City: Munich
Region: Bavaria
Country: Germany
Internet Service Provider: Contabo GmbH
Hostname: unknown
Organization: M-net Telekommunikations GmbH
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackbotsspam | CloudCIX Reconnaissance Scan Detected, PTR: mail.ganztagsschule24.de. |
2019-08-03 07:26:58 |
| attackspambots | CloudCIX Reconnaissance Scan Detected, PTR: mail.ganztagsschule24.de. |
2019-07-30 05:35:30 |
| attack | CloudCIX Reconnaissance Scan Detected, PTR: mail.ganztagsschule24.de. |
2019-07-25 02:23:25 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 93.104.214.189 | attackspam | May 8 22:50:41 mout sshd[792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.104.214.189 user=root May 8 22:50:43 mout sshd[792]: Failed password for root from 93.104.214.189 port 55062 ssh2 May 8 22:50:43 mout sshd[792]: Connection closed by 93.104.214.189 port 55062 [preauth] |
2020-05-09 05:23:38 |
| 93.104.214.189 | attackbots | Lines containing failures of 93.104.214.189 May 4 18:57:06 linuxrulz sshd[1846]: Did not receive identification string from 93.104.214.189 port 56942 May 4 18:57:06 linuxrulz sshd[1847]: Did not receive identification string from 93.104.214.189 port 49446 May 4 18:57:06 linuxrulz sshd[1848]: Did not receive identification string from 93.104.214.189 port 60624 May 4 19:00:22 linuxrulz sshd[2484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.104.214.189 user=r.r May 4 19:00:24 linuxrulz sshd[2484]: Failed password for r.r from 93.104.214.189 port 59076 ssh2 May 4 19:00:25 linuxrulz sshd[2484]: Received disconnect from 93.104.214.189 port 59076:11: Normal Shutdown, Thank you for playing [preauth] May 4 19:00:25 linuxrulz sshd[2484]: Disconnected from authenticating user r.r 93.104.214.189 port 59076 [preauth] May 4 19:00:26 linuxrulz sshd[2488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ........ ------------------------------ |
2020-05-05 07:48:13 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.104.214.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10390
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.104.214.243. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019072400 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 02:23:07 CST 2019
;; MSG SIZE rcvd: 118243.214.104.93.in-addr.arpa domain name pointer mail.ganztagsschule24.de.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
243.214.104.93.in-addr.arpa name = mail.ganztagsschule24.de.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 112.85.42.183 | attackbotsspam | 2020-10-07T22:50:48.239879vps773228.ovh.net sshd[9243]: Failed password for root from 112.85.42.183 port 33394 ssh2 2020-10-07T22:50:51.386927vps773228.ovh.net sshd[9243]: Failed password for root from 112.85.42.183 port 33394 ssh2 2020-10-07T22:50:54.944627vps773228.ovh.net sshd[9243]: Failed password for root from 112.85.42.183 port 33394 ssh2 2020-10-07T22:50:57.720742vps773228.ovh.net sshd[9243]: Failed password for root from 112.85.42.183 port 33394 ssh2 2020-10-07T22:51:00.908929vps773228.ovh.net sshd[9243]: Failed password for root from 112.85.42.183 port 33394 ssh2 ... |
2020-10-08 04:56:33 |
| 198.12.153.39 | attack | 20 attempts against mh-misbehave-ban on admin |
2020-10-08 04:26:48 |
| 23.133.1.162 | attackspambots | Oct 7 14:18:47 ns382633 sshd\[18966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.133.1.162 user=root Oct 7 14:18:49 ns382633 sshd\[18966\]: Failed password for root from 23.133.1.162 port 55976 ssh2 Oct 7 14:25:22 ns382633 sshd\[20117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.133.1.162 user=root Oct 7 14:25:24 ns382633 sshd\[20117\]: Failed password for root from 23.133.1.162 port 57510 ssh2 Oct 7 14:27:43 ns382633 sshd\[20298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.133.1.162 user=root |
2020-10-08 04:47:33 |
| 111.229.25.25 | attackspambots | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-10-08 04:44:18 |
| 119.181.19.21 | attackspambots | Oct 7 15:16:00 prod4 sshd\[16137\]: Failed password for root from 119.181.19.21 port 36136 ssh2 Oct 7 15:20:57 prod4 sshd\[18108\]: Failed password for root from 119.181.19.21 port 39966 ssh2 Oct 7 15:25:51 prod4 sshd\[20239\]: Failed password for root from 119.181.19.21 port 43796 ssh2 ... |
2020-10-08 04:46:54 |
| 143.110.200.144 | attackbots | Oct 7 12:26:07 ns3033917 sshd[16692]: Failed password for root from 143.110.200.144 port 46134 ssh2 Oct 7 12:28:29 ns3033917 sshd[16711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.110.200.144 user=root Oct 7 12:28:31 ns3033917 sshd[16711]: Failed password for root from 143.110.200.144 port 58512 ssh2 ... |
2020-10-08 04:58:29 |
| 218.92.0.165 | attack | $f2bV_matches |
2020-10-08 04:12:24 |
| 193.112.191.228 | attack | 2020-10-07T19:44:04+0200 Failed SSH Authentication/Brute Force Attack.(Server 2) |
2020-10-08 04:08:11 |
| 121.36.207.181 | attackspambots | 2020-10-07 15:05:50.912998-0500 localhost screensharingd[77423]: Authentication: FAILED :: User Name: N/A :: Viewer Address: 121.36.207.181 :: Type: VNC DES |
2020-10-08 04:43:57 |
| 193.228.91.105 | attack | [MK-Root1] SSH login failed |
2020-10-08 04:21:50 |
| 167.86.117.63 | attack | Lines containing failures of 167.86.117.63 Oct 5 23:02:17 g1 sshd[5149]: User r.r from 167.86.117.63 not allowed because not listed in AllowUsers Oct 5 23:02:17 g1 sshd[5149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.86.117.63 user=r.r Oct 5 23:02:18 g1 sshd[5149]: Failed password for invalid user r.r from 167.86.117.63 port 50682 ssh2 Oct 5 23:02:18 g1 sshd[5149]: Received disconnect from 167.86.117.63 port 50682:11: Bye Bye [preauth] Oct 5 23:02:18 g1 sshd[5149]: Disconnected from invalid user r.r 167.86.117.63 port 50682 [preauth] Oct 5 23:18:22 g1 sshd[6381]: User r.r from 167.86.117.63 not allowed because not listed in AllowUsers Oct 5 23:18:22 g1 sshd[6381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.86.117.63 user=r.r Oct 5 23:18:24 g1 sshd[6381]: Failed password for invalid user r.r from 167.86.117.63 port 48660 ssh2 Oct 5 23:18:25 g1 sshd[6381]: Receive........ ------------------------------ |
2020-10-08 04:56:16 |
| 145.239.95.42 | attack | 145.239.95.42 - - [07/Oct/2020:16:53:32 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-10-08 04:18:53 |
| 83.97.20.35 | attack | ET DROP Dshield Block Listed Source group 1 - port: 7288 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-08 04:36:08 |
| 103.15.50.41 | attack | Automatic report BANNED IP |
2020-10-08 04:45:32 |
| 113.110.229.190 | attackbotsspam | Oct 5 10:42:52 cumulus sshd[20061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.110.229.190 user=r.r Oct 5 10:42:54 cumulus sshd[20061]: Failed password for r.r from 113.110.229.190 port 47232 ssh2 Oct 5 10:42:54 cumulus sshd[20061]: Received disconnect from 113.110.229.190 port 47232:11: Bye Bye [preauth] Oct 5 10:42:54 cumulus sshd[20061]: Disconnected from 113.110.229.190 port 47232 [preauth] Oct 5 10:58:59 cumulus sshd[21471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.110.229.190 user=r.r Oct 5 10:59:01 cumulus sshd[21471]: Failed password for r.r from 113.110.229.190 port 34640 ssh2 Oct 5 10:59:02 cumulus sshd[21471]: Received disconnect from 113.110.229.190 port 34640:11: Bye Bye [preauth] Oct 5 10:59:02 cumulus sshd[21471]: Disconnected from 113.110.229.190 port 34640 [preauth] Oct 5 11:01:54 cumulus sshd[21822]: pam_unix(sshd:auth): authentication failure........ ------------------------------- |
2020-10-08 04:38:02 |