City: Shenzhen
Region: Guangdong
Country: China
Internet Service Provider: ChinaNet Guangdong Province Network
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 61.142.20.29 | attackspam | (ftpd) Failed FTP login from 61.142.20.29 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 8 08:47:08 ir1 pure-ftpd: (?@61.142.20.29) [WARNING] Authentication failed for user [anonymous] |
2020-06-08 16:59:07 |
| 61.142.20.30 | attackbots | Port scan on 1 port(s): 1433 |
2020-06-08 14:34:18 |
| 61.142.20.46 | attackspambots | IP reached maximum auth failures |
2020-06-08 13:21:11 |
| 61.142.20.34 | attack | Brute forcing RDP port 3389 |
2020-05-13 12:59:00 |
| 61.142.208.100 | attackbots | Unauthorized connection attempt from IP address 61.142.208.100 on Port 445(SMB) |
2020-03-03 06:53:43 |
| 61.142.20.2 | attack | Scanning |
2019-12-26 19:39:45 |
| 61.142.20.29 | attack | 1433/tcp 1433/tcp 1433/tcp... [2019-11-28/12-08]4pkt,1pt.(tcp) |
2019-12-09 06:59:44 |
| 61.142.20.6 | attackbotsspam | Automatic report - FTP Brute Force |
2019-12-05 22:49:14 |
| 61.142.20.16 | attackspam | Automatic report - Banned IP Access |
2019-11-27 15:03:41 |
| 61.142.20.29 | attackspambots | Automatic report - Port Scan Attack |
2019-11-13 20:18:18 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.142.20.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33220
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.142.20.50. IN A
;; AUTHORITY SECTION:
. 426 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019122601 1800 900 604800 86400
;; Query time: 483 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 27 04:28:23 CST 2019
;; MSG SIZE rcvd: 116Host 50.20.142.61.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 50.20.142.61.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 86.130.63.153 | attackspambots | Lines containing failures of 86.130.63.153 Dec 2 09:38:27 shared02 sshd[20048]: Invalid user pao from 86.130.63.153 port 37752 Dec 2 09:38:27 shared02 sshd[20048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.130.63.153 Dec 2 09:38:29 shared02 sshd[20048]: Failed password for invalid user pao from 86.130.63.153 port 37752 ssh2 Dec 2 09:38:29 shared02 sshd[20048]: Received disconnect from 86.130.63.153 port 37752:11: Bye Bye [preauth] Dec 2 09:38:29 shared02 sshd[20048]: Disconnected from invalid user pao 86.130.63.153 port 37752 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=86.130.63.153 |
2019-12-02 16:46:07 |
| 51.15.207.74 | attack | 2019-12-02T08:35:17.201478abusebot-4.cloudsearch.cf sshd\[13286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.207.74 user=root |
2019-12-02 16:41:33 |
| 212.64.40.35 | attackbotsspam | Dec 2 10:48:17 sauna sshd[181549]: Failed password for root from 212.64.40.35 port 51256 ssh2 Dec 2 10:55:40 sauna sshd[181804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.40.35 ... |
2019-12-02 16:56:02 |
| 138.197.5.191 | attackspam | Dec 1 22:49:55 tdfoods sshd\[21027\]: Invalid user manchini from 138.197.5.191 Dec 1 22:49:55 tdfoods sshd\[21027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191 Dec 1 22:49:57 tdfoods sshd\[21027\]: Failed password for invalid user manchini from 138.197.5.191 port 57184 ssh2 Dec 1 22:55:35 tdfoods sshd\[21676\]: Invalid user gdm from 138.197.5.191 Dec 1 22:55:35 tdfoods sshd\[21676\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191 |
2019-12-02 16:59:52 |
| 45.55.176.173 | attack | Dec 2 03:55:15 plusreed sshd[5125]: Invalid user adobe from 45.55.176.173 ... |
2019-12-02 17:18:00 |
| 23.239.111.138 | attack | TCP Port Scanning |
2019-12-02 17:03:15 |
| 192.241.246.50 | attackbots | Dec 2 14:25:36 areeb-Workstation sshd[7132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.246.50 Dec 2 14:25:38 areeb-Workstation sshd[7132]: Failed password for invalid user bhavani from 192.241.246.50 port 35060 ssh2 ... |
2019-12-02 16:57:48 |
| 106.13.140.52 | attackbots | Dec 1 22:37:36 sachi sshd\[9226\]: Invalid user 000 from 106.13.140.52 Dec 1 22:37:36 sachi sshd\[9226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.52 Dec 1 22:37:38 sachi sshd\[9226\]: Failed password for invalid user 000 from 106.13.140.52 port 60786 ssh2 Dec 1 22:44:50 sachi sshd\[10056\]: Invalid user admin from 106.13.140.52 Dec 1 22:44:50 sachi sshd\[10056\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.52 |
2019-12-02 16:45:51 |
| 51.77.201.36 | attack | Dec 2 10:07:15 vps691689 sshd[11919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.201.36 Dec 2 10:07:16 vps691689 sshd[11919]: Failed password for invalid user suhian from 51.77.201.36 port 34342 ssh2 Dec 2 10:13:20 vps691689 sshd[12119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.201.36 ... |
2019-12-02 17:15:51 |
| 176.31.162.82 | attackspambots | 2019-12-02T08:33:38.469395 sshd[10530]: Invalid user kareenhalli from 176.31.162.82 port 40410 2019-12-02T08:33:38.481566 sshd[10530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.162.82 2019-12-02T08:33:38.469395 sshd[10530]: Invalid user kareenhalli from 176.31.162.82 port 40410 2019-12-02T08:33:40.558557 sshd[10530]: Failed password for invalid user kareenhalli from 176.31.162.82 port 40410 ssh2 2019-12-02T08:38:51.685652 sshd[10629]: Invalid user test from 176.31.162.82 port 51950 ... |
2019-12-02 16:41:03 |
| 112.85.42.174 | attack | Dec 2 09:55:32 MainVPS sshd[18466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root Dec 2 09:55:34 MainVPS sshd[18466]: Failed password for root from 112.85.42.174 port 35551 ssh2 Dec 2 09:55:38 MainVPS sshd[18466]: Failed password for root from 112.85.42.174 port 35551 ssh2 Dec 2 09:55:32 MainVPS sshd[18466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root Dec 2 09:55:34 MainVPS sshd[18466]: Failed password for root from 112.85.42.174 port 35551 ssh2 Dec 2 09:55:38 MainVPS sshd[18466]: Failed password for root from 112.85.42.174 port 35551 ssh2 Dec 2 09:55:32 MainVPS sshd[18466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root Dec 2 09:55:34 MainVPS sshd[18466]: Failed password for root from 112.85.42.174 port 35551 ssh2 Dec 2 09:55:38 MainVPS sshd[18466]: Failed password for root from 112.85.42.174 port 355 |
2019-12-02 16:55:45 |
| 141.8.28.127 | attackspambots | Dec 2 09:55:21 andromeda sshd\[33438\]: Invalid user admin from 141.8.28.127 port 49591 Dec 2 09:55:21 andromeda sshd\[33438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.8.28.127 Dec 2 09:55:24 andromeda sshd\[33438\]: Failed password for invalid user admin from 141.8.28.127 port 49591 ssh2 |
2019-12-02 17:08:39 |
| 103.94.5.42 | attackspam | $f2bV_matches |
2019-12-02 17:17:18 |
| 181.123.9.3 | attackspambots | Dec 2 09:33:55 * sshd[32615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.123.9.3 Dec 2 09:33:57 * sshd[32615]: Failed password for invalid user berte from 181.123.9.3 port 49850 ssh2 |
2019-12-02 16:42:00 |
| 139.59.3.151 | attack | SSH auth scanning - multiple failed logins |
2019-12-02 17:16:53 |