113.117.148.85

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Feb 9 01:46:19 grey postfix/smtpd\[26949\]: NOQUEUE: reject: RCPT from unknown\[113.117.148.85\]: 554 5.7.1 Service unavailable\; Client host \[113.117.148.85\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?113.117.148.85\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-09 10:01:55

类型

评论内容

时间

attack

Feb  9 01:46:19 grey postfix/smtpd\[26949\]: NOQUEUE: reject: RCPT from unknown\[113.117.148.85\]: 554 5.7.1 Service unavailable\; Client host \[113.117.148.85\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?113.117.148.85\; from=\ to=\ proto=ESMTP helo=\
...

2020-02-09 10:01:55

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.117.148.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9909
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.117.148.85.			IN	A

;; AUTHORITY SECTION:
.			444	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020801 1800 900 604800 86400

;; Query time: 141 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 09 10:01:52 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 85.148.117.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 85.148.117.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
88.250.196.146	attackbotsspam	Unauthorized connection attempt detected from IP address 88.250.196.146 to port 23	2019-12-30 21:42:26
45.245.46.1	attack	Dec 30 14:45:13 itv-usvr-02 sshd[2238]: Invalid user desorbay from 45.245.46.1 port 12262 Dec 30 14:45:13 itv-usvr-02 sshd[2238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.245.46.1 Dec 30 14:45:13 itv-usvr-02 sshd[2238]: Invalid user desorbay from 45.245.46.1 port 12262 Dec 30 14:45:15 itv-usvr-02 sshd[2238]: Failed password for invalid user desorbay from 45.245.46.1 port 12262 ssh2 Dec 30 14:50:01 itv-usvr-02 sshd[2270]: Invalid user kehlert from 45.245.46.1 port 28992	2019-12-30 21:23:34
80.74.75.133	attack	Port 1433 Scan	2019-12-30 21:44:04
192.99.245.135	attackspam	Invalid user backup from 192.99.245.135 port 53028	2019-12-30 21:34:27
185.176.27.6	attack	12/30/2019-14:01:06.277553 185.176.27.6 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-30 21:26:08
95.219.134.157	attackspambots	Port 1433 Scan	2019-12-30 21:41:51
52.36.131.219	attack	12/30/2019-14:09:02.361455 52.36.131.219 Protocol: 6 SURICATA TLS invalid record/traffic	2019-12-30 21:21:44
124.127.133.158	attack	Dec 30 13:02:42 vpn01 sshd[26318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.127.133.158 Dec 30 13:02:44 vpn01 sshd[26318]: Failed password for invalid user messenger from 124.127.133.158 port 52766 ssh2 ...	2019-12-30 21:54:33
42.116.68.34	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-12-30 21:45:54
58.56.32.238	attackbots	Dec 30 12:40:36 zeus sshd[30196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.32.238 Dec 30 12:40:38 zeus sshd[30196]: Failed password for invalid user student from 58.56.32.238 port 10942 ssh2 Dec 30 12:43:33 zeus sshd[30298]: Failed password for root from 58.56.32.238 port 10943 ssh2	2019-12-30 21:35:42
108.186.244.44	attackbots	(From dechair.norman28@gmail.com) Looking for powerful advertising that delivers real results? I apologize for sending you this message on your contact form but actually that's exactly where I wanted to make my point. We can send your advertising copy to websites through their contact forms just like you're reading this note right now. You can specify targets by keyword or just start mass blasts to websites in the country of your choice. So let's say you would like to send an ad to all the mortgage brokers in the USA, we'll scrape websites for just those and post your promo to them. Providing you're advertising something that's relevant to that business category then you'll receive an amazing response! Type up a quick note to ethan3646hug@gmail.com to get info and prices	2019-12-30 21:36:11
220.163.116.198	attackspam	Port 1433 Scan	2019-12-30 21:51:21
103.47.60.37	attackbots	ssh brute force	2019-12-30 21:37:52
189.180.79.5	attackbotsspam	Dec 30 07:20:39 mail kernel: [2706581.804390] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=189.180.79.5 DST=91.205.173.180 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=29639 DF PROTO=TCP SPT=43022 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0 Dec 30 07:20:40 mail kernel: [2706582.796626] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=189.180.79.5 DST=91.205.173.180 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=29640 DF PROTO=TCP SPT=43022 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0 Dec 30 07:20:42 mail kernel: [2706584.795900] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=189.180.79.5 DST=91.205.173.180 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=29641 DF PROTO=TCP SPT=43022 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0	2019-12-30 21:34:51
106.13.98.148	attack	Dec 30 11:24:03 vmanager6029 sshd\[1457\]: Invalid user tudisco from 106.13.98.148 port 38946 Dec 30 11:24:03 vmanager6029 sshd\[1457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.148 Dec 30 11:24:05 vmanager6029 sshd\[1457\]: Failed password for invalid user tudisco from 106.13.98.148 port 38946 ssh2	2019-12-30 21:35:08

最近上报的IP列表

168.62.171.57	41.203.96.141	107.173.194.163	185.253.214.110
193.191.56.114	129.245.137.39	236.201.70.196	81.205.5.14
131.102.218.99	135.146.97.179	45.160.7.29	2001:171b:c9ae:b0b0:a827:c4f4:a955:aa41
80.114.229.71	29.63.147.223	89.101.235.233	147.216.185.10
150.218.250.48	201.119.37.181	14.230.28.207	206.41.184.157