City: unknown
Region: unknown
Country: China
Internet Service Provider: ShanXi Province JinZhong Mobile Communication Company
Hostname: unknown
Organization: unknown
Usage Type: Commercial
| Type | Details | Datetime |
|---|---|---|
| attackbots | Automatic report - Banned IP Access |
2019-12-27 03:03:51 |
| attackspambots | 'IP reached maximum auth failures for a one day block' |
2019-12-07 19:19:31 |
| attackspam | 11.11.2019 07:29:52 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F |
2019-11-11 15:31:53 |
| attackbots | [munged]::443 202.99.199.142 - - [18/Oct/2019:22:55:25 +0200] "POST /[munged]: HTTP/1.1" 200 8165 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 202.99.199.142 - - [18/Oct/2019:22:55:27 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 202.99.199.142 - - [18/Oct/2019:22:55:27 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 202.99.199.142 - - [18/Oct/2019:22:55:28 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 202.99.199.142 - - [18/Oct/2019:22:55:28 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 202.99.199.142 - - [18/Oct/2019:22: |
2019-10-19 05:54:43 |
| attack | 12:33:11.499 1 IMAP-001307([202.99.199.142]) failed to open 'iain.djetlic@womble.org'. Connection from [202.99.199.142]:60660. Error Code=account is routed to NULL ... |
2019-10-19 03:09:12 |
| attackspam | Brute force attempt |
2019-10-04 00:44:55 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.99.199.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58552
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.99.199.142. IN A
;; AUTHORITY SECTION:
. 200 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019091601 1800 900 604800 86400
;; Query time: 182 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 17 09:45:32 CST 2019
;; MSG SIZE rcvd: 118Host 142.199.99.202.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 142.199.99.202.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 37.120.191.220 | attackbotsspam | 108 failed attempt(s) in the last 24h |
2019-07-31 12:23:45 |
| 89.65.17.100 | attackbots | Jul 31 06:23:44 * sshd[2280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.65.17.100 Jul 31 06:23:47 * sshd[2280]: Failed password for invalid user ubuntu from 89.65.17.100 port 47231 ssh2 |
2019-07-31 12:33:14 |
| 222.189.199.184 | attackspambots | Honeypot attack, port: 23, PTR: PTR record not found |
2019-07-31 12:47:17 |
| 74.141.211.210 | attackspam | $f2bV_matches |
2019-07-31 13:05:04 |
| 113.160.54.66 | attackspambots | Unauthorized connection attempt from IP address 113.160.54.66 on Port 445(SMB) |
2019-07-31 12:56:48 |
| 49.234.102.232 | attackbots | Jul 31 03:27:36 db sshd\[9359\]: Invalid user mail1 from 49.234.102.232 Jul 31 03:27:36 db sshd\[9359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.102.232 Jul 31 03:27:38 db sshd\[9359\]: Failed password for invalid user mail1 from 49.234.102.232 port 38266 ssh2 Jul 31 03:31:27 db sshd\[9427\]: Invalid user jamil from 49.234.102.232 Jul 31 03:31:27 db sshd\[9427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.102.232 ... |
2019-07-31 12:38:35 |
| 103.199.145.234 | attack | 2019-07-31T03:46:04.931923abusebot-7.cloudsearch.cf sshd\[30820\]: Invalid user la from 103.199.145.234 port 38006 |
2019-07-31 11:55:02 |
| 43.252.159.11 | attack | Unauthorized connection attempt from IP address 43.252.159.11 on Port 445(SMB) |
2019-07-31 12:33:52 |
| 170.83.161.202 | attackspambots | Unauthorized connection attempt from IP address 170.83.161.202 on Port 445(SMB) |
2019-07-31 12:27:31 |
| 178.176.174.131 | attack | Brute force attempt |
2019-07-31 11:54:10 |
| 37.59.89.97 | attackspambots | SSH-BruteForce |
2019-07-31 12:46:33 |
| 118.97.140.237 | attack | Jul 31 01:06:31 bouncer sshd\[13824\]: Invalid user kwan from 118.97.140.237 port 60828 Jul 31 01:06:31 bouncer sshd\[13824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.140.237 Jul 31 01:06:34 bouncer sshd\[13824\]: Failed password for invalid user kwan from 118.97.140.237 port 60828 ssh2 ... |
2019-07-31 12:53:09 |
| 92.39.55.73 | attack | Honeypot attack, port: 23, PTR: 92-39-55-73.airstream.md. |
2019-07-31 12:55:19 |
| 58.20.139.26 | attack | SSH-BruteForce |
2019-07-31 12:23:27 |
| 91.93.56.11 | attackspam | Honeypot attack, port: 23, PTR: host-91-93-56-11.reverse.superonline.net. |
2019-07-31 13:00:48 |