City: Ufa
Region: Bashkortostan Republic
Country: Russia
Internet Service Provider: OJSC Ufanet
Hostname: unknown
Organization: OJSC Ufanet
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attackbots | Unauthorized connection attempt from IP address 81.30.219.144 on Port 445(SMB) |
2020-01-02 03:34:08 |
| attack | Unauthorized connection attempt from IP address 81.30.219.144 on Port 445(SMB) |
2019-09-14 02:57:33 |
| attackspambots | Unauthorized connection attempt from IP address 81.30.219.144 on Port 445(SMB) |
2019-08-15 10:48:12 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 81.30.219.88 | attackbotsspam | 20/6/14@23:56:08: FAIL: Alarm-Network address from=81.30.219.88 20/6/14@23:56:08: FAIL: Alarm-Network address from=81.30.219.88 ... |
2020-06-15 12:06:37 |
| 81.30.219.214 | attack | Honeypot attack, port: 445, PTR: 81.30.219.214.dynamic.ufanet.ru. |
2020-01-14 13:51:47 |
| 81.30.219.214 | attack | Unauthorized connection attempt from IP address 81.30.219.214 on Port 445(SMB) |
2019-11-23 03:21:27 |
| 81.30.219.88 | attackbotsspam | Unauthorized connection attempt from IP address 81.30.219.88 on Port 445(SMB) |
2019-09-05 19:07:14 |
| 81.30.219.214 | attackbotsspam | Unauthorized connection attempt from IP address 81.30.219.214 on Port 445(SMB) |
2019-07-02 04:18:40 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.30.219.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46217
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.30.219.144. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019040800 1800 900 604800 86400
;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 09 00:07:13 +08 2019
;; MSG SIZE rcvd: 117
144.219.30.81.in-addr.arpa domain name pointer 81.30.219.144.dynamic.ufanet.ru.
Server: 67.207.67.3
Address: 67.207.67.3#53
Non-authoritative answer:
144.219.30.81.in-addr.arpa name = 81.30.219.144.dynamic.ufanet.ru.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 89.129.17.5 | attackspambots | Apr 9 19:32:14 sachi sshd\[27250\]: Invalid user redmine from 89.129.17.5 Apr 9 19:32:14 sachi sshd\[27250\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.129.17.5 Apr 9 19:32:16 sachi sshd\[27250\]: Failed password for invalid user redmine from 89.129.17.5 port 58348 ssh2 Apr 9 19:40:09 sachi sshd\[28104\]: Invalid user gateway from 89.129.17.5 Apr 9 19:40:09 sachi sshd\[28104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.129.17.5 |
2020-04-10 14:29:54 |
| 200.56.43.208 | attackspambots | Apr 10 05:49:05 Ubuntu-1404-trusty-64-minimal sshd\[3179\]: Invalid user test from 200.56.43.208 Apr 10 05:49:05 Ubuntu-1404-trusty-64-minimal sshd\[3179\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.56.43.208 Apr 10 05:49:08 Ubuntu-1404-trusty-64-minimal sshd\[3179\]: Failed password for invalid user test from 200.56.43.208 port 59666 ssh2 Apr 10 05:56:09 Ubuntu-1404-trusty-64-minimal sshd\[10704\]: Invalid user zhangl from 200.56.43.208 Apr 10 05:56:09 Ubuntu-1404-trusty-64-minimal sshd\[10704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.56.43.208 |
2020-04-10 14:47:39 |
| 128.199.133.201 | attack | Apr 10 02:58:51 firewall sshd[12389]: Invalid user postgres from 128.199.133.201 Apr 10 02:58:53 firewall sshd[12389]: Failed password for invalid user postgres from 128.199.133.201 port 40109 ssh2 Apr 10 03:01:58 firewall sshd[12534]: Invalid user nobodymuiefazan123456 from 128.199.133.201 ... |
2020-04-10 14:14:29 |
| 222.186.169.194 | attackspambots | Apr 10 08:07:59 vmd48417 sshd[19870]: Failed password for root from 222.186.169.194 port 58360 ssh2 |
2020-04-10 14:10:23 |
| 129.211.147.123 | attackbots | $f2bV_matches |
2020-04-10 14:14:12 |
| 47.53.242.105 | attackbots | DATE:2020-04-10 05:56:25, IP:47.53.242.105, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2020-04-10 14:35:24 |
| 84.85.162.208 | attackspambots | 8089/tcp [2020-04-10]1pkt |
2020-04-10 14:09:21 |
| 91.134.142.57 | attack | 91.134.142.57 - - [10/Apr/2020:08:35:36 +0200] "POST /wp-login.php HTTP/1.0" 200 2195 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.134.142.57 - - [10/Apr/2020:08:35:36 +0200] "POST /wp-login.php HTTP/1.0" 200 2173 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-04-10 14:53:47 |
| 189.240.124.61 | attackspam | "Unauthorized connection attempt on SSHD detected" |
2020-04-10 14:20:12 |
| 77.40.3.214 | attackspambots | failed_logins |
2020-04-10 14:37:59 |
| 95.143.218.78 | attackbotsspam | Unauthorized access detected from black listed ip! |
2020-04-10 14:36:06 |
| 139.59.161.78 | attack | Apr 10 04:20:49 localhost sshd[81451]: Invalid user jurlenis from 139.59.161.78 port 15239 Apr 10 04:20:49 localhost sshd[81451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.161.78 Apr 10 04:20:49 localhost sshd[81451]: Invalid user jurlenis from 139.59.161.78 port 15239 Apr 10 04:20:50 localhost sshd[81451]: Failed password for invalid user jurlenis from 139.59.161.78 port 15239 ssh2 Apr 10 04:24:15 localhost sshd[81848]: Invalid user castis from 139.59.161.78 port 25786 ... |
2020-04-10 14:31:49 |
| 112.85.42.181 | attackspambots | 2020-04-10T04:31:25.366538rocketchat.forhosting.nl sshd[8183]: error: maximum authentication attempts exceeded for root from 112.85.42.181 port 41579 ssh2 [preauth] 2020-04-10T08:25:47.246558rocketchat.forhosting.nl sshd[11605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.181 user=root 2020-04-10T08:25:49.422456rocketchat.forhosting.nl sshd[11605]: Failed password for root from 112.85.42.181 port 19841 ssh2 ... |
2020-04-10 14:39:34 |
| 139.59.94.24 | attack | 2020-04-10T03:55:28.578279abusebot-8.cloudsearch.cf sshd[2008]: Invalid user deluge from 139.59.94.24 port 53690 2020-04-10T03:55:28.585470abusebot-8.cloudsearch.cf sshd[2008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.94.24 2020-04-10T03:55:28.578279abusebot-8.cloudsearch.cf sshd[2008]: Invalid user deluge from 139.59.94.24 port 53690 2020-04-10T03:55:30.275914abusebot-8.cloudsearch.cf sshd[2008]: Failed password for invalid user deluge from 139.59.94.24 port 53690 ssh2 2020-04-10T04:01:23.755187abusebot-8.cloudsearch.cf sshd[2370]: Invalid user deploy from 139.59.94.24 port 39768 2020-04-10T04:01:23.762752abusebot-8.cloudsearch.cf sshd[2370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.94.24 2020-04-10T04:01:23.755187abusebot-8.cloudsearch.cf sshd[2370]: Invalid user deploy from 139.59.94.24 port 39768 2020-04-10T04:01:25.523162abusebot-8.cloudsearch.cf sshd[2370]: Failed password ... |
2020-04-10 14:22:30 |
| 222.186.180.223 | attackspam | Apr 10 08:44:34 mail sshd\[4704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root Apr 10 08:44:35 mail sshd\[4704\]: Failed password for root from 222.186.180.223 port 8220 ssh2 Apr 10 08:44:46 mail sshd\[4704\]: Failed password for root from 222.186.180.223 port 8220 ssh2 ... |
2020-04-10 14:45:13 |