City: unknown
Region: unknown
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.138.168.35 | attackbotsspam | Auto Detect Rule! proto TCP (SYN), 45.138.168.35:34397->gjan.info:23, len 40 |
2020-10-01 02:57:33 |
| 45.138.168.35 | attackspam | [N3.H3.VM3] Port Scanner Detected Blocked by UFW |
2020-09-30 19:09:24 |
| 45.138.100.138 | attackbotsspam | Chat Spam |
2020-09-21 02:35:20 |
| 45.138.100.138 | attackspam | Chat Spam |
2020-09-20 18:36:13 |
| 45.138.172.125 | attackbotsspam | (pop3d) Failed POP3 login from 45.138.172.125 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 2 16:38:29 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user= |
2020-08-03 00:47:50 |
| 45.138.100.189 | attack | [TueJul2805:56:21.9668962020][:error][pid25791:tid47647209649920][client45.138.100.189:63459][client45.138.100.189]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\|WormlyBot\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(DisableifyouwanttoallowMSIE6\)"][severity"WARNING"][hostname"aquattrozampe.com"][uri"/"][unique_id"Xx@h5VSLNaAiDHoMIEPJhgAAABc"][TueJul2805:56:23.4414652020][:error][pid25921:tid47647176029952][client45.138.100.189:24279][client45.138.100.189]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\|WormlyBot\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Disableifyouwantt |
2020-07-28 13:34:26 |
| 45.138.157.60 | attackbotsspam | 2020-07-12 23:14:15 | |
| 45.138.147.108 | attackspam | DDOS - one of 48 separate Russian addresses (plus one Lithuanian) IP addresses used to attack our website by repeatedly attempting to download the same, large file. All requests had the same signature, RestSharp/106.11.4.0 |
2020-07-10 20:53:30 |
| 45.138.157.37 | attackbotsspam | Jun 18 06:31:03 www sshd[21141]: reveeclipse mapping checking getaddrinfo for nice.try.kid [45.138.157.37] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 18 06:31:03 www sshd[21141]: Invalid user rob from 45.138.157.37 Jun 18 06:31:03 www sshd[21141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.138.157.37 Jun 18 06:31:04 www sshd[21141]: Failed password for invalid user rob from 45.138.157.37 port 33136 ssh2 Jun 18 06:31:04 www sshd[21141]: Received disconnect from 45.138.157.37: 11: Bye Bye [preauth] Jun 18 07:16:54 www sshd[22290]: reveeclipse mapping checking getaddrinfo for nice.try.kid [45.138.157.37] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 18 07:16:54 www sshd[22290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.138.157.37 user=r.r Jun 18 07:16:56 www sshd[22290]: Failed password for r.r from 45.138.157.37 port 44444 ssh2 Jun 18 07:16:56 www sshd[22290]: Received disconnect fro........ ------------------------------- |
2020-06-18 20:58:17 |
| 45.138.101.207 | attackspambots | pinterest spam |
2020-06-14 02:07:31 |
| 45.138.100.247 | attackspambots | Chat Spam |
2020-06-13 17:38:30 |
| 45.138.100.129 | attackbots | Chat Spam |
2020-06-05 12:07:40 |
| 45.138.100.90 | attackbotsspam | Chat Spam |
2020-06-05 04:06:07 |
| 45.138.100.217 | attackspam | Chat Spam |
2020-06-04 23:23:27 |
| 45.138.100.47 | attack | Chat Spam |
2020-06-04 15:21:16 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.138.1.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56586
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;45.138.1.142. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025013000 1800 900 604800 86400
;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 18:47:23 CST 2025
;; MSG SIZE rcvd: 105
Host 142.1.138.45.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 142.1.138.45.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 146.185.175.132 | attackbotsspam | Sep 24 21:21:17 cp sshd[12352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.175.132 |
2019-09-25 05:00:33 |
| 200.145.153.172 | attackspam | Sep 24 17:17:56 plusreed sshd[26801]: Invalid user tx from 200.145.153.172 Sep 24 17:17:56 plusreed sshd[26801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.145.153.172 Sep 24 17:17:56 plusreed sshd[26801]: Invalid user tx from 200.145.153.172 Sep 24 17:17:58 plusreed sshd[26801]: Failed password for invalid user tx from 200.145.153.172 port 53520 ssh2 ... |
2019-09-25 05:25:11 |
| 62.28.34.125 | attackbots | Sep 24 22:15:51 microserver sshd[36794]: Invalid user oracle from 62.28.34.125 port 19509 Sep 24 22:15:51 microserver sshd[36794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.28.34.125 Sep 24 22:15:52 microserver sshd[36794]: Failed password for invalid user oracle from 62.28.34.125 port 19509 ssh2 Sep 24 22:22:44 microserver sshd[37554]: Invalid user jessie from 62.28.34.125 port 61210 Sep 24 22:22:44 microserver sshd[37554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.28.34.125 Sep 24 22:36:22 microserver sshd[39475]: Invalid user testing from 62.28.34.125 port 43828 Sep 24 22:36:22 microserver sshd[39475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.28.34.125 Sep 24 22:36:23 microserver sshd[39475]: Failed password for invalid user testing from 62.28.34.125 port 43828 ssh2 Sep 24 22:43:14 microserver sshd[40233]: Invalid user tlijani from 62.28.34.125 port 62945 Sep 2 |
2019-09-25 05:24:22 |
| 194.61.24.46 | attackbots | 20 attempts against mh-misbehave-ban on fire.magehost.pro |
2019-09-25 04:55:58 |
| 192.126.164.180 | attackbots | Unauthorized access detected from banned ip |
2019-09-25 05:00:50 |
| 201.187.102.178 | attackbots | Unauthorized connection attempt from IP address 201.187.102.178 on Port 445(SMB) |
2019-09-25 05:13:54 |
| 116.100.25.154 | attackbotsspam | Unauthorized connection attempt from IP address 116.100.25.154 on Port 445(SMB) |
2019-09-25 05:19:37 |
| 62.234.156.120 | attackbots | 2019-09-24T17:05:20.1479521495-001 sshd\[52099\]: Invalid user tomcat from 62.234.156.120 port 41056 2019-09-24T17:05:20.1585121495-001 sshd\[52099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.156.120 2019-09-24T17:05:22.6589561495-001 sshd\[52099\]: Failed password for invalid user tomcat from 62.234.156.120 port 41056 ssh2 2019-09-24T17:09:09.8044181495-001 sshd\[52411\]: Invalid user TeamSpeak from 62.234.156.120 port 57126 2019-09-24T17:09:09.8118601495-001 sshd\[52411\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.156.120 2019-09-24T17:09:11.7500991495-001 sshd\[52411\]: Failed password for invalid user TeamSpeak from 62.234.156.120 port 57126 ssh2 ... |
2019-09-25 05:21:11 |
| 49.128.174.226 | attack | Unauthorized connection attempt from IP address 49.128.174.226 on Port 445(SMB) |
2019-09-25 05:11:01 |
| 212.112.108.98 | attack | Sep 25 00:13:57 server sshd\[11943\]: Invalid user mailtest from 212.112.108.98 port 50438 Sep 25 00:13:57 server sshd\[11943\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.112.108.98 Sep 25 00:13:59 server sshd\[11943\]: Failed password for invalid user mailtest from 212.112.108.98 port 50438 ssh2 Sep 25 00:17:53 server sshd\[9332\]: Invalid user nagios1 from 212.112.108.98 port 33296 Sep 25 00:17:53 server sshd\[9332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.112.108.98 |
2019-09-25 05:29:28 |
| 218.94.136.90 | attackspam | auto-add |
2019-09-25 05:24:02 |
| 182.61.26.50 | attackbotsspam | ssh failed login |
2019-09-25 04:54:55 |
| 118.98.96.184 | attackbotsspam | Sep 24 22:47:59 localhost sshd\[31588\]: Invalid user freddy from 118.98.96.184 port 40997 Sep 24 22:47:59 localhost sshd\[31588\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.98.96.184 Sep 24 22:48:01 localhost sshd\[31588\]: Failed password for invalid user freddy from 118.98.96.184 port 40997 ssh2 |
2019-09-25 05:11:57 |
| 139.155.121.230 | attackspam | Sep 24 22:46:09 vps691689 sshd[10180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.121.230 Sep 24 22:46:11 vps691689 sshd[10180]: Failed password for invalid user ti from 139.155.121.230 port 35790 ssh2 ... |
2019-09-25 04:56:16 |
| 192.161.160.72 | attackspam | Unauthorized access detected from banned ip |
2019-09-25 05:00:02 |