114.237.109.158

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Dec 31 07:26:37 grey postfix/smtpd\[2147\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.158\]: 554 5.7.1 Service unavailable\; Client host \[114.237.109.158\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[114.237.109.158\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-31 16:42:07

类型

评论内容

时间

attackbots

Dec 31 07:26:37 grey postfix/smtpd\[2147\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.158\]: 554 5.7.1 Service unavailable\; Client host \[114.237.109.158\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[114.237.109.158\]\; from=\ to=\ proto=ESMTP helo=\
...

2019-12-31 16:42:07

相同子网IP讨论:

IP	类型	评论内容	时间
114.237.109.49	attack	Spammer	2020-08-13 09:46:53
114.237.109.113	attack	Aug 8 06:56:29 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP helo=\ Aug 8 06:57:12 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP helo=\ Aug 8 06:57:45 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP helo=\ Aug 8 06:58:16 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP he	2020-08-08 16:05:00
114.237.109.30	attack	Spammer	2020-08-01 08:13:33
114.237.109.106	attack	SpamScore above: 10.0	2020-06-30 09:03:01
114.237.109.228	attackspam	SpamScore above: 10.0	2020-06-30 06:41:22
114.237.109.234	attackspambots	Email spam message	2020-06-23 08:20:02
114.237.109.68	attackbotsspam	SpamScore above: 10.0	2020-06-20 15:15:06
114.237.109.32	attackbots		2020-06-20 12:37:34
114.237.109.66	attackbotsspam	SpamScore above: 10.0	2020-06-16 03:49:29
114.237.109.5	attackbotsspam	SpamScore above: 10.0	2020-06-10 19:55:38
114.237.109.95	attackbotsspam	SpamScore above: 10.0	2020-06-07 07:34:54
114.237.109.20	attackspambots	spam	2020-06-04 23:43:49
114.237.109.95	attackspam	SpamScore above: 10.0	2020-06-04 22:07:25
114.237.109.81	attack	$f2bV_matches	2020-06-03 17:13:02
114.237.109.107	attackbots	Email spam message	2020-06-01 16:39:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.237.109.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34603
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.237.109.158.		IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123100 1800 900 604800 86400

;; Query time: 402 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 31 16:42:03 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

158.109.237.114.in-addr.arpa domain name pointer 158.109.237.114.broad.lyg.js.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
158.109.237.114.in-addr.arpa	name = 158.109.237.114.broad.lyg.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
117.102.76.182	attack	Sep 5 18:48:36 ns381471 sshd[3761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.102.76.182 Sep 5 18:48:38 ns381471 sshd[3761]: Failed password for invalid user ubuntu from 117.102.76.182 port 37034 ssh2	2020-09-06 23:53:55
52.125.140.56	attackspambots	Unauthorized IMAP connection attempt	2020-09-07 00:04:56
62.234.20.135	attackbots	Sep 6 14:08:52 marvibiene sshd[12717]: Failed password for root from 62.234.20.135 port 36308 ssh2	2020-09-06 23:56:20
191.240.39.77	attack	Sep 5 18:47:52 host postfix/smtps/smtpd\[6352\]: warning: unknown\[191.240.39.77\]: SASL PLAIN authentication failed:	2020-09-07 00:25:53
174.250.65.151	attackbots	Brute forcing email accounts	2020-09-06 23:51:44
89.248.167.131	attackspam	Sep 6 12:34:47 [-] [-]: client @0x7f8bfc101910 89.248.167.131#56399 (direct.shodan.io): query (cache) 'direct.shodan.io/A/IN' denied	2020-09-07 00:22:55
51.223.213.73	attackspam	Unauthorized connection attempt from IP address 51.223.213.73 on Port 445(SMB)	2020-09-07 00:12:24
185.220.101.206	attack	(sshd) Failed SSH login from 185.220.101.206 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 6 17:50:47 amsweb01 sshd[26838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.206 user=root Sep 6 17:50:50 amsweb01 sshd[26838]: Failed password for root from 185.220.101.206 port 16454 ssh2 Sep 6 17:50:51 amsweb01 sshd[26838]: Failed password for root from 185.220.101.206 port 16454 ssh2 Sep 6 17:50:53 amsweb01 sshd[26838]: Failed password for root from 185.220.101.206 port 16454 ssh2 Sep 6 17:50:55 amsweb01 sshd[26838]: Failed password for root from 185.220.101.206 port 16454 ssh2	2020-09-06 23:55:14
123.201.12.190	attackspam	Aug 31 07:14:39 uapps sshd[25202]: Invalid user admin from 123.201.12.190 port 55309 Aug 31 07:14:41 uapps sshd[25202]: Failed password for invalid user admin from 123.201.12.190 port 55309 ssh2 Aug 31 07:14:42 uapps sshd[25202]: Received disconnect from 123.201.12.190 port 55309:11: Bye Bye [preauth] Aug 31 07:14:42 uapps sshd[25202]: Disconnected from invalid user admin 123.201.12.190 port 55309 [preauth] Aug 31 07:14:43 uapps sshd[25204]: Invalid user admin from 123.201.12.190 port 55440 Aug 31 07:14:46 uapps sshd[25204]: Failed password for invalid user admin from 123.201.12.190 port 55440 ssh2 Aug 31 07:14:47 uapps sshd[25204]: Received disconnect from 123.201.12.190 port 55440:11: Bye Bye [preauth] Aug 31 07:14:47 uapps sshd[25204]: Disconnected from invalid user admin 123.201.12.190 port 55440 [preauth] Aug 31 07:14:48 uapps sshd[25206]: Invalid user admin from 123.201.12.190 port 55541 Aug 31 07:14:50 uapps sshd[25206]: Failed password for invalid user admin fro........ -------------------------------	2020-09-07 00:02:55
103.140.4.87	attack	Suspicious access to SMTP/POP/IMAP services.	2020-09-07 00:24:18
73.255.154.127	attack	73.255.154.127 - - \[05/Sep/2020:23:40:07 +0300\] "POST /xmlrpc.php HTTP/1.1" 403 5589 "-" "Mozilla/5.0 $X11\; Linux i686\; rv:2.0.1$ Gecko/20100101 Firefox/4.0.1"73.255.154.127 - - \[05/Sep/2020:23:47:57 +0300\] "POST /xmlrpc.php HTTP/1.1" 403 5589 "-" "Mozilla/5.0 $X11\; Linux i686\; rv:2.0.1$ Gecko/20100101 Firefox/4.0.1" ...	2020-09-07 00:04:42
103.147.10.222	attackspambots	103.147.10.222 - - [06/Sep/2020:16:21:01 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.147.10.222 - - [06/Sep/2020:16:21:05 +0100] "POST /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.147.10.222 - - [06/Sep/2020:16:21:07 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-06 23:52:39
91.192.46.209	attackbots	(ftpd) Failed FTP login from 91.192.46.209 (UA/Ukraine/-): 10 in the last 3600 secs	2020-09-07 00:07:09
104.244.75.157	attack	Sep 6 17:42:06 santamaria sshd\[27180\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.75.157 user=root Sep 6 17:42:09 santamaria sshd\[27180\]: Failed password for root from 104.244.75.157 port 34869 ssh2 Sep 6 17:42:17 santamaria sshd\[27180\]: Failed password for root from 104.244.75.157 port 34869 ssh2 ...	2020-09-07 00:09:30
101.99.12.202	attackbotsspam	20/9/5@12:47:53: FAIL: Alarm-Network address from=101.99.12.202 ...	2020-09-07 00:24:48

最近上报的IP列表

49.51.161.145	167.86.102.170	95.156.236.14	104.37.187.26
118.25.186.146	180.35.116.224	142.11.218.177	42.52.65.230
195.206.183.216	47.96.237.64	58.219.213.3	58.215.194.146
14.170.154.45	171.105.248.161	200.75.150.142	123.148.246.162
106.13.119.58	117.199.69.82	77.40.45.254	142.11.218.181