brute-force from your network / domain (5.105.48.66)

An attempt to brute-force account passwords over SSH/FTP by a machine in your domain or in your network has been detected. Attached are the host who attacks and time / date of activity. Please take the necessary action(s) to stop this activity immediately. If you have any questions please reply to this email.

Host of attacker: 5.105.48.66 => 5.105.48.66 => 5.105.48.66
Responsible email contacts: abuse@as210993.net,ripe@interlir.com
Attacked hosts in our Network: 37.228.159.234, 37.228.159.223, 37.228.159.44

Logfile entries (time is CE(S)T):
Tue Apr 18 00:26:37 2023: user: root service: ssh target: 37.228.159.44 source: 5.105.48.66
Tue Apr 18 00:26:30 2023: user: root service: ssh target: 37.228.159.234 source: 5.105.48.66
Tue Apr 18 00:26:18 2023: user: root service: ssh target: 37.228.159.223 source: 5.105.48.66
Tue Apr 18 00:25:17 2023: user: user service: ssh target: 37.228.159.44 source: 5.105.48.66
Tue Apr 18 00:25:10 2023: user: user service: ssh target: 37.228.159.234 source: 5.105.48.66
Tue Apr 18 00:24:58 2023: user: user service: ssh target: 37.228.159.223 source: 5.105.48.66
Tue Apr 18 00:23:50 2023: user: guest service: ssh target: 37.228.159.234 source: 5.105.48.66
Tue Apr 18 00:23:47 2023: user: guest service: ssh target: 37.228.159.44 source: 5.105.48.66
Tue Apr 18 00:23:38 2023: user: guest service: ssh target: 37.228.159.223 source: 5.105.48.66
Tue Apr 18 00:19:47 2023: user: ubuntu service: ssh target: 37.228.159.44 source: 5.105.48.66
Tue Apr 18 00:19:10 2023: user: ubuntu service: ssh target: 37.228.159.234 source: 5.105.48.66
Tue Apr 18 00:18:28 2023: user: ubuntu service: ssh target: 37.228.159.223 source: 5.105.48.66
...

Regards,
   Profihost AG Team