131.159.24.47 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Technische Universitaet Muenchen

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 54377a32f860648b \| WAF_Rule_ID: 100001 \| WAF_Kind: firewall \| CF_Action: drop \| Country: DE \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: skk.moe \| User-Agent: \| CF_DC: FRA. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:20:32

Type

Details

Datetime

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 54377a32f860648b | WAF_Rule_ID: 100001 | WAF_Kind: firewall | CF_Action: drop | Country: DE | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: skk.moe | User-Agent:  | CF_DC: FRA. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 06:20:32

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.159.24.47
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56455
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;131.159.24.47.			IN	A

;; AUTHORITY SECTION:
.			383	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 06:20:29 CST 2019
;; MSG SIZE  rcvd: 117

Host info

47.24.159.131.in-addr.arpa domain name pointer one06.cm.in.tum.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
47.24.159.131.in-addr.arpa	name = one06.cm.in.tum.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.162.73.246	attackspambots	Unauthorized connection attempt from IP address 189.162.73.246 on Port 445(SMB)	2019-11-08 15:20:04
198.245.50.81	attackbotsspam	Failed password for root from 198.245.50.81 port 53928 ssh2 Invalid user bay from 198.245.50.81 port 35238 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.50.81 Failed password for invalid user bay from 198.245.50.81 port 35238 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.50.81 user=root	2019-11-08 15:38:46
191.54.224.83	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/191.54.224.83/ BR - 1H : (188) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN53006 IP : 191.54.224.83 CIDR : 191.54.0.0/15 PREFIX COUNT : 15 UNIQUE IP COUNT : 599808 ATTACKS DETECTED ASN53006 : 1H - 1 3H - 4 6H - 6 12H - 13 24H - 22 DateTime : 2019-11-08 07:30:47 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-08 15:19:03
217.182.54.165	attackbotsspam	SSH Bruteforce attempt	2019-11-08 15:17:09
125.212.247.15	attackbots	Nov 8 07:20:29 km20725 sshd\[2030\]: Invalid user minecraftserver from 125.212.247.15Nov 8 07:20:31 km20725 sshd\[2030\]: Failed password for invalid user minecraftserver from 125.212.247.15 port 47147 ssh2Nov 8 07:30:07 km20725 sshd\[2422\]: Invalid user hjz from 125.212.247.15Nov 8 07:30:09 km20725 sshd\[2422\]: Failed password for invalid user hjz from 125.212.247.15 port 38000 ssh2 ...	2019-11-08 15:24:11
185.211.245.198	attack	2019-11-08T07:53:54.227817mail01 postfix/smtpd[29457]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: 2019-11-08T07:54:01.395026mail01 postfix/smtpd[29429]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: 2019-11-08T07:58:01.014563mail01 postfix/smtpd[29394]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed:	2019-11-08 15:05:39
34.93.149.4	attack	2019-11-08T01:09:21.4920051495-001 sshd\[329\]: Invalid user yg from 34.93.149.4 port 57388 2019-11-08T01:09:21.5009121495-001 sshd\[329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=4.149.93.34.bc.googleusercontent.com 2019-11-08T01:09:23.5286001495-001 sshd\[329\]: Failed password for invalid user yg from 34.93.149.4 port 57388 ssh2 2019-11-08T01:15:01.9997011495-001 sshd\[480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=4.149.93.34.bc.googleusercontent.com user=root 2019-11-08T01:15:04.3934391495-001 sshd\[480\]: Failed password for root from 34.93.149.4 port 38292 ssh2 2019-11-08T01:20:34.1474931495-001 sshd\[697\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=4.149.93.34.bc.googleusercontent.com user=root ...	2019-11-08 15:03:31
155.4.32.16	attack	Nov 7 20:56:57 hanapaa sshd\[2561\]: Invalid user ftpadmin@123 from 155.4.32.16 Nov 7 20:56:57 hanapaa sshd\[2561\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se Nov 7 20:56:59 hanapaa sshd\[2561\]: Failed password for invalid user ftpadmin@123 from 155.4.32.16 port 50628 ssh2 Nov 7 21:00:54 hanapaa sshd\[2847\]: Invalid user poney from 155.4.32.16 Nov 7 21:00:54 hanapaa sshd\[2847\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se	2019-11-08 15:07:30
222.186.169.194	attackspam	Fail2Ban - SSH Bruteforce Attempt	2019-11-08 15:04:37
92.53.69.6	attack	Nov 8 08:03:40 ns381471 sshd[28419]: Failed password for root from 92.53.69.6 port 43170 ssh2	2019-11-08 15:29:04
77.42.86.145	attack	Automatic report - Port Scan Attack	2019-11-08 15:30:50
39.49.99.140	attack	firewall-block, port(s): 445/tcp	2019-11-08 15:38:16
80.211.171.78	attack	Nov 8 06:30:36 ms-srv sshd[58972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.171.78 user=root Nov 8 06:30:38 ms-srv sshd[58972]: Failed password for invalid user root from 80.211.171.78 port 50512 ssh2	2019-11-08 15:29:56
117.121.100.228	attack	2019-11-08T07:06:27.444120shield sshd\[3304\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.121.100.228 user=root 2019-11-08T07:06:29.448910shield sshd\[3304\]: Failed password for root from 117.121.100.228 port 56406 ssh2 2019-11-08T07:10:58.459620shield sshd\[3899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.121.100.228 user=root 2019-11-08T07:11:00.334102shield sshd\[3899\]: Failed password for root from 117.121.100.228 port 33810 ssh2 2019-11-08T07:15:34.358013shield sshd\[4439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.121.100.228 user=root	2019-11-08 15:25:48
93.149.79.247	attackspam	Nov 8 07:30:11 MK-Soft-VM7 sshd[4379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.149.79.247 Nov 8 07:30:13 MK-Soft-VM7 sshd[4379]: Failed password for invalid user ftpd from 93.149.79.247 port 51574 ssh2 ...	2019-11-08 15:28:45

Recently Reported IPs

113.195.21.66	113.58.236.213	112.232.246.17	112.193.169.195
16.160.153.54	111.224.235.46	111.224.234.150	3.225.217.224
111.224.220.43	110.177.83.156	110.80.152.48	106.120.14.169
106.59.245.107	106.45.1.151	106.45.0.102	106.45.0.12
130.77.216.84	170.208.251.196	61.159.252.2	60.13.6.49