City: unknown
Region: Liaoning
Country: China
Internet Service Provider: Unicom Liaoning Province Network
Hostname: unknown
Organization: CHINA UNICOM China169 Backbone
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attack | Honeypot attack, port: 23, PTR: PTR record not found |
2019-07-20 04:08:55 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.53.93.236
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23262
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.53.93.236. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019071901 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 20 04:08:50 CST 2019
;; MSG SIZE rcvd: 116Host 236.93.53.42.in-addr.arpa. not found: 3(NXDOMAIN)Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 236.93.53.42.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 80.82.70.118 | attackspambots | Multiport scan : 7 ports scanned 21 50 110 1080 3307 3790 10001 |
2020-05-03 07:23:04 |
| 89.248.168.220 | attack | 05/02/2020-16:36:57.244888 89.248.168.220 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2020-05-03 06:47:52 |
| 80.82.78.104 | attackspambots | 05/03/2020-00:55:12.829056 80.82.78.104 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 82 |
2020-05-03 07:20:09 |
| 51.159.35.142 | attackbots | " " |
2020-05-03 06:57:40 |
| 89.248.168.218 | attackspambots | 05/03/2020-00:57:23.337040 89.248.168.218 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2020-05-03 07:16:21 |
| 51.132.128.217 | attackspam | ET CINS Active Threat Intelligence Poor Reputation IP group 34 - port: 3389 proto: TCP cat: Misc Attack |
2020-05-03 06:58:25 |
| 89.248.160.178 | attackbots | Triggered: repeated knocking on closed ports. |
2020-05-03 07:17:02 |
| 89.248.168.112 | attackspam | ET CINS Active Threat Intelligence Poor Reputation IP group 79 - port: 5555 proto: TCP cat: Misc Attack |
2020-05-03 06:48:55 |
| 80.211.251.5 | attackspambots | ET SCAN Sipvicious Scan - port: 5060 proto: UDP cat: Attempted Information Leak |
2020-05-03 06:53:06 |
| 5.101.0.209 | attackspambots | Multiport scan : 8 ports scanned 443 4505 4506 6379 6800 8081(x2) 8088 8983 |
2020-05-03 07:05:41 |
| 45.134.179.243 | attackspambots | ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 4444 proto: TCP cat: Misc Attack |
2020-05-03 07:01:07 |
| 80.82.77.139 | attack | 05/02/2020-17:40:53.918420 80.82.77.139 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 82 |
2020-05-03 07:21:36 |
| 51.77.56.9 | attack | May 2 23:14:17 pipo sshd[3059]: Invalid user rapid from 51.77.56.9 port 59140 May 2 23:14:17 pipo sshd[3059]: Disconnected from invalid user rapid 51.77.56.9 port 59140 [preauth] May 2 23:14:20 pipo sshd[3119]: Invalid user like from 51.77.56.9 port 33250 May 2 23:14:20 pipo sshd[3119]: Disconnected from invalid user like 51.77.56.9 port 33250 [preauth] ... |
2020-05-03 06:59:06 |
| 92.118.37.70 | attack | Multiport scan : 11 ports scanned 3390 3391 3392 3394 3397 3399 3400 3403 3406 3407 3410 |
2020-05-03 06:46:40 |
| 185.216.140.252 | attackspam | May 3 00:48:40 debian-2gb-nbg1-2 kernel: \[10718627.086743\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.216.140.252 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=60447 PROTO=TCP SPT=56728 DPT=1653 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-05-03 07:06:02 |