City: Singapore
Region: unknown
Country: Singapore
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 52.221.241.210 | attack | Jun 17 07:19:22 mail sshd[20847]: Failed password for root from 52.221.241.210 port 46836 ssh2 Jun 17 07:25:42 mail sshd[20974]: Invalid user user from 52.221.241.210 port 45362 ... |
2020-06-17 14:29:00 |
| 52.221.207.239 | attackbotsspam | Lines containing failures of 52.221.207.239 Apr 18 22:14:23 shared05 sshd[26766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.221.207.239 user=r.r Apr 18 22:14:24 shared05 sshd[26766]: Failed password for r.r from 52.221.207.239 port 44846 ssh2 Apr 18 22:14:24 shared05 sshd[26766]: Received disconnect from 52.221.207.239 port 44846:11: Bye Bye [preauth] Apr 18 22:14:24 shared05 sshd[26766]: Disconnected from authenticating user r.r 52.221.207.239 port 44846 [preauth] Apr 18 22:19:44 shared05 sshd[28936]: Invalid user pu from 52.221.207.239 port 41626 Apr 18 22:19:44 shared05 sshd[28936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.221.207.239 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=52.221.207.239 |
2020-04-19 05:18:44 |
| 52.221.226.107 | attack | The IP has triggered Cloudflare WAF. CF-Ray: 541754bd7ea2c3a4 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: SG | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 | CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 04:19:41 |
| 52.221.24.54 | attackbots | Automatic report - XMLRPC Attack |
2019-10-23 20:44:49 |
| 52.221.240.65 | attackbotsspam | SSH/22 MH Probe, BF, Hack - |
2019-10-21 07:33:56 |
| 52.221.216.213 | attackbotsspam | Sep 19 20:34:25 MK-Soft-VM5 sshd\[8371\]: Invalid user faye from 52.221.216.213 port 56396 Sep 19 20:34:25 MK-Soft-VM5 sshd\[8371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.221.216.213 Sep 19 20:34:27 MK-Soft-VM5 sshd\[8371\]: Failed password for invalid user faye from 52.221.216.213 port 56396 ssh2 ... |
2019-09-20 05:31:31 |
| 52.221.227.130 | attackbots | Sep 5 13:09:55 hpm sshd\[20563\]: Invalid user wwwadmin from 52.221.227.130 Sep 5 13:09:55 hpm sshd\[20563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-52-221-227-130.ap-southeast-1.compute.amazonaws.com Sep 5 13:09:57 hpm sshd\[20563\]: Failed password for invalid user wwwadmin from 52.221.227.130 port 46323 ssh2 Sep 5 13:14:48 hpm sshd\[20948\]: Invalid user redmine from 52.221.227.130 Sep 5 13:14:48 hpm sshd\[20948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-52-221-227-130.ap-southeast-1.compute.amazonaws.com |
2019-09-06 07:26:34 |
| 52.221.240.4 | attack | 6443/tcp [2019-07-02]2pkt |
2019-07-03 05:05:48 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.221.2.171
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53290
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;52.221.2.171. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025121401 1800 900 604800 86400
;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 15 12:13:40 CST 2025
;; MSG SIZE rcvd: 105171.2.221.52.in-addr.arpa domain name pointer ec2-52-221-2-171.ap-southeast-1.compute.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
171.2.221.52.in-addr.arpa name = ec2-52-221-2-171.ap-southeast-1.compute.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 190.51.223.53 | attackspam | Lines containing failures of 190.51.223.53 Aug 27 01:31:29 shared11 sshd[21387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.51.223.53 user=r.r Aug 27 01:31:31 shared11 sshd[21387]: Failed password for r.r from 190.51.223.53 port 52327 ssh2 Aug 27 01:31:43 shared11 sshd[21387]: message repeated 5 serveres: [ Failed password for r.r from 190.51.223.53 port 52327 ssh2] Aug 27 01:31:43 shared11 sshd[21387]: error: maximum authentication attempts exceeded for r.r from 190.51.223.53 port 52327 ssh2 [preauth] Aug 27 01:31:43 shared11 sshd[21387]: Disconnecting authenticating user r.r 190.51.223.53 port 52327: Too many authentication failures [preauth] Aug 27 01:31:43 shared11 sshd[21387]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.51.223.53 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.51.223.53 |
2019-08-27 08:43:42 |
| 23.129.64.152 | attack | leo_www |
2019-08-27 08:45:17 |
| 49.88.112.80 | attackspambots | 08/26/2019-20:29:40.913509 49.88.112.80 Protocol: 6 ET SCAN Potential SSH Scan |
2019-08-27 08:45:35 |
| 117.50.25.196 | attack | Aug 27 00:26:14 mail sshd\[31804\]: Failed password for invalid user firma from 117.50.25.196 port 37250 ssh2 Aug 27 00:41:48 mail sshd\[32074\]: Invalid user webroot from 117.50.25.196 port 58804 Aug 27 00:41:48 mail sshd\[32074\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.25.196 ... |
2019-08-27 09:00:04 |
| 218.164.13.199 | attackbots | Telnet Server BruteForce Attack |
2019-08-27 08:53:21 |
| 188.226.129.78 | attackspam | scan z |
2019-08-27 09:25:23 |
| 23.129.64.191 | attackspambots | Aug 26 21:29:27 ny01 sshd[5840]: Failed password for sshd from 23.129.64.191 port 47926 ssh2 Aug 26 21:29:36 ny01 sshd[5840]: Failed password for sshd from 23.129.64.191 port 47926 ssh2 Aug 26 21:29:38 ny01 sshd[5840]: Failed password for sshd from 23.129.64.191 port 47926 ssh2 Aug 26 21:29:41 ny01 sshd[5840]: Failed password for sshd from 23.129.64.191 port 47926 ssh2 Aug 26 21:29:41 ny01 sshd[5840]: error: maximum authentication attempts exceeded for sshd from 23.129.64.191 port 47926 ssh2 [preauth] |
2019-08-27 09:30:15 |
| 168.181.185.6 | attackbots | Aug 27 07:12:59 our-server-hostname postfix/smtpd[5284]: connect from unknown[168.181.185.6] Aug x@x Aug 27 07:13:01 our-server-hostname postfix/smtpd[5284]: lost connection after RCPT from unknown[168.181.185.6] Aug 27 07:13:01 our-server-hostname postfix/smtpd[5284]: disconnect from unknown[168.181.185.6] Aug 27 07:14:30 our-server-hostname postfix/smtpd[5640]: connect from unknown[168.181.185.6] Aug 27 07:14:31 our-server-hostname postfix/smtpd[5640]: NOQUEUE: reject: RCPT from unknown[168.181.185.6]: 554 5.7.1 Service unavailable; Client host [168.181.185.6] blocke .... truncated .... Aug 27 07:12:59 our-server-hostname postfix/smtpd[5284]: connect from unknown[168.181.185.6] Aug x@x Aug 27 07:13:01 our-server-hostname postfix/smtpd[5284]: lost connection after RCPT from unknown[168.181.185.6] Aug 27 07:13:01 our-server-hostname postfix/smtpd[5284]: disconnect from unknown[168.181.185.6] Aug 27 07:14:30 our-server-hostname postfix/smtpd[5640]: connect from unknown........ ------------------------------- |
2019-08-27 09:05:29 |
| 114.43.29.46 | attackspam | Telnet Server BruteForce Attack |
2019-08-27 09:10:12 |
| 52.80.215.246 | attackbots | Aug 26 14:04:14 aiointranet sshd\[5386\]: Invalid user wu from 52.80.215.246 Aug 26 14:04:14 aiointranet sshd\[5386\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-52-80-215-246.cn-north-1.compute.amazonaws.com.cn Aug 26 14:04:16 aiointranet sshd\[5386\]: Failed password for invalid user wu from 52.80.215.246 port 33290 ssh2 Aug 26 14:06:52 aiointranet sshd\[5638\]: Invalid user wedding from 52.80.215.246 Aug 26 14:06:52 aiointranet sshd\[5638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-52-80-215-246.cn-north-1.compute.amazonaws.com.cn |
2019-08-27 09:23:25 |
| 37.11.52.241 | attackbotsspam | Aug 27 01:37:39 lvps92-51-164-246 sshd[9512]: Invalid user ubnt from 37.11.52.241 Aug 27 01:37:41 lvps92-51-164-246 sshd[9512]: Failed password for invalid user ubnt from 37.11.52.241 port 47936 ssh2 Aug 27 01:37:43 lvps92-51-164-246 sshd[9512]: Failed password for invalid user ubnt from 37.11.52.241 port 47936 ssh2 Aug 27 01:37:45 lvps92-51-164-246 sshd[9512]: Failed password for invalid user ubnt from 37.11.52.241 port 47936 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.11.52.241 |
2019-08-27 09:11:38 |
| 190.237.243.150 | attackspam | 2019-08-27 00:47:47 H=([190.237.243.150]) [190.237.243.150]:22947 I=[10.100.18.20]:25 F= |
2019-08-27 08:41:24 |
| 80.82.77.18 | attackspam | Aug 27 02:43:32 andromeda postfix/smtpd\[34594\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: authentication failure Aug 27 02:43:40 andromeda postfix/smtpd\[28138\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: authentication failure Aug 27 02:43:50 andromeda postfix/smtpd\[34592\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: authentication failure Aug 27 02:44:10 andromeda postfix/smtpd\[28138\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: authentication failure Aug 27 02:44:18 andromeda postfix/smtpd\[34594\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: authentication failure |
2019-08-27 08:44:28 |
| 66.249.65.83 | attackspam | Automatic report - Banned IP Access |
2019-08-27 09:21:08 |
| 134.73.76.129 | attack | Spam mails sent to address hacked/leaked from Nexus Mods in July 2013 |
2019-08-27 08:44:06 |