213.149.169.44

Basic Info

City: unknown

Region: unknown

Country: Cyprus

Internet Service Provider: Cyprus Telecommuncations Authority

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	DATE:2020-02-02 16:09:35, IP:213.149.169.44, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-02 23:37:09

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.149.169.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8624
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.149.169.44.			IN	A

;; AUTHORITY SECTION:
.			439	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020200 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 02 23:37:03 CST 2020
;; MSG SIZE  rcvd: 118

Host info

44.169.149.213.in-addr.arpa domain name pointer 213-169-44.netrunf.cytanet.com.cy.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
44.169.149.213.in-addr.arpa	name = 213-169-44.netrunf.cytanet.com.cy.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
85.175.171.169	attackbots	Sep 7 19:35:25 IngegnereFirenze sshd[30952]: User root from 85.175.171.169 not allowed because not listed in AllowUsers ...	2020-09-08 07:08:55
132.145.184.238	attack	Sep 8 00:44:38 icecube sshd[75587]: Failed password for root from 132.145.184.238 port 59026 ssh2	2020-09-08 07:22:45
213.230.110.107	attack	Sep 7 16:52:46 rush sshd[741]: Failed password for root from 213.230.110.107 port 44286 ssh2 Sep 7 16:52:57 rush sshd[741]: error: maximum authentication attempts exceeded for root from 213.230.110.107 port 44286 ssh2 [preauth] Sep 7 16:53:01 rush sshd[743]: Failed password for root from 213.230.110.107 port 45322 ssh2 ...	2020-09-08 06:45:31
212.70.149.52	attackspambots	Aug 30 05:57:23 websrv1.derweidener.de postfix/smtpd[1733002]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 30 05:57:50 websrv1.derweidener.de postfix/smtpd[1733002]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 30 05:58:17 websrv1.derweidener.de postfix/smtpd[1733002]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 30 05:58:44 websrv1.derweidener.de postfix/smtpd[1733002]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 30 05:59:11 websrv1.derweidener.de postfix/smtpd[1733002]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-09-08 07:08:34
36.68.14.49	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-08 07:21:26
222.186.42.137	attackbots	"Unauthorized connection attempt on SSHD detected"	2020-09-08 06:50:56
82.141.161.227	attackbots	(smtpauth) Failed SMTP AUTH login from 82.141.161.227 (HU/Hungary/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-09-07 21:22:06 plain authenticator failed for ([82.141.161.227]) [82.141.161.227]: 535 Incorrect authentication data (set_id=info@mobarakehpipe.com)	2020-09-08 07:18:13
190.60.174.246	attackspambots	DATE:2020-09-07 18:52:09, IP:190.60.174.246, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-09-08 07:19:59
94.74.107.205	attack	Wordpress framework attack - hard filter	2020-09-08 06:51:28
149.202.160.188	attackbotsspam	Sep 7 22:15:19 pkdns2 sshd\[38476\]: Address 149.202.160.188 maps to ip-149-202-160.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 7 22:15:21 pkdns2 sshd\[38476\]: Failed password for root from 149.202.160.188 port 48355 ssh2Sep 7 22:19:02 pkdns2 sshd\[38615\]: Address 149.202.160.188 maps to ip-149-202-160.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 7 22:19:04 pkdns2 sshd\[38615\]: Failed password for root from 149.202.160.188 port 51445 ssh2Sep 7 22:22:31 pkdns2 sshd\[38788\]: Address 149.202.160.188 maps to ip-149-202-160.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 7 22:22:33 pkdns2 sshd\[38788\]: Failed password for root from 149.202.160.188 port 54530 ssh2 ...	2020-09-08 07:04:54
188.162.196.95	attackbots	20/9/7@12:52:09: FAIL: Alarm-Network address from=188.162.196.95 ...	2020-09-08 07:20:16
189.13.249.27	attack	Tried sshing with brute force.	2020-09-08 07:01:48
177.220.174.187	attackspam	Sep 7 20:17:22 mout sshd[4496]: Invalid user teste1 from 177.220.174.187 port 22030	2020-09-08 07:00:32
112.194.82.78	attackspam	Sep 7 20:53:45 marvibiene sshd[25644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.194.82.78 Sep 7 20:53:46 marvibiene sshd[25644]: Failed password for invalid user tester from 112.194.82.78 port 41278 ssh2	2020-09-08 07:02:58
58.57.4.238	attackbots	SASL PLAIN auth failed: ruser=...	2020-09-08 07:18:35

Recently Reported IPs

207.129.112.49	132.149.150.123	115.20.224.130	74.37.27.225
157.185.77.197	211.143.68.235	106.254.115.133	8.220.92.141
33.63.208.56	195.251.252.20	90.1.65.79	137.66.55.100
145.143.252.223	88.208.203.3	91.28.92.245	143.167.184.228
124.207.50.178	63.155.213.188	94.210.112.66	217.126.117.54