City: unknown
Region: unknown
Country: China
Internet Service Provider: Cernet New Technology Co. Ltd
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackbots | Port probing on unauthorized port 445 |
2020-02-14 09:53:22 |
| attackspam | 19/7/22@19:27:24: FAIL: Alarm-Intrusion address from=42.245.203.136 ... |
2019-07-23 09:08:17 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 42.245.203.153 | attackbots | Honeypot attack, port: 445, PTR: PTR record not found |
2020-05-26 07:54:52 |
| 42.245.203.139 | attackspambots | Honeypot attack, port: 445, PTR: PTR record not found |
2020-02-23 22:23:13 |
| 42.245.203.148 | attackbotsspam | Honeypot attack, port: 445, PTR: PTR record not found |
2020-01-13 14:30:01 |
| 42.245.203.148 | attackspam | Unauthorized connection attempt detected from IP address 42.245.203.148 to port 4899 [J] |
2020-01-06 14:26:40 |
| 42.245.203.134 | attack | Port Scan: TCP/445 |
2019-08-24 14:32:30 |
| 42.245.203.139 | attackbotsspam | 19/7/22@19:26:43: FAIL: Alarm-Intrusion address from=42.245.203.139 ... |
2019-07-23 09:28:25 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.245.203.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13033
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.245.203.136. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019072201 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 23 09:08:11 CST 2019
;; MSG SIZE rcvd: 118Host 136.203.245.42.in-addr.arpa. not found: 3(NXDOMAIN)Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 136.203.245.42.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 223.166.74.153 | attackspambots | The IP has triggered Cloudflare WAF. CF-Ray: 54104a2c1babed77 | WAF_Rule_ID: 1112824 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 07:25:43 |
| 149.129.244.23 | attack | Dec 8 04:54:38 vibhu-HP-Z238-Microtower-Workstation sshd\[8612\]: Invalid user schroer from 149.129.244.23 Dec 8 04:54:38 vibhu-HP-Z238-Microtower-Workstation sshd\[8612\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.244.23 Dec 8 04:54:40 vibhu-HP-Z238-Microtower-Workstation sshd\[8612\]: Failed password for invalid user schroer from 149.129.244.23 port 45144 ssh2 Dec 8 05:00:57 vibhu-HP-Z238-Microtower-Workstation sshd\[9060\]: Invalid user info from 149.129.244.23 Dec 8 05:00:57 vibhu-HP-Z238-Microtower-Workstation sshd\[9060\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.244.23 ... |
2019-12-08 07:36:11 |
| 1.64.12.72 | attack | The IP has triggered Cloudflare WAF. CF-Ray: 540f70c69cbedd1e | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: HK | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 | CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 07:25:14 |
| 77.37.194.170 | attackspam | firewall-block, port(s): 33896/tcp |
2019-12-08 07:33:54 |
| 196.38.70.24 | attack | Dec 7 18:24:09 ny01 sshd[26866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.38.70.24 Dec 7 18:24:10 ny01 sshd[26866]: Failed password for invalid user ettie from 196.38.70.24 port 20603 ssh2 Dec 7 18:30:56 ny01 sshd[28135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.38.70.24 |
2019-12-08 07:40:55 |
| 51.91.212.81 | attack | Unauthorized connection attempt from IP address 51.91.212.81 on Port 3306(MYSQL) |
2019-12-08 07:43:38 |
| 104.245.144.42 | attackspam | (From celeste.cookson94@gmail.com) Do you want to post your ad on tons of online ad sites every month? One tiny investment every month will get you virtually endless traffic to your site forever!Get more info by visiting: http://www.submitmyadnow.tech |
2019-12-08 08:02:30 |
| 18.223.140.56 | attackspam | Dec 8 04:41:16 gw1 sshd[21889]: Failed password for smmsp from 18.223.140.56 port 58034 ssh2 ... |
2019-12-08 07:55:55 |
| 222.186.173.183 | attackbots | SSH-BruteForce |
2019-12-08 07:46:41 |
| 152.136.158.232 | attackbots | Dec 8 00:49:22 loxhost sshd\[17566\]: Invalid user gateway from 152.136.158.232 port 40378 Dec 8 00:49:22 loxhost sshd\[17566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.158.232 Dec 8 00:49:24 loxhost sshd\[17566\]: Failed password for invalid user gateway from 152.136.158.232 port 40378 ssh2 Dec 8 00:55:28 loxhost sshd\[17860\]: Invalid user qqqqqqqq from 152.136.158.232 port 50912 Dec 8 00:55:28 loxhost sshd\[17860\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.158.232 ... |
2019-12-08 07:57:25 |
| 117.139.166.203 | attackspam | Dec 7 18:23:44 linuxvps sshd\[30087\]: Invalid user boxuser from 117.139.166.203 Dec 7 18:23:44 linuxvps sshd\[30087\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Dec 7 18:23:47 linuxvps sshd\[30087\]: Failed password for invalid user boxuser from 117.139.166.203 port 21076 ssh2 Dec 7 18:30:49 linuxvps sshd\[34121\]: Invalid user wwwid from 117.139.166.203 Dec 7 18:30:49 linuxvps sshd\[34121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 |
2019-12-08 07:54:28 |
| 122.51.23.79 | attackspambots | Dec 7 09:32:21 server sshd\[4925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.23.79 Dec 7 09:32:22 server sshd\[4925\]: Failed password for invalid user ubuntu from 122.51.23.79 port 50512 ssh2 Dec 7 18:47:13 server sshd\[24704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.23.79 user=root Dec 7 18:47:15 server sshd\[24704\]: Failed password for root from 122.51.23.79 port 33888 ssh2 Dec 8 02:30:46 server sshd\[25110\]: Invalid user oracle from 122.51.23.79 Dec 8 02:30:46 server sshd\[25110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.23.79 ... |
2019-12-08 07:59:13 |
| 219.140.117.141 | attackspam | The IP has triggered Cloudflare WAF. CF-Ray: 541035b6bf9eeaf0 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 07:30:37 |
| 106.54.220.178 | attack | 2019-12-07T23:37:40.739508abusebot-3.cloudsearch.cf sshd\[15344\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.220.178 user=root |
2019-12-08 07:49:44 |
| 222.94.163.82 | attackspam | The IP has triggered Cloudflare WAF. CF-Ray: 5412a30839b077fa | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.082584686 Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 07:28:35 |