City: unknown
Region: unknown
Country: China
Internet Service Provider: Zhengzhou Gainet Computer Network Technology Co. Ltd.
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 60 |
2020-08-27 01:45:35 |
| attack | Unauthorized connection attempt detected from IP address 116.255.242.20 to port 1433 |
2020-05-31 01:13:29 |
| attack | Unauthorized connection attempt detected from IP address 116.255.242.20 to port 1433 |
2020-01-02 20:06:05 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.255.242.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2803
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.255.242.20. IN A
;; AUTHORITY SECTION:
. 339 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400
;; Query time: 30 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 02 20:05:58 CST 2020
;; MSG SIZE rcvd: 118Host 20.242.255.116.in-addr.arpa. not found: 3(NXDOMAIN)Server: 100.100.2.136
Address: 100.100.2.136#53
** server can't find 20.242.255.116.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 106.12.56.143 | attackspambots | May 26 11:50:32 server sshd[19626]: Failed password for invalid user 3.85.82.238 from 106.12.56.143 port 53382 ssh2 May 26 11:58:42 server sshd[30182]: Failed password for invalid user Administrator from 106.12.56.143 port 39676 ssh2 May 26 11:59:58 server sshd[31486]: Failed password for root from 106.12.56.143 port 50690 ssh2 |
2020-05-26 18:57:33 |
| 139.162.252.121 | attack | ICMP MH Probe, Scan /Distributed - |
2020-05-26 18:54:29 |
| 185.40.4.160 | attackbots | Port Scanner (UDP Port 1730) |
2020-05-26 18:51:12 |
| 180.183.246.177 | attack | Unauthorized connection attempt from IP address 180.183.246.177 on Port 445(SMB) |
2020-05-26 19:14:16 |
| 103.70.199.177 | attackspambots | Unauthorized connection attempt from IP address 103.70.199.177 on Port 445(SMB) |
2020-05-26 19:05:01 |
| 185.176.27.18 | attackspam | Port-scan: detected 264 distinct ports within a 24-hour window. |
2020-05-26 18:54:03 |
| 80.82.65.122 | attackbots | May 26 12:19:00 ns3042688 courier-pop3d: LOGIN FAILED, user=test@makita-dolmar.biz, ip=\[::ffff:80.82.65.122\] ... |
2020-05-26 18:45:00 |
| 130.198.72.171 | attack | ICMP MH Probe, Scan /Distributed - |
2020-05-26 19:05:38 |
| 117.48.228.46 | attack | May 26 01:04:49 dignus sshd[17646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.228.46 user=root May 26 01:04:51 dignus sshd[17646]: Failed password for root from 117.48.228.46 port 53122 ssh2 May 26 01:07:07 dignus sshd[17745]: Invalid user rosemarie from 117.48.228.46 port 57422 May 26 01:07:07 dignus sshd[17745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.228.46 May 26 01:07:10 dignus sshd[17745]: Failed password for invalid user rosemarie from 117.48.228.46 port 57422 ssh2 ... |
2020-05-26 19:15:10 |
| 125.224.165.7 | attack | Telnet/23 MH Probe, Scan, BF, Hack - |
2020-05-26 19:14:48 |
| 222.186.15.62 | attack | May 26 07:02:31 NPSTNNYC01T sshd[22647]: Failed password for root from 222.186.15.62 port 12799 ssh2 May 26 07:02:41 NPSTNNYC01T sshd[22650]: Failed password for root from 222.186.15.62 port 34786 ssh2 ... |
2020-05-26 19:09:50 |
| 51.83.73.115 | attack | May 25 21:56:44 php1 sshd\[29524\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.73.115 user=root May 25 21:56:45 php1 sshd\[29524\]: Failed password for root from 51.83.73.115 port 40646 ssh2 May 25 21:59:23 php1 sshd\[30296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.73.115 user=sshd May 25 21:59:25 php1 sshd\[30296\]: Failed password for sshd from 51.83.73.115 port 33554 ssh2 May 25 22:02:03 php1 sshd\[30506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.73.115 user=root |
2020-05-26 18:41:22 |
| 95.177.173.99 | attackspambots | May 26 09:23:12 abendstille sshd\[31828\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.177.173.99 user=root May 26 09:23:14 abendstille sshd\[31828\]: Failed password for root from 95.177.173.99 port 55316 ssh2 May 26 09:27:05 abendstille sshd\[3371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.177.173.99 user=root May 26 09:27:07 abendstille sshd\[3371\]: Failed password for root from 95.177.173.99 port 59838 ssh2 May 26 09:31:01 abendstille sshd\[7121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.177.173.99 user=root ... |
2020-05-26 18:59:41 |
| 14.252.89.121 | attackbotsspam | Unauthorized connection attempt from IP address 14.252.89.121 on Port 445(SMB) |
2020-05-26 19:03:52 |
| 185.212.48.30 | attack | Unauthorized connection attempt detected from IP address 185.212.48.30 to port 445 |
2020-05-26 18:50:52 |