114.237.109.52

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 15 22:49:11 elektron postfix/smtpd\[26370\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.52\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.52\]\; from=\ to=\ proto=ESMTP helo=\ Oct 15 22:49:45 elektron postfix/smtpd\[28859\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.52\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.52\]\; from=\ to=\ proto=ESMTP helo=\ Oct 15 22:50:19 elektron postfix/smtpd\[28859\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.52\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.52\]\; from=\ to=\ proto=ESMTP helo=\	2019-10-16 09:58:03

类型

评论内容

时间

attack

Oct 15 22:49:11 elektron postfix/smtpd\[26370\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.52\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.52\]\; from=\ to=\ proto=ESMTP helo=\
Oct 15 22:49:45 elektron postfix/smtpd\[28859\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.52\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.52\]\; from=\ to=\ proto=ESMTP helo=\
Oct 15 22:50:19 elektron postfix/smtpd\[28859\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.52\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.52\]\; from=\ to=\ proto=ESMTP helo=\

2019-10-16 09:58:03

相同子网IP讨论:

IP	类型	评论内容	时间
114.237.109.49	attack	Spammer	2020-08-13 09:46:53
114.237.109.113	attack	Aug 8 06:56:29 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP helo=\ Aug 8 06:57:12 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP helo=\ Aug 8 06:57:45 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP helo=\ Aug 8 06:58:16 elektron postfix/smtpd\[11306\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.113\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.113\]\; from=\ to=\ proto=ESMTP he	2020-08-08 16:05:00
114.237.109.30	attack	Spammer	2020-08-01 08:13:33
114.237.109.106	attack	SpamScore above: 10.0	2020-06-30 09:03:01
114.237.109.228	attackspam	SpamScore above: 10.0	2020-06-30 06:41:22
114.237.109.234	attackspambots	Email spam message	2020-06-23 08:20:02
114.237.109.68	attackbotsspam	SpamScore above: 10.0	2020-06-20 15:15:06
114.237.109.32	attackbots		2020-06-20 12:37:34
114.237.109.66	attackbotsspam	SpamScore above: 10.0	2020-06-16 03:49:29
114.237.109.5	attackbotsspam	SpamScore above: 10.0	2020-06-10 19:55:38
114.237.109.95	attackbotsspam	SpamScore above: 10.0	2020-06-07 07:34:54
114.237.109.20	attackspambots	spam	2020-06-04 23:43:49
114.237.109.95	attackspam	SpamScore above: 10.0	2020-06-04 22:07:25
114.237.109.81	attack	$f2bV_matches	2020-06-03 17:13:02
114.237.109.107	attackbots	Email spam message	2020-06-01 16:39:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.237.109.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55955
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.237.109.52.			IN	A

;; AUTHORITY SECTION:
.			460	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101501 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 16 09:57:59 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

52.109.237.114.in-addr.arpa domain name pointer 52.109.237.114.broad.lyg.js.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.109.237.114.in-addr.arpa	name = 52.109.237.114.broad.lyg.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
188.37.216.217	attackspam	Telnet Server BruteForce Attack	2019-09-13 14:28:15
178.62.214.85	attack	Sep 13 05:43:26 markkoudstaal sshd[4692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.214.85 Sep 13 05:43:27 markkoudstaal sshd[4692]: Failed password for invalid user testtest from 178.62.214.85 port 33343 ssh2 Sep 13 05:47:52 markkoudstaal sshd[5106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.214.85	2019-09-13 14:09:58
81.170.177.196	attackbotsspam	Automatic report - Port Scan Attack	2019-09-13 14:44:47
188.240.208.26	attackspam	B: zzZZzz blocked content access	2019-09-13 14:09:35
177.184.133.41	attack	Sep 12 19:46:49 hpm sshd\[16840\]: Invalid user developer from 177.184.133.41 Sep 12 19:46:49 hpm sshd\[16840\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.184.133.41 Sep 12 19:46:51 hpm sshd\[16840\]: Failed password for invalid user developer from 177.184.133.41 port 49125 ssh2 Sep 12 19:52:31 hpm sshd\[17303\]: Invalid user user from 177.184.133.41 Sep 12 19:52:31 hpm sshd\[17303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.184.133.41	2019-09-13 14:05:50
59.120.240.217	attack	TW - 1H : (160) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 59.120.240.217 CIDR : 59.120.128.0/17 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 3 3H - 9 6H - 36 12H - 71 24H - 146 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-13 14:16:17
103.108.74.91	attack	Sep 12 20:21:29 hcbb sshd\[17918\]: Invalid user 1234 from 103.108.74.91 Sep 12 20:21:29 hcbb sshd\[17918\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.108.74.91 Sep 12 20:21:31 hcbb sshd\[17918\]: Failed password for invalid user 1234 from 103.108.74.91 port 52564 ssh2 Sep 12 20:26:36 hcbb sshd\[18354\]: Invalid user teste1 from 103.108.74.91 Sep 12 20:26:36 hcbb sshd\[18354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.108.74.91	2019-09-13 14:43:59
222.186.52.89	attack	Sep 13 02:43:56 ny01 sshd[25376]: Failed password for root from 222.186.52.89 port 57958 ssh2 Sep 13 02:43:56 ny01 sshd[25378]: Failed password for root from 222.186.52.89 port 27162 ssh2 Sep 13 02:43:59 ny01 sshd[25376]: Failed password for root from 222.186.52.89 port 57958 ssh2 Sep 13 02:43:59 ny01 sshd[25378]: Failed password for root from 222.186.52.89 port 27162 ssh2	2019-09-13 14:53:24
54.38.241.171	attackbotsspam	Sep 13 08:33:59 SilenceServices sshd[6330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.171 Sep 13 08:34:01 SilenceServices sshd[6330]: Failed password for invalid user hduser@123 from 54.38.241.171 port 48462 ssh2 Sep 13 08:38:09 SilenceServices sshd[9442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.171	2019-09-13 14:57:18
139.59.20.248	attackbots	2019-08-03 03:45:16,511 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.20.248 2019-08-03 06:52:03,123 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.20.248 2019-08-03 10:00:21,997 fail2ban.actions [791]: NOTICE [sshd] Ban 139.59.20.248 ...	2019-09-13 14:32:53
183.167.196.65	attackspambots	Invalid user web from 183.167.196.65 port 50226	2019-09-13 14:07:52
84.54.93.36	attackbots	Sep 12 19:08:49 mail postfix/postscreen[58551]: PREGREET 20 after 0.99 from [84.54.93.36]:53386: HELO gidayqkeh.com ...	2019-09-13 14:15:14
192.210.226.105	attackbotsspam	Sep 13 08:13:54 MK-Soft-Root1 sshd\[29193\]: Invalid user teamspeak3 from 192.210.226.105 port 36407 Sep 13 08:13:54 MK-Soft-Root1 sshd\[29193\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.210.226.105 Sep 13 08:13:56 MK-Soft-Root1 sshd\[29193\]: Failed password for invalid user teamspeak3 from 192.210.226.105 port 36407 ssh2 ...	2019-09-13 14:24:01
139.59.128.97	attack	Sep 12 15:36:55 php2 sshd\[31558\]: Invalid user test from 139.59.128.97 Sep 12 15:36:55 php2 sshd\[31558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=labs2.armadilloamarillo.com Sep 12 15:36:57 php2 sshd\[31558\]: Failed password for invalid user test from 139.59.128.97 port 48800 ssh2 Sep 12 15:42:43 php2 sshd\[32533\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=labs2.armadilloamarillo.com user=mysql Sep 12 15:42:45 php2 sshd\[32533\]: Failed password for mysql from 139.59.128.97 port 54340 ssh2	2019-09-13 14:54:44
103.232.120.109	attack	Sep 12 20:43:37 lcdev sshd\[5988\]: Invalid user git from 103.232.120.109 Sep 12 20:43:37 lcdev sshd\[5988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.232.120.109 Sep 12 20:43:39 lcdev sshd\[5988\]: Failed password for invalid user git from 103.232.120.109 port 41246 ssh2 Sep 12 20:49:01 lcdev sshd\[6394\]: Invalid user user2 from 103.232.120.109 Sep 12 20:49:01 lcdev sshd\[6394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.232.120.109	2019-09-13 14:52:06

最近上报的IP列表

150.236.43.197	101.230.236.177	204.161.163.48	193.57.77.196
84.152.5.0	82.181.10.167	27.62.138.70	82.56.113.92
31.198.40.217	172.188.243.140	134.229.91.176	202.100.233.10
170.64.160.173	39.225.253.217	97.242.114.250	26.132.250.166
231.5.104.90	0.96.195.121	36.137.52.161	141.212.203.191