81.30.208.171 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC Ufanet

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt from IP address 81.30.208.171 on Port 445(SMB)	2020-09-22 17:57:18

Comments on same subnet:

IP	Type	Details	Datetime
81.30.208.114	attackspam	Attempted connection to port 971.	2020-08-30 16:58:32
81.30.208.114	attack	Port Scan ...	2020-08-30 01:51:28
81.30.208.114	attackbotsspam	Jul 19 09:47:39 debian-2gb-nbg1-2 kernel: \[17403405.165014\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=81.30.208.114 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=57979 PROTO=TCP SPT=24747 DPT=23 WINDOW=13299 RES=0x00 SYN URGP=0	2020-07-19 22:41:06
81.30.208.254	attack	Unauthorized connection attempt detected from IP address 81.30.208.254 to port 80 [T]	2020-06-24 01:54:58
81.30.208.24	attackspam	Mar 11 21:48:33 silence02 sshd[31751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.208.24 Mar 11 21:48:35 silence02 sshd[31751]: Failed password for invalid user omn from 81.30.208.24 port 55840 ssh2 Mar 11 21:53:06 silence02 sshd[31946]: Failed password for root from 81.30.208.24 port 47090 ssh2	2020-03-12 07:36:52
81.30.208.24	attackspambots	2020-03-06T11:16:19.891759abusebot-7.cloudsearch.cf sshd[7095]: Invalid user amandabackup from 81.30.208.24 port 46582 2020-03-06T11:16:19.895775abusebot-7.cloudsearch.cf sshd[7095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.208.24.static.ufanet.ru 2020-03-06T11:16:19.891759abusebot-7.cloudsearch.cf sshd[7095]: Invalid user amandabackup from 81.30.208.24 port 46582 2020-03-06T11:16:21.658187abusebot-7.cloudsearch.cf sshd[7095]: Failed password for invalid user amandabackup from 81.30.208.24 port 46582 ssh2 2020-03-06T11:20:43.895700abusebot-7.cloudsearch.cf sshd[7319]: Invalid user oracle from 81.30.208.24 port 35352 2020-03-06T11:20:43.900256abusebot-7.cloudsearch.cf sshd[7319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.208.24.static.ufanet.ru 2020-03-06T11:20:43.895700abusebot-7.cloudsearch.cf sshd[7319]: Invalid user oracle from 81.30.208.24 port 35352 2020-03-06T11:20:45.899361ab ...	2020-03-06 20:36:34
81.30.208.30	attack	spam	2020-03-01 19:22:26
81.30.208.24	attackbotsspam	Feb 25 22:07:16 server sshd\[18039\]: Invalid user openvpn from 81.30.208.24 Feb 25 22:07:16 server sshd\[18039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.208.24.static.ufanet.ru Feb 25 22:07:18 server sshd\[18039\]: Failed password for invalid user openvpn from 81.30.208.24 port 41624 ssh2 Feb 25 22:10:10 server sshd\[18702\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.208.24.static.ufanet.ru user=root Feb 25 22:10:12 server sshd\[18702\]: Failed password for root from 81.30.208.24 port 34916 ssh2 ...	2020-02-26 03:14:10
81.30.208.24	attackspambots	Feb 14 00:17:11 ns382633 sshd\[30422\]: Invalid user char from 81.30.208.24 port 56698 Feb 14 00:17:11 ns382633 sshd\[30422\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.208.24 Feb 14 00:17:14 ns382633 sshd\[30422\]: Failed password for invalid user char from 81.30.208.24 port 56698 ssh2 Feb 14 00:25:08 ns382633 sshd\[31727\]: Invalid user char from 81.30.208.24 port 38418 Feb 14 00:25:08 ns382633 sshd\[31727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.208.24	2020-02-14 09:05:01
81.30.208.30	attack	Autoban 81.30.208.30 AUTH/CONNECT	2020-02-14 06:43:47
81.30.208.107	attackbots	Unauthorized connection attempt from IP address 81.30.208.107 on Port 445(SMB)	2020-01-18 01:23:09
81.30.208.114	attackspambots	Unauthorized connection attempt detected from IP address 81.30.208.114 to port 80	2019-12-31 20:40:07
81.30.208.30	attackspam	email spam	2019-12-19 19:04:16
81.30.208.30	attack	email spam	2019-12-17 17:31:11
81.30.208.114	attackbots	Oct 25 00:35:31 MK-Soft-VM4 sshd[29505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.208.114 Oct 25 00:35:33 MK-Soft-VM4 sshd[29505]: Failed password for invalid user eo from 81.30.208.114 port 56973 ssh2 ...	2019-10-25 07:31:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.30.208.171
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58583
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.30.208.171.			IN	A

;; AUTHORITY SECTION:
.			323	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092101 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 22 17:57:11 CST 2020
;; MSG SIZE  rcvd: 117

Host info

171.208.30.81.in-addr.arpa domain name pointer nik.ufanet.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
171.208.30.81.in-addr.arpa	name = nik.ufanet.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.128.101.79	attackbots	178.128.101.79 - - \[04/May/2020:07:38:59 +0200\] "POST /wp-login.php HTTP/1.0" 200 6718 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 178.128.101.79 - - \[04/May/2020:07:39:03 +0200\] "POST /wp-login.php HTTP/1.0" 200 6548 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 178.128.101.79 - - \[04/May/2020:07:39:06 +0200\] "POST /wp-login.php HTTP/1.0" 200 6542 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-04 16:20:02
180.169.129.180	attackspam	SSH Brute-Force reported by Fail2Ban	2020-05-04 16:32:04
122.51.100.64	attackbots	" "	2020-05-04 16:34:00
86.0.219.88	attackbotsspam	Access non existent file	2020-05-04 16:24:45
87.251.74.60	attackbots	May 4 10:28:23 debian-2gb-nbg1-2 kernel: \[10839803.500574\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.60 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=35118 PROTO=TCP SPT=56662 DPT=30567 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-04 16:31:39
114.6.57.130	attack	SSH/22 MH Probe, BF, Hack -	2020-05-04 15:58:29
51.91.125.136	attackbots	2020-05-04T09:22:18.952297amanda2.illicoweb.com sshd\[32842\]: Invalid user www-data from 51.91.125.136 port 56562 2020-05-04T09:22:18.956652amanda2.illicoweb.com sshd\[32842\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.ip-51-91-125.eu 2020-05-04T09:22:20.823141amanda2.illicoweb.com sshd\[32842\]: Failed password for invalid user www-data from 51.91.125.136 port 56562 ssh2 2020-05-04T09:29:39.177788amanda2.illicoweb.com sshd\[33124\]: Invalid user ismael from 51.91.125.136 port 44440 2020-05-04T09:29:39.183583amanda2.illicoweb.com sshd\[33124\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.ip-51-91-125.eu ...	2020-05-04 15:59:52
167.172.207.139	attackbots	May 4 06:05:26 ip-172-31-62-245 sshd\[32414\]: Invalid user ytg from 167.172.207.139\ May 4 06:05:28 ip-172-31-62-245 sshd\[32414\]: Failed password for invalid user ytg from 167.172.207.139 port 45846 ssh2\ May 4 06:09:09 ip-172-31-62-245 sshd\[32565\]: Invalid user admin from 167.172.207.139\ May 4 06:09:12 ip-172-31-62-245 sshd\[32565\]: Failed password for invalid user admin from 167.172.207.139 port 54410 ssh2\ May 4 06:12:51 ip-172-31-62-245 sshd\[32627\]: Invalid user centos from 167.172.207.139\	2020-05-04 16:29:08
195.154.184.196	attackbots	$f2bV_matches	2020-05-04 16:13:31
192.34.57.157	attack	2020-05-04T10:12:16.801805hz01.yumiweb.com sshd\[3616\]: Invalid user admin from 192.34.57.157 port 44328 2020-05-04T10:12:19.189633hz01.yumiweb.com sshd\[3618\]: Invalid user Cisco from 192.34.57.157 port 51220 2020-05-04T10:12:21.637536hz01.yumiweb.com sshd\[3620\]: Invalid user cisco from 192.34.57.157 port 55050 ...	2020-05-04 16:15:22
162.243.165.140	attackbotsspam	(sshd) Failed SSH login from 162.243.165.140 (US/United States/-): 5 in the last 3600 secs	2020-05-04 16:08:12
221.133.18.115	attack	DATE:2020-05-04 09:46:01, IP:221.133.18.115, PORT:ssh SSH brute force auth (docker-dc)	2020-05-04 15:54:33
110.78.145.193	attackbots	1588564446 - 05/04/2020 05:54:06 Host: 110.78.145.193/110.78.145.193 Port: 445 TCP Blocked	2020-05-04 16:14:05
51.68.121.235	attack	May 4 10:22:18 hosting sshd[20015]: Invalid user team1 from 51.68.121.235 port 50910 ...	2020-05-04 16:16:05
198.199.91.162	attackbots	May 4 09:22:06 server sshd[10754]: Failed password for invalid user zimbra from 198.199.91.162 port 37094 ssh2 May 4 09:37:01 server sshd[12599]: Failed password for root from 198.199.91.162 port 38436 ssh2 May 4 09:40:42 server sshd[12908]: Failed password for invalid user can from 198.199.91.162 port 47782 ssh2	2020-05-04 16:16:43

Recently Reported IPs

139.155.20.7	84.178.177.212	40.127.91.91	213.154.76.3
139.180.208.42	128.199.20.26	118.70.72.185	39.73.238.63
189.88.242.75	128.61.24.18	113.180.205.130	200.14.46.237
198.65.255.183	89.235.77.54	81.68.209.225	176.184.45.211
31.43.15.165	49.244.21.174	38.21.115.26	175.158.225.222