City: Frankfurt am Main
Region: Hessen
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 207.154.234.102 | attack | 2020-08-15T22:37:05.209595vps751288.ovh.net sshd\[15481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root 2020-08-15T22:37:07.503198vps751288.ovh.net sshd\[15481\]: Failed password for root from 207.154.234.102 port 39700 ssh2 2020-08-15T22:40:48.107544vps751288.ovh.net sshd\[15531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root 2020-08-15T22:40:50.347665vps751288.ovh.net sshd\[15531\]: Failed password for root from 207.154.234.102 port 49558 ssh2 2020-08-15T22:44:29.346979vps751288.ovh.net sshd\[15575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root |
2020-08-16 07:14:27 |
| 207.154.234.102 | attackbotsspam | Jul 31 17:18:48 vps639187 sshd\[8885\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root Jul 31 17:18:50 vps639187 sshd\[8885\]: Failed password for root from 207.154.234.102 port 60174 ssh2 Jul 31 17:23:01 vps639187 sshd\[9017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root ... |
2020-07-31 23:35:17 |
| 207.154.234.102 | attackbots | Jul 20 22:43:54 vpn01 sshd[12190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 Jul 20 22:43:56 vpn01 sshd[12190]: Failed password for invalid user test from 207.154.234.102 port 43414 ssh2 ... |
2020-07-21 05:18:44 |
| 207.154.234.102 | attackspam | Jul 5 07:52:18 home sshd[32679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 Jul 5 07:52:21 home sshd[32679]: Failed password for invalid user hengda from 207.154.234.102 port 58416 ssh2 Jul 5 07:55:44 home sshd[537]: Failed password for root from 207.154.234.102 port 56678 ssh2 ... |
2020-07-05 14:01:33 |
| 207.154.234.102 | attackbots | 959. On Jun 22 2020 experienced a Brute Force SSH login attempt -> 5 unique times by 207.154.234.102. |
2020-06-23 06:51:24 |
| 207.154.234.102 | attack | Jun 20 02:28:19 piServer sshd[10602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 Jun 20 02:28:21 piServer sshd[10602]: Failed password for invalid user teste from 207.154.234.102 port 58466 ssh2 Jun 20 02:31:20 piServer sshd[10824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 ... |
2020-06-20 08:37:58 |
| 207.154.234.102 | attackspambots | Jun 17 07:02:33 scw-tender-jepsen sshd[7585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 Jun 17 07:02:35 scw-tender-jepsen sshd[7585]: Failed password for invalid user sub from 207.154.234.102 port 51544 ssh2 |
2020-06-17 16:04:02 |
| 207.154.234.102 | attackspambots | Jun 6 18:11:34 Host-KLAX-C sshd[1956]: User root from 207.154.234.102 not allowed because not listed in AllowUsers ... |
2020-06-07 08:28:08 |
| 207.154.234.102 | attack | Jun 3 06:31:47 abendstille sshd\[3161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root Jun 3 06:31:49 abendstille sshd\[3161\]: Failed password for root from 207.154.234.102 port 38886 ssh2 Jun 3 06:35:09 abendstille sshd\[6423\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root Jun 3 06:35:12 abendstille sshd\[6423\]: Failed password for root from 207.154.234.102 port 43158 ssh2 Jun 3 06:38:31 abendstille sshd\[9730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root ... |
2020-06-03 12:42:27 |
| 207.154.234.102 | attackspam | (sshd) Failed SSH login from 207.154.234.102 (DE/Germany/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 27 10:41:14 ubnt-55d23 sshd[401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root May 27 10:41:15 ubnt-55d23 sshd[401]: Failed password for root from 207.154.234.102 port 51914 ssh2 |
2020-05-27 16:45:59 |
| 207.154.234.102 | attackspam | 2020-05-26T13:26:18.590095server.espacesoutien.com sshd[5604]: Invalid user ssh from 207.154.234.102 port 39644 2020-05-26T13:26:20.121999server.espacesoutien.com sshd[5604]: Failed password for invalid user ssh from 207.154.234.102 port 39644 ssh2 2020-05-26T13:29:35.319167server.espacesoutien.com sshd[5713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root 2020-05-26T13:29:37.215938server.espacesoutien.com sshd[5713]: Failed password for root from 207.154.234.102 port 44532 ssh2 ... |
2020-05-26 23:12:51 |
| 207.154.234.102 | attack | May 24 22:15:02 game-panel sshd[18543]: Failed password for root from 207.154.234.102 port 57414 ssh2 May 24 22:18:24 game-panel sshd[18737]: Failed password for root from 207.154.234.102 port 34316 ssh2 |
2020-05-25 06:23:52 |
| 207.154.234.102 | attackbots | 2020-05-01T14:50:02.387062vivaldi2.tree2.info sshd[26143]: Failed password for invalid user tlu from 207.154.234.102 port 36940 ssh2 2020-05-01T14:53:56.457818vivaldi2.tree2.info sshd[26413]: Invalid user secretariat from 207.154.234.102 2020-05-01T14:53:56.485322vivaldi2.tree2.info sshd[26413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 2020-05-01T14:53:56.457818vivaldi2.tree2.info sshd[26413]: Invalid user secretariat from 207.154.234.102 2020-05-01T14:53:58.500220vivaldi2.tree2.info sshd[26413]: Failed password for invalid user secretariat from 207.154.234.102 port 48678 ssh2 ... |
2020-05-01 14:02:12 |
| 207.154.234.102 | attackspambots | Apr 27 21:50:12 lukav-desktop sshd\[928\]: Invalid user jupiter from 207.154.234.102 Apr 27 21:50:12 lukav-desktop sshd\[928\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 Apr 27 21:50:15 lukav-desktop sshd\[928\]: Failed password for invalid user jupiter from 207.154.234.102 port 57496 ssh2 Apr 27 21:53:57 lukav-desktop sshd\[1154\]: Invalid user test from 207.154.234.102 Apr 27 21:53:57 lukav-desktop sshd\[1154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 |
2020-04-28 04:10:36 |
| 207.154.234.102 | attackbotsspam | Bruteforce detected by fail2ban |
2020-04-26 01:38:51 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 207.154.192.0 - 207.154.255.255
CIDR: 207.154.192.0/18
NetName: DIGITALOCEAN-207-154-192-0
NetHandle: NET-207-154-192-0-1
Parent: NET207 (NET-207-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: DigitalOcean, LLC (DO-13)
RegDate: 2016-04-12
Updated: 2020-04-03
Comment: Routing and Peering Policy can be found at https://www.as14061.net
Comment:
Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse
Ref: https://rdap.arin.net/registry/ip/207.154.192.0
OrgName: DigitalOcean, LLC
OrgId: DO-13
Address: 105 Edgeview Drive, Suite 425
City: Broomfield
StateProv: CO
PostalCode: 80021
Country: US
RegDate: 2012-05-14
Updated: 2025-04-11
Ref: https://rdap.arin.net/registry/entity/DO-13
OrgNOCHandle: NOC32014-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-646-827-4366
OrgNOCEmail: noc@digitalocean.com
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
OrgTechHandle: NOC32014-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-646-827-4366
OrgTechEmail: noc@digitalocean.com
OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
OrgAbuseHandle: DIGIT19-ARIN
OrgAbuseName: DigitalOcean Abuse
OrgAbusePhone: +1-646-827-4366
OrgAbuseEmail: abuse@digitalocean.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 207.154.234.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52695
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;207.154.234.231. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025100302 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 04 08:31:35 CST 2025
;; MSG SIZE rcvd: 108Host 231.234.154.207.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 231.234.154.207.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.59.10.42 | attackbotsspam | Jul 6 09:11:45 marvibiene sshd[43692]: Invalid user ftpuser from 139.59.10.42 port 41514 Jul 6 09:11:45 marvibiene sshd[43692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.10.42 Jul 6 09:11:45 marvibiene sshd[43692]: Invalid user ftpuser from 139.59.10.42 port 41514 Jul 6 09:11:47 marvibiene sshd[43692]: Failed password for invalid user ftpuser from 139.59.10.42 port 41514 ssh2 ... |
2020-07-06 20:03:02 |
| 198.12.84.221 | attackspambots | 2020-07-06T05:30:21.1843051495-001 sshd[28992]: Invalid user aac from 198.12.84.221 port 37628 2020-07-06T05:30:22.6868041495-001 sshd[28992]: Failed password for invalid user aac from 198.12.84.221 port 37628 ssh2 2020-07-06T05:32:31.1438101495-001 sshd[29087]: Invalid user zookeeper from 198.12.84.221 port 47520 2020-07-06T05:32:31.1506811495-001 sshd[29087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.12.84.221 2020-07-06T05:32:31.1438101495-001 sshd[29087]: Invalid user zookeeper from 198.12.84.221 port 47520 2020-07-06T05:32:32.8306501495-001 sshd[29087]: Failed password for invalid user zookeeper from 198.12.84.221 port 47520 ssh2 ... |
2020-07-06 19:57:49 |
| 79.42.138.252 | attackbotsspam | Unauthorized connection attempt detected from IP address 79.42.138.252 to port 5555 |
2020-07-06 20:26:04 |
| 185.39.11.39 | attack | Port scan on 9 port(s): 5002 5005 5012 5015 5016 5040 5042 5047 5049 |
2020-07-06 20:11:56 |
| 201.209.138.16 | attackspam | Attempted connection to port 445. |
2020-07-06 20:33:52 |
| 114.34.17.35 | attack | From CCTV User Interface Log ...::ffff:114.34.17.35 - - [05/Jul/2020:23:46:59 +0000] "GET / HTTP/1.1" 200 960 ... |
2020-07-06 20:23:31 |
| 39.99.210.38 | attack | SSH brute force attempt |
2020-07-06 20:05:00 |
| 95.239.209.98 | attackspambots | 95.239.209.98 - - [06/Jul/2020:11:00:33 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 95.239.209.98 - - [06/Jul/2020:11:00:34 +0100] "POST /wp-login.php HTTP/1.1" 403 512 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 95.239.209.98 - - [06/Jul/2020:11:04:44 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" ... |
2020-07-06 19:39:55 |
| 103.27.238.202 | attackbots | 2020-07-06T02:04:07.658493xentho-1 sshd[886278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.202 user=root 2020-07-06T02:04:09.757444xentho-1 sshd[886278]: Failed password for root from 103.27.238.202 port 56126 ssh2 2020-07-06T02:05:39.171615xentho-1 sshd[886319]: Invalid user ubuntu from 103.27.238.202 port 51334 2020-07-06T02:05:39.177173xentho-1 sshd[886319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.202 2020-07-06T02:05:39.171615xentho-1 sshd[886319]: Invalid user ubuntu from 103.27.238.202 port 51334 2020-07-06T02:05:40.905378xentho-1 sshd[886319]: Failed password for invalid user ubuntu from 103.27.238.202 port 51334 ssh2 2020-07-06T02:07:12.689150xentho-1 sshd[886343]: Invalid user wengjiong from 103.27.238.202 port 46540 2020-07-06T02:07:12.696242xentho-1 sshd[886343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238 ... |
2020-07-06 20:19:13 |
| 157.230.132.100 | attackbotsspam | DATE:2020-07-06 13:43:04, IP:157.230.132.100, PORT:ssh SSH brute force auth (docker-dc) |
2020-07-06 20:16:56 |
| 1.9.128.2 | attackspambots | Jul 6 06:53:46 server sshd[28223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.9.128.2 Jul 6 06:53:48 server sshd[28223]: Failed password for invalid user chs from 1.9.128.2 port 26697 ssh2 Jul 6 06:58:27 server sshd[28459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.9.128.2 ... |
2020-07-06 20:32:36 |
| 194.170.156.9 | attack | 2020-07-06T06:08:50.858563morrigan.ad5gb.com sshd[2292327]: Failed password for git from 194.170.156.9 port 43671 ssh2 2020-07-06T06:08:51.549731morrigan.ad5gb.com sshd[2292327]: Disconnected from authenticating user git 194.170.156.9 port 43671 [preauth] |
2020-07-06 20:29:31 |
| 36.81.198.112 | attack | [Mon Jul 06 10:47:31.357452 2020] [:error] [pid 8388:tid 140335205041920] [client 36.81.198.112:50748] [client 36.81.198.112] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/image-loader-worker-v3.js"] [unique_id "XwKe0w@SSZL6BNEesuZUwQABwwE"] ... |
2020-07-06 19:56:31 |
| 59.126.145.121 | attackbots | Attempted connection to port 80. |
2020-07-06 20:26:47 |
| 210.183.237.222 | attackspam | Attempted connection to port 5555. |
2020-07-06 20:33:01 |