141.85.13.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Romania

Internet Service Provider: Politehnica University of Bucharest

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Jun 27 05:50:01 server sshd\[59601\]: Invalid user alfred from 141.85.13.4 Jun 27 05:50:01 server sshd\[59601\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.4 Jun 27 05:50:03 server sshd\[59601\]: Failed password for invalid user alfred from 141.85.13.4 port 60148 ssh2 ...	2019-07-12 05:29:25
attackspam	Jun 26 22:43:10 [snip] sshd[2579]: Invalid user gong from 141.85.13.4 port 58722 Jun 26 22:43:10 [snip] sshd[2579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.4 Jun 26 22:43:12 [snip] sshd[2579]: Failed password for invalid user gong from 141.85.13.4 port 58722 ssh2[...]	2019-06-27 06:04:38
attack	Jun 25 00:02:53 host sshd\[23476\]: Invalid user webadmin from 141.85.13.4 port 38974 Jun 25 00:02:53 host sshd\[23476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.4 ...	2019-06-25 10:28:12

Type

Details

Datetime

attackbots

Jun 27 05:50:01 server sshd\[59601\]: Invalid user alfred from 141.85.13.4
Jun 27 05:50:01 server sshd\[59601\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.4
Jun 27 05:50:03 server sshd\[59601\]: Failed password for invalid user alfred from 141.85.13.4 port 60148 ssh2
...

2019-07-12 05:29:25

attackspam

Jun 26 22:43:10 [snip] sshd[2579]: Invalid user gong from 141.85.13.4 port 58722
Jun 26 22:43:10 [snip] sshd[2579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.4
Jun 26 22:43:12 [snip] sshd[2579]: Failed password for invalid user gong from 141.85.13.4 port 58722 ssh2[...]

2019-06-27 06:04:38

attack

Jun 25 00:02:53 host sshd\[23476\]: Invalid user webadmin from 141.85.13.4 port 38974
Jun 25 00:02:53 host sshd\[23476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.4
...

2019-06-25 10:28:12

Comments on same subnet:

IP	Type	Details	Datetime
141.85.13.6	attackbotsspam	Sep 1 09:53:24 auw2 sshd\[24421\]: Invalid user quercia from 141.85.13.6 Sep 1 09:53:24 auw2 sshd\[24421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.6 Sep 1 09:53:27 auw2 sshd\[24421\]: Failed password for invalid user quercia from 141.85.13.6 port 39336 ssh2 Sep 1 09:57:56 auw2 sshd\[24818\]: Invalid user go from 141.85.13.6 Sep 1 09:57:56 auw2 sshd\[24818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.6	2019-09-02 04:17:44
141.85.13.6	attackspam	Invalid user scan12345 from 141.85.13.6 port 33982 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.6 Failed password for invalid user scan12345 from 141.85.13.6 port 33982 ssh2 Invalid user 123456 from 141.85.13.6 port 52812 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.6	2019-08-26 14:57:22
141.85.13.6	attackbots	Invalid user mqm from 141.85.13.6 port 56402	2019-08-17 07:55:35
141.85.13.6	attackbotsspam	Automatic report - Banned IP Access	2019-08-09 03:28:44
141.85.13.6	attackbots	Jul 26 16:55:41 aat-srv002 sshd[4917]: Failed password for root from 141.85.13.6 port 59178 ssh2 Jul 26 17:00:15 aat-srv002 sshd[5055]: Failed password for root from 141.85.13.6 port 53314 ssh2 Jul 26 17:04:55 aat-srv002 sshd[5181]: Failed password for root from 141.85.13.6 port 47458 ssh2 ...	2019-07-27 06:06:53
141.85.13.6	attackspam	2019-07-20T02:45:01.904037abusebot.cloudsearch.cf sshd\[28430\]: Invalid user ggg from 141.85.13.6 port 36478	2019-07-20 10:45:43
141.85.13.6	attackspambots	2019-07-19T23:55:44.193279abusebot.cloudsearch.cf sshd\[26497\]: Invalid user openstack from 141.85.13.6 port 34068	2019-07-20 08:07:28
141.85.13.6	attackbots	Jul 10 22:53:53 ns341937 sshd[23381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.6 Jul 10 22:53:55 ns341937 sshd[23381]: Failed password for invalid user deploy from 141.85.13.6 port 49630 ssh2 Jul 10 22:57:16 ns341937 sshd[24270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.6 ...	2019-07-11 05:24:17
141.85.13.6	attackbots	Tried sshing with brute force.	2019-07-06 02:42:41
141.85.13.6	attack	Jun 23 10:57:02 *** sshd[20099]: Failed password for invalid user admin from 141.85.13.6 port 54394 ssh2	2019-06-24 08:18:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.85.13.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24633
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;141.85.13.4.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 25 10:28:07 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 4.13.85.141.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 4.13.85.141.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
175.182.177.174	attackspambots	Automatic report - Banned IP Access	2019-11-15 07:08:37
111.93.94.10	attack	2019-11-14T23:04:54.201473abusebot-4.cloudsearch.cf sshd\[4626\]: Invalid user vicosa from 111.93.94.10 port 45850	2019-11-15 07:05:54
112.25.163.72	attack	3389BruteforceFW21	2019-11-15 07:07:14
5.36.66.225	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-15 07:22:33
37.120.148.78	attack	3389BruteforceFW21	2019-11-15 07:18:18
37.187.78.170	attack	2019-11-14T22:37:01.610417hub.schaetter.us sshd\[11434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3366832.ovh.net user=root 2019-11-14T22:37:03.644085hub.schaetter.us sshd\[11434\]: Failed password for root from 37.187.78.170 port 16517 ssh2 2019-11-14T22:40:37.765017hub.schaetter.us sshd\[11461\]: Invalid user farnham from 37.187.78.170 port 35376 2019-11-14T22:40:37.789142hub.schaetter.us sshd\[11461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3366832.ovh.net 2019-11-14T22:40:39.805989hub.schaetter.us sshd\[11461\]: Failed password for invalid user farnham from 37.187.78.170 port 35376 ssh2 ...	2019-11-15 07:09:18
222.186.173.154	attackspam	Nov 15 00:30:06 localhost sshd\[26828\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Nov 15 00:30:07 localhost sshd\[26828\]: Failed password for root from 222.186.173.154 port 5448 ssh2 Nov 15 00:30:11 localhost sshd\[26828\]: Failed password for root from 222.186.173.154 port 5448 ssh2	2019-11-15 07:30:51
125.40.25.51	attack	Unauthorized access or intrusion attempt detected from Thor banned IP	2019-11-15 07:21:27
118.24.111.71	attack	2019-11-14T22:37:48.003797abusebot-7.cloudsearch.cf sshd\[3050\]: Invalid user wilcox from 118.24.111.71 port 35382	2019-11-15 07:11:16
195.142.112.244	attack	Portscan or hack attempt detected by psad/fwsnort	2019-11-15 07:12:52
116.236.185.64	attack	Nov 15 04:32:14 areeb-Workstation sshd[2346]: Failed password for root from 116.236.185.64 port 14838 ssh2 ...	2019-11-15 07:10:28
60.12.26.9	attack	Nov 15 01:37:48 debian sshd\[9582\]: Invalid user applmgr from 60.12.26.9 port 40834 Nov 15 01:37:48 debian sshd\[9582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.12.26.9 Nov 15 01:37:50 debian sshd\[9582\]: Failed password for invalid user applmgr from 60.12.26.9 port 40834 ssh2 ...	2019-11-15 07:10:15
49.88.112.71	attackspam	2019-11-14T22:59:02.223585shield sshd\[14463\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.71 user=root 2019-11-14T22:59:03.906796shield sshd\[14463\]: Failed password for root from 49.88.112.71 port 64358 ssh2 2019-11-14T22:59:05.753355shield sshd\[14463\]: Failed password for root from 49.88.112.71 port 64358 ssh2 2019-11-14T22:59:08.071790shield sshd\[14463\]: Failed password for root from 49.88.112.71 port 64358 ssh2 2019-11-14T22:59:38.199815shield sshd\[14666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.71 user=root	2019-11-15 07:00:32
37.187.12.126	attack	Invalid user kapps from 37.187.12.126 port 37272	2019-11-15 07:29:59
54.37.157.41	attackbots	Nov 13 03:45:01 rama sshd[254287]: Invalid user forger from 54.37.157.41 Nov 13 03:45:03 rama sshd[254287]: Failed password for invalid user forger from 54.37.157.41 port 46881 ssh2 Nov 13 03:45:03 rama sshd[254287]: Received disconnect from 54.37.157.41: 11: Bye Bye [preauth] Nov 13 04:06:42 rama sshd[264006]: Failed password for r.r from 54.37.157.41 port 46420 ssh2 Nov 13 04:06:42 rama sshd[264006]: Received disconnect from 54.37.157.41: 11: Bye Bye [preauth] Nov 13 04:11:48 rama sshd[269563]: Invalid user admin from 54.37.157.41 Nov 13 04:11:50 rama sshd[269563]: Failed password for invalid user admin from 54.37.157.41 port 37087 ssh2 Nov 13 04:11:50 rama sshd[269563]: Received disconnect from 54.37.157.41: 11: Bye Bye [preauth] Nov 13 04:15:13 rama sshd[272790]: Invalid user kmarr from 54.37.157.41 Nov 13 04:15:15 rama sshd[272790]: Failed password for invalid user kmarr from 54.37.157.41 port 55984 ssh2 Nov 13 04:15:15 rama sshd[272790]: Received disconnect from 5........ -------------------------------	2019-11-15 07:33:55

Recently Reported IPs

183.182.115.185	183.78.192.164	183.5.91.70	183.108.27.227
183.104.169.136	183.102.192.179	182.75.88.86	96.143.68.232
164.77.71.148	182.73.168.94	182.66.35.64	182.64.88.100
109.111.143.194	182.253.162.48	182.231.138.153	86.124.204.81
123.13.59.118	182.228.179.53	182.213.217.171	182.23.164.9