109.236.49.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Turkey

运营商(isp): DGN Teknoloji A.S.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 26 16:31:46 elektron postfix/smtpd\[29332\]: NOQUEUE: reject: RCPT from unknown\[109.236.49.55\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[109.236.49.55\]\; from=\ to=\ proto=ESMTP helo=\ Aug 26 16:35:13 elektron postfix/smtpd\[29332\]: NOQUEUE: reject: RCPT from unknown\[109.236.49.55\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[109.236.49.55\]\; from=\ to=\ proto=ESMTP helo=\ Aug 26 17:00:02 elektron postfix/smtpd\[4124\]: NOQUEUE: reject: RCPT from unknown\[109.236.49.55\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[109.236.49.55\]\; from=\ to=\ proto=ESMTP helo=\	2019-08-27 06:26:08

类型

评论内容

时间

attack

Aug 26 16:31:46 elektron postfix/smtpd\[29332\]: NOQUEUE: reject: RCPT from unknown\[109.236.49.55\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[109.236.49.55\]\; from=\ to=\ proto=ESMTP helo=\
Aug 26 16:35:13 elektron postfix/smtpd\[29332\]: NOQUEUE: reject: RCPT from unknown\[109.236.49.55\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[109.236.49.55\]\; from=\ to=\ proto=ESMTP helo=\
Aug 26 17:00:02 elektron postfix/smtpd\[4124\]: NOQUEUE: reject: RCPT from unknown\[109.236.49.55\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[109.236.49.55\]\; from=\ to=\ proto=ESMTP helo=\

2019-08-27 06:26:08

相同子网IP讨论:

IP	类型	评论内容	时间
109.236.49.204	attackbots		2020-06-29 14:15:10
109.236.49.7	attack	Port Scan: TCP/25	2019-09-03 02:08:22
109.236.49.90	attackspambots	SMTP PORT:25, HELO:agendahunter.pro, FROM:minority@agendahunter.pro Reason:Blocked by local spam rules	2019-08-28 17:25:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.236.49.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52337
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;109.236.49.55.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 27 06:26:03 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

55.49.236.109.in-addr.arpa domain name pointer 55.49.236.109.in-addr.arpa.routergate.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
55.49.236.109.in-addr.arpa	name = 55.49.236.109.in-addr.arpa.routergate.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
103.231.14.4	attackbots	ECShop Remote Code Execution Vulnerability	2019-10-31 04:03:39
27.64.21.124	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 30-10-2019 11:45:28.	2019-10-31 04:04:27
45.136.109.228	attack	firewall-block, port(s): 165/tcp, 781/tcp, 1523/tcp, 1581/tcp, 1692/tcp, 2664/tcp	2019-10-31 04:00:44
171.224.180.208	attackbotsspam	Unauthorized connection attempt from IP address 171.224.180.208 on Port 445(SMB)	2019-10-31 03:59:16
94.191.122.149	attack	Oct 30 17:52:45 server sshd\[9403\]: User root from 94.191.122.149 not allowed because listed in DenyUsers Oct 30 17:52:45 server sshd\[9403\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.122.149 user=root Oct 30 17:52:48 server sshd\[9403\]: Failed password for invalid user root from 94.191.122.149 port 54486 ssh2 Oct 30 18:01:41 server sshd\[24776\]: User root from 94.191.122.149 not allowed because listed in DenyUsers Oct 30 18:01:41 server sshd\[24776\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.122.149 user=root	2019-10-31 04:31:03
157.48.61.204	attackspambots	Unauthorized connection attempt from IP address 157.48.61.204 on Port 445(SMB)	2019-10-31 04:19:23
59.13.139.46	attack	SSH Brute Force, server-1 sshd[20887]: Failed password for invalid user clock from 59.13.139.46 port 38550 ssh2	2019-10-31 04:32:17
23.254.133.175	attackbots	firewall-block, port(s): 3389/tcp	2019-10-31 04:36:33
79.187.192.249	attackspam	SSH Brute Force, server-1 sshd[12619]: Failed password for invalid user bjhost from 79.187.192.249 port 47770 ssh2	2019-10-31 04:14:07
66.154.103.220	attack	GET /web/ 404 GET /v2/ 404 GET /v1/ 404 GET /temp/ 404 GET /tmp/ 404 GET /home/ 404 GET /demo/ 404 GET /backup/ 404 GET /site/ 404 GET /main/ 404 GET /wp/ 404 GET /test/ 404 GET /old/ 404 GET /new/ 404 GET /wordpress/ 404	2019-10-31 04:28:30
163.172.204.185	attackbotsspam	Oct 30 21:55:35 pkdns2 sshd\[63886\]: Invalid user maik123 from 163.172.204.185Oct 30 21:55:37 pkdns2 sshd\[63886\]: Failed password for invalid user maik123 from 163.172.204.185 port 39097 ssh2Oct 30 21:59:51 pkdns2 sshd\[63990\]: Invalid user asd from 163.172.204.185Oct 30 21:59:53 pkdns2 sshd\[63990\]: Failed password for invalid user asd from 163.172.204.185 port 60128 ssh2Oct 30 22:04:31 pkdns2 sshd\[64176\]: Invalid user ALIEN from 163.172.204.185Oct 30 22:04:33 pkdns2 sshd\[64176\]: Failed password for invalid user ALIEN from 163.172.204.185 port 54186 ssh2 ...	2019-10-31 04:10:32
85.21.57.103	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 30-10-2019 11:45:30.	2019-10-31 04:00:16
123.231.86.215	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 30-10-2019 11:45:23.	2019-10-31 04:16:10
27.72.96.173	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 30-10-2019 11:45:29.	2019-10-31 04:04:01
132.145.82.128	attack	22/tcp [2019-10-30]1pkt	2019-10-31 04:10:50

最近上报的IP列表

167.71.219.49	74.47.222.182	144.217.80.190	135.185.242.249
117.220.179.43	147.33.160.15	109.18.236.125	172.226.78.146
103.234.41.237	103.5.134.187	101.36.150.59	52.172.183.135
159.69.67.177	213.190.202.101	34.90.29.58	119.178.175.73
103.40.235.233	59.19.30.227	209.97.161.124	219.140.163.100