City: unknown
Region: Bavaria
Country: Germany
Internet Service Provider: LEIBNIZ-RECHENZENTRUM
Hostname: unknown
Organization: Leibniz-Rechenzentrum
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | Jul 3 13:25:34 TCP Attack: SRC=2001:4ca0:0108:0042:0000:0080:0006:0009 DST=[Masked] LEN=80 TC=0 HOPLIMIT=245 FLOWLBL=0 PROTO=TCP SPT=47595 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 |
2019-07-03 23:35:10 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2001:4ca0:108:42:0:80:6:9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30670
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2001:4ca0:108:42:0:80:6:9. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019070301 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 03 23:34:57 CST 2019
;; MSG SIZE rcvd: 1299.0.0.0.6.0.0.0.0.8.0.0.0.0.0.0.2.4.0.0.8.0.1.0.0.a.c.4.1.0.0.2.ip6.arpa domain name pointer planetlab9.net.in.tum.de.8.0.1.0.0.a.c.4.1.0.0.2.ip6.arpa.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
9.0.0.0.6.0.0.0.0.8.0.0.0.0.0.0.2.4.0.0.8.0.1.0.0.a.c.4.1.0.0.2.ip6.arpa name = planetlab9.net.in.tum.de.8.0.1.0.0.a.c.4.1.0.0.2.ip6.arpa.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 92.118.161.13 | attackspam | Unauthorized connection attempt detected from IP address 92.118.161.13 to port 993 [J] |
2020-01-07 22:13:01 |
| 14.166.23.168 | attack | Unauthorized connection attempt from IP address 14.166.23.168 on Port 445(SMB) |
2020-01-07 22:25:42 |
| 183.89.246.117 | attack | Trying ports that it shouldn't be. |
2020-01-07 22:22:42 |
| 175.24.138.108 | attack | Jan 7 14:37:41 srv01 sshd[31495]: Invalid user henny from 175.24.138.108 port 44737 Jan 7 14:37:41 srv01 sshd[31495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.138.108 Jan 7 14:37:41 srv01 sshd[31495]: Invalid user henny from 175.24.138.108 port 44737 Jan 7 14:37:42 srv01 sshd[31495]: Failed password for invalid user henny from 175.24.138.108 port 44737 ssh2 Jan 7 14:40:22 srv01 sshd[31810]: Invalid user vn from 175.24.138.108 port 59961 ... |
2020-01-07 21:59:20 |
| 103.54.219.106 | attack | Unauthorized connection attempt from IP address 103.54.219.106 on Port 445(SMB) |
2020-01-07 22:12:35 |
| 123.16.130.74 | attackbots | Unauthorized connection attempt from IP address 123.16.130.74 on Port 445(SMB) |
2020-01-07 22:39:52 |
| 218.92.0.168 | attackspambots | (sshd) Failed SSH login from 218.92.0.168 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jan 7 10:51:00 svr sshd[141025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root Jan 7 10:51:01 svr sshd[141025]: Failed password for root from 218.92.0.168 port 8098 ssh2 Jan 7 10:51:05 svr sshd[141025]: Failed password for root from 218.92.0.168 port 8098 ssh2 Jan 7 10:51:08 svr sshd[141025]: Failed password for root from 218.92.0.168 port 8098 ssh2 Jan 7 10:51:12 svr sshd[141025]: Failed password for root from 218.92.0.168 port 8098 ssh2 |
2020-01-07 21:58:06 |
| 179.232.1.252 | attackspam | Unauthorized connection attempt detected from IP address 179.232.1.252 to port 2220 [J] |
2020-01-07 22:21:36 |
| 92.125.149.132 | attackbots | Jan 7 13:44:06 km20725 sshd[13229]: reveeclipse mapping checking getaddrinfo for b-internet.92.125.149.132.snt.ru [92.125.149.132] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 7 13:44:07 km20725 sshd[13229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.125.149.132 user=r.r Jan 7 13:44:09 km20725 sshd[13229]: Failed password for r.r from 92.125.149.132 port 45316 ssh2 Jan 7 13:44:11 km20725 sshd[13229]: Failed password for r.r from 92.125.149.132 port 45316 ssh2 Jan 7 13:44:14 km20725 sshd[13229]: Failed password for r.r from 92.125.149.132 port 45316 ssh2 Jan 7 13:44:16 km20725 sshd[13229]: Failed password for r.r from 92.125.149.132 port 45316 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=92.125.149.132 |
2020-01-07 22:31:38 |
| 123.152.20.179 | attackbots | Unauthorized connection attempt detected from IP address 123.152.20.179 to port 23 [J] |
2020-01-07 22:07:01 |
| 159.65.182.7 | attackspam | Unauthorized connection attempt detected from IP address 159.65.182.7 to port 2220 [J] |
2020-01-07 21:59:43 |
| 91.249.146.104 | attackbotsspam | Jan 7 14:45:38 localhost sshd\[24507\]: Invalid user service from 91.249.146.104 port 55716 Jan 7 14:45:38 localhost sshd\[24507\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.249.146.104 Jan 7 14:45:40 localhost sshd\[24507\]: Failed password for invalid user service from 91.249.146.104 port 55716 ssh2 |
2020-01-07 21:56:13 |
| 193.124.176.168 | attack | Unauthorized connection attempt from IP address 193.124.176.168 on Port 445(SMB) |
2020-01-07 22:05:01 |
| 162.246.107.56 | attackbotsspam | Jan 7 10:00:07 firewall sshd[462]: Invalid user developer from 162.246.107.56 Jan 7 10:00:09 firewall sshd[462]: Failed password for invalid user developer from 162.246.107.56 port 41202 ssh2 Jan 7 10:02:46 firewall sshd[491]: Invalid user csgoserver from 162.246.107.56 ... |
2020-01-07 22:35:30 |
| 196.179.230.12 | attackspambots | 1578402168 - 01/07/2020 14:02:48 Host: 196.179.230.12/196.179.230.12 Port: 445 TCP Blocked |
2020-01-07 22:33:06 |