City: unknown
Region: unknown
Country: China
Internet Service Provider: ChinaNet Shanxi Province Network
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attack | Scanning random ports - tries to find possible vulnerable services |
2020-01-04 09:08:02 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 59.48.244.149 | attackbots | Honeypot attack, port: 445, PTR: 149.244.48.59.broad.ll.sx.dynamic.163data.com.cn. |
2020-06-19 08:46:28 |
| 59.48.244.148 | attack | Unauthorized connection attempt detected from IP address 59.48.244.148 to port 445 |
2020-06-13 08:01:10 |
| 59.48.244.149 | attack | Unauthorized connection attempt from IP address 59.48.244.149 on Port 445(SMB) |
2020-06-08 03:19:54 |
| 59.48.244.149 | attack | Honeypot attack, port: 445, PTR: 149.244.48.59.broad.ll.sx.dynamic.163data.com.cn. |
2020-03-24 14:57:49 |
| 59.48.244.148 | attack | Honeypot attack, port: 445, PTR: 148.244.48.59.broad.ll.sx.dynamic.163data.com.cn. |
2020-02-20 17:33:41 |
| 59.48.244.150 | attackspam | Unauthorized connection attempt detected from IP address 59.48.244.150 to port 445 |
2019-12-31 03:41:53 |
| 59.48.244.148 | attack | Unauthorized connection attempt from IP address 59.48.244.148 on Port 445(SMB) |
2019-12-13 17:02:58 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.48.244.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6018
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;59.48.244.12. IN A
;; AUTHORITY SECTION:
. 600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020010301 1800 900 604800 86400
;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 04 09:07:56 CST 2020
;; MSG SIZE rcvd: 11612.244.48.59.in-addr.arpa domain name pointer 12.244.48.59.broad.ll.sx.dynamic.163data.com.cn.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
12.244.48.59.in-addr.arpa name = 12.244.48.59.broad.ll.sx.dynamic.163data.com.cn.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 194.135.68.170 | attackspambots | 'IP reached maximum auth failures for a one day block' |
2019-10-06 05:08:32 |
| 123.206.174.26 | attackbots | Oct 5 23:42:44 server sshd\[7094\]: User root from 123.206.174.26 not allowed because listed in DenyUsers Oct 5 23:42:44 server sshd\[7094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.174.26 user=root Oct 5 23:42:46 server sshd\[7094\]: Failed password for invalid user root from 123.206.174.26 port 47400 ssh2 Oct 5 23:47:12 server sshd\[17087\]: User root from 123.206.174.26 not allowed because listed in DenyUsers Oct 5 23:47:12 server sshd\[17087\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.174.26 user=root |
2019-10-06 05:06:17 |
| 151.80.140.13 | attackspambots | Oct 5 23:06:48 SilenceServices sshd[27405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.140.13 Oct 5 23:06:50 SilenceServices sshd[27405]: Failed password for invalid user P@r0la1234 from 151.80.140.13 port 58072 ssh2 Oct 5 23:10:41 SilenceServices sshd[29920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.140.13 |
2019-10-06 05:11:26 |
| 71.189.93.102 | attackbots | firewall-block, port(s): 5555/tcp |
2019-10-06 05:15:27 |
| 180.47.76.192 | attackspam | Unauthorised access (Oct 5) SRC=180.47.76.192 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=36038 TCP DPT=8080 WINDOW=19268 SYN Unauthorised access (Oct 5) SRC=180.47.76.192 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=54147 TCP DPT=8080 WINDOW=19268 SYN Unauthorised access (Oct 4) SRC=180.47.76.192 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=8272 TCP DPT=8080 WINDOW=19268 SYN Unauthorised access (Oct 4) SRC=180.47.76.192 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=49789 TCP DPT=8080 WINDOW=19268 SYN |
2019-10-06 05:11:06 |
| 177.69.237.49 | attackbotsspam | Oct 5 22:43:25 saschabauer sshd[24127]: Failed password for root from 177.69.237.49 port 33170 ssh2 |
2019-10-06 05:03:11 |
| 61.53.13.125 | attack | firewall-block, port(s): 23/tcp |
2019-10-06 05:23:46 |
| 187.160.241.226 | attackspambots | 19/10/5@15:40:31: FAIL: Alarm-Intrusion address from=187.160.241.226 ... |
2019-10-06 04:58:02 |
| 92.63.194.26 | attackbotsspam | Oct 5 22:57:43 cvbnet sshd[13237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.26 Oct 5 22:57:46 cvbnet sshd[13237]: Failed password for invalid user admin from 92.63.194.26 port 48402 ssh2 ... |
2019-10-06 05:09:44 |
| 178.252.75.13 | attackspambots | postfix (unknown user, SPF fail or relay access denied) |
2019-10-06 04:57:04 |
| 222.186.31.145 | attackbots | 2019-10-03 09:11:30 -> 2019-10-05 22:45:53 : 78 login attempts (222.186.31.145) |
2019-10-06 05:20:25 |
| 164.132.47.139 | attackspambots | $f2bV_matches |
2019-10-06 04:54:11 |
| 181.64.18.14 | attackbotsspam | Automatic report - Port Scan Attack |
2019-10-06 05:01:31 |
| 58.57.4.238 | attackbots | Oct 5 21:54:53 andromeda postfix/smtpd\[19109\]: warning: unknown\[58.57.4.238\]: SASL LOGIN authentication failed: authentication failure Oct 5 21:54:56 andromeda postfix/smtpd\[22738\]: warning: unknown\[58.57.4.238\]: SASL LOGIN authentication failed: authentication failure Oct 5 21:55:06 andromeda postfix/smtpd\[21949\]: warning: unknown\[58.57.4.238\]: SASL LOGIN authentication failed: authentication failure Oct 5 21:55:10 andromeda postfix/smtpd\[19109\]: warning: unknown\[58.57.4.238\]: SASL LOGIN authentication failed: authentication failure Oct 5 21:55:16 andromeda postfix/smtpd\[19109\]: warning: unknown\[58.57.4.238\]: SASL LOGIN authentication failed: authentication failure |
2019-10-06 04:50:28 |
| 188.214.104.146 | attackbots | Automatic report - Banned IP Access |
2019-10-06 04:49:26 |