] "GET /pma/scripts/setup.php HTTP/1.1" 301 518 "-" "ZmEu" |
2019-11-26 09:08:10 |
| 49.234.211.228 | attackspambots | 49.234.211.228 was recorded 9 times by 6 hosts attempting to connect to the following ports: 2377,2375,4243. Incident counter (4h, 24h, all-time): 9, 72, 208 |
2019-11-26 09:08:49 |
| 113.240.251.178 | attackspambots | RDP Bruteforce |
2019-11-26 09:00:27 |
| 222.186.190.92 | attack | Nov 26 02:08:15 jane sshd[15923]: Failed password for root from 222.186.190.92 port 33040 ssh2 Nov 26 02:08:19 jane sshd[15923]: Failed password for root from 222.186.190.92 port 33040 ssh2 ... |
2019-11-26 09:09:53 |
| 106.75.2.81 | attack | Automatic report - Banned IP Access |
2019-11-26 08:55:15 |
| 170.231.59.123 | attackspam | Automatic report - SSH Brute-Force Attack |
2019-11-26 09:03:16 |
| 129.204.87.153 | attackspam | Nov 25 23:44:21 serwer sshd\[27648\]: Invalid user heather from 129.204.87.153 port 39194 Nov 25 23:44:21 serwer sshd\[27648\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.87.153 Nov 25 23:44:23 serwer sshd\[27648\]: Failed password for invalid user heather from 129.204.87.153 port 39194 ssh2 ... |
2019-11-26 09:10:54 |
| 37.187.54.67 | attackbots | Nov 26 01:34:32 server sshd\[2525\]: Invalid user duplacey from 37.187.54.67 Nov 26 01:34:32 server sshd\[2525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.ip-37-187-54.eu Nov 26 01:34:34 server sshd\[2525\]: Failed password for invalid user duplacey from 37.187.54.67 port 48054 ssh2 Nov 26 01:44:43 server sshd\[5090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.ip-37-187-54.eu user=root Nov 26 01:44:44 server sshd\[5090\]: Failed password for root from 37.187.54.67 port 43024 ssh2 ... |
2019-11-26 08:58:50 |