City: unknown
Region: unknown
Country: Germany
Internet Service Provider: Strato AG
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | Feb 16 10:54:30 h2065291 sshd[11989]: Did not receive identification string from 81.169.238.144 Feb 16 10:54:32 h2065291 sshd[11993]: Failed password for r.r from 81.169.238.144 port 41550 ssh2 Feb 16 10:54:32 h2065291 sshd[11993]: Connection closed by 81.169.238.144 [preauth] Feb 16 10:54:32 h2065291 sshd[11999]: Failed password for r.r from 81.169.238.144 port 41567 ssh2 Feb 16 10:54:32 h2065291 sshd[11995]: Failed password for r.r from 81.169.238.144 port 41553 ssh2 Feb 16 10:54:32 h2065291 sshd[11999]: Connection closed by 81.169.238.144 [preauth] Feb 16 10:54:32 h2065291 sshd[11995]: Connection closed by 81.169.238.144 [preauth] Feb 16 10:54:32 h2065291 sshd[11992]: Failed password for r.r from 81.169.238.144 port 41549 ssh2 Feb 16 10:54:32 h2065291 sshd[11992]: Connection closed by 81.169.238.144 [preauth] Feb 16 10:54:32 h2065291 sshd[11998]: Failed password for r.r from 81.169.238.144 port 41564 ssh2 Feb 16 10:54:32 h2065291 sshd[11998]: Connection closed by 81......... ------------------------------- |
2020-02-17 05:49:35 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 81.169.238.130 | attackspam | 2020-01-18 19:40:10,127 fail2ban.actions: WARNING [ssh] Ban 81.169.238.130 |
2020-01-19 03:29:52 |
| 81.169.238.234 | attackbotsspam | port scan and connect, tcp 22 (ssh) |
2019-11-23 18:09:38 |
| 81.169.238.109 | attack | Sep 10 05:02:43 legacy sshd[7456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.169.238.109 Sep 10 05:02:45 legacy sshd[7456]: Failed password for invalid user ts from 81.169.238.109 port 38126 ssh2 Sep 10 05:07:58 legacy sshd[7602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.169.238.109 ... |
2019-09-10 16:03:26 |
| 81.169.238.109 | attack | Sep 10 02:55:55 legacy sshd[3720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.169.238.109 Sep 10 02:55:57 legacy sshd[3720]: Failed password for invalid user ts3server from 81.169.238.109 port 43342 ssh2 Sep 10 03:01:06 legacy sshd[3864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.169.238.109 ... |
2019-09-10 09:03:04 |
| 81.169.238.109 | attack | SSH Brute Force, server-1 sshd[6597]: Failed password for invalid user ftpadmin from 81.169.238.109 port 60210 ssh2 |
2019-09-06 14:38:11 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.169.238.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24496
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.169.238.144. IN A
;; AUTHORITY SECTION:
. 387 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020021601 1800 900 604800 86400
;; Query time: 143 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 05:49:32 CST 2020
;; MSG SIZE rcvd: 118144.238.169.81.in-addr.arpa domain name pointer h2545162.stratoserver.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
144.238.169.81.in-addr.arpa name = h2545162.stratoserver.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 91.233.117.113 | attackbotsspam | Brute forcing RDP port 3389 |
2019-08-19 02:33:54 |
| 118.25.152.121 | attack | Triggered by Fail2Ban at Vostok web server |
2019-08-19 02:46:19 |
| 91.134.173.103 | attackspam | 2019-08-18T14:13:20.816231abusebot-6.cloudsearch.cf sshd\[22410\]: Invalid user vagrant from 91.134.173.103 port 37989 |
2019-08-19 03:04:30 |
| 165.227.77.120 | attackspambots | Aug 18 14:09:20 XXX sshd[12106]: Invalid user sruser from 165.227.77.120 port 54612 |
2019-08-19 02:43:28 |
| 201.251.11.25 | attackspam | Aug 18 20:10:48 andromeda sshd\[19057\]: Invalid user frosty from 201.251.11.25 port 52938 Aug 18 20:10:48 andromeda sshd\[19057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.251.11.25 Aug 18 20:10:50 andromeda sshd\[19057\]: Failed password for invalid user frosty from 201.251.11.25 port 52938 ssh2 |
2019-08-19 02:40:17 |
| 87.107.78.226 | attack | Unauthorized connection attempt from IP address 87.107.78.226 on Port 445(SMB) |
2019-08-19 02:43:06 |
| 75.134.60.130 | attackbotsspam | Lines containing failures of 75.134.60.130 Aug 18 09:47:18 *** sshd[23756]: Invalid user marry from 75.134.60.130 port 33516 Aug 18 09:47:18 *** sshd[23756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.134.60.130 Aug 18 09:47:20 *** sshd[23756]: Failed password for invalid user marry from 75.134.60.130 port 33516 ssh2 Aug 18 09:47:20 *** sshd[23756]: Received disconnect from 75.134.60.130 port 33516:11: Bye Bye [preauth] Aug 18 09:47:20 *** sshd[23756]: Disconnected from invalid user marry 75.134.60.130 port 33516 [preauth] Aug 18 10:02:26 *** sshd[24620]: Invalid user 777 from 75.134.60.130 port 46414 Aug 18 10:02:26 *** sshd[24620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.134.60.130 Aug 18 10:02:27 *** sshd[24620]: Failed password for invalid user 777 from 75.134.60.130 port 46414 ssh2 Aug 18 10:02:28 *** sshd[24620]: Received disconnect from 75.134.60.130 port 46414:11: B........ ------------------------------ |
2019-08-19 02:57:07 |
| 92.234.114.90 | attack | Fail2Ban Ban Triggered |
2019-08-19 03:00:17 |
| 117.232.69.54 | attack | Unauthorized connection attempt from IP address 117.232.69.54 on Port 445(SMB) |
2019-08-19 02:24:34 |
| 122.118.116.204 | attack | 23/tcp [2019-08-18]1pkt |
2019-08-19 02:24:05 |
| 52.184.29.61 | attackspam | Aug 18 08:48:40 hanapaa sshd\[9145\]: Invalid user gww from 52.184.29.61 Aug 18 08:48:40 hanapaa sshd\[9145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.184.29.61 Aug 18 08:48:42 hanapaa sshd\[9145\]: Failed password for invalid user gww from 52.184.29.61 port 3008 ssh2 Aug 18 08:55:19 hanapaa sshd\[9748\]: Invalid user teamspeak from 52.184.29.61 Aug 18 08:55:19 hanapaa sshd\[9748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.184.29.61 |
2019-08-19 03:11:08 |
| 103.79.164.192 | attackbotsspam | : |
2019-08-19 02:44:24 |
| 122.165.149.75 | attackbots | Aug 18 13:13:35 aat-srv002 sshd[27181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.149.75 Aug 18 13:13:37 aat-srv002 sshd[27181]: Failed password for invalid user guest3 from 122.165.149.75 port 35242 ssh2 Aug 18 13:18:52 aat-srv002 sshd[27323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.149.75 Aug 18 13:18:53 aat-srv002 sshd[27323]: Failed password for invalid user zabbix from 122.165.149.75 port 52520 ssh2 ... |
2019-08-19 03:10:03 |
| 128.199.216.13 | attackspam | Aug 18 23:47:28 lcl-usvr-02 sshd[14502]: Invalid user distcache from 128.199.216.13 port 34542 Aug 18 23:47:28 lcl-usvr-02 sshd[14502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.216.13 Aug 18 23:47:28 lcl-usvr-02 sshd[14502]: Invalid user distcache from 128.199.216.13 port 34542 Aug 18 23:47:31 lcl-usvr-02 sshd[14502]: Failed password for invalid user distcache from 128.199.216.13 port 34542 ssh2 Aug 18 23:52:10 lcl-usvr-02 sshd[15559]: Invalid user thiago from 128.199.216.13 port 51582 ... |
2019-08-19 02:42:07 |
| 51.77.148.57 | attackbotsspam | Aug 18 21:33:23 srv-4 sshd\[24591\]: Invalid user manu from 51.77.148.57 Aug 18 21:33:23 srv-4 sshd\[24591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.148.57 Aug 18 21:33:25 srv-4 sshd\[24591\]: Failed password for invalid user manu from 51.77.148.57 port 43126 ssh2 ... |
2019-08-19 02:35:54 |