City: Cerdanyola del Vallès
Region: Catalonia
Country: Spain
Internet Service Provider: Centre de Telecomunicacions i Tecnologies de la Informacio de la Generalitat de Catalunya (CTTI)
Hostname: unknown
Organization: unknown
Usage Type: Government
| Type | Details | Datetime |
|---|---|---|
| attack | Feb 10 07:04:41 MK-Soft-VM8 sshd[16338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.71.53 Feb 10 07:04:43 MK-Soft-VM8 sshd[16338]: Failed password for invalid user uvs from 85.192.71.53 port 59444 ssh2 ... |
2020-02-10 14:25:12 |
| attackbots | Feb 7 19:07:33 legacy sshd[6314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.71.53 Feb 7 19:07:35 legacy sshd[6314]: Failed password for invalid user duv from 85.192.71.53 port 5483 ssh2 Feb 7 19:10:55 legacy sshd[6514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.71.53 ... |
2020-02-08 05:18:14 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 85.192.71.245 | attackspambots | Dec 8 13:26:48 sachi sshd\[29118\]: Invalid user mima0123 from 85.192.71.245 Dec 8 13:26:48 sachi sshd\[29118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43013099.xtec.cat Dec 8 13:26:49 sachi sshd\[29118\]: Failed password for invalid user mima0123 from 85.192.71.245 port 34524 ssh2 Dec 8 13:32:19 sachi sshd\[29619\]: Invalid user withhold from 85.192.71.245 Dec 8 13:32:19 sachi sshd\[29619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43013099.xtec.cat |
2019-12-09 07:37:47 |
| 85.192.71.245 | attackbots | 2019-11-08T20:39:56.891305shield sshd\[593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ceip-agustibarbera-amposta.xtec.cat user=root 2019-11-08T20:39:58.857175shield sshd\[593\]: Failed password for root from 85.192.71.245 port 42058 ssh2 2019-11-08T20:43:41.581830shield sshd\[1073\]: Invalid user g from 85.192.71.245 port 51860 2019-11-08T20:43:41.586122shield sshd\[1073\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ceip-agustibarbera-amposta.xtec.cat 2019-11-08T20:43:44.446543shield sshd\[1073\]: Failed password for invalid user g from 85.192.71.245 port 51860 ssh2 |
2019-11-09 04:45:05 |
| 85.192.71.245 | attack | Nov 6 18:21:29 lnxmysql61 sshd[23958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.71.245 |
2019-11-07 03:01:50 |
| 85.192.71.245 | attackspambots | Nov 5 15:32:46 [host] sshd[11500]: Invalid user ubnt from 85.192.71.245 Nov 5 15:32:46 [host] sshd[11500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.71.245 Nov 5 15:32:48 [host] sshd[11500]: Failed password for invalid user ubnt from 85.192.71.245 port 34054 ssh2 |
2019-11-06 04:25:19 |
| 85.192.71.245 | attack | Automatic report - SSH Brute-Force Attack |
2019-11-05 14:04:11 |
| 85.192.71.245 | attackspambots | *Port Scan* detected from 85.192.71.245 (ES/Spain/ceip-agustibarbera-amposta.xtec.cat). 4 hits in the last 100 seconds |
2019-10-22 19:51:26 |
| 85.192.71.245 | attackbots | Oct 17 16:41:45 icinga sshd[12361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.71.245 Oct 17 16:41:46 icinga sshd[12361]: Failed password for invalid user 12!@34#$ from 85.192.71.245 port 51276 ssh2 ... |
2019-10-18 02:08:03 |
| 85.192.71.245 | attackbotsspam | Oct 16 01:54:20 hpm sshd\[8327\]: Invalid user zypass from 85.192.71.245 Oct 16 01:54:20 hpm sshd\[8327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ceip-agustibarbera-amposta.xtec.cat Oct 16 01:54:22 hpm sshd\[8327\]: Failed password for invalid user zypass from 85.192.71.245 port 40576 ssh2 Oct 16 01:58:40 hpm sshd\[8702\]: Invalid user alcapone from 85.192.71.245 Oct 16 01:58:40 hpm sshd\[8702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ceip-agustibarbera-amposta.xtec.cat |
2019-10-16 19:59:47 |
| 85.192.71.245 | attackspambots | $f2bV_matches |
2019-10-12 19:16:10 |
| 85.192.71.245 | attackspam | Oct 10 19:28:19 vps691689 sshd[32168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.71.245 Oct 10 19:28:21 vps691689 sshd[32168]: Failed password for invalid user France@2018 from 85.192.71.245 port 37762 ssh2 Oct 10 19:32:31 vps691689 sshd[32235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.71.245 ... |
2019-10-11 02:29:11 |
| 85.192.71.245 | attackspam | 2019-10-09T04:56:07.859473abusebot-3.cloudsearch.cf sshd\[19265\]: Invalid user Discovery2017 from 85.192.71.245 port 46092 |
2019-10-09 14:46:59 |
| 85.192.71.245 | attack | Sep 12 17:48:21 php1 sshd\[27134\]: Invalid user user1 from 85.192.71.245 Sep 12 17:48:21 php1 sshd\[27134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ceip-agustibarbera-amposta.xtec.cat Sep 12 17:48:22 php1 sshd\[27134\]: Failed password for invalid user user1 from 85.192.71.245 port 60456 ssh2 Sep 12 17:52:47 php1 sshd\[27729\]: Invalid user P@ssw0rd from 85.192.71.245 Sep 12 17:52:47 php1 sshd\[27729\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ceip-agustibarbera-amposta.xtec.cat |
2019-09-13 11:58:31 |
| 85.192.71.245 | attackbots | Jul 31 08:45:06 [host] sshd[24058]: Invalid user khelms from 85.192.71.245 Jul 31 08:45:06 [host] sshd[24058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.71.245 Jul 31 08:45:08 [host] sshd[24058]: Failed password for invalid user khelms from 85.192.71.245 port 60486 ssh2 |
2019-07-31 16:03:39 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.192.71.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10812
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.192.71.53. IN A
;; AUTHORITY SECTION:
. 536 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020020701 1800 900 604800 86400
;; Query time: 550 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 08 05:18:11 CST 2020
;; MSG SIZE rcvd: 11653.71.192.85.in-addr.arpa domain name pointer iesjoaquimmir.xtec.cat.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
53.71.192.85.in-addr.arpa name = iesjoaquimmir.xtec.cat.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.59.169.37 | attackspam | Aug 5 20:29:59 game-panel sshd[22349]: Failed password for root from 139.59.169.37 port 45090 ssh2 Aug 5 20:34:56 game-panel sshd[22536]: Failed password for root from 139.59.169.37 port 57332 ssh2 |
2020-08-06 06:18:15 |
| 45.55.219.114 | attackbots | Aug 5 22:39:23 mout sshd[22265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.219.114 user=root Aug 5 22:39:24 mout sshd[22265]: Failed password for root from 45.55.219.114 port 40792 ssh2 Aug 5 22:39:25 mout sshd[22265]: Disconnected from authenticating user root 45.55.219.114 port 40792 [preauth] |
2020-08-06 06:32:30 |
| 125.69.68.125 | attackbots | Aug 5 23:10:07 vps1 sshd[16349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.69.68.125 user=root Aug 5 23:10:09 vps1 sshd[16349]: Failed password for invalid user root from 125.69.68.125 port 2026 ssh2 Aug 5 23:13:12 vps1 sshd[16408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.69.68.125 user=root Aug 5 23:13:14 vps1 sshd[16408]: Failed password for invalid user root from 125.69.68.125 port 7242 ssh2 Aug 5 23:16:13 vps1 sshd[16511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.69.68.125 user=root Aug 5 23:16:15 vps1 sshd[16511]: Failed password for invalid user root from 125.69.68.125 port 44160 ssh2 Aug 5 23:19:22 vps1 sshd[16567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.69.68.125 user=root ... |
2020-08-06 06:10:36 |
| 59.124.36.104 | normal | 59.124.36.104 |
2020-08-06 06:44:04 |
| 192.99.14.199 | attack | Detected by ModSecurity. Request URI: /wp-login.php |
2020-08-06 06:34:34 |
| 219.136.249.151 | attackspam | Connection to SSH Honeypot - Detected by HoneypotDB |
2020-08-06 06:30:30 |
| 114.6.41.68 | attackspambots | DATE:2020-08-05 23:08:07,IP:114.6.41.68,MATCHES:10,PORT:ssh |
2020-08-06 06:10:57 |
| 192.35.168.230 | attack | port |
2020-08-06 06:11:40 |
| 202.28.221.106 | attackspambots | Aug 5 18:42:11 vps46666688 sshd[26764]: Failed password for root from 202.28.221.106 port 33804 ssh2 ... |
2020-08-06 06:15:49 |
| 51.77.146.156 | attackspambots | Aug 6 00:15:38 vserver sshd\[17364\]: Failed password for root from 51.77.146.156 port 43126 ssh2Aug 6 00:17:50 vserver sshd\[17390\]: Failed password for root from 51.77.146.156 port 48192 ssh2Aug 6 00:19:56 vserver sshd\[17404\]: Failed password for root from 51.77.146.156 port 53256 ssh2Aug 6 00:22:06 vserver sshd\[17424\]: Failed password for root from 51.77.146.156 port 58344 ssh2 ... |
2020-08-06 06:37:11 |
| 111.230.241.110 | attack | Aug 6 00:55:53 hosting sshd[16654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.241.110 user=root Aug 6 00:55:55 hosting sshd[16654]: Failed password for root from 111.230.241.110 port 56510 ssh2 Aug 6 01:01:51 hosting sshd[17212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.241.110 user=root Aug 6 01:01:52 hosting sshd[17212]: Failed password for root from 111.230.241.110 port 34708 ssh2 ... |
2020-08-06 06:13:08 |
| 114.80.94.228 | attackspam | "fail2ban match" |
2020-08-06 06:31:26 |
| 118.163.101.205 | attackspambots | Lines containing failures of 118.163.101.205 Aug 4 04:15:44 ntop sshd[8531]: User r.r from 118.163.101.205 not allowed because not listed in AllowUsers Aug 4 04:15:44 ntop sshd[8531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.101.205 user=r.r Aug 4 04:15:46 ntop sshd[8531]: Failed password for invalid user r.r from 118.163.101.205 port 34906 ssh2 Aug 4 04:15:47 ntop sshd[8531]: Received disconnect from 118.163.101.205 port 34906:11: Bye Bye [preauth] Aug 4 04:15:47 ntop sshd[8531]: Disconnected from invalid user r.r 118.163.101.205 port 34906 [preauth] Aug 4 04:22:05 ntop sshd[11427]: User r.r from 118.163.101.205 not allowed because not listed in AllowUsers Aug 4 04:22:05 ntop sshd[11427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.101.205 user=r.r Aug 4 04:22:07 ntop sshd[11427]: Failed password for invalid user r.r from 118.163.101.205 port 41704 ssh2 A........ ------------------------------ |
2020-08-06 06:43:54 |
| 122.114.239.22 | attack | Aug 5 21:09:27 plex-server sshd[29095]: Failed password for root from 122.114.239.22 port 38608 ssh2 Aug 5 21:10:39 plex-server sshd[29165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.239.22 user=root Aug 5 21:10:41 plex-server sshd[29165]: Failed password for root from 122.114.239.22 port 53702 ssh2 Aug 5 21:11:53 plex-server sshd[29275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.239.22 user=root Aug 5 21:11:55 plex-server sshd[29275]: Failed password for root from 122.114.239.22 port 40556 ssh2 ... |
2020-08-06 06:12:00 |
| 49.235.37.232 | attackspam | Failed password for root from 49.235.37.232 port 46376 ssh2 |
2020-08-06 06:44:31 |