114.236.7.104 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 24 13:29:39 * sshd[17958]: Failed password for root from 114.236.7.104 port 52396 ssh2 Aug 24 13:29:53 * sshd[17958]: Failed password for root from 114.236.7.104 port 52396 ssh2 Aug 24 13:29:53 * sshd[17958]: error: maximum authentication attempts exceeded for root from 114.236.7.104 port 52396 ssh2 [preauth]	2019-08-24 20:44:17

类型

评论内容

时间

attack

Aug 24 13:29:39 * sshd[17958]: Failed password for root from 114.236.7.104 port 52396 ssh2
Aug 24 13:29:53 * sshd[17958]: Failed password for root from 114.236.7.104 port 52396 ssh2
Aug 24 13:29:53 * sshd[17958]: error: maximum authentication attempts exceeded for root from 114.236.7.104 port 52396 ssh2 [preauth]

2019-08-24 20:44:17

相同子网IP讨论:

IP	类型	评论内容	时间
114.236.75.80	attackspambots	Unauthorized connection attempt detected from IP address 114.236.75.80 to port 2222 [J]	2020-03-01 01:34:01
114.236.7.200	attackspam	2222/tcp 22/tcp... [2019-09-08/27]13pkt,2pt.(tcp)	2019-09-28 17:15:44
114.236.78.239	attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2019-09-13 23:31:49
114.236.78.22	attack	Sep 12 16:31:17 xxxxxxx0 sshd[23272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.236.78.22 user=r.r Sep 12 16:31:19 xxxxxxx0 sshd[23272]: Failed password for r.r from 114.236.78.22 port 52824 ssh2 Sep 12 16:31:22 xxxxxxx0 sshd[23272]: Failed password for r.r from 114.236.78.22 port 52824 ssh2 Sep 12 16:31:24 xxxxxxx0 sshd[23272]: Failed password for r.r from 114.236.78.22 port 52824 ssh2 Sep 12 16:31:26 xxxxxxx0 sshd[23272]: Failed password for r.r from 114.236.78.22 port 52824 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=114.236.78.22	2019-09-13 06:01:35
114.236.79.253	attack	Aug 19 15:37:12 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 114.236.79.253 port 59099 ssh2 (target: 158.69.100.134:22, password: 1234) Aug 19 15:37:12 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 114.236.79.253 port 59099 ssh2 (target: 158.69.100.134:22, password: uClinux) Aug 19 15:37:13 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 114.236.79.253 port 59099 ssh2 (target: 158.69.100.134:22, password: admin) Aug 19 15:37:14 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 114.236.79.253 port 59099 ssh2 (target: 158.69.100.134:22, password: admin) Aug 19 15:37:14 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 114.236.79.253 port 59099 ssh2 (target: 158.69.100.134:22, password: system) Aug 19 15:37:14 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 114.236.79.253 port 59099 ssh2 (target: 158.69.100.134:22, password: rphostnamec) Aug 19 15:37:15 wildwolf ssh-honeypotd[26164]: Failed password fo........ ------------------------------	2019-08-20 08:38:17
114.236.79.42	attackspambots	Jul 28 13:07:43 vm8 sshd[18921]: Bad protocol version identification '' from 114.236.79.42 port 34156 Jul 28 13:07:47 vm8 sshd[18933]: Connection closed by 114.236.79.42 port 34628 [preauth] Jul 28 13:07:50 vm8 sshd[18956]: Connection closed by 114.236.79.42 port 35307 [preauth] Jul 28 13:07:53 vm8 sshd[18974]: Connection closed by 114.236.79.42 port 35946 [preauth] Jul 28 13:07:56 vm8 sshd[18994]: Connection closed by 114.236.79.42 port 36608 [preauth] Jul 28 13:08:03 vm8 sshd[19042]: Connection closed by 114.236.79.42 port 37980 [preauth] Jul 28 13:08:04 vm8 sshd[19017]: Connection closed by 114.236.79.42 port 37316 [preauth] Jul 28 13:08:06 vm8 sshd[19064]: Connection closed by 114.236.79.42 port 38945 [preauth] Jul 28 13:08:09 vm8 sshd[19084]: Connection closed by 114.236.79.42 port 39635 [preauth] Jul 28 13:08:12 vm8 sshd[19107]: Connection closed by 114.236.79.42 port 40319 [preauth] Jul 28 13:08:15 vm8 sshd[19121]: Connection closed by 114.236.79.42 port 41014 [p........ -------------------------------	2019-07-29 00:53:17
114.236.78.130	attackspam	23/tcp [2019-07-01]1pkt	2019-07-01 22:39:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.236.7.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32598
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.236.7.104.			IN	A

;; AUTHORITY SECTION:
.			1124	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082302 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 24 20:44:11 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 104.7.236.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 104.7.236.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
183.98.121.165	attack	Jun 25 05:37:24 ns392434 sshd[26624]: Invalid user anonymous from 183.98.121.165 port 53596 Jun 25 05:37:24 ns392434 sshd[26624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.98.121.165 Jun 25 05:37:24 ns392434 sshd[26624]: Invalid user anonymous from 183.98.121.165 port 53596 Jun 25 05:37:26 ns392434 sshd[26624]: Failed password for invalid user anonymous from 183.98.121.165 port 53596 ssh2 Jun 25 05:45:16 ns392434 sshd[26885]: Invalid user user from 183.98.121.165 port 39452 Jun 25 05:45:16 ns392434 sshd[26885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.98.121.165 Jun 25 05:45:16 ns392434 sshd[26885]: Invalid user user from 183.98.121.165 port 39452 Jun 25 05:45:18 ns392434 sshd[26885]: Failed password for invalid user user from 183.98.121.165 port 39452 ssh2 Jun 25 05:48:51 ns392434 sshd[26969]: Invalid user ec2-user from 183.98.121.165 port 39922	2020-06-25 18:43:18
181.199.47.154	attack	Jun 25 00:43:19 php1 sshd\[23401\]: Invalid user tester from 181.199.47.154 Jun 25 00:43:19 php1 sshd\[23401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.199.47.154 Jun 25 00:43:21 php1 sshd\[23401\]: Failed password for invalid user tester from 181.199.47.154 port 51573 ssh2 Jun 25 00:49:36 php1 sshd\[23876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.199.47.154 user=root Jun 25 00:49:38 php1 sshd\[23876\]: Failed password for root from 181.199.47.154 port 32108 ssh2	2020-06-25 19:03:10
111.230.148.82	attackspam	Jun 25 07:54:30 lukav-desktop sshd\[28902\]: Invalid user postgres from 111.230.148.82 Jun 25 07:54:30 lukav-desktop sshd\[28902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.148.82 Jun 25 07:54:32 lukav-desktop sshd\[28902\]: Failed password for invalid user postgres from 111.230.148.82 port 44372 ssh2 Jun 25 07:57:35 lukav-desktop sshd\[28931\]: Invalid user proxy1 from 111.230.148.82 Jun 25 07:57:35 lukav-desktop sshd\[28931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.148.82	2020-06-25 18:45:04
193.27.228.13	attackspam	Jun 25 12:19:26 debian-2gb-nbg1-2 kernel: \[15339028.366846\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.27.228.13 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=19971 PROTO=TCP SPT=42319 DPT=326 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-25 18:46:52
129.204.42.144	attackbots	Jun 25 07:21:36 pornomens sshd\[23218\]: Invalid user kawamoto from 129.204.42.144 port 47660 Jun 25 07:21:36 pornomens sshd\[23218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.42.144 Jun 25 07:21:38 pornomens sshd\[23218\]: Failed password for invalid user kawamoto from 129.204.42.144 port 47660 ssh2 ...	2020-06-25 18:35:28
114.103.61.134	attackbotsspam	port 23	2020-06-25 18:46:33
13.127.156.14	attack	Jun 25 08:11:43 server sshd[27649]: Failed password for invalid user centos from 13.127.156.14 port 57088 ssh2 Jun 25 08:16:58 server sshd[1146]: Failed password for invalid user acl from 13.127.156.14 port 46742 ssh2 Jun 25 08:21:50 server sshd[6414]: Failed password for invalid user intranet from 13.127.156.14 port 36560 ssh2	2020-06-25 19:02:51
106.13.25.242	attackspambots	Jun 25 06:18:27 meumeu sshd[1363128]: Invalid user install from 106.13.25.242 port 34486 Jun 25 06:18:27 meumeu sshd[1363128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.25.242 Jun 25 06:18:27 meumeu sshd[1363128]: Invalid user install from 106.13.25.242 port 34486 Jun 25 06:18:29 meumeu sshd[1363128]: Failed password for invalid user install from 106.13.25.242 port 34486 ssh2 Jun 25 06:21:24 meumeu sshd[1363188]: Invalid user cloud from 106.13.25.242 port 47040 Jun 25 06:21:24 meumeu sshd[1363188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.25.242 Jun 25 06:21:24 meumeu sshd[1363188]: Invalid user cloud from 106.13.25.242 port 47040 Jun 25 06:21:25 meumeu sshd[1363188]: Failed password for invalid user cloud from 106.13.25.242 port 47040 ssh2 Jun 25 06:24:22 meumeu sshd[1366138]: Invalid user wf from 106.13.25.242 port 59576 ...	2020-06-25 18:57:56
220.156.161.77	attack	Dovecot Invalid User Login Attempt.	2020-06-25 18:51:29
66.176.240.7	attack	Automatic report - Banned IP Access	2020-06-25 18:45:18
218.92.0.207	attackspam	2020-06-25T10:39:09.147519mail.csmailer.org sshd[9378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root 2020-06-25T10:39:10.311547mail.csmailer.org sshd[9378]: Failed password for root from 218.92.0.207 port 38451 ssh2 2020-06-25T10:39:09.147519mail.csmailer.org sshd[9378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root 2020-06-25T10:39:10.311547mail.csmailer.org sshd[9378]: Failed password for root from 218.92.0.207 port 38451 ssh2 2020-06-25T10:39:12.521568mail.csmailer.org sshd[9378]: Failed password for root from 218.92.0.207 port 38451 ssh2 ...	2020-06-25 18:47:12
186.227.221.138	attackbots	fail2ban	2020-06-25 18:37:13
40.77.31.79	attackspam	Jun 25 10:26:09 ssh2 sshd[940]: User root from 40.77.31.79 not allowed because not listed in AllowUsers Jun 25 10:26:09 ssh2 sshd[940]: Failed password for invalid user root from 40.77.31.79 port 1890 ssh2 Jun 25 10:26:09 ssh2 sshd[940]: Disconnected from invalid user root 40.77.31.79 port 1890 [preauth] ...	2020-06-25 19:02:27
103.75.208.53	attack	Jun 25 05:41:20 server sshd[31843]: Failed password for invalid user micha from 103.75.208.53 port 55662 ssh2 Jun 25 05:45:05 server sshd[3459]: Failed password for invalid user user3 from 103.75.208.53 port 54630 ssh2 Jun 25 05:48:48 server sshd[7324]: Failed password for invalid user admin from 103.75.208.53 port 53592 ssh2	2020-06-25 18:45:50
185.143.72.34	attackbotsspam	Jun 25 12:45:00 srv01 postfix/smtpd\[10021\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 12:45:09 srv01 postfix/smtpd\[10518\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 12:45:34 srv01 postfix/smtpd\[11248\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 12:45:38 srv01 postfix/smtpd\[10265\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 12:45:54 srv01 postfix/smtpd\[10288\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-25 18:48:05

最近上报的IP列表

51.79.141.242	134.209.34.30	125.47.163.44	130.109.232.7
32.157.239.173	177.53.95.237	124.160.121.36	201.176.96.47
2.181.16.201	24.53.46.9	204.221.183.153	5.135.232.8
209.97.154.151	27.5.62.78	1.255.101.133	94.219.152.25
210.172.173.28	95.174.65.3	155.73.33.194	219.31.218.200