城市(city): unknown
省份(region): unknown
国家(country): Denmark
运营商(isp): Crysberg A-S
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Commercial
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackspam | port scan and connect, tcp 22 (ssh) |
2020-04-16 18:44:34 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 194.239.152.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3696
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;194.239.152.124. IN A
;; AUTHORITY SECTION:
. 600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020041600 1800 900 604800 86400
;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 16 18:44:30 CST 2020
;; MSG SIZE rcvd: 119124.152.239.194.in-addr.arpa is an alias for 124.64-26.152.239.194.in-addr.arpa.
124.64-26.152.239.194.in-addr.arpa domain name pointer cims2.crysberg.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
124.152.239.194.in-addr.arpa canonical name = 124.64-26.152.239.194.in-addr.arpa.
124.64-26.152.239.194.in-addr.arpa name = cims2.crysberg.com.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 185.175.93.24 | attackbotsspam | firewall-block, port(s): 5921/tcp |
2020-08-19 03:16:35 |
| 117.220.21.254 | attack | Auto Detect Rule! proto TCP (SYN), 117.220.21.254:53721->gjan.info:23, len 40 |
2020-08-19 02:49:15 |
| 185.176.27.190 | attackbotsspam | firewall-block, port(s): 58171/tcp |
2020-08-19 03:11:40 |
| 211.226.54.124 | attack | Auto Detect Rule! proto TCP (SYN), 211.226.54.124:9333->gjan.info:23, len 40 |
2020-08-19 02:43:57 |
| 113.89.41.139 | attack | Email rejected due to spam filtering |
2020-08-19 03:07:33 |
| 103.139.44.90 | attack | Auto Detect Rule! proto TCP (SYN), 103.139.44.90:48829->gjan.info:3389, len 40 |
2020-08-19 03:10:02 |
| 170.130.165.134 | attack | IP: 170.130.165.134
Ports affected
Simple Mail Transfer (25)
Abuse Confidence rating 20%
Found in DNSBL('s)
ASN Details
AS62904 EONIX-COMMUNICATIONS-ASBLOCK-62904
United States (US)
CIDR 170.130.160.0/21
Log Date: 18/08/2020 11:55:02 AM UTC |
2020-08-19 03:21:01 |
| 84.248.91.52 | attackbotsspam | SSH login attempts. |
2020-08-19 03:22:15 |
| 84.243.226.186 | attack | SSH login attempts. |
2020-08-19 02:51:48 |
| 84.248.85.202 | attackbotsspam | SSH login attempts. |
2020-08-19 03:16:08 |
| 176.217.210.102 | attackbots | Unauthorized connection attempt from IP address 176.217.210.102 on Port 445(SMB) |
2020-08-19 03:01:20 |
| 195.54.160.21 | attackspam | firewall-block, port(s): 8081/tcp |
2020-08-19 03:07:14 |
| 61.145.81.33 | attackspambots | Auto Detect Rule! proto TCP (SYN), 61.145.81.33:15859->gjan.info:1433, len 40 |
2020-08-19 02:56:55 |
| 122.152.49.230 | attackspam | Unauthorized connection attempt from IP address 122.152.49.230 on Port 445(SMB) |
2020-08-19 02:59:25 |
| 209.17.97.58 | attackbotsspam | The IP has triggered Cloudflare WAF. CF-Ray: 5c4ce1db6dd111a5 | WAF_Rule_ID: 4c344d8609cf47c88674e7c5f743a22c | WAF_Kind: firewall | CF_Action: drop | Country: US | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: wevg.org | User-Agent: Mozilla/5.0 (compatible; Nimbostratus-Bot/v1.3.2; http://cloudsystemnetworks.com) | CF_DC: MIA. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2020-08-19 03:11:25 |