City: unknown
Region: unknown
Country: Netherlands
Internet Service Provider: 3NT Solutions LLP
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | WP Authentication failure |
2019-07-15 18:24:20 |
| attackspam | SQL Injection Exploit Attempts |
2019-07-01 05:07:03 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 5.45.68.133 | attackbotsspam | ET CINS Active Threat Intelligence Poor Reputation IP group 5 - port: 55611 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-01 07:26:06 |
| 5.45.68.133 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 5 - port: 55608 proto: tcp cat: Misc Attackbytes: 60 |
2020-09-30 23:53:40 |
| 5.45.68.133 | attackspambots | (PERMBLOCK) 5.45.68.133 (NL/Netherlands/-) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: |
2020-09-30 16:19:14 |
| 5.45.68.189 | attackbotsspam | Dear Sir / Madam, Yesterday, my close friend (Simona Simova) was contacted via fake Facebook profile to be informed that she has a profile on a escort website. While researching via the German phone number used in the advert, we have came across more ads. These profiles are created without her permission and she is now very upset. Here is a list of the profiles we have found: - https://escortsofia.info/de/sia-11/ (5.45.68.189) - https://escortsofia.info/de/eleonora-8/ (5.45.68.189) - https://escortinberlin.info/eleonora-3/ (5.45.68.189) - https://escortinberlin.info/sia-2/ (5.45.68.189) We have already hired a lawyer in Germany who will escalate the issue to the authorities. |
2020-04-24 03:31:08 |
| 5.45.68.15 | attackspambots | "Unrouteable address" |
2020-03-28 08:32:57 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.45.68.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8040
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.45.68.19. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019063001 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 01 05:06:58 CST 2019
;; MSG SIZE rcvd: 114
Host 19.68.45.5.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 19.68.45.5.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.119.213.175 | attack | blogonese.net 45.119.213.175 \[25/Jun/2019:08:52:47 +0200\] "POST /wp-login.php HTTP/1.1" 200 5772 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" blogonese.net 45.119.213.175 \[25/Jun/2019:08:52:49 +0200\] "POST /wp-login.php HTTP/1.1" 200 5732 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-06-25 21:46:34 |
| 89.36.224.10 | attack | 0,47-01/01 concatform PostRequest-Spammer scoring: lisboa |
2019-06-25 21:36:02 |
| 118.70.81.202 | attackspam | Unauthorized connection attempt from IP address 118.70.81.202 on Port 445(SMB) |
2019-06-25 21:51:36 |
| 218.64.17.86 | attack | SMB Server BruteForce Attack |
2019-06-25 21:59:51 |
| 180.121.90.40 | attack | 2019-06-25T06:36:25.295559 X postfix/smtpd[11524]: warning: unknown[180.121.90.40]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T08:52:29.452797 X postfix/smtpd[30084]: warning: unknown[180.121.90.40]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T08:52:46.336848 X postfix/smtpd[30084]: warning: unknown[180.121.90.40]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2019-06-25 21:47:03 |
| 179.107.9.236 | attackspam | SMTP-sasl brute force ... |
2019-06-25 22:23:09 |
| 113.160.99.84 | attackspam | Unauthorized connection attempt from IP address 113.160.99.84 on Port 445(SMB) |
2019-06-25 22:23:46 |
| 123.16.237.145 | attack | Unauthorized connection attempt from IP address 123.16.237.145 on Port 445(SMB) |
2019-06-25 22:19:10 |
| 36.71.232.99 | attackbots | Unauthorized connection attempt from IP address 36.71.232.99 on Port 445(SMB) |
2019-06-25 21:53:18 |
| 222.186.136.64 | attackspam | Jun 25 12:06:08 srv03 sshd\[16049\]: Invalid user cndunda from 222.186.136.64 port 34726 Jun 25 12:06:08 srv03 sshd\[16049\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.136.64 Jun 25 12:06:10 srv03 sshd\[16049\]: Failed password for invalid user cndunda from 222.186.136.64 port 34726 ssh2 |
2019-06-25 22:05:11 |
| 204.48.17.40 | attackspam | www.xn--netzfundstckderwoche-yec.de 204.48.17.40 \[25/Jun/2019:08:53:41 +0200\] "POST /wp-login.php HTTP/1.1" 200 5660 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.xn--netzfundstckderwoche-yec.de 204.48.17.40 \[25/Jun/2019:08:53:45 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4094 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-06-25 21:24:48 |
| 213.183.115.70 | attackbots | DATE:2019-06-25 10:40:15, IP:213.183.115.70, PORT:ssh SSH brute force auth (ermes) |
2019-06-25 21:54:27 |
| 148.70.77.22 | attackbots | $f2bV_matches |
2019-06-25 22:13:59 |
| 46.118.166.77 | attackspam | TCP port 445 (SMB) attempt blocked by firewall. [2019-06-25 08:50:44] |
2019-06-25 22:25:58 |
| 129.204.200.85 | attackspam | Jun 25 11:44:50 mail sshd[13665]: Invalid user hang from 129.204.200.85 Jun 25 11:44:50 mail sshd[13665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.200.85 Jun 25 11:44:50 mail sshd[13665]: Invalid user hang from 129.204.200.85 Jun 25 11:44:53 mail sshd[13665]: Failed password for invalid user hang from 129.204.200.85 port 51852 ssh2 Jun 25 12:00:46 mail sshd[15905]: Invalid user hadoop from 129.204.200.85 ... |
2019-06-25 21:30:34 |