City: Klingenberg Am Main
Region: Bayern
Country: Germany
Internet Service Provider: ITP-Solutions UG & Co. KG
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=guest |
2020-09-20 22:37:52 |
| attack | Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=guest |
2020-09-20 14:28:21 |
| attackbots | Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=guest |
2020-09-20 06:28:04 |
| attackspambots | Sep 3 11:15:57 santamaria sshd\[28838\]: Invalid user nagios from 91.192.10.53 Sep 3 11:15:57 santamaria sshd\[28838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.192.10.53 Sep 3 11:15:59 santamaria sshd\[28838\]: Failed password for invalid user nagios from 91.192.10.53 port 42271 ssh2 ... |
2020-09-03 21:07:43 |
| attackspambots | Sep 3 04:36:11 ns381471 sshd[24979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.192.10.53 Sep 3 04:36:13 ns381471 sshd[24979]: Failed password for invalid user anna from 91.192.10.53 port 50768 ssh2 |
2020-09-03 12:50:46 |
| attack | 2020-09-02T21:04:12+0000 Failed SSH Authentication/Brute Force Attack. (Server 6) |
2020-09-03 05:08:56 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 91.192.10.119 | attackspambots | Unauthorized connection attempt detected from IP address 91.192.10.119 to port 23 |
2020-08-03 18:32:00 |
| 91.192.10.129 | attackspam | Unauthorized connection attempt detected from IP address 91.192.10.129 to port 23 |
2020-07-29 16:45:42 |
| 91.192.10.111 | attackbots | Port scan denied |
2020-07-14 02:59:14 |
| 91.192.10.130 | attack | 37215/tcp 37215/tcp [2020-06-21/24]2pkt |
2020-06-25 06:14:09 |
| 91.192.10.147 | attackbots | Telnetd brute force attack detected by fail2ban |
2020-06-24 14:30:43 |
| 91.192.10.126 | attackbotsspam | Attempted connection to port 11211. |
2020-06-20 22:17:45 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.192.10.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43040
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.192.10.53. IN A
;; AUTHORITY SECTION:
. 308 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020090201 1800 900 604800 86400
;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 03 05:08:53 CST 2020
;; MSG SIZE rcvd: 116
Host 53.10.192.91.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 53.10.192.91.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 125.74.47.230 | attackbots | Unauthorized connection attempt detected from IP address 125.74.47.230 to port 2220 [J] |
2020-01-07 23:23:21 |
| 112.85.42.176 | attack | Jan 7 12:05:20 server sshd\[28412\]: Failed password for root from 112.85.42.176 port 53411 ssh2 Jan 7 12:05:22 server sshd\[28434\]: Failed password for root from 112.85.42.176 port 8811 ssh2 Jan 7 18:19:03 server sshd\[24581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Jan 7 18:19:04 server sshd\[24581\]: Failed password for root from 112.85.42.176 port 19975 ssh2 Jan 7 18:19:06 server sshd\[24613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root ... |
2020-01-07 23:36:36 |
| 95.46.153.29 | attackspambots | Unauthorized connection attempt from IP address 95.46.153.29 on Port 445(SMB) |
2020-01-07 23:47:27 |
| 203.147.68.91 | attackbotsspam | (imapd) Failed IMAP login from 203.147.68.91 (NC/New Caledonia/host-203-147-68-91.h21.canl.nc): 1 in the last 3600 secs |
2020-01-07 23:47:48 |
| 94.23.70.116 | attackspambots | Jan 7 04:55:09 eddieflores sshd\[13763\]: Invalid user uqg from 94.23.70.116 Jan 7 04:55:09 eddieflores sshd\[13763\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.70.116 Jan 7 04:55:12 eddieflores sshd\[13763\]: Failed password for invalid user uqg from 94.23.70.116 port 59287 ssh2 Jan 7 05:04:48 eddieflores sshd\[14542\]: Invalid user cuigj from 94.23.70.116 Jan 7 05:04:48 eddieflores sshd\[14542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.70.116 |
2020-01-07 23:17:23 |
| 122.51.163.237 | attackbotsspam | Unauthorized connection attempt detected from IP address 122.51.163.237 to port 2220 [J] |
2020-01-07 23:23:44 |
| 222.186.180.6 | attackspam | Jan 7 16:35:29 jane sshd[12588]: Failed password for root from 222.186.180.6 port 32156 ssh2 Jan 7 16:35:33 jane sshd[12588]: Failed password for root from 222.186.180.6 port 32156 ssh2 ... |
2020-01-07 23:45:38 |
| 185.164.72.217 | attackbotsspam | Unauthorised access (Jan 7) SRC=185.164.72.217 LEN=40 TTL=244 ID=24435 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 6) SRC=185.164.72.217 LEN=40 TTL=244 ID=55080 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 5) SRC=185.164.72.217 LEN=40 TTL=244 ID=2332 TCP DPT=3389 WINDOW=1024 SYN |
2020-01-07 23:30:31 |
| 186.6.159.106 | attack | 20/1/7@10:28:21: FAIL: Alarm-Network address from=186.6.159.106 ... |
2020-01-07 23:43:04 |
| 112.3.30.47 | attack | Jan 7 05:54:44 web9 sshd\[12191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.3.30.47 user=daemon Jan 7 05:54:46 web9 sshd\[12191\]: Failed password for daemon from 112.3.30.47 port 49434 ssh2 Jan 7 05:58:29 web9 sshd\[12848\]: Invalid user test from 112.3.30.47 Jan 7 05:58:29 web9 sshd\[12848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.3.30.47 Jan 7 05:58:31 web9 sshd\[12848\]: Failed password for invalid user test from 112.3.30.47 port 37786 ssh2 |
2020-01-08 00:00:49 |
| 168.61.176.121 | attackspam | Unauthorized connection attempt detected from IP address 168.61.176.121 to port 2220 [J] |
2020-01-07 23:31:04 |
| 109.175.166.36 | attackbotsspam | Jan 7 14:50:08 legacy sshd[11980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.175.166.36 Jan 7 14:50:10 legacy sshd[11980]: Failed password for invalid user mythtv from 109.175.166.36 port 53866 ssh2 Jan 7 14:53:26 legacy sshd[12176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.175.166.36 ... |
2020-01-07 23:34:48 |
| 167.71.177.207 | attack | Unauthorized connection attempt detected from IP address 167.71.177.207 to port 2220 [J] |
2020-01-07 23:38:19 |
| 166.62.85.53 | attackspam | 166.62.85.53 - - [07/Jan/2020:14:49:01 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.85.53 - - [07/Jan/2020:14:49:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2298 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.85.53 - - [07/Jan/2020:14:49:03 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.85.53 - - [07/Jan/2020:14:49:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.85.53 - - [07/Jan/2020:14:49:04 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.85.53 - - [07/Jan/2020:14:49:04 +0100] "POST /wp-login.php HTTP/1.1" 200 2273 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-01-07 23:57:37 |
| 106.13.16.205 | attackbotsspam | Unauthorized connection attempt detected from IP address 106.13.16.205 to port 2220 [J] |
2020-01-07 23:40:27 |