City: unknown
Region: unknown
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.138.168.35 | attackbotsspam | Auto Detect Rule! proto TCP (SYN), 45.138.168.35:34397->gjan.info:23, len 40 |
2020-10-01 02:57:33 |
| 45.138.168.35 | attackspam | [N3.H3.VM3] Port Scanner Detected Blocked by UFW |
2020-09-30 19:09:24 |
| 45.138.100.138 | attackbotsspam | Chat Spam |
2020-09-21 02:35:20 |
| 45.138.100.138 | attackspam | Chat Spam |
2020-09-20 18:36:13 |
| 45.138.172.125 | attackbotsspam | (pop3d) Failed POP3 login from 45.138.172.125 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 2 16:38:29 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user= |
2020-08-03 00:47:50 |
| 45.138.100.189 | attack | [TueJul2805:56:21.9668962020][:error][pid25791:tid47647209649920][client45.138.100.189:63459][client45.138.100.189]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\|WormlyBot\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(DisableifyouwanttoallowMSIE6\)"][severity"WARNING"][hostname"aquattrozampe.com"][uri"/"][unique_id"Xx@h5VSLNaAiDHoMIEPJhgAAABc"][TueJul2805:56:23.4414652020][:error][pid25921:tid47647176029952][client45.138.100.189:24279][client45.138.100.189]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\|WormlyBot\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Disableifyouwantt |
2020-07-28 13:34:26 |
| 45.138.157.60 | attackbotsspam | 2020-07-12 23:14:15 | |
| 45.138.147.108 | attackspam | DDOS - one of 48 separate Russian addresses (plus one Lithuanian) IP addresses used to attack our website by repeatedly attempting to download the same, large file. All requests had the same signature, RestSharp/106.11.4.0 |
2020-07-10 20:53:30 |
| 45.138.157.37 | attackbotsspam | Jun 18 06:31:03 www sshd[21141]: reveeclipse mapping checking getaddrinfo for nice.try.kid [45.138.157.37] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 18 06:31:03 www sshd[21141]: Invalid user rob from 45.138.157.37 Jun 18 06:31:03 www sshd[21141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.138.157.37 Jun 18 06:31:04 www sshd[21141]: Failed password for invalid user rob from 45.138.157.37 port 33136 ssh2 Jun 18 06:31:04 www sshd[21141]: Received disconnect from 45.138.157.37: 11: Bye Bye [preauth] Jun 18 07:16:54 www sshd[22290]: reveeclipse mapping checking getaddrinfo for nice.try.kid [45.138.157.37] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 18 07:16:54 www sshd[22290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.138.157.37 user=r.r Jun 18 07:16:56 www sshd[22290]: Failed password for r.r from 45.138.157.37 port 44444 ssh2 Jun 18 07:16:56 www sshd[22290]: Received disconnect fro........ ------------------------------- |
2020-06-18 20:58:17 |
| 45.138.101.207 | attackspambots | pinterest spam |
2020-06-14 02:07:31 |
| 45.138.100.247 | attackspambots | Chat Spam |
2020-06-13 17:38:30 |
| 45.138.100.129 | attackbots | Chat Spam |
2020-06-05 12:07:40 |
| 45.138.100.90 | attackbotsspam | Chat Spam |
2020-06-05 04:06:07 |
| 45.138.100.217 | attackspam | Chat Spam |
2020-06-04 23:23:27 |
| 45.138.100.47 | attack | Chat Spam |
2020-06-04 15:21:16 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.138.1.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56586
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;45.138.1.142. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025013000 1800 900 604800 86400
;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 18:47:23 CST 2025
;; MSG SIZE rcvd: 105
Host 142.1.138.45.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 142.1.138.45.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 113.161.160.93 | attackspam | Helo |
2019-11-07 13:21:58 |
| 218.253.193.235 | attackbots | SSH Bruteforce attempt |
2019-11-07 13:27:33 |
| 188.165.130.148 | attackspambots | 11/07/2019-05:55:56.240369 188.165.130.148 Protocol: 6 ET POLICY Cleartext WordPress Login |
2019-11-07 13:53:59 |
| 92.119.160.107 | attack | Nov 7 06:19:12 mc1 kernel: \[4390249.728655\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=13760 PROTO=TCP SPT=43393 DPT=53450 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 7 06:27:17 mc1 kernel: \[4390734.166468\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=29744 PROTO=TCP SPT=43393 DPT=53116 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 7 06:27:28 mc1 kernel: \[4390745.575008\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=41441 PROTO=TCP SPT=43393 DPT=52555 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-11-07 13:28:19 |
| 5.249.131.161 | attack | Nov 6 18:52:54 auw2 sshd\[18083\]: Invalid user salomao123 from 5.249.131.161 Nov 6 18:52:54 auw2 sshd\[18083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.131.161 Nov 6 18:52:56 auw2 sshd\[18083\]: Failed password for invalid user salomao123 from 5.249.131.161 port 25585 ssh2 Nov 6 18:56:47 auw2 sshd\[18430\]: Invalid user fimat from 5.249.131.161 Nov 6 18:56:47 auw2 sshd\[18430\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.131.161 |
2019-11-07 13:24:30 |
| 176.107.198.174 | attackspambots | 3389BruteforceFW23 |
2019-11-07 13:50:21 |
| 159.65.157.194 | attackspambots | Nov 7 05:35:57 root sshd[8578]: Failed password for root from 159.65.157.194 port 33022 ssh2 Nov 7 05:53:55 root sshd[8844]: Failed password for root from 159.65.157.194 port 60732 ssh2 ... |
2019-11-07 13:17:27 |
| 51.158.113.194 | attackspam | Nov 7 00:18:42 plusreed sshd[2366]: Invalid user calendar from 51.158.113.194 ... |
2019-11-07 13:21:09 |
| 148.72.210.28 | attackspam | 2019-11-07T06:17:33.267906host3.slimhost.com.ua sshd[1219735]: Invalid user suck from 148.72.210.28 port 39608 2019-11-07T06:17:33.277270host3.slimhost.com.ua sshd[1219735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-210-28.ip.secureserver.net 2019-11-07T06:17:33.267906host3.slimhost.com.ua sshd[1219735]: Invalid user suck from 148.72.210.28 port 39608 2019-11-07T06:17:35.063377host3.slimhost.com.ua sshd[1219735]: Failed password for invalid user suck from 148.72.210.28 port 39608 ssh2 2019-11-07T06:21:50.418204host3.slimhost.com.ua sshd[1222570]: Invalid user Gabrielle from 148.72.210.28 port 48380 ... |
2019-11-07 13:29:10 |
| 41.87.80.26 | attackbots | $f2bV_matches |
2019-11-07 13:47:52 |
| 218.76.204.34 | attackspambots | Nov 7 05:51:34 dev0-dcde-rnet sshd[20515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.76.204.34 Nov 7 05:51:36 dev0-dcde-rnet sshd[20515]: Failed password for invalid user prodi from 218.76.204.34 port 32900 ssh2 Nov 7 05:56:15 dev0-dcde-rnet sshd[20540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.76.204.34 |
2019-11-07 13:39:23 |
| 104.211.67.107 | attackspam | 11/06/2019-23:56:33.752362 104.211.67.107 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433 |
2019-11-07 13:29:47 |
| 61.216.13.170 | attack | Nov 7 07:29:00 sauna sshd[37576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.216.13.170 Nov 7 07:29:02 sauna sshd[37576]: Failed password for invalid user test from 61.216.13.170 port 39199 ssh2 ... |
2019-11-07 13:54:23 |
| 201.244.94.189 | attackspambots | Nov 7 04:52:34 venus sshd\[19508\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.244.94.189 user=root Nov 7 04:52:36 venus sshd\[19508\]: Failed password for root from 201.244.94.189 port 44261 ssh2 Nov 7 04:56:47 venus sshd\[19573\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.244.94.189 user=root ... |
2019-11-07 13:23:58 |
| 163.172.61.214 | attackspam | Nov 7 07:12:56 sauna sshd[37365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.61.214 Nov 7 07:12:58 sauna sshd[37365]: Failed password for invalid user xxx222 from 163.172.61.214 port 39208 ssh2 ... |
2019-11-07 13:18:11 |