City: Nürnberg
Region: Bayern
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.136.29.171 | attackbotsspam | Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root |
2020-09-25 06:28:29 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.29.185
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35564
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;45.136.29.185. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021902 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 10:21:47 CST 2025
;; MSG SIZE rcvd: 106
185.29.136.45.in-addr.arpa domain name pointer v2202402148060255252.bestsrv.de.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
185.29.136.45.in-addr.arpa name = v2202402148060255252.bestsrv.de.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 188.166.6.130 | attack | 939. On Jun 30 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 188.166.6.130. |
2020-07-02 05:19:31 |
| 89.200.182.10 | attackspam | Scanned 250 unique addresses for 2 unique TCP ports in 24 hours (ports 7835,31343) |
2020-07-02 05:49:58 |
| 51.68.11.231 | attackbots | 51.68.11.231 - - [30/Jun/2020:04:54:22 +0000] "GET /newsleter.php.suspected HTTP/1.1" 404 221 "http://site.ru" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4" |
2020-07-02 05:33:01 |
| 120.53.119.223 | attackspambots | Jun 29 23:26:21 v11 sshd[16879]: Invalid user idc from 120.53.119.223 port 46488 Jun 29 23:26:23 v11 sshd[16879]: Failed password for invalid user idc from 120.53.119.223 port 46488 ssh2 Jun 29 23:26:23 v11 sshd[16879]: Received disconnect from 120.53.119.223 port 46488:11: Bye Bye [preauth] Jun 29 23:26:23 v11 sshd[16879]: Disconnected from 120.53.119.223 port 46488 [preauth] Jun 29 23:34:53 v11 sshd[19969]: Invalid user master from 120.53.119.223 port 36564 Jun 29 23:34:54 v11 sshd[19969]: Failed password for invalid user master from 120.53.119.223 port 36564 ssh2 Jun 29 23:34:55 v11 sshd[19969]: Received disconnect from 120.53.119.223 port 36564:11: Bye Bye [preauth] Jun 29 23:34:55 v11 sshd[19969]: Disconnected from 120.53.119.223 port 36564 [preauth] Jun 29 23:36:58 v11 sshd[20058]: Invalid user evi from 120.53.119.223 port 55584 Jun 29 23:37:00 v11 sshd[20058]: Failed password for invalid user evi from 120.53.119.223 port 55584 ssh2 Jun 29 23:37:01 v11 sshd[20058]........ ------------------------------- |
2020-07-02 05:42:00 |
| 122.96.12.174 | attack | Jul 1 00:25:52 debian-2gb-nbg1-2 kernel: \[15814588.601231\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=122.96.12.174 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=40 ID=47026 PROTO=TCP SPT=33269 DPT=5555 WINDOW=60620 RES=0x00 SYN URGP=0 |
2020-07-02 06:14:40 |
| 81.95.42.61 | attackspambots | Total attacks: 2 |
2020-07-02 05:36:36 |
| 185.143.73.58 | attackbots | Jul 1 01:41:38 mail postfix/smtpd\[23842\]: warning: unknown\[185.143.73.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 1 01:42:55 mail postfix/smtpd\[23659\]: warning: unknown\[185.143.73.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 1 02:14:21 mail postfix/smtpd\[25054\]: warning: unknown\[185.143.73.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 1 02:15:39 mail postfix/smtpd\[25054\]: warning: unknown\[185.143.73.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ |
2020-07-02 05:45:53 |
| 129.211.8.43 | attackspambots | Invalid user cynthia from 129.211.8.43 port 36128 |
2020-07-02 06:07:20 |
| 46.38.150.72 | attack | Jul 1 02:02:47 relay postfix/smtpd\[18564\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 1 02:04:09 relay postfix/smtpd\[2521\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 1 02:05:30 relay postfix/smtpd\[18564\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 1 02:06:49 relay postfix/smtpd\[12596\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 1 02:07:03 relay postfix/smtpd\[19770\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-07-02 05:36:04 |
| 88.155.148.166 | attack | кто стучался в мою почту? точно мошенники!!! будьте осторожны!!! |
2020-07-02 05:37:10 |
| 49.88.112.112 | attack | June 30 2020, 19:59:11 [sshd] - Banned from the Mad Pony WordPress hosting platform by Fail2ban. |
2020-07-02 05:36:50 |
| 52.169.204.119 | attackbotsspam | Jun 30 16:49:47 dignus sshd[30605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.169.204.119 Jun 30 16:49:49 dignus sshd[30605]: Failed password for invalid user andre from 52.169.204.119 port 40954 ssh2 Jun 30 16:52:58 dignus sshd[30929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.169.204.119 user=root Jun 30 16:52:59 dignus sshd[30929]: Failed password for root from 52.169.204.119 port 40498 ssh2 Jun 30 16:56:31 dignus sshd[31189]: Invalid user derrick from 52.169.204.119 port 40134 ... |
2020-07-02 05:34:31 |
| 222.180.208.14 | attackspambots | Jun 30 16:59:43 rocket sshd[3760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.180.208.14 Jun 30 16:59:46 rocket sshd[3760]: Failed password for invalid user eis from 222.180.208.14 port 61396 ssh2 Jun 30 17:00:12 rocket sshd[3979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.180.208.14 ... |
2020-07-02 05:20:49 |
| 52.175.57.76 | attackspambots | 20 attempts against mh-ssh on star |
2020-07-02 05:43:11 |
| 212.70.149.34 | attack | 2020-07-01 03:09:45 dovecot_login authenticator failed for \(User\) \[212.70.149.34\]: 535 Incorrect authentication data \(set_id=gabrielle@org.ua\)2020-07-01 03:10:20 dovecot_login authenticator failed for \(User\) \[212.70.149.34\]: 535 Incorrect authentication data \(set_id=gandolf@org.ua\)2020-07-01 03:10:54 dovecot_login authenticator failed for \(User\) \[212.70.149.34\]: 535 Incorrect authentication data \(set_id=garcia@org.ua\) ... |
2020-07-02 06:24:04 |