City: unknown
Region: unknown
Country: Germany
Internet Service Provider: Deutsche Forschungsgemeinschaft E.V.
Hostname: unknown
Organization: unknown
Usage Type: Commercial
| Type | Details | Datetime |
|---|---|---|
| attackbots | Sending out 419 type spam emails from IP 83.143.6.22 (dfg.de) Appears to be some kind of German based science research organization that has a security breech right now. https://www.dfg.de/en/ Deutsche Forschungsgemeinschaft (DFG) German Research Foundation Kennedyallee 40 53175 Bonn, Germany Telephone: +49 (228) 885-1 Telefax +49 (228) 885-2777 E-Mail: postmaster -[at]- dfg.de Website: http://www.dfg.de Also try sending emails to berlin -[at]- dfg.de, Ina.Sauer -[at]- dfg.de, cornelia.lossau -[at]- dfg.de, katharina.juergensen -[at]- dfg.de, certbund -[at]- bsi.bund.de, cert -[at]- dfn-cert.de " I am happy to inform you that your funds the sum of US$10,500,000.00. was moved out of London, to the bank of America International Clearing House New York (BOAICH) I have sent you several emails notifications which returned back as failure delivery." |
2019-10-21 17:33:24 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 83.143.6.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25000
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;83.143.6.22. IN A
;; AUTHORITY SECTION:
. 429 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019102100 1800 900 604800 86400
;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 17:33:20 CST 2019
;; MSG SIZE rcvd: 115
22.6.143.83.in-addr.arpa domain name pointer ms2.dfg.de.
Server: 183.60.82.98
Address: 183.60.82.98#53
Non-authoritative answer:
*** Can't find 22.6.143.83.in-addr.arpa.: No answer
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.248.126.170 | attackbots | Invalid user vdn from 104.248.126.170 port 41466 |
2020-03-31 22:10:58 |
| 106.12.70.118 | attackspam | Mar 31 16:44:39 jane sshd[5275]: Failed password for root from 106.12.70.118 port 37330 ssh2 ... |
2020-03-31 22:53:51 |
| 212.220.211.86 | attack | 445/tcp [2020-03-31]1pkt |
2020-03-31 22:08:14 |
| 219.73.51.238 | attackbotsspam | Honeypot attack, port: 5555, PTR: n219073051238.netvigator.com. |
2020-03-31 22:53:01 |
| 122.51.240.151 | attackbotsspam | Mar 31 15:18:18 haigwepa sshd[4990]: Failed password for root from 122.51.240.151 port 40964 ssh2 ... |
2020-03-31 22:28:13 |
| 69.90.201.165 | attackspam | Total attacks: 4 |
2020-03-31 23:13:06 |
| 51.75.17.122 | attackbots | Mar 31 10:32:53 vps46666688 sshd[31618]: Failed password for root from 51.75.17.122 port 47038 ssh2 ... |
2020-03-31 23:12:30 |
| 157.36.47.82 | attackbotsspam | 1433/tcp [2020-03-31]1pkt |
2020-03-31 22:08:45 |
| 110.78.149.158 | attackbotsspam | Honeypot attack, port: 445, PTR: PTR record not found |
2020-03-31 22:46:58 |
| 192.236.200.88 | attackbotsspam | 2020-03-31 07:33:26 H=(mail.blodsugg.rest) [192.236.200.88]:36272 I=[192.147.25.65]:25 F= |
2020-03-31 22:56:14 |
| 118.163.229.158 | attackspambots | Lines containing failures of 118.163.229.158 Mar 31 07:35:28 shared04 sshd[1853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.229.158 user=r.r Mar 31 07:35:29 shared04 sshd[1853]: Failed password for r.r from 118.163.229.158 port 48960 ssh2 Mar 31 07:35:30 shared04 sshd[1853]: Received disconnect from 118.163.229.158 port 48960:11: Bye Bye [preauth] Mar 31 07:35:30 shared04 sshd[1853]: Disconnected from authenticating user r.r 118.163.229.158 port 48960 [preauth] Mar 31 07:50:28 shared04 sshd[6719]: Invalid user music from 118.163.229.158 port 48772 Mar 31 07:50:28 shared04 sshd[6719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.229.158 Mar 31 07:50:31 shared04 sshd[6719]: Failed password for invalid user music from 118.163.229.158 port 48772 ssh2 Mar 31 07:50:31 shared04 sshd[6719]: Received disconnect from 118.163.229.158 port 48772:11: Bye Bye [preauth] Mar 31 07:5........ ------------------------------ |
2020-03-31 22:14:59 |
| 148.72.65.10 | attack | Mar 31 16:53:21 haigwepa sshd[10354]: Failed password for root from 148.72.65.10 port 38744 ssh2 ... |
2020-03-31 22:58:24 |
| 69.158.207.141 | attackspam | Mar 31 14:15:29 raspberrypi sshd\[25140\]: Invalid user spark from 69.158.207.141 port 34200 Mar 31 14:15:50 raspberrypi sshd\[25210\]: Invalid user spark from 69.158.207.141 port 48490 Mar 31 14:16:11 raspberrypi sshd\[25275\]: Invalid user spark from 69.158.207.141 port 34547 ... |
2020-03-31 22:25:14 |
| 91.215.90.90 | attackbotsspam | 82/tcp [2020-03-31]1pkt |
2020-03-31 22:16:51 |
| 191.241.38.82 | attackspam | 139/tcp 445/tcp [2020-03-31]2pkt |
2020-03-31 22:23:07 |