City: unknown
Region: unknown
Country: Bulgaria
Internet Service Provider: Propeople OOD
Hostname: unknown
Organization: unknown
Usage Type: Commercial
| Type | Details | Datetime |
|---|---|---|
| attackbotsspam | May 25 01:06:43 Host-KLAX-C sshd[2740]: Disconnected from invalid user root 213.145.99.194 port 41404 [preauth] ... |
2020-05-25 18:57:53 |
| attackspam | May 24 14:11:31 electroncash sshd[13093]: Invalid user sfm from 213.145.99.194 port 35858 May 24 14:11:31 electroncash sshd[13093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.145.99.194 May 24 14:11:31 electroncash sshd[13093]: Invalid user sfm from 213.145.99.194 port 35858 May 24 14:11:34 electroncash sshd[13093]: Failed password for invalid user sfm from 213.145.99.194 port 35858 ssh2 May 24 14:15:07 electroncash sshd[14126]: Invalid user hyo from 213.145.99.194 port 40912 ... |
2020-05-24 21:39:57 |
| attackspam | Aug 16 01:11:31 ms-srv sshd[22955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.145.99.194 Aug 16 01:11:33 ms-srv sshd[22955]: Failed password for invalid user camila from 213.145.99.194 port 43110 ssh2 |
2020-03-09 00:57:09 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.145.99.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19351
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.145.99.194. IN A
;; AUTHORITY SECTION:
. 502 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020030800 1800 900 604800 86400
;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 00:57:04 CST 2020
;; MSG SIZE rcvd: 118194.99.145.213.in-addr.arpa domain name pointer gw.propeople.bg.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
194.99.145.213.in-addr.arpa name = gw.propeople.bg.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 110.137.177.243 | attackbotsspam | Honeypot attack, port: 445, PTR: 243.subnet110-137-177.speedy.telkom.net.id. |
2020-01-15 15:11:00 |
| 60.250.243.186 | attackspambots | Unauthorized connection attempt detected from IP address 60.250.243.186 to port 2220 [J] |
2020-01-15 15:09:27 |
| 60.190.249.119 | attackbotsspam | firewall-block, port(s): 1433/tcp |
2020-01-15 15:22:46 |
| 159.89.110.45 | attackspambots | 159.89.110.45 - - \[15/Jan/2020:05:53:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 7085 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.89.110.45 - - \[15/Jan/2020:05:53:45 +0100\] "POST /wp-login.php HTTP/1.0" 200 6952 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.89.110.45 - - \[15/Jan/2020:05:53:45 +0100\] "POST /wp-login.php HTTP/1.0" 200 6948 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-01-15 15:35:57 |
| 157.245.74.137 | attackbots | Port 22 Scan, PTR: min-extra-scan-204-nl-prod.binaryedge.ninja. |
2020-01-15 15:32:07 |
| 120.132.124.237 | attack | Invalid user zimbra from 120.132.124.237 port 48118 |
2020-01-15 15:13:54 |
| 120.133.35.5 | attackbotsspam | Unauthorized connection attempt detected from IP address 120.133.35.5 to port 1433 |
2020-01-15 15:13:24 |
| 125.167.209.198 | attackbotsspam | Honeypot attack, port: 445, PTR: PTR record not found |
2020-01-15 15:02:50 |
| 49.88.112.65 | attackspambots | 2020-01-15T07:00:13.704003shield sshd\[31640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root 2020-01-15T07:00:15.665901shield sshd\[31640\]: Failed password for root from 49.88.112.65 port 52993 ssh2 2020-01-15T07:00:17.456498shield sshd\[31640\]: Failed password for root from 49.88.112.65 port 52993 ssh2 2020-01-15T07:00:19.185979shield sshd\[31640\]: Failed password for root from 49.88.112.65 port 52993 ssh2 2020-01-15T07:01:48.891397shield sshd\[32315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root |
2020-01-15 15:16:27 |
| 13.115.161.64 | attackspam | CloudCIX Reconnaissance Scan Detected, PTR: ec2-13-115-161-64.ap-northeast-1.compute.amazonaws.com. |
2020-01-15 15:21:27 |
| 157.245.90.16 | attackbotsspam | Unauthorized connection attempt detected from IP address 157.245.90.16 to port 2220 [J] |
2020-01-15 15:12:45 |
| 161.202.177.13 | attackspam | Jan 15 07:40:36 meumeu sshd[19731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.202.177.13 Jan 15 07:40:38 meumeu sshd[19731]: Failed password for invalid user anjor from 161.202.177.13 port 35416 ssh2 Jan 15 07:43:34 meumeu sshd[20118]: Failed password for root from 161.202.177.13 port 59092 ssh2 ... |
2020-01-15 15:08:48 |
| 185.79.115.147 | attackspam | 185.79.115.147 - - \[15/Jan/2020:05:53:40 +0100\] "POST /wp-login.php HTTP/1.0" 200 6673 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 185.79.115.147 - - \[15/Jan/2020:05:53:43 +0100\] "POST /wp-login.php HTTP/1.0" 200 6511 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 185.79.115.147 - - \[15/Jan/2020:05:53:45 +0100\] "POST /wp-login.php HTTP/1.0" 200 6510 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-01-15 15:34:45 |
| 223.71.167.164 | attackspambots | Jan 15 14:13:48 staklim-malang postfix/smtpd[5184]: lost connection after CONNECT from unknown[223.71.167.164] ... |
2020-01-15 15:17:01 |
| 58.182.126.48 | attack | Port 22 Scan, PTR: 48.126.182.58.starhub.net.sg. |
2020-01-15 15:29:38 |