80.241.212.139

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Contabo GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SSH login attempts.	2020-03-28 04:45:38

Comments on same subnet:

IP	Type	Details	Datetime
80.241.212.137	attackspambots	Aug 16 13:49:22 rocket sshd[32217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.241.212.137 Aug 16 13:49:24 rocket sshd[32217]: Failed password for invalid user fabricio from 80.241.212.137 port 44936 ssh2 ...	2020-08-16 20:54:33
80.241.212.44	attackspam	Unauthorized connection attempt detected from IP address 80.241.212.44 to port 2212 [T]	2020-08-14 03:11:47
80.241.212.239	attack	Mar 25 15:13:43 finn sshd[7715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.241.212.239 user=mail Mar 25 15:13:44 finn sshd[7715]: Failed password for mail from 80.241.212.239 port 39440 ssh2 Mar 25 15:13:44 finn sshd[7715]: Received disconnect from 80.241.212.239 port 39440:11: Bye Bye [preauth] Mar 25 15:13:44 finn sshd[7715]: Disconnected from 80.241.212.239 port 39440 [preauth] Mar 25 15:19:48 finn sshd[8936]: Invalid user cw from 80.241.212.239 port 43472 Mar 25 15:19:48 finn sshd[8936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.241.212.239 Mar 25 15:19:50 finn sshd[8936]: Failed password for invalid user cw from 80.241.212.239 port 43472 ssh2 Mar 25 15:19:50 finn sshd[8936]: Received disconnect from 80.241.212.239 port 43472:11: Bye Bye [preauth] Mar 25 15:19:50 finn sshd[8936]: Disconnected from 80.241.212.239 port 43472 [preauth] ........ ----------------------------------------------- https://www.block	2020-03-26 06:35:44
80.241.212.182	attackbots	Mar 23 09:04:35 localhost sshd\[14875\]: Invalid user ftpuser from 80.241.212.182 port 61280 Mar 23 09:04:35 localhost sshd\[14875\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.241.212.182 Mar 23 09:04:38 localhost sshd\[14875\]: Failed password for invalid user ftpuser from 80.241.212.182 port 61280 ssh2	2020-03-23 21:02:29
80.241.212.2	attackspam	DE bad_bot	2020-02-14 20:53:07
80.241.212.209	attackspambots	Oct 20 12:15:09 amida sshd[281469]: Address 80.241.212.209 maps to mail.crowncloud.de, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 20 12:15:09 amida sshd[281469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.241.212.209 user=r.r Oct 20 12:15:11 amida sshd[281469]: Failed password for r.r from 80.241.212.209 port 35140 ssh2 Oct 20 12:15:11 amida sshd[281469]: Received disconnect from 80.241.212.209: 11: Bye Bye [preauth] Oct 20 12:25:39 amida sshd[283868]: Address 80.241.212.209 maps to mail.crowncloud.de, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 20 12:25:39 amida sshd[283868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.241.212.209 user=r.r Oct 20 12:25:41 amida sshd[283868]: Failed password for r.r from 80.241.212.209 port 55832 ssh2 Oct 20 12:25:41 amida sshd[283868]: Received disconnect from 80.241.212.209: 11........ -------------------------------	2019-10-20 21:55:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.241.212.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40821
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.241.212.139.			IN	A

;; AUTHORITY SECTION:
.			343	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032701 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 04:45:34 CST 2020
;; MSG SIZE  rcvd: 118

Host info

139.212.241.80.in-addr.arpa domain name pointer vmi361540.contaboserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.212.241.80.in-addr.arpa	name = vmi361540.contaboserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.86.141.14	attackbotsspam	Honeypot attack, port: 81, PTR: PTR record not found	2020-06-12 04:07:38
140.246.182.127	attackspambots	2020-06-11T15:44:30.8322931495-001 sshd[59705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.182.127 user=root 2020-06-11T15:44:32.6763901495-001 sshd[59705]: Failed password for root from 140.246.182.127 port 36802 ssh2 2020-06-11T15:47:18.5278261495-001 sshd[59820]: Invalid user dingdong from 140.246.182.127 port 49694 2020-06-11T15:47:18.5306971495-001 sshd[59820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.182.127 2020-06-11T15:47:18.5278261495-001 sshd[59820]: Invalid user dingdong from 140.246.182.127 port 49694 2020-06-11T15:47:20.1045551495-001 sshd[59820]: Failed password for invalid user dingdong from 140.246.182.127 port 49694 ssh2 ...	2020-06-12 04:11:06
88.201.94.160	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-12 03:43:15
156.96.106.52	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-06-12 03:50:35
106.12.28.157	attackspam	Jun 11 18:59:31 sso sshd[14728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.157 Jun 11 18:59:33 sso sshd[14728]: Failed password for invalid user wangqiang from 106.12.28.157 port 42426 ssh2 ...	2020-06-12 04:08:45
218.92.0.145	attack	Jun 11 21:27:36 legacy sshd[513]: Failed password for root from 218.92.0.145 port 60455 ssh2 Jun 11 21:27:49 legacy sshd[513]: error: maximum authentication attempts exceeded for root from 218.92.0.145 port 60455 ssh2 [preauth] Jun 11 21:28:16 legacy sshd[534]: Failed password for root from 218.92.0.145 port 42996 ssh2 ...	2020-06-12 03:37:15
197.44.193.171	attackspam	Honeypot attack, port: 445, PTR: host-197.44.193.171-static.tedata.net.	2020-06-12 04:12:34
212.64.111.18	attackbots	Jun 11 20:01:52 abendstille sshd\[21069\]: Invalid user ggg from 212.64.111.18 Jun 11 20:01:52 abendstille sshd\[21069\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.111.18 Jun 11 20:01:54 abendstille sshd\[21069\]: Failed password for invalid user ggg from 212.64.111.18 port 57318 ssh2 Jun 11 20:03:18 abendstille sshd\[22610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.111.18 user=root Jun 11 20:03:20 abendstille sshd\[22610\]: Failed password for root from 212.64.111.18 port 43088 ssh2 ...	2020-06-12 03:58:37
187.225.227.125	attack	Jun 11 13:56:15 scw-6657dc sshd[7756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.225.227.125 Jun 11 13:56:15 scw-6657dc sshd[7756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.225.227.125 Jun 11 13:56:16 scw-6657dc sshd[7756]: Failed password for invalid user gitlab-runner from 187.225.227.125 port 4238 ssh2 ...	2020-06-12 04:04:02
51.210.90.108	attackbots	Jun 11 14:25:07 lnxmail61 postfix/submission/smtpd[22909]: lost connection after CONNECT from [munged]:[51.210.90.108] Jun 11 14:25:09 lnxmail61 postfix/smtps/smtpd[22792]: lost connection after CONNECT from [munged]:[51.210.90.108] Jun 11 14:25:12 lnxmail61 postfix/smtpd[20056]: lost connection after CONNECT from [munged]:[51.210.90.108] Jun 11 14:25:12 lnxmail61 postfix/submission/smtpd[22909]: lost connection after CONNECT from [munged]:[51.210.90.108] Jun 11 14:25:12 lnxmail61 postfix/smtps/smtpd[14953]: lost connection after CONNECT from [munged]:[51.210.90.108] Jun 11 14:25:12 lnxmail61 postfix/smtpd[12012]: lost connection after CONNECT from [munged]:[51.210.90.108]	2020-06-12 03:52:22
95.6.93.108	attack	TCP (SYN) 95.6.93.108:56729 -> port 80, len 44	2020-06-12 03:55:13
45.143.223.112	attack	Triggered: repeated knocking on closed ports.	2020-06-12 03:59:28
222.220.162.172	attack	IP 222.220.162.172 attacked honeypot on port: 1433 at 6/11/2020 1:09:24 PM	2020-06-12 03:44:00
112.165.254.215	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-06-12 03:41:47
114.34.16.44	attackbots	Honeypot attack, port: 81, PTR: 114-34-16-44.HINET-IP.hinet.net.	2020-06-12 03:39:40

Recently Reported IPs

20.207.145.5	78.186.183.93	186.106.89.49	129.215.38.82
88.248.157.71	83.235.133.121	100.204.167.232	36.68.238.119
102.33.157.39	225.157.136.170	21.13.153.94	148.219.132.148
80.173.154.169	78.240.105.205	208.62.17.107	113.181.123.3
176.34.109.34	185.141.10.13	91.28.36.61	200.93.102.74