City: unknown
Region: unknown
Country: China
Internet Service Provider: Beijing Voda Telecom Technology Co. Ltd.
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): |
2020-07-09 23:48:13 |
| attackspambots | DATE:2020-07-06 05:54:09, IP:120.53.119.223, PORT:ssh SSH brute force auth (docker-dc) |
2020-07-06 13:17:33 |
| attackspambots | Jun 29 23:26:21 v11 sshd[16879]: Invalid user idc from 120.53.119.223 port 46488 Jun 29 23:26:23 v11 sshd[16879]: Failed password for invalid user idc from 120.53.119.223 port 46488 ssh2 Jun 29 23:26:23 v11 sshd[16879]: Received disconnect from 120.53.119.223 port 46488:11: Bye Bye [preauth] Jun 29 23:26:23 v11 sshd[16879]: Disconnected from 120.53.119.223 port 46488 [preauth] Jun 29 23:34:53 v11 sshd[19969]: Invalid user master from 120.53.119.223 port 36564 Jun 29 23:34:54 v11 sshd[19969]: Failed password for invalid user master from 120.53.119.223 port 36564 ssh2 Jun 29 23:34:55 v11 sshd[19969]: Received disconnect from 120.53.119.223 port 36564:11: Bye Bye [preauth] Jun 29 23:34:55 v11 sshd[19969]: Disconnected from 120.53.119.223 port 36564 [preauth] Jun 29 23:36:58 v11 sshd[20058]: Invalid user evi from 120.53.119.223 port 55584 Jun 29 23:37:00 v11 sshd[20058]: Failed password for invalid user evi from 120.53.119.223 port 55584 ssh2 Jun 29 23:37:01 v11 sshd[20058]........ ------------------------------- |
2020-07-02 05:42:00 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 120.53.119.213 | attackbots | Event 'Ataque de red detectado' has occurred on device SRV-EXPLOTACION in Windows domain KAURKI on Wednesday, July 15, 2020 9:17:43 AM (GMT+00:00) Tipo de evento: Ataque de red detectado Aplicación: Kaspersky Endpoint Security para Windows Aplicación\Ruta: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\ Usuario: SRV-EXPLOTACION\Administrador (Usuario activo) Componente: Protección frente a amenazas en la red Resultado\Descripción: Bloqueado Resultado\Nombre: Intrusion.Generic.CVE-2018-1273.exploit Objeto: TCP de 120.53.119.213 at 192.168.0.80:8080 |
2020-07-21 02:05:42 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.53.119.223
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33401
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.53.119.223. IN A
;; AUTHORITY SECTION:
. 196 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020070103 1800 900 604800 86400
;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 02 05:41:56 CST 2020
;; MSG SIZE rcvd: 118Host 223.119.53.120.in-addr.arpa not found: 2(SERVFAIL);; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 223.119.53.120.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 222.129.57.59 | attackbotsspam | Unauthorized connection attempt detected from IP address 222.129.57.59 to port 80 [T] |
2020-02-01 19:42:47 |
| 222.129.60.38 | attackbotsspam | Unauthorized connection attempt detected from IP address 222.129.60.38 to port 80 [T] |
2020-02-01 19:31:58 |
| 222.129.60.74 | attackspambots | Unauthorized connection attempt detected from IP address 222.129.60.74 to port 80 [T] |
2020-02-01 19:30:27 |
| 222.129.62.106 | attack | Unauthorized connection attempt detected from IP address 222.129.62.106 to port 80 [T] |
2020-02-01 19:20:13 |
| 222.129.62.167 | attack | Unauthorized connection attempt detected from IP address 222.129.62.167 to port 80 [T] |
2020-02-01 19:50:52 |
| 222.129.63.223 | attackbotsspam | Unauthorized connection attempt detected from IP address 222.129.63.223 to port 80 [T] |
2020-02-01 19:14:34 |
| 222.129.62.129 | attack | Unauthorized connection attempt detected from IP address 222.129.62.129 to port 80 [T] |
2020-02-01 19:19:45 |
| 222.129.60.213 | attackspam | Unauthorized connection attempt detected from IP address 222.129.60.213 to port 80 [T] |
2020-02-01 19:27:17 |
| 222.129.61.161 | attackbotsspam | Unauthorized connection attempt detected from IP address 222.129.61.161 to port 80 [T] |
2020-02-01 19:23:36 |
| 222.129.56.4 | attackspambots | Unauthorized connection attempt detected from IP address 222.129.56.4 to port 80 [T] |
2020-02-01 19:46:31 |
| 222.129.57.79 | attackspam | Unauthorized connection attempt detected from IP address 222.129.57.79 to port 80 [T] |
2020-02-01 19:42:24 |
| 222.129.56.255 | attack | Unauthorized connection attempt detected from IP address 222.129.56.255 to port 80 [T] |
2020-02-01 19:44:14 |
| 222.129.62.177 | attack | Unauthorized connection attempt detected from IP address 222.129.62.177 to port 80 [T] |
2020-02-01 19:18:49 |
| 222.129.59.242 | attack | Unauthorized connection attempt detected from IP address 222.129.59.242 to port 80 [T] |
2020-02-01 19:32:29 |
| 222.129.57.19 | attack | Unauthorized connection attempt detected from IP address 222.129.57.19 to port 80 [T] |
2020-02-01 19:43:11 |