111.229.242.119

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Faster Internet Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Oct 7 21:43:42 server sshd[18445]: Failed password for root from 111.229.242.119 port 51892 ssh2 Oct 7 21:47:28 server sshd[20480]: Failed password for root from 111.229.242.119 port 41676 ssh2 Oct 7 21:51:10 server sshd[22673]: Failed password for root from 111.229.242.119 port 59696 ssh2	2020-10-08 05:46:21
attack	Oct 6 20:51:39 django-0 sshd[14580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.119 user=root Oct 6 20:51:41 django-0 sshd[14580]: Failed password for root from 111.229.242.119 port 54798 ssh2 ...	2020-10-07 14:01:11
attack	Aug 29 08:15:58 lanister sshd[28280]: Invalid user newuser from 111.229.242.119 Aug 29 08:15:58 lanister sshd[28280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.119 Aug 29 08:15:58 lanister sshd[28280]: Invalid user newuser from 111.229.242.119 Aug 29 08:16:00 lanister sshd[28280]: Failed password for invalid user newuser from 111.229.242.119 port 40396 ssh2	2020-08-30 03:55:05
attackspam	bruteforce detected	2020-08-28 03:40:31

相同子网IP讨论:

IP	类型	评论内容	时间
111.229.242.156	attack	Aug 29 15:54:53 lukav-desktop sshd\[13645\]: Invalid user konstantin from 111.229.242.156 Aug 29 15:54:53 lukav-desktop sshd\[13645\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.156 Aug 29 15:54:55 lukav-desktop sshd\[13645\]: Failed password for invalid user konstantin from 111.229.242.156 port 35210 ssh2 Aug 29 16:02:03 lukav-desktop sshd\[13693\]: Invalid user ams from 111.229.242.156 Aug 29 16:02:03 lukav-desktop sshd\[13693\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.156	2020-08-30 01:31:44
111.229.242.156	attackspambots	Aug 26 23:15:48 eventyay sshd[32147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.156 Aug 26 23:15:51 eventyay sshd[32147]: Failed password for invalid user dmy from 111.229.242.156 port 54776 ssh2 Aug 26 23:21:11 eventyay sshd[32305]: Failed password for root from 111.229.242.156 port 40570 ssh2 ...	2020-08-27 06:06:04
111.229.242.156	attackspam	frenzy	2020-08-15 13:05:53
111.229.242.146	attack	bruteforce detected	2020-08-12 13:10:55
111.229.242.146	attackspam	2020-08-08 09:21:50.333355-0500 localhost sshd[595]: Failed password for root from 111.229.242.146 port 55418 ssh2	2020-08-08 23:22:38
111.229.242.146	attackspambots	Jul 30 21:26:15 sip sshd[7529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.146 Jul 30 21:26:17 sip sshd[7529]: Failed password for invalid user hackingtools from 111.229.242.146 port 55770 ssh2 Jul 30 21:34:39 sip sshd[10722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.146	2020-07-31 04:04:44
111.229.242.146	attackbots	Invalid user ubuntu from 111.229.242.146 port 51968	2020-07-30 13:47:10
111.229.242.146	attackspambots	Invalid user ubuntu from 111.229.242.146 port 51968	2020-07-29 13:21:25
111.229.242.146	attackspam	2020-07-19T19:37:02.182279n23.at sshd[29739]: Invalid user elastic from 111.229.242.146 port 59732 2020-07-19T19:37:04.276329n23.at sshd[29739]: Failed password for invalid user elastic from 111.229.242.146 port 59732 ssh2 2020-07-19T19:47:23.251036n23.at sshd[38015]: Invalid user sge from 111.229.242.146 port 50430 ...	2020-07-20 04:22:05
111.229.242.146	attack	Invalid user steam from 111.229.242.146 port 45486	2020-07-18 20:16:32
111.229.242.146	attackspambots	Invalid user opal from 111.229.242.146 port 41454	2020-07-18 06:48:02
111.229.242.146	attackspam	Jul 12 14:42:34 home sshd[15854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.146 Jul 12 14:42:37 home sshd[15854]: Failed password for invalid user antonina from 111.229.242.146 port 44360 ssh2 Jul 12 14:46:43 home sshd[16727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.146 ...	2020-07-12 23:38:51
111.229.242.146	attack	$f2bV_matches	2020-07-06 14:11:01
111.229.242.146	attackbotsspam	Jun 25 02:32:49 sticky sshd\[23143\]: Invalid user x from 111.229.242.146 port 53684 Jun 25 02:32:49 sticky sshd\[23143\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.146 Jun 25 02:32:50 sticky sshd\[23143\]: Failed password for invalid user x from 111.229.242.146 port 53684 ssh2 Jun 25 02:37:21 sticky sshd\[23202\]: Invalid user ftpuser from 111.229.242.146 port 48206 Jun 25 02:37:21 sticky sshd\[23202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.242.146 Jun 25 02:37:23 sticky sshd\[23202\]: Failed password for invalid user ftpuser from 111.229.242.146 port 48206 ssh2	2020-06-25 08:40:44
111.229.242.156	attackspambots	Jun 18 13:09:41 ip-172-31-61-156 sshd[12418]: Invalid user dejan from 111.229.242.156 ...	2020-06-19 01:21:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.229.242.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56999
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.229.242.119.		IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082702 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 28 03:40:28 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 119.242.229.111.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 119.242.229.111.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.81.137.147	attackbots	UDP 51.81.137.147:5094 -> port 5060, len 437	2020-06-16 17:51:38
91.246.210.39	attack	Jun 16 04:57:42 mail.srvfarm.net postfix/smtps/smtpd[915895]: warning: unknown[91.246.210.39]: SASL PLAIN authentication failed: Jun 16 04:57:42 mail.srvfarm.net postfix/smtps/smtpd[915895]: lost connection after AUTH from unknown[91.246.210.39] Jun 16 05:04:01 mail.srvfarm.net postfix/smtps/smtpd[915580]: warning: unknown[91.246.210.39]: SASL PLAIN authentication failed: Jun 16 05:04:01 mail.srvfarm.net postfix/smtps/smtpd[915580]: lost connection after AUTH from unknown[91.246.210.39] Jun 16 05:06:34 mail.srvfarm.net postfix/smtps/smtpd[935136]: warning: unknown[91.246.210.39]: SASL PLAIN authentication failed:	2020-06-16 17:42:26
87.251.74.30	attackbots	Jun 16 11:49:50 mail sshd[21505]: Invalid user from 87.251.74.30 port 2048 Jun 16 11:49:50 mail sshd[21505]: Failed none for invalid user from 87.251.74.30 port 2048 ssh2 ...	2020-06-16 17:55:45
170.239.43.87	attackspam	Jun 16 05:07:54 mail.srvfarm.net postfix/smtps/smtpd[916113]: warning: unknown[170.239.43.87]: SASL PLAIN authentication failed: Jun 16 05:07:54 mail.srvfarm.net postfix/smtps/smtpd[916113]: lost connection after AUTH from unknown[170.239.43.87] Jun 16 05:09:43 mail.srvfarm.net postfix/smtpd[935946]: lost connection after CONNECT from unknown[170.239.43.87] Jun 16 05:10:03 mail.srvfarm.net postfix/smtpd[915961]: warning: unknown[170.239.43.87]: SASL PLAIN authentication failed: Jun 16 05:10:03 mail.srvfarm.net postfix/smtpd[915961]: lost connection after AUTH from unknown[170.239.43.87]	2020-06-16 17:39:07
94.246.169.55	attackbots	Jun 16 06:43:41 mail.srvfarm.net postfix/smtpd[979677]: warning: unknown[94.246.169.55]: SASL PLAIN authentication failed: Jun 16 06:43:41 mail.srvfarm.net postfix/smtpd[979677]: lost connection after AUTH from unknown[94.246.169.55] Jun 16 06:49:49 mail.srvfarm.net postfix/smtpd[986924]: warning: unknown[94.246.169.55]: SASL PLAIN authentication failed: Jun 16 06:49:49 mail.srvfarm.net postfix/smtpd[986924]: lost connection after AUTH from unknown[94.246.169.55] Jun 16 06:53:09 mail.srvfarm.net postfix/smtpd[986931]: warning: unknown[94.246.169.55]: SASL PLAIN authentication failed:	2020-06-16 17:40:56
104.131.189.116	attack	Jun 16 11:36:18 ns1 sshd[17742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jun 16 11:36:21 ns1 sshd[17742]: Failed password for invalid user yjh from 104.131.189.116 port 59706 ssh2	2020-06-16 17:47:01
167.99.224.160	attack	$f2bV_matches	2020-06-16 17:45:23
171.80.184.199	attackbots	" "	2020-06-16 18:07:13
185.7.104.188	attackbots	spam	2020-06-16 18:08:54
37.230.147.173	attackbotsspam	Unauthorized connection attempt detected from IP address 37.230.147.173 to port 9530 [T]	2020-06-16 17:54:45
179.189.105.114	attack	Jun 16 05:02:27 mail.srvfarm.net postfix/smtps/smtpd[906464]: warning: ip-179-189-105-114.isp.valenet.com.br[179.189.105.114]: SASL PLAIN authentication failed: Jun 16 05:02:27 mail.srvfarm.net postfix/smtps/smtpd[906464]: lost connection after AUTH from ip-179-189-105-114.isp.valenet.com.br[179.189.105.114] Jun 16 05:06:12 mail.srvfarm.net postfix/smtpd[915628]: warning: ip-179-189-105-114.isp.valenet.com.br[179.189.105.114]: SASL PLAIN authentication failed: Jun 16 05:06:13 mail.srvfarm.net postfix/smtpd[915628]: lost connection after AUTH from ip-179-189-105-114.isp.valenet.com.br[179.189.105.114] Jun 16 05:08:20 mail.srvfarm.net postfix/smtps/smtpd[916113]: lost connection after CONNECT from ip-179-189-105-114.isp.valenet.com.br[179.189.105.114]	2020-06-16 17:37:21
78.8.160.28	attack	Jun 16 05:00:58 mail.srvfarm.net postfix/smtpd[916169]: warning: unknown[78.8.160.28]: SASL PLAIN authentication failed: Jun 16 05:00:58 mail.srvfarm.net postfix/smtpd[916169]: lost connection after AUTH from unknown[78.8.160.28] Jun 16 05:05:25 mail.srvfarm.net postfix/smtpd[915897]: warning: unknown[78.8.160.28]: SASL PLAIN authentication failed: Jun 16 05:05:25 mail.srvfarm.net postfix/smtpd[915897]: lost connection after AUTH from unknown[78.8.160.28] Jun 16 05:07:00 mail.srvfarm.net postfix/smtpd[935206]: warning: unknown[78.8.160.28]: SASL PLAIN authentication failed:	2020-06-16 17:43:44
95.182.80.2	attack	Jun 16 07:13:00 localhost sshd\[31034\]: Invalid user zsy from 95.182.80.2 port 53286 Jun 16 07:13:00 localhost sshd\[31034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.182.80.2 Jun 16 07:13:01 localhost sshd\[31034\]: Failed password for invalid user zsy from 95.182.80.2 port 53286 ssh2 ...	2020-06-16 18:04:30
93.99.159.20	attackspambots	Jun 16 05:02:25 mail.srvfarm.net postfix/smtps/smtpd[915576]: warning: unknown[93.99.159.20]: SASL PLAIN authentication failed: Jun 16 05:02:25 mail.srvfarm.net postfix/smtps/smtpd[915576]: lost connection after AUTH from unknown[93.99.159.20] Jun 16 05:09:40 mail.srvfarm.net postfix/smtps/smtpd[914307]: warning: unknown[93.99.159.20]: SASL PLAIN authentication failed: Jun 16 05:09:40 mail.srvfarm.net postfix/smtps/smtpd[914307]: lost connection after AUTH from unknown[93.99.159.20] Jun 16 05:10:13 mail.srvfarm.net postfix/smtps/smtpd[917498]: warning: unknown[93.99.159.20]: SASL PLAIN authentication failed:	2020-06-16 17:42:03
79.11.236.77	attackbots	Invalid user mikael from 79.11.236.77 port 60826	2020-06-16 18:19:48

最近上报的IP列表

65.185.239.3	91.244.85.75	14.184.176.116	201.198.47.216
195.146.10.115	187.178.163.87	109.153.156.79	190.74.230.47
66.145.139.234	184.154.249.167	163.78.87.70	170.27.25.192
2.224.189.30	205.39.236.18	181.233.214.191	13.74.46.65
192.241.139.236	61.33.161.205	21.16.11.230	180.248.41.243