City: Bratislava
Region: Bratislava
Country: Slovakia
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| spamattacknormal | inetnum: 80.150.168.0 - 80.150.171.255
netname: DTAG-TRANSIT14
descr: Deutsche Telekom AG
descr: for IP-Transit
org: ORG-DTAG1-RIPE
country: DE
admin-c: DTIP
tech-c: DTST
status: ASSIGNED PA
remarks: INFRA-AW
mnt-by: DTAG-NIC
created: 2010-12-09T12:27:25Z
last-modified: 2014-06-19T08:59:54Z
source: RIPE
organisation: ORG-DTAG1-RIPE
org-name: Deutsche Telekom AG
org-type: OTHER
address: Group Information Security, SDA/Abuse
address: T-Online-Allee 1
address: DE 64295 Darmstadt
remarks: abuse contact in case of Spam,
hack attacks, illegal activity,
violation, scans, probes, etc. |
2020-12-18 16:19:47 |
| attacknormal | inetnum: 80.150.168.0 - 80.150.171.255
netname: DTAG-TRANSIT14
descr: Deutsche Telekom AG
descr: for IP-Transit
org: ORG-DTAG1-RIPE
country: DE
admin-c: DTIP
tech-c: DTST
status: ASSIGNED PA
remarks: INFRA-AW
mnt-by: DTAG-NIC
created: 2010-12-09T12:27:25Z
last-modified: 2014-06-19T08:59:54Z
source: RIPE
organisation: ORG-DTAG1-RIPE
org-name: Deutsche Telekom AG
org-type: OTHER
address: Group Information Security, SDA/Abuse
address: T-Online-Allee 1
address: DE 64295 Darmstadt
remarks: abuse contact in case of Spam,
hack attacks, illegal activity,
violation, scans, probes, etc. |
2020-12-18 16:19:34 |
| spamattacknormal | inetnum: 80.150.168.0 - 80.150.171.255
netname: DTAG-TRANSIT14
descr: Deutsche Telekom AG
descr: for IP-Transit
org: ORG-DTAG1-RIPE
country: DE
admin-c: DTIP
tech-c: DTST
status: ASSIGNED PA
remarks: INFRA-AW
mnt-by: DTAG-NIC
created: 2010-12-09T12:27:25Z
last-modified: 2014-06-19T08:59:54Z
source: RIPE
organisation: ORG-DTAG1-RIPE
org-name: Deutsche Telekom AG
org-type: OTHER
address: Group Information Security, SDA/Abuse
address: T-Online-Allee 1
address: DE 64295 Darmstadt
remarks: abuse contact in case of Spam,
hack attacks, illegal activity,
violation, scans, probes, etc. |
2020-12-18 16:19:34 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 91.228.167.109 | attackspambots | The IP has triggered Cloudflare WAF. CF-Ray: 54304dbb9947cba0 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: SK | CF_IPClass: unknown | Protocol: HTTP/1.0 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.16 Safari/537.36 | CF_DC: VIE. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-12 04:05:25 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.228.167.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36573
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.228.167.19. IN A
;; AUTHORITY SECTION:
. 290 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020121800 1800 900 604800 86400
;; Query time: 18 msec
;; SERVER: 183.60.82.98#53(183.60.82.98)
;; WHEN: Fri Dec 18 16:38:03 CST 2020
;; MSG SIZE rcvd: 117
19.167.228.91.in-addr.arpa domain name pointer h3-play01-v.eset.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
19.167.228.91.in-addr.arpa name = h3-play01-v.eset.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 113.184.222.15 | attack | Unauthorized connection attempt from IP address 113.184.222.15 on Port 445(SMB) |
2020-03-11 11:35:55 |
| 129.226.134.112 | attack | Mar 11 04:09:40 markkoudstaal sshd[13494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.134.112 Mar 11 04:09:42 markkoudstaal sshd[13494]: Failed password for invalid user edl from 129.226.134.112 port 52218 ssh2 Mar 11 04:15:42 markkoudstaal sshd[14501]: Failed password for root from 129.226.134.112 port 36892 ssh2 |
2020-03-11 11:25:47 |
| 180.244.28.28 | attackspam | Unauthorized connection attempt from IP address 180.244.28.28 on Port 445(SMB) |
2020-03-11 11:13:29 |
| 222.75.0.197 | attack | Mar 11 03:56:26 lock-38 sshd[15971]: Failed password for invalid user admin from 222.75.0.197 port 42378 ssh2 ... |
2020-03-11 11:10:58 |
| 182.253.242.226 | attackbots | Unauthorized connection attempt from IP address 182.253.242.226 on Port 445(SMB) |
2020-03-11 11:08:40 |
| 194.26.29.124 | attackbotsspam | 03/10/2020-23:01:45.455996 194.26.29.124 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-03-11 11:16:13 |
| 92.63.194.106 | attackbotsspam | 2020-03-11T02:21:26.294642shield sshd\[1788\]: Invalid user user from 92.63.194.106 port 33721 2020-03-11T02:21:26.303971shield sshd\[1788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.106 2020-03-11T02:21:28.323057shield sshd\[1788\]: Failed password for invalid user user from 92.63.194.106 port 33721 ssh2 2020-03-11T02:21:43.965394shield sshd\[1870\]: Invalid user guest from 92.63.194.106 port 42383 2020-03-11T02:21:43.974863shield sshd\[1870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.106 |
2020-03-11 11:24:21 |
| 36.83.106.160 | attackbots | 1583895170 - 03/11/2020 03:52:50 Host: 36.83.106.160/36.83.106.160 Port: 445 TCP Blocked |
2020-03-11 11:13:00 |
| 113.168.187.188 | attackbotsspam | Unauthorized connection attempt from IP address 113.168.187.188 on Port 445(SMB) |
2020-03-11 11:10:28 |
| 167.71.216.44 | attackspambots | (sshd) Failed SSH login from 167.71.216.44 (SG/Singapore/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 11 04:03:34 ubnt-55d23 sshd[28361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.216.44 user=root Mar 11 04:03:37 ubnt-55d23 sshd[28361]: Failed password for root from 167.71.216.44 port 46120 ssh2 |
2020-03-11 11:11:46 |
| 54.39.98.253 | attackbots | 2020-03-10T20:15:30.187867linuxbox-skyline sshd[13421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.98.253 user=root 2020-03-10T20:15:32.668275linuxbox-skyline sshd[13421]: Failed password for root from 54.39.98.253 port 33404 ssh2 ... |
2020-03-11 11:20:54 |
| 103.10.66.68 | attackspam | Unauthorized connection attempt from IP address 103.10.66.68 on Port 445(SMB) |
2020-03-11 11:08:58 |
| 92.63.194.91 | attackbotsspam | Unauthorized connection attempt detected from IP address 92.63.194.91 to port 1723 [T] |
2020-03-11 11:03:40 |
| 45.125.65.35 | attackspambots | Mar 11 03:42:59 srv01 postfix/smtpd\[32212\]: warning: unknown\[45.125.65.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 11 03:43:15 srv01 postfix/smtpd\[32212\]: warning: unknown\[45.125.65.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 11 03:47:19 srv01 postfix/smtpd\[2520\]: warning: unknown\[45.125.65.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 11 03:48:02 srv01 postfix/smtpd\[32212\]: warning: unknown\[45.125.65.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 11 03:50:12 srv01 postfix/smtpd\[3002\]: warning: unknown\[45.125.65.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-03-11 10:58:10 |
| 199.243.83.251 | attackbotsspam | Scan detected 2020.03.11 03:15:38 blocked until 2020.04.05 00:47:01 |
2020-03-11 11:11:24 |