81.161.67.134 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Czechia

Internet Service Provider: GEMNET s.r.o.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Aug 27 04:26:04 mail.srvfarm.net postfix/smtpd[1314738]: warning: unknown[81.161.67.134]: SASL PLAIN authentication failed: Aug 27 04:26:04 mail.srvfarm.net postfix/smtpd[1314738]: lost connection after AUTH from unknown[81.161.67.134] Aug 27 04:34:11 mail.srvfarm.net postfix/smtps/smtpd[1314660]: warning: unknown[81.161.67.134]: SASL PLAIN authentication failed: Aug 27 04:34:11 mail.srvfarm.net postfix/smtps/smtpd[1314660]: lost connection after AUTH from unknown[81.161.67.134] Aug 27 04:35:33 mail.srvfarm.net postfix/smtps/smtpd[1333102]: warning: unknown[81.161.67.134]: SASL PLAIN authentication failed:	2020-08-28 09:35:39

Type

Details

Datetime

attackbotsspam

Aug 27 04:26:04 mail.srvfarm.net postfix/smtpd[1314738]: warning: unknown[81.161.67.134]: SASL PLAIN authentication failed: 
Aug 27 04:26:04 mail.srvfarm.net postfix/smtpd[1314738]: lost connection after AUTH from unknown[81.161.67.134]
Aug 27 04:34:11 mail.srvfarm.net postfix/smtps/smtpd[1314660]: warning: unknown[81.161.67.134]: SASL PLAIN authentication failed: 
Aug 27 04:34:11 mail.srvfarm.net postfix/smtps/smtpd[1314660]: lost connection after AUTH from unknown[81.161.67.134]
Aug 27 04:35:33 mail.srvfarm.net postfix/smtps/smtpd[1333102]: warning: unknown[81.161.67.134]: SASL PLAIN authentication failed:

2020-08-28 09:35:39

Comments on same subnet:

IP	Type	Details	Datetime
81.161.67.88	attack	Attempted Brute Force (dovecot)	2020-09-18 01:40:35
81.161.67.90	attackbotsspam	Sep 16 18:39:40 mail.srvfarm.net postfix/smtps/smtpd[3603056]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed: Sep 16 18:39:40 mail.srvfarm.net postfix/smtps/smtpd[3603056]: lost connection after AUTH from unknown[81.161.67.90] Sep 16 18:43:50 mail.srvfarm.net postfix/smtpd[3603171]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed: Sep 16 18:43:50 mail.srvfarm.net postfix/smtpd[3603171]: lost connection after AUTH from unknown[81.161.67.90] Sep 16 18:44:18 mail.srvfarm.net postfix/smtpd[3601766]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed:	2020-09-18 01:40:05
81.161.67.88	attackspam	Attempted Brute Force (dovecot)	2020-09-17 17:42:15
81.161.67.90	attack	Sep 16 18:39:40 mail.srvfarm.net postfix/smtps/smtpd[3603056]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed: Sep 16 18:39:40 mail.srvfarm.net postfix/smtps/smtpd[3603056]: lost connection after AUTH from unknown[81.161.67.90] Sep 16 18:43:50 mail.srvfarm.net postfix/smtpd[3603171]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed: Sep 16 18:43:50 mail.srvfarm.net postfix/smtpd[3603171]: lost connection after AUTH from unknown[81.161.67.90] Sep 16 18:44:18 mail.srvfarm.net postfix/smtpd[3601766]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed:	2020-09-17 17:41:44
81.161.67.194	attackspambots	SASL PLAIN auth failed: ruser=...	2020-09-15 23:24:20
81.161.67.194	attackspambots	SASL PLAIN auth failed: ruser=...	2020-09-15 15:17:24
81.161.67.194	attackbotsspam	SASL PLAIN auth failed: ruser=...	2020-09-15 07:23:56
81.161.67.161	attackspam	(smtpauth) Failed SMTP AUTH login from 81.161.67.161 (CZ/Czechia/static67-161.gemnet.cz): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-31 08:22:51 plain authenticator failed for ([81.161.67.161]) [81.161.67.161]: 535 Incorrect authentication data (set_id=peter@fmc-co.com)	2020-08-31 16:28:08
81.161.67.187	attackbotsspam	Aug 27 04:40:07 mail.srvfarm.net postfix/smtps/smtpd[1331222]: warning: unknown[81.161.67.187]: SASL PLAIN authentication failed: Aug 27 04:40:07 mail.srvfarm.net postfix/smtps/smtpd[1331222]: lost connection after AUTH from unknown[81.161.67.187] Aug 27 04:46:13 mail.srvfarm.net postfix/smtps/smtpd[1335343]: warning: unknown[81.161.67.187]: SASL PLAIN authentication failed: Aug 27 04:46:13 mail.srvfarm.net postfix/smtps/smtpd[1335343]: lost connection after AUTH from unknown[81.161.67.187] Aug 27 04:48:12 mail.srvfarm.net postfix/smtps/smtpd[1337554]: warning: unknown[81.161.67.187]: SASL PLAIN authentication failed:	2020-08-28 09:20:23
81.161.67.234	attackspam	Aug 27 15:45:15 mail.srvfarm.net postfix/smtpd[1615176]: warning: unknown[81.161.67.234]: SASL PLAIN authentication failed: Aug 27 15:45:15 mail.srvfarm.net postfix/smtpd[1615176]: lost connection after AUTH from unknown[81.161.67.234] Aug 27 15:46:31 mail.srvfarm.net postfix/smtps/smtpd[1612977]: warning: unknown[81.161.67.234]: SASL PLAIN authentication failed: Aug 27 15:46:31 mail.srvfarm.net postfix/smtps/smtpd[1612977]: lost connection after AUTH from unknown[81.161.67.234] Aug 27 15:48:27 mail.srvfarm.net postfix/smtpd[1615959]: warning: unknown[81.161.67.234]: SASL PLAIN authentication failed:	2020-08-28 09:19:56
81.161.67.106	attackbotsspam	Unauthorized connection attempt IP: 81.161.67.106 Ports affected Message Submission (587) Abuse Confidence rating 54% ASN Details AS59479 GEMNET s.r.o. Czechia (CZ) CIDR 81.161.64.0/20 Log Date: 18/08/2020 11:52:01 AM UTC	2020-08-19 03:01:52
81.161.67.106	attack	Aug 17 05:16:18 mail.srvfarm.net postfix/smtps/smtpd[2599218]: warning: unknown[81.161.67.106]: SASL PLAIN authentication failed: Aug 17 05:16:18 mail.srvfarm.net postfix/smtps/smtpd[2599218]: lost connection after AUTH from unknown[81.161.67.106] Aug 17 05:20:12 mail.srvfarm.net postfix/smtpd[2597245]: warning: unknown[81.161.67.106]: SASL PLAIN authentication failed: Aug 17 05:20:12 mail.srvfarm.net postfix/smtpd[2597245]: lost connection after AUTH from unknown[81.161.67.106] Aug 17 05:20:56 mail.srvfarm.net postfix/smtpd[2597247]: warning: unknown[81.161.67.106]: SASL PLAIN authentication failed:	2020-08-17 12:23:19
81.161.67.205	attackbotsspam	Brute force attempt	2020-08-17 06:12:04
81.161.67.131	attack	Aug 16 05:48:16 mail.srvfarm.net postfix/smtpd[1910319]: warning: unknown[81.161.67.131]: SASL PLAIN authentication failed: Aug 16 05:48:16 mail.srvfarm.net postfix/smtpd[1910319]: lost connection after AUTH from unknown[81.161.67.131] Aug 16 05:50:01 mail.srvfarm.net postfix/smtpd[1907574]: warning: unknown[81.161.67.131]: SASL PLAIN authentication failed: Aug 16 05:50:01 mail.srvfarm.net postfix/smtpd[1907574]: lost connection after AUTH from unknown[81.161.67.131] Aug 16 05:50:11 mail.srvfarm.net postfix/smtpd[1907801]: warning: unknown[81.161.67.131]: SASL PLAIN authentication failed:	2020-08-16 12:29:12
81.161.67.95	attackbotsspam	Attempts against SMTP/SSMTP	2020-08-10 12:06:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.161.67.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10304
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.161.67.134.			IN	A

;; AUTHORITY SECTION:
.			302	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082702 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 28 09:35:36 CST 2020
;; MSG SIZE  rcvd: 117

Host info

134.67.161.81.in-addr.arpa domain name pointer static67-134.gemnet.cz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
134.67.161.81.in-addr.arpa	name = static67-134.gemnet.cz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.99.113.35	attackbots	Jul 25 13:52:20 TORMINT sshd\[17476\]: Invalid user redis from 103.99.113.35 Jul 25 13:52:20 TORMINT sshd\[17476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.99.113.35 Jul 25 13:52:23 TORMINT sshd\[17476\]: Failed password for invalid user redis from 103.99.113.35 port 36520 ssh2 ...	2019-07-26 02:07:02
157.119.222.245	attackbotsspam	Automatic report - Banned IP Access	2019-07-26 01:27:56
165.227.201.223	attackspam	Spam-Mail Received: from ns1.stopdistributionusa.pw ([165.227.201.223])	2019-07-26 02:12:56
77.224.123.58	attack	SSH Bruteforce	2019-07-26 01:36:15
54.202.50.6	attack	RDP Bruteforce	2019-07-26 02:14:35
139.59.92.10	attackbotsspam	Jul 25 18:58:39 ns3367391 sshd\[3328\]: Invalid user oracle from 139.59.92.10 port 50262 Jul 25 18:58:39 ns3367391 sshd\[3328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.10 ...	2019-07-26 01:30:25
123.31.20.81	attackbots	123.31.20.81 - - [25/Jul/2019:16:36:12 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 123.31.20.81 - - [25/Jul/2019:16:36:13 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 123.31.20.81 - - [25/Jul/2019:16:36:14 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 123.31.20.81 - - [25/Jul/2019:16:36:15 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 123.31.20.81 - - [25/Jul/2019:16:36:16 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 123.31.20.81 - - [25/Jul/2019:16:36:17 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-26 02:05:52
139.59.191.22	attackspambots	Jul 25 14:18:35 plusreed sshd[11843]: Invalid user git from 139.59.191.22 ...	2019-07-26 02:34:51
83.4.114.54	attack	Automatic report - Port Scan Attack	2019-07-26 02:07:47
119.90.89.90	attack	Jul 25 19:42:20 * sshd[1275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.89.90 Jul 25 19:42:22 * sshd[1275]: Failed password for invalid user bertrand from 119.90.89.90 port 50700 ssh2	2019-07-26 02:24:54
5.199.130.188	attackbots	Request: "GET /wp-login.php?action=register HTTP/1.1" Request: "GET /index.php?option=com_usertask=register HTTP/1.1" Request: "GET /user/register HTTP/1.1" Request: "GET / HTTP/1.1" Request: "GET / HTTP/1.1" Request: "GET /index.php?option=com_usertask=register HTTP/1.1" Request: "GET /?option=com_usertask=register HTTP/1.1"	2019-07-26 02:29:52
134.209.100.31	attackspambots	Jul 25 18:41:47 fr01 sshd[9861]: Invalid user mariana from 134.209.100.31 ...	2019-07-26 01:48:55
58.229.253.139	attackspam	Jul 25 18:43:46 nextcloud sshd\[13092\]: Invalid user dana from 58.229.253.139 Jul 25 18:43:46 nextcloud sshd\[13092\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.229.253.139 Jul 25 18:43:48 nextcloud sshd\[13092\]: Failed password for invalid user dana from 58.229.253.139 port 39606 ssh2 ...	2019-07-26 01:40:55
218.92.0.194	attackbots	2019-07-25T15:41:08.864029abusebot-7.cloudsearch.cf sshd\[26811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.194 user=root	2019-07-26 01:25:40
51.68.70.175	attackbots	Jul 25 20:07:46 SilenceServices sshd[29172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.70.175 Jul 25 20:07:47 SilenceServices sshd[29172]: Failed password for invalid user juan from 51.68.70.175 port 35224 ssh2 Jul 25 20:12:00 SilenceServices sshd[1905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.70.175	2019-07-26 02:32:28

Recently Reported IPs

68.183.131.88	95.169.14.31	58.216.8.133	167.99.237.96
193.56.28.245	58.217.157.36	91.64.216.146	62.36.20.184
58.216.199.243	131.249.92.71	125.43.158.252	34.105.173.203
239.14.48.27	231.174.100.255	109.200.55.117	121.35.170.228
37.143.53.207	41.66.28.105	187.178.164.49	163.172.61.93