City: Nuremberg
Region: Bavaria
Country: Germany
Internet Service Provider: Contabo GmbH
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackbotsspam | Port scan: Attack repeated for 24 hours |
2020-02-08 18:20:37 |
| attack | 29.01.2020 13:43:19 Connection to port 69 blocked by firewall |
2020-01-30 00:31:43 |
| attackbotsspam | MultiHost/MultiPort Probe, Scan, Hack - |
2020-01-28 18:03:03 |
| attackspambots | 01/24/2020-11:15:54.985924 173.249.34.254 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-01-25 00:56:38 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 173.249.34.9 | attackbots | $f2bV_matches |
2019-11-23 19:17:24 |
| 173.249.34.9 | attackbotsspam | SSH bruteforce (Triggered fail2ban) |
2019-11-17 04:09:46 |
| 173.249.34.215 | attackbotsspam | Sep 14 04:26:04 xb3 sshd[28630]: Failed password for invalid user rator from 173.249.34.215 port 47610 ssh2 Sep 14 04:26:04 xb3 sshd[28630]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:34:38 xb3 sshd[7086]: Failed password for invalid user user from 173.249.34.215 port 42008 ssh2 Sep 14 04:34:38 xb3 sshd[7086]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:38:39 xb3 sshd[4979]: Failed password for invalid user hms from 173.249.34.215 port 33392 ssh2 Sep 14 04:38:40 xb3 sshd[4979]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:42:34 xb3 sshd[2147]: Failed password for invalid user ts3 from 173.249.34.215 port 52730 ssh2 Sep 14 04:42:34 xb3 sshd[2147]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:46:32 xb3 sshd[32218]: Failed password for invalid user admin from 173.249.34.215 port 43578 ssh2 Sep 14 04:46:32 xb3 sshd[32218]: Received disconnect from 173.249.34.21........ ------------------------------- |
2019-09-16 12:17:17 |
| 173.249.34.215 | attackbots | Sep 14 04:26:04 xb3 sshd[28630]: Failed password for invalid user rator from 173.249.34.215 port 47610 ssh2 Sep 14 04:26:04 xb3 sshd[28630]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:34:38 xb3 sshd[7086]: Failed password for invalid user user from 173.249.34.215 port 42008 ssh2 Sep 14 04:34:38 xb3 sshd[7086]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:38:39 xb3 sshd[4979]: Failed password for invalid user hms from 173.249.34.215 port 33392 ssh2 Sep 14 04:38:40 xb3 sshd[4979]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:42:34 xb3 sshd[2147]: Failed password for invalid user ts3 from 173.249.34.215 port 52730 ssh2 Sep 14 04:42:34 xb3 sshd[2147]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:46:32 xb3 sshd[32218]: Failed password for invalid user admin from 173.249.34.215 port 43578 ssh2 Sep 14 04:46:32 xb3 sshd[32218]: Received disconnect from 173.249.34.21........ ------------------------------- |
2019-09-15 06:25:02 |
| 173.249.34.215 | attackbotsspam | Sep 14 04:26:04 xb3 sshd[28630]: Failed password for invalid user rator from 173.249.34.215 port 47610 ssh2 Sep 14 04:26:04 xb3 sshd[28630]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:34:38 xb3 sshd[7086]: Failed password for invalid user user from 173.249.34.215 port 42008 ssh2 Sep 14 04:34:38 xb3 sshd[7086]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:38:39 xb3 sshd[4979]: Failed password for invalid user hms from 173.249.34.215 port 33392 ssh2 Sep 14 04:38:40 xb3 sshd[4979]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:42:34 xb3 sshd[2147]: Failed password for invalid user ts3 from 173.249.34.215 port 52730 ssh2 Sep 14 04:42:34 xb3 sshd[2147]: Received disconnect from 173.249.34.215: 11: Bye Bye [preauth] Sep 14 04:46:32 xb3 sshd[32218]: Failed password for invalid user admin from 173.249.34.215 port 43578 ssh2 Sep 14 04:46:32 xb3 sshd[32218]: Received disconnect from 173.249.34.21........ ------------------------------- |
2019-09-14 16:57:16 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 173.249.34.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38494
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;173.249.34.254. IN A
;; AUTHORITY SECTION:
. 454 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020011701 1800 900 604800 86400
;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 18 07:08:34 CST 2020
;; MSG SIZE rcvd: 118254.34.249.173.in-addr.arpa domain name pointer m10254.contaboserver.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
254.34.249.173.in-addr.arpa name = m10254.contaboserver.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 124.243.85.71 | attack | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:12:33 |
| 123.143.203.194 | attackspambots | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:26:53 |
| 122.176.145.145 | attack | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:39:51 |
| 124.66.133.106 | attackbots | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:22:40 |
| 122.193.106.54 | attack | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:36:31 |
| 125.138.129.101 | attackspambots | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:10:07 |
| 123.200.2.202 | attack | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:25:16 |
| 121.173.238.41 | attackspambots | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:52:11 |
| 122.224.3.12 | attackspam | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:35:59 |
| 124.195.199.237 | attackspambots | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:14:33 |
| 122.161.21.75 | attack | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:46:32 |
| 121.46.85.35 | attackbotsspam | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 02:03:00 |
| 121.101.130.43 | attack | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:57:09 |
| 122.224.36.28 | attackbotsspam | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:35:36 |
| 122.226.129.25 | attackbotsspam | "Account brute force using dictionary attack against Exchange Online" |
2019-08-06 01:34:00 |