City: unknown
Region: unknown
Country: Germany
Internet Service Provider: myLoc managed IT AG
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | scan r |
2019-11-05 02:14:35 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 85.14.245.40 | attack | lfd: (smtpauth) Failed SMTP AUTH login from 85.14.245.40 (srv83039.dus2.fastwebserver.de): 5 in the last 3600 secs - Sun Jul 22 08:27:34 2018 |
2020-02-24 23:10:49 |
| 85.14.245.154 | attackbots | Repeated RDP login failures. Last user: alex |
2020-02-22 04:57:34 |
| 85.14.245.149 | attackbots | Honeypot hit. |
2019-10-24 06:54:14 |
| 85.14.245.156 | attack | webserver:80 [09/Oct/2019] "\x03" 400 0 webserver:80 [09/Oct/2019] "\x03" 400 0 webserver:80 [08/Oct/2019] "\x03" 400 0 |
2019-10-10 04:49:24 |
| 85.14.245.221 | attackbots | rdp |
2019-10-05 00:04:30 |
| 85.14.245.149 | attack | Many RDP login attempts detected by IDS script |
2019-07-18 11:05:40 |
| 85.14.245.158 | attackbotsspam | Bruteforcing port 3389 (Remote Desktop) - Exceed maximum 10 attempts/hour |
2019-07-14 09:35:56 |
| 85.14.245.157 | attack | 3389BruteforceFW22 |
2019-07-01 03:59:03 |
| 85.14.245.221 | attackspambots | RDP Brute-Force (Grieskirchen RZ1) |
2019-06-23 03:30:05 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.14.245.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25508
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.14.245.153. IN A
;; AUTHORITY SECTION:
. 221 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019110401 1800 900 604800 86400
;; Query time: 127 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 05 02:14:32 CST 2019
;; MSG SIZE rcvd: 117153.245.14.85.in-addr.arpa domain name pointer srv84072.dus2.fastwebserver.de.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
153.245.14.85.in-addr.arpa name = srv84072.dus2.fastwebserver.de.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 117.6.133.222 | attack | Unauthorized connection attempt detected from IP address 117.6.133.222 to port 445 |
2020-01-07 05:12:45 |
| 51.255.219.220 | attackbotsspam | firewall-block, port(s): 1433/tcp |
2020-01-07 05:19:25 |
| 222.186.175.216 | attack | Jan 7 00:11:52 server sshd\[14576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.216 user=root Jan 7 00:11:53 server sshd\[14576\]: Failed password for root from 222.186.175.216 port 56090 ssh2 Jan 7 00:11:56 server sshd\[14576\]: Failed password for root from 222.186.175.216 port 56090 ssh2 Jan 7 00:11:59 server sshd\[14576\]: Failed password for root from 222.186.175.216 port 56090 ssh2 Jan 7 00:12:02 server sshd\[14576\]: Failed password for root from 222.186.175.216 port 56090 ssh2 ... |
2020-01-07 05:13:14 |
| 198.98.52.141 | attackspambots | (sshd) Failed SSH login from 198.98.52.141 (US/United States/EAST.CDN.EXILESERVERS.COM): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jan 6 21:59:15 blur sshd[27268]: Invalid user postgres from 198.98.52.141 port 40318 Jan 6 21:59:15 blur sshd[27264]: Invalid user tester from 198.98.52.141 port 40306 Jan 6 21:59:15 blur sshd[27270]: Invalid user vagrant from 198.98.52.141 port 40316 Jan 6 21:59:15 blur sshd[27267]: Invalid user vsftp from 198.98.52.141 port 40328 Jan 6 21:59:15 blur sshd[27273]: Invalid user test from 198.98.52.141 port 40326 |
2020-01-07 05:04:54 |
| 116.252.0.53 | attack | Bad bot requested remote resources |
2020-01-07 05:21:13 |
| 183.129.160.229 | attackbotsspam | Jan 6 21:52:35 debian-2gb-nbg1-2 kernel: \[603274.038474\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=183.129.160.229 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=111 ID=6844 PROTO=TCP SPT=32701 DPT=23910 WINDOW=29200 RES=0x00 SYN URGP=0 |
2020-01-07 04:53:27 |
| 211.103.154.6 | attackbotsspam | Unauthorized connection attempt detected from IP address 211.103.154.6 to port 1433 [T] |
2020-01-07 04:50:49 |
| 220.248.196.135 | attackspambots | Unauthorized connection attempt detected from IP address 220.248.196.135 to port 1433 [T] |
2020-01-07 04:49:58 |
| 82.223.77.7 | attackspambots | Mail sent to address hacked/leaked from atari.st |
2020-01-07 05:09:15 |
| 222.137.8.166 | attackspam | Unauthorized connection attempt detected from IP address 222.137.8.166 to port 2323 [J] |
2020-01-07 04:49:13 |
| 49.49.234.146 | attack | Unauthorized connection attempt detected from IP address 49.49.234.146 to port 2222 [T] |
2020-01-07 04:43:23 |
| 49.235.52.126 | attackspambots | Jan 6 22:05:57 legacy sshd[15537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.52.126 Jan 6 22:05:58 legacy sshd[15537]: Failed password for invalid user serverpilotuser from 49.235.52.126 port 37076 ssh2 Jan 6 22:08:58 legacy sshd[15780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.52.126 ... |
2020-01-07 05:09:46 |
| 45.134.179.20 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2020-01-07 05:15:59 |
| 180.250.162.9 | attackbotsspam | Jan 6 21:50:28 root sshd[17543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.162.9 Jan 6 21:50:30 root sshd[17543]: Failed password for invalid user administrator from 180.250.162.9 port 2304 ssh2 Jan 6 21:54:12 root sshd[17577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.162.9 ... |
2020-01-07 04:56:49 |
| 154.85.38.58 | attackspam | (sshd) Failed SSH login from 154.85.38.58 (US/United States/California/Los Angeles/-/[AS55967 Beijing Baidu Netcom Science and Technology Co., Ltd.]): 1 in the last 3600 secs |
2020-01-07 04:57:53 |