95.91.162.45 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Vodafone Kabel Deutschland GmbH

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jan 20 07:12:21 legacy sshd[13063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.91.162.45 Jan 20 07:12:24 legacy sshd[13063]: Failed password for invalid user xing from 95.91.162.45 port 60630 ssh2 Jan 20 07:21:52 legacy sshd[13259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.91.162.45 ...	2020-01-20 14:25:15

Type

Details

Datetime

attack

Jan 20 07:12:21 legacy sshd[13063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.91.162.45
Jan 20 07:12:24 legacy sshd[13063]: Failed password for invalid user xing from 95.91.162.45 port 60630 ssh2
Jan 20 07:21:52 legacy sshd[13259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.91.162.45
...

2020-01-20 14:25:15

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 95.91.162.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27388
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;95.91.162.45.			IN	A

;; AUTHORITY SECTION:
.			578	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012000 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 20 14:25:12 CST 2020
;; MSG SIZE  rcvd: 116

Host info

45.162.91.95.in-addr.arpa domain name pointer ip5f5ba22d.dynamic.kabel-deutschland.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
45.162.91.95.in-addr.arpa	name = ip5f5ba22d.dynamic.kabel-deutschland.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
120.52.152.18	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-07-26 04:13:02
148.70.254.106	attackspam	Jul 25 21:25:47 rpi sshd[20108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.254.106 Jul 25 21:25:48 rpi sshd[20108]: Failed password for invalid user eric from 148.70.254.106 port 59904 ssh2	2019-07-26 03:31:59
94.28.56.6	attackbots	[portscan] Port scan	2019-07-26 03:37:33
112.167.87.5	attackspam	Caught in portsentry honeypot	2019-07-26 03:47:11
54.36.182.244	attackbots	Jul 25 21:29:46 meumeu sshd[14021]: Failed password for root from 54.36.182.244 port 44661 ssh2 Jul 25 21:33:49 meumeu sshd[4716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.182.244 Jul 25 21:33:51 meumeu sshd[4716]: Failed password for invalid user che from 54.36.182.244 port 40596 ssh2 ...	2019-07-26 03:45:52
186.248.151.178	attack	3389BruteforceFW21	2019-07-26 03:32:42
185.254.122.100	attackbots	25.07.2019 18:25:15 Connection to port 29901 blocked by firewall	2019-07-26 04:10:23
113.221.29.52	attack	FTP brute-force attack	2019-07-26 04:13:35
206.221.180.130	attackspambots	Jul 25 20:10:55 localhost sshd\[40335\]: Invalid user nec from 206.221.180.130 port 42658 Jul 25 20:10:55 localhost sshd\[40335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.221.180.130 ...	2019-07-26 03:51:31
217.145.40.61	attackspambots	DATE:2019-07-25 14:31:56, IP:217.145.40.61, PORT:ssh brute force auth on SSH service (patata)	2019-07-26 03:56:59
40.124.4.131	attackspambots	Jul 25 18:39:05 marvibiene sshd[18139]: Invalid user qhsupport from 40.124.4.131 port 50908 Jul 25 18:39:05 marvibiene sshd[18139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.124.4.131 Jul 25 18:39:05 marvibiene sshd[18139]: Invalid user qhsupport from 40.124.4.131 port 50908 Jul 25 18:39:06 marvibiene sshd[18139]: Failed password for invalid user qhsupport from 40.124.4.131 port 50908 ssh2 ...	2019-07-26 03:24:36
103.205.144.62	attack	2019-07-25 07:32:13 H=(lss.it) [103.205.144.62]:53112 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.11, 127.0.0.3) (https://www.spamhaus.org/query/ip/103.205.144.62) 2019-07-25 07:32:14 H=(lss.it) [103.205.144.62]:53112 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4, 127.0.0.11) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-07-25 07:32:14 H=(lss.it) [103.205.144.62]:53112 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4, 127.0.0.11) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2019-07-26 03:45:08
3.0.100.205	attack	DATE:2019-07-25 19:32:52, IP:3.0.100.205, PORT:ssh brute force auth on SSH service (patata)	2019-07-26 03:48:01
218.92.0.133	attack	Jul 25 21:24:04 arianus sshd\[29838\]: Unable to negotiate with 218.92.0.133 port 44050: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 \[preauth\] ...	2019-07-26 03:56:39
210.182.116.41	attack	Jul 25 22:01:53 SilenceServices sshd[31735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.182.116.41 Jul 25 22:01:55 SilenceServices sshd[31735]: Failed password for invalid user hiwi from 210.182.116.41 port 33804 ssh2 Jul 25 22:07:14 SilenceServices sshd[5146]: Failed password for root from 210.182.116.41 port 58022 ssh2	2019-07-26 04:09:51

Recently Reported IPs

98.195.217.61	45.136.108.111	167.249.44.118	101.51.223.125
94.67.104.229	140.249.20.167	159.203.188.165	106.12.46.181
99.83.30.219	110.78.23.133	36.71.114.181	49.255.173.110
195.228.45.176	84.17.50.214	183.213.26.26	180.242.72.238
177.91.80.15	101.87.106.224	180.244.232.33	124.127.185.178