173.249.30.204

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Contabo GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized admin access - /admin/	2020-04-10 08:46:00

Comments on same subnet:

IP	Type	Details	Datetime
173.249.30.147	attackbots	Excessive crawling : exceed crawl-delay defined in robots.txt	2020-08-11 00:46:17
173.249.30.84	attackspambots	run attacks on the service SSH	2020-04-23 06:38:18
173.249.30.85	attack	Looking for resource vulnerabilities	2019-07-19 16:10:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 173.249.30.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62422
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;173.249.30.204.			IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040903 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 10 08:45:57 CST 2020
;; MSG SIZE  rcvd: 118

Host info

204.30.249.173.in-addr.arpa domain name pointer vps.livemedia.mk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
204.30.249.173.in-addr.arpa	name = vps.livemedia.mk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
69.229.6.43	attack	20 attempts against mh-ssh on echoip.magehost.pro	2019-12-05 15:27:33
218.92.0.181	attackbots	Dec 5 07:09:24 hcbbdb sshd\[12989\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.181 user=root Dec 5 07:09:25 hcbbdb sshd\[12989\]: Failed password for root from 218.92.0.181 port 25717 ssh2 Dec 5 07:09:39 hcbbdb sshd\[12989\]: Failed password for root from 218.92.0.181 port 25717 ssh2 Dec 5 07:09:43 hcbbdb sshd\[13022\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.181 user=root Dec 5 07:09:45 hcbbdb sshd\[13022\]: Failed password for root from 218.92.0.181 port 2417 ssh2	2019-12-05 15:14:33
83.97.20.46	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-12-05 15:26:29
196.34.32.164	attack	Dec 5 07:48:25 legacy sshd[1293]: Failed password for root from 196.34.32.164 port 53838 ssh2 Dec 5 07:55:28 legacy sshd[1536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.34.32.164 Dec 5 07:55:30 legacy sshd[1536]: Failed password for invalid user orangedev from 196.34.32.164 port 37144 ssh2 ...	2019-12-05 15:16:42
162.243.14.185	attackbotsspam	Dec 4 21:00:26 eddieflores sshd\[20019\]: Invalid user yoyo from 162.243.14.185 Dec 4 21:00:26 eddieflores sshd\[20019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ajantainc.com Dec 4 21:00:28 eddieflores sshd\[20019\]: Failed password for invalid user yoyo from 162.243.14.185 port 53644 ssh2 Dec 4 21:06:28 eddieflores sshd\[20583\]: Invalid user seene from 162.243.14.185 Dec 4 21:06:28 eddieflores sshd\[20583\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ajantainc.com	2019-12-05 15:20:00
106.52.169.18	attackbotsspam	Dec 5 11:54:22 vibhu-HP-Z238-Microtower-Workstation sshd\[17606\]: Invalid user egligeaud from 106.52.169.18 Dec 5 11:54:22 vibhu-HP-Z238-Microtower-Workstation sshd\[17606\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.169.18 Dec 5 11:54:24 vibhu-HP-Z238-Microtower-Workstation sshd\[17606\]: Failed password for invalid user egligeaud from 106.52.169.18 port 58788 ssh2 Dec 5 12:01:49 vibhu-HP-Z238-Microtower-Workstation sshd\[18033\]: Invalid user gesco from 106.52.169.18 Dec 5 12:01:49 vibhu-HP-Z238-Microtower-Workstation sshd\[18033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.169.18 ...	2019-12-05 15:06:56
40.124.4.131	attack	Dec 5 07:32:11 localhost sshd\[15253\]: Invalid user kodi from 40.124.4.131 port 50908 Dec 5 07:32:11 localhost sshd\[15253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.124.4.131 Dec 5 07:32:13 localhost sshd\[15253\]: Failed password for invalid user kodi from 40.124.4.131 port 50908 ssh2	2019-12-05 15:11:21
34.83.184.206	attackspambots	Dec 4 20:59:50 php1 sshd\[18514\]: Invalid user \~!@\#\$% from 34.83.184.206 Dec 4 20:59:50 php1 sshd\[18514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.83.184.206 Dec 4 20:59:52 php1 sshd\[18514\]: Failed password for invalid user \~!@\#\$% from 34.83.184.206 port 36576 ssh2 Dec 4 21:05:27 php1 sshd\[19002\]: Invalid user palosanto from 34.83.184.206 Dec 4 21:05:27 php1 sshd\[19002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.83.184.206	2019-12-05 15:12:12
118.24.19.111	attack	PHI,WP GET /wp-login.php	2019-12-05 15:37:55
188.254.0.145	attackspam	Dec 5 12:54:50 vibhu-HP-Z238-Microtower-Workstation sshd\[21402\]: Invalid user tahu from 188.254.0.145 Dec 5 12:54:50 vibhu-HP-Z238-Microtower-Workstation sshd\[21402\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.145 Dec 5 12:54:52 vibhu-HP-Z238-Microtower-Workstation sshd\[21402\]: Failed password for invalid user tahu from 188.254.0.145 port 39002 ssh2 Dec 5 13:01:46 vibhu-HP-Z238-Microtower-Workstation sshd\[21926\]: Invalid user root123467 from 188.254.0.145 Dec 5 13:01:46 vibhu-HP-Z238-Microtower-Workstation sshd\[21926\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.145 ...	2019-12-05 15:43:02
187.207.193.9	attackspam	/var/log/messages:Dec 5 06:00:43 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1575525643.946:9810): pid=2029 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha2-256 pfs=ecdh-sha2-nistp256 spid=2030 suid=74 rport=58218 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=187.207.193.9 terminal=? res=success' /var/log/messages:Dec 5 06:00:43 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1575525643.949:9811): pid=2029 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha2-256 pfs=ecdh-sha2-nistp256 spid=2030 suid=74 rport=58218 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=187.207.193.9 terminal=? res=success' /var/log/messages:Dec 5 06:00:44 sanyalnet-cloud-vps fail2ban.filter[1481]: INFO [sshd] Fou........ -------------------------------	2019-12-05 15:32:59
104.131.7.48	attackspambots	Dec 5 09:05:05 server sshd\[11723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.7.48 user=root Dec 5 09:05:06 server sshd\[11723\]: Failed password for root from 104.131.7.48 port 38432 ssh2 Dec 5 09:34:22 server sshd\[19489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.7.48 user=root Dec 5 09:34:23 server sshd\[19489\]: Failed password for root from 104.131.7.48 port 47196 ssh2 Dec 5 09:59:53 server sshd\[26482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.7.48 user=root ...	2019-12-05 15:07:33
138.197.151.248	attack	Dec 5 08:35:12 cvbnet sshd[21690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.151.248 Dec 5 08:35:15 cvbnet sshd[21690]: Failed password for invalid user user1 from 138.197.151.248 port 32776 ssh2 ...	2019-12-05 15:44:38
218.92.0.134	attackspam	Dec 5 07:55:26 localhost sshd\[18082\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.134 user=root Dec 5 07:55:28 localhost sshd\[18082\]: Failed password for root from 218.92.0.134 port 25909 ssh2 Dec 5 07:55:31 localhost sshd\[18082\]: Failed password for root from 218.92.0.134 port 25909 ssh2	2019-12-05 15:03:29
46.101.187.76	attackspam	Dec 5 07:53:10 mail sshd[14427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.187.76 Dec 5 07:53:12 mail sshd[14427]: Failed password for invalid user net from 46.101.187.76 port 42498 ssh2 Dec 5 07:58:48 mail sshd[15602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.187.76	2019-12-05 15:10:31

Recently Reported IPs

64.64.236.238	150.95.133.33	3.81.26.12	103.242.117.181
34.87.147.183	96.77.182.189	45.143.220.54	167.99.153.115
61.54.66.114	51.89.213.90	109.228.12.76	109.196.55.45
198.38.85.175	49.87.171.23	119.133.33.65	49.235.91.83
204.9.79.243	216.168.90.218	202.44.250.154	87.11.210.236