131.234.204.161

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.234.204.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 735
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;131.234.204.161.		IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012600 1800 900 604800 86400

;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 17:43:35 CST 2025
;; MSG SIZE  rcvd: 108

Host info

161.204.234.131.in-addr.arpa domain name pointer kw-steffen-schiel.uni-paderborn.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
161.204.234.131.in-addr.arpa	name = kw-steffen-schiel.uni-paderborn.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.199.98.220	attack	Invalid user guest from 103.199.98.220 port 36374	2020-08-25 17:24:40
198.46.202.11	attack	Unauthorized connection attempt detected from IP address 198.46.202.11 to port 23 [T]	2020-08-25 17:23:38
34.94.222.56	attack	Aug 25 08:23:19 v22019038103785759 sshd\[29646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.94.222.56 user=root Aug 25 08:23:21 v22019038103785759 sshd\[29646\]: Failed password for root from 34.94.222.56 port 40622 ssh2 Aug 25 08:27:49 v22019038103785759 sshd\[31161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.94.222.56 user=root Aug 25 08:27:51 v22019038103785759 sshd\[31161\]: Failed password for root from 34.94.222.56 port 35430 ssh2 Aug 25 08:30:48 v22019038103785759 sshd\[32040\]: Invalid user alfredo from 34.94.222.56 port 46952 Aug 25 08:30:48 v22019038103785759 sshd\[32040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.94.222.56 ...	2020-08-25 17:24:07
5.140.233.194	attack	Dovecot Invalid User Login Attempt.	2020-08-25 17:07:43
5.101.107.190	attack	Aug 25 06:00:01 * sshd[16401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.101.107.190 Aug 25 06:00:03 * sshd[16401]: Failed password for invalid user aq from 5.101.107.190 port 57990 ssh2	2020-08-25 17:18:44
91.83.162.56	attackspam	Brute force attempt	2020-08-25 17:34:31
219.150.93.157	attack	Aug 25 07:02:07 vps sshd[20355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.150.93.157 Aug 25 07:02:09 vps sshd[20355]: Failed password for invalid user resto from 219.150.93.157 port 52902 ssh2 Aug 25 07:07:25 vps sshd[20755]: Failed password for root from 219.150.93.157 port 54018 ssh2 ...	2020-08-25 17:03:39
122.224.20.214	attack	TCP (SYN) 122.224.20.214:57499 -> port 445, len 44	2020-08-25 17:22:43
173.212.251.144	attackspambots	Aug 25 07:22:25 ws26vmsma01 sshd[134987]: Failed password for root from 173.212.251.144 port 46072 ssh2 Aug 25 07:26:05 ws26vmsma01 sshd[137034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.251.144 ...	2020-08-25 17:16:02
104.27.156.6	attackbotsspam	Sending out spam emails from IP 2001:41d0:1004:20d9:0:0:0:0 (ovh. net) Advertising that they are selling hacked dating account as well as compromised SMTP servers, shells, cpanel accounts and other illegal activity. For OVH report via their form as well as email https://www.ovh.com/world/abuse/ And send the complaint to abuse@ovh.net noc@ovh.net OVH.NET are pure scumbags and allow their customers to spam and ignore abuse complaints these guys are the worst of the worst! Pure scumbags! Now the spammer's websites are located at http://toolsbase.ws IP: 104.27.156.6, 104.27.157.6, 172.67.222.105 (cloudflare.com) For Cloudflare report via their form at https://www.cloudflare.com/abuse/ and noc@cloudflare.com and abuse@cloudflare.com	2020-08-25 17:09:42
103.51.103.3	attack	103.51.103.3 - - [25/Aug/2020:10:42:31 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.51.103.3 - - [25/Aug/2020:10:42:32 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.51.103.3 - - [25/Aug/2020:10:42:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-25 17:31:51
94.102.56.216	attackspambots	94.102.56.216 was recorded 5 times by 4 hosts attempting to connect to the following ports: 56243,57057. Incident counter (4h, 24h, all-time): 5, 33, 1815	2020-08-25 17:09:16
113.13.177.48	attackbots	Lines containing failures of 113.13.177.48 (max 1000) Aug 24 15:05:50 efa3 sshd[29414]: Invalid user leech from 113.13.177.48 port 37326 Aug 24 15:05:50 efa3 sshd[29414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.13.177.48 Aug 24 15:05:52 efa3 sshd[29414]: Failed password for invalid user leech from 113.13.177.48 port 37326 ssh2 Aug 24 15:05:53 efa3 sshd[29414]: Received disconnect from 113.13.177.48 port 37326:11: Bye Bye [preauth] Aug 24 15:05:53 efa3 sshd[29414]: Disconnected from 113.13.177.48 port 37326 [preauth] Aug 24 15:17:48 efa3 sshd[31654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.13.177.48 user=r.r Aug 24 15:17:50 efa3 sshd[31654]: Failed password for r.r from 113.13.177.48 port 60562 ssh2 Aug 24 15:17:50 efa3 sshd[31654]: Received disconnect from 113.13.177.48 port 60562:11: Bye Bye [preauth] Aug 24 15:17:50 efa3 sshd[31654]: Disconnected from 113.13.177.48 ........ ------------------------------	2020-08-25 17:31:03
188.43.117.38	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-08-25 17:27:14
89.248.167.131	attackbots	2020-08-25 12:28:37 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[89.248.167.131] input="\026\003\001\001E\001" 2020-08-25 12:28:38 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[89.248.167.131] input="\026\003\001" ...	2020-08-25 17:35:51

Recently Reported IPs

29.64.32.182	47.143.162.12	36.219.125.219	84.182.105.22
127.206.176.145	82.179.51.122	23.31.193.183	89.214.4.94
115.124.254.1	155.240.240.94	226.180.80.38	95.134.172.102
167.211.50.248	187.244.116.159	118.212.24.38	76.202.66.15
249.86.113.13	8.178.30.181	185.130.84.217	145.21.232.124