City: unknown
Region: unknown
Country: Germany
Internet Service Provider: Guangzhou Pangu Internet Technology Co. Ltd
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | Unauthorized connection attempt detected from IP address 93.90.74.134 to port 2220 [J] |
2020-02-02 09:20:16 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 93.90.74.182 | attackspam | k+ssh-bruteforce |
2020-03-19 05:16:42 |
| 93.90.74.205 | attackspambots | Jan 15 21:15:29 ns392434 sshd[19323]: Invalid user unmesh from 93.90.74.205 port 40188 Jan 15 21:15:29 ns392434 sshd[19323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.90.74.205 Jan 15 21:15:29 ns392434 sshd[19323]: Invalid user unmesh from 93.90.74.205 port 40188 Jan 15 21:15:31 ns392434 sshd[19323]: Failed password for invalid user unmesh from 93.90.74.205 port 40188 ssh2 Jan 15 21:31:16 ns392434 sshd[19686]: Invalid user ag from 93.90.74.205 port 36212 Jan 15 21:31:16 ns392434 sshd[19686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.90.74.205 Jan 15 21:31:16 ns392434 sshd[19686]: Invalid user ag from 93.90.74.205 port 36212 Jan 15 21:31:18 ns392434 sshd[19686]: Failed password for invalid user ag from 93.90.74.205 port 36212 ssh2 Jan 15 21:31:44 ns392434 sshd[19692]: Invalid user mega from 93.90.74.205 port 39596 |
2020-01-16 05:14:20 |
| 93.90.74.182 | attack | Dec 23 00:11:02 rtr-mst-350 sshd[24765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.90.74.182 user=r.r Dec 23 00:11:05 rtr-mst-350 sshd[24765]: Failed password for r.r from 93.90.74.182 port 42846 ssh2 Dec 23 00:11:05 rtr-mst-350 sshd[24765]: Received disconnect from 93.90.74.182: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=93.90.74.182 |
2019-12-23 22:21:51 |
| 93.90.74.240 | attackspambots | Dec 23 07:26:36 vps58358 sshd\[29530\]: Invalid user dnlee from 93.90.74.240Dec 23 07:26:38 vps58358 sshd\[29530\]: Failed password for invalid user dnlee from 93.90.74.240 port 59507 ssh2Dec 23 07:27:05 vps58358 sshd\[29532\]: Invalid user aggergaard from 93.90.74.240Dec 23 07:27:07 vps58358 sshd\[29532\]: Failed password for invalid user aggergaard from 93.90.74.240 port 60635 ssh2Dec 23 07:27:30 vps58358 sshd\[29534\]: Failed password for root from 93.90.74.240 port 33528 ssh2Dec 23 07:27:54 vps58358 sshd\[29540\]: Failed password for root from 93.90.74.240 port 34654 ssh2 ... |
2019-12-23 17:49:38 |
| 93.90.74.182 | attack | 20 attempts against mh-ssh on cloud.magehost.pro |
2019-12-22 15:11:24 |
| 93.90.74.187 | attack | Dec 17 02:23:48 host sshd[18646]: User r.r from 93.90.74.187 not allowed because none of user's groups are listed in AllowGroups Dec 17 02:23:48 host sshd[18646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.90.74.187 user=r.r Dec 17 02:23:50 host sshd[18646]: Failed password for invalid user r.r from 93.90.74.187 port 47748 ssh2 Dec 17 02:23:50 host sshd[18646]: Received disconnect from 93.90.74.187 port 47748:11: Bye Bye [preauth] Dec 17 02:23:50 host sshd[18646]: Disconnected from invalid user r.r 93.90.74.187 port 47748 [preauth] Dec 17 02:33:23 host sshd[20886]: Invalid user rfabb from 93.90.74.187 port 54804 Dec 17 02:33:23 host sshd[20886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.90.74.187 Dec 17 02:33:24 host sshd[20886]: Failed password for invalid user rfabb from 93.90.74.187 port 54804 ssh2 Dec 17 02:33:25 host sshd[20886]: Received disconnect from 93.90.74.187 p........ ------------------------------- |
2019-12-19 22:33:42 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.90.74.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4711
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.90.74.134. IN A
;; AUTHORITY SECTION:
. 339 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020020102 1800 900 604800 86400
;; Query time: 131 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 02 09:20:11 CST 2020
;; MSG SIZE rcvd: 116Host 134.74.90.93.in-addr.arpa. not found: 3(NXDOMAIN)Server: 100.100.2.136
Address: 100.100.2.136#53
** server can't find 134.74.90.93.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 175.22.167.76 | attack | Port Scan |
2019-12-22 16:53:00 |
| 58.215.121.36 | attack | Brute-force attempt banned |
2019-12-22 16:48:38 |
| 94.191.47.240 | attack | W 5701,/var/log/auth.log,-,- |
2019-12-22 16:37:45 |
| 2001:8a0:ffc1:4f00:80b6:c9d8:7172:55a3 | attackbotsspam | [SunDec2207:28:29.7765622019][:error][pid13626:tid47392703989504][client2001:8a0:ffc1:4f00:80b6:c9d8:7172:55a3:34375][client2001:8a0:ffc1:4f00:80b6:c9d8:7172:55a3]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\\\\\\\\.php"atARGS:img.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"788"][id"337479"][rev"2"][msg"Atomicorp.comWAFRules-VirtualJustInTimePatch:WordpressRevslidernon-imagefiledownloadAttack"][severity"CRITICAL"][hostname"tantravenus.ch"][uri"/wp-admin/admin-ajax.php"][unique_id"Xf8NDbWHALVWLfAe9bu9tgAAAMk"][SunDec2207:28:30.5070912019][:error][pid13742:tid47392733406976][client2001:8a0:ffc1:4f00:80b6:c9d8:7172:55a3:34383][client2001:8a0:ffc1:4f00:80b6:c9d8:7172:55a3]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\\\\\\\\.php"atARGS:img.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"788"][id"337479"][rev"2"][msg"Atomicorp.comWAFRules-VirtualJustInTimePatch:WordpressRevslidernon-imagefiledownloadAttack" |
2019-12-22 16:51:55 |
| 106.13.67.22 | attackspam | [Aegis] @ 2019-12-22 09:03:11 0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack |
2019-12-22 16:34:25 |
| 222.186.136.64 | attack | Dec 22 11:24:40 server sshd\[28826\]: Invalid user ralf from 222.186.136.64 Dec 22 11:24:40 server sshd\[28826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.136.64 Dec 22 11:24:42 server sshd\[28826\]: Failed password for invalid user ralf from 222.186.136.64 port 42886 ssh2 Dec 22 11:40:40 server sshd\[941\]: Invalid user pul from 222.186.136.64 Dec 22 11:40:40 server sshd\[941\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.136.64 ... |
2019-12-22 16:45:57 |
| 190.54.97.162 | attackspambots | Dec 22 13:08:49 areeb-Workstation sshd[27346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.54.97.162 Dec 22 13:08:50 areeb-Workstation sshd[27346]: Failed password for invalid user mysql from 190.54.97.162 port 43347 ssh2 ... |
2019-12-22 17:00:24 |
| 103.60.126.65 | attack | Dec 22 08:34:30 MK-Soft-Root1 sshd[13218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.60.126.65 Dec 22 08:34:32 MK-Soft-Root1 sshd[13218]: Failed password for invalid user anonymous from 103.60.126.65 port 36408 ssh2 ... |
2019-12-22 16:37:17 |
| 220.173.55.8 | attackspambots | Dec 22 09:17:16 server sshd\[26203\]: Invalid user bogu from 220.173.55.8 Dec 22 09:17:16 server sshd\[26203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.173.55.8 Dec 22 09:17:18 server sshd\[26203\]: Failed password for invalid user bogu from 220.173.55.8 port 50428 ssh2 Dec 22 09:28:08 server sshd\[29040\]: Invalid user bung from 220.173.55.8 Dec 22 09:28:08 server sshd\[29040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.173.55.8 ... |
2019-12-22 17:13:35 |
| 173.45.164.2 | attack | Dec 22 09:33:33 MK-Soft-VM5 sshd[7290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.45.164.2 Dec 22 09:33:35 MK-Soft-VM5 sshd[7290]: Failed password for invalid user ident from 173.45.164.2 port 39124 ssh2 ... |
2019-12-22 17:15:09 |
| 112.85.42.173 | attackspam | 2019-12-22T09:07:44.320868homeassistant sshd[4706]: Failed none for root from 112.85.42.173 port 64169 ssh2 2019-12-22T09:07:44.645521homeassistant sshd[4706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root ... |
2019-12-22 17:09:03 |
| 27.14.37.214 | attackspam | Port Scan |
2019-12-22 17:12:22 |
| 123.207.145.66 | attackspam | Dec 22 08:42:12 v22018086721571380 sshd[17806]: Failed password for invalid user bridie from 123.207.145.66 port 46020 ssh2 |
2019-12-22 16:57:48 |
| 122.180.48.29 | attackspambots | Dec 22 09:42:52 vps647732 sshd[1380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.180.48.29 Dec 22 09:42:53 vps647732 sshd[1380]: Failed password for invalid user xm from 122.180.48.29 port 57172 ssh2 ... |
2019-12-22 17:15:52 |
| 183.253.23.208 | attack | Dec 19 18:58:13 sanyalnet-awsem3-1 sshd[10493]: Connection from 183.253.23.208 port 30966 on 172.30.0.184 port 22 Dec 19 18:58:22 sanyalnet-awsem3-1 sshd[10493]: Invalid user fnjoroge from 183.253.23.208 Dec 19 18:58:22 sanyalnet-awsem3-1 sshd[10493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.253.23.208 Dec 19 18:58:24 sanyalnet-awsem3-1 sshd[10493]: Failed password for invalid user fnjoroge from 183.253.23.208 port 30966 ssh2 Dec 19 18:58:25 sanyalnet-awsem3-1 sshd[10493]: Received disconnect from 183.253.23.208: 11: Bye Bye [preauth] Dec 19 19:28:56 sanyalnet-awsem3-1 sshd[11507]: Connection from 183.253.23.208 port 31688 on 172.30.0.184 port 22 Dec 19 19:29:07 sanyalnet-awsem3-1 sshd[11507]: User r.r from 183.253.23.208 not allowed because not listed in AllowUsers Dec 19 19:29:07 sanyalnet-awsem3-1 sshd[11507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.253.23.208 use........ ------------------------------- |
2019-12-22 16:52:36 |