114.237.109.164

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 21 07:24:30 grey postfix/smtpd\[17040\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.164\]: 554 5.7.1 Service unavailable\; Client host \[114.237.109.164\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[114.237.109.164\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-21 20:09:58

类型

评论内容

时间

attack

Dec 21 07:24:30 grey postfix/smtpd\[17040\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.164\]: 554 5.7.1 Service unavailable\; Client host \[114.237.109.164\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[114.237.109.164\]\; from=\ to=\ proto=ESMTP helo=\
...

2019-12-21 20:09:58

相同子网IP讨论:

IP	类型	评论内容	时间
114.237.109.49	attack	Spammer	2020-08-13 09:46:53
114.237.109.113	attack	Aug 8 06:56:29 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP helo=\ Aug 8 06:57:12 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP helo=\ Aug 8 06:57:45 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP helo=\ Aug 8 06:58:16 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP he	2020-08-08 16:05:00
114.237.109.30	attack	Spammer	2020-08-01 08:13:33
114.237.109.106	attack	SpamScore above: 10.0	2020-06-30 09:03:01
114.237.109.228	attackspam	SpamScore above: 10.0	2020-06-30 06:41:22
114.237.109.234	attackspambots	Email spam message	2020-06-23 08:20:02
114.237.109.68	attackbotsspam	SpamScore above: 10.0	2020-06-20 15:15:06
114.237.109.32	attackbots		2020-06-20 12:37:34
114.237.109.66	attackbotsspam	SpamScore above: 10.0	2020-06-16 03:49:29
114.237.109.5	attackbotsspam	SpamScore above: 10.0	2020-06-10 19:55:38
114.237.109.95	attackbotsspam	SpamScore above: 10.0	2020-06-07 07:34:54
114.237.109.20	attackspambots	spam	2020-06-04 23:43:49
114.237.109.95	attackspam	SpamScore above: 10.0	2020-06-04 22:07:25
114.237.109.81	attack	$f2bV_matches	2020-06-03 17:13:02
114.237.109.107	attackbots	Email spam message	2020-06-01 16:39:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.237.109.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6472
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.237.109.164.		IN	A

;; AUTHORITY SECTION:
.			582	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122100 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 20:09:52 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

164.109.237.114.in-addr.arpa domain name pointer 164.109.237.114.broad.lyg.js.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
164.109.237.114.in-addr.arpa	name = 164.109.237.114.broad.lyg.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
104.131.55.92	attackbots	2020-08-04T23:02:07.886824shield sshd\[14215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.55.92 user=root 2020-08-04T23:02:10.112006shield sshd\[14215\]: Failed password for root from 104.131.55.92 port 58584 ssh2 2020-08-04T23:05:53.923208shield sshd\[14640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.55.92 user=root 2020-08-04T23:05:55.842074shield sshd\[14640\]: Failed password for root from 104.131.55.92 port 43864 ssh2 2020-08-04T23:09:38.110374shield sshd\[15255\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.55.92 user=root	2020-08-05 07:27:58
202.105.247.94	attackspam	(ftpd) Failed FTP login from 202.105.247.94 (CN/China/-): 10 in the last 3600 secs	2020-08-05 07:16:05
192.35.169.42	attackbots	TCP (SYN) 192.35.169.42:1558 -> port 119, len 44	2020-08-05 07:34:39
93.174.93.195	attack	08/04/2020-19:06:08.207087 93.174.93.195 Protocol: 17 ET DROP Dshield Block Listed Source group 1	2020-08-05 07:09:52
159.65.41.104	attackspam	invalid user ftp from 159.65.41.104 port 42370 ssh2	2020-08-05 07:18:06
116.18.142.18	attackspambots	Unauthorised access (Aug 4) SRC=116.18.142.18 LEN=40 TTL=52 ID=25655 TCP DPT=23 WINDOW=286 SYN	2020-08-05 07:19:36
103.145.12.209	attackspambots	[2020-08-04 19:04:55] NOTICE[1248] chan_sip.c: Registration from '"66666" ' failed for '103.145.12.209:5227' - Wrong password [2020-08-04 19:04:55] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-04T19:04:55.737-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="66666",SessionID="0x7f27200a09d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.209/5227",Challenge="05bc7716",ReceivedChallenge="05bc7716",ReceivedHash="ca20c1bd253b8659bc75b27f8f59fb11" [2020-08-04 19:04:55] NOTICE[1248] chan_sip.c: Registration from '"66666" ' failed for '103.145.12.209:5227' - Wrong password [2020-08-04 19:04:55] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-04T19:04:55.884-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="66666",SessionID="0x7f272010d028",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IP ...	2020-08-05 07:28:11
129.211.108.240	attackspambots	Triggered by Fail2Ban at Ares web server	2020-08-05 07:12:30
185.193.88.5	attackspambots	Brute forcing RDP port 3389	2020-08-05 07:29:55
148.70.118.201	attackspam	prod6 ...	2020-08-05 07:30:16
185.193.88.4	attackspam	Brute forcing RDP port 3389	2020-08-05 07:27:23
62.173.138.147	attack	[2020-08-04 19:12:02] NOTICE[1248][C-00003e33] chan_sip.c: Call from '' (62.173.138.147:58075) to extension '1701148122518017' rejected because extension not found in context 'public'. [2020-08-04 19:12:02] SECURITY[1275] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-04T19:12:02.582-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1701148122518017",SessionID="0x7f272012c148",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173.138.147/58075",ACLName="no_extension_match" [2020-08-04 19:12:30] NOTICE[1248][C-00003e34] chan_sip.c: Call from '' (62.173.138.147:64455) to extension '17001148122518017' rejected because extension not found in context 'public'. [2020-08-04 19:12:30] SECURITY[1275] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-04T19:12:30.591-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="17001148122518017",SessionID="0x7f27200a09d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddre ...	2020-08-05 07:23:44
164.90.192.169	attack	Honeypot hit.	2020-08-05 07:32:43
139.99.238.150	attackbots	Aug 4 23:03:44 rush sshd[20267]: Failed password for root from 139.99.238.150 port 48902 ssh2 Aug 4 23:08:04 rush sshd[20417]: Failed password for root from 139.99.238.150 port 55658 ssh2 ...	2020-08-05 07:33:07
183.89.211.234	attack	Dovecot Invalid User Login Attempt.	2020-08-05 07:13:45

最近上报的IP列表

157.50.36.38	246.141.41.128	90.243.3.242	199.26.199.61
125.175.166.132	58.154.181.79	106.249.81.159	239.83.172.187
121.177.73.141	211.25.234.14	14.186.239.210	49.232.173.88
93.170.177.227	114.45.84.112	182.100.67.42	187.163.179.35
111.119.207.188	162.216.142.40	36.72.58.56	182.61.11.120