City: Nuremberg
Region: Bavaria
Country: Germany
Internet Service Provider: Contabo GmbH
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspambots | Repeated brute force against a port |
2020-10-14 01:26:23 |
| attack | Oct 13 09:39:26 ip106 sshd[25920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.136.68.142 Oct 13 09:39:28 ip106 sshd[25920]: Failed password for invalid user anthony from 213.136.68.142 port 47774 ssh2 ... |
2020-10-13 16:35:53 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 213.136.68.33 | attackbots | 2020-05-02T12:07:22.890026abusebot-3.cloudsearch.cf sshd[15758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=m2038.contaboserver.net user=root 2020-05-02T12:07:24.743691abusebot-3.cloudsearch.cf sshd[15758]: Failed password for root from 213.136.68.33 port 40716 ssh2 2020-05-02T12:07:33.380264abusebot-3.cloudsearch.cf sshd[15768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=m2038.contaboserver.net user=root 2020-05-02T12:07:35.407834abusebot-3.cloudsearch.cf sshd[15768]: Failed password for root from 213.136.68.33 port 52096 ssh2 2020-05-02T12:07:44.407357abusebot-3.cloudsearch.cf sshd[15780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=m2038.contaboserver.net user=root 2020-05-02T12:07:46.280830abusebot-3.cloudsearch.cf sshd[15780]: Failed password for root from 213.136.68.33 port 35240 ssh2 2020-05-02T12:07:55.819887abusebot-3.cloudsearch.cf sshd[1579 ... |
2020-05-03 03:02:23 |
| 213.136.68.33 | attack | Port probing on unauthorized port 2222 |
2020-04-24 00:04:25 |
| 213.136.68.63 | attackspambots | Jan 11 22:04:43 debian-2gb-nbg1-2 kernel: \[1035990.781451\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=213.136.68.63 DST=195.201.40.59 LEN=442 TOS=0x00 PREC=0x00 TTL=56 ID=64369 DF PROTO=UDP SPT=5063 DPT=5060 LEN=422 |
2020-01-12 08:06:15 |
| 213.136.68.63 | attackspam | MultiHost/MultiPort Probe, Scan, Hack - |
2020-01-06 06:59:41 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.136.68.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56205
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.136.68.142. IN A
;; AUTHORITY SECTION:
. 531 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020101300 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 13 16:35:43 CST 2020
;; MSG SIZE rcvd: 118142.68.136.213.in-addr.arpa domain name pointer vmi456334.contaboserver.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
142.68.136.213.in-addr.arpa name = vmi456334.contaboserver.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 87.74.64.194 | attack | Exploid host for vulnerabilities on 13-10-2019 12:55:35. |
2019-10-13 21:06:50 |
| 59.124.136.61 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 13-10-2019 12:55:32. |
2019-10-13 21:11:14 |
| 46.38.144.17 | attackbots | Oct 13 15:13:20 relay postfix/smtpd\[17097\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:13:35 relay postfix/smtpd\[28666\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:14:37 relay postfix/smtpd\[691\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:14:53 relay postfix/smtpd\[30020\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:15:53 relay postfix/smtpd\[691\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2019-10-13 21:18:09 |
| 42.118.113.235 | attackspambots | Attempt to attack host OS, exploiting network vulnerabilities, on 13-10-2019 12:55:29. |
2019-10-13 21:18:30 |
| 222.186.30.165 | attack | Oct 13 08:50:36 plusreed sshd[23451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.165 user=root Oct 13 08:50:38 plusreed sshd[23451]: Failed password for root from 222.186.30.165 port 62110 ssh2 ... |
2019-10-13 20:50:48 |
| 116.52.9.220 | attack | port scan and connect, tcp 22 (ssh) |
2019-10-13 20:52:43 |
| 34.205.50.72 | attack | Exploid host for vulnerabilities on 13-10-2019 12:55:27. |
2019-10-13 21:20:24 |
| 50.209.104.212 | attackbots | Exploid host for vulnerabilities on 13-10-2019 12:55:31. |
2019-10-13 21:13:07 |
| 91.198.233.62 | attackspam | Exploid host for vulnerabilities on 13-10-2019 12:55:36. |
2019-10-13 21:05:04 |
| 80.211.172.45 | attackbotsspam | F2B jail: sshd. Time: 2019-10-13 14:34:32, Reported by: VKReport |
2019-10-13 20:41:44 |
| 90.139.41.23 | attackbotsspam | Exploid host for vulnerabilities on 13-10-2019 12:55:36. |
2019-10-13 21:05:21 |
| 139.198.12.65 | attackbotsspam | Oct 13 15:37:50 server sshd\[32158\]: Invalid user 123@Centos from 139.198.12.65 port 56192 Oct 13 15:37:50 server sshd\[32158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.12.65 Oct 13 15:37:52 server sshd\[32158\]: Failed password for invalid user 123@Centos from 139.198.12.65 port 56192 ssh2 Oct 13 15:42:48 server sshd\[18181\]: Invalid user admin!@\#$% from 139.198.12.65 port 37104 Oct 13 15:42:48 server sshd\[18181\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.12.65 |
2019-10-13 21:05:50 |
| 39.97.225.181 | attack | Exploid host for vulnerabilities on 13-10-2019 12:55:29. |
2019-10-13 21:18:46 |
| 172.96.93.12 | attack | (From noreply@gplforest5549.live) Hello There, Are you presently working with Wordpress/Woocommerce or maybe do you intend to use it as time goes on ? We offer over 2500 premium plugins as well as themes 100 percent free to download : http://trunch.xyz/PB3mh Cheers, Valerie |
2019-10-13 20:46:13 |
| 222.186.52.124 | attackspam | Oct 13 14:35:58 MK-Soft-Root1 sshd[12374]: Failed password for root from 222.186.52.124 port 56640 ssh2 Oct 13 14:36:01 MK-Soft-Root1 sshd[12374]: Failed password for root from 222.186.52.124 port 56640 ssh2 ... |
2019-10-13 20:46:47 |