116.116.144.107

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Neimeng Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Scanning	2019-12-30 17:12:15

相同子网IP讨论:

IP	类型	评论内容	时间
116.116.144.215	attack	CN China - Failures: 20 ftpd	2019-12-27 15:03:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.116.144.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2751
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.116.144.107.		IN	A

;; AUTHORITY SECTION:
.			342	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123000 1800 900 604800 86400

;; Query time: 497 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 30 17:12:12 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 107.144.116.116.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.144.116.116.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.180.68.242	attackspambots	2020-01-11 15:04:56 dovecot_login authenticator failed for (edcho) [123.180.68.242]:54523 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=wangying@lerctr.org) 2020-01-11 15:05:03 dovecot_login authenticator failed for (dfnfq) [123.180.68.242]:54523 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=wangying@lerctr.org) 2020-01-11 15:05:14 dovecot_login authenticator failed for (uzeih) [123.180.68.242]:54523 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=wangying@lerctr.org) ...	2020-01-12 07:49:02
2.236.11.15	attack	Port 22 Scan, PTR: None	2020-01-12 07:43:22
125.132.148.147	attackbotsspam	Jan 11 23:08:17 MK-Soft-VM7 sshd[20359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.132.148.147 Jan 11 23:08:18 MK-Soft-VM7 sshd[20359]: Failed password for invalid user cip from 125.132.148.147 port 37954 ssh2 ...	2020-01-12 07:15:13
177.47.140.241	attackbotsspam	Autoban 177.47.140.241 AUTH/CONNECT	2020-01-12 07:35:32
189.120.0.100	attackspam	Jan 10 00:06:49 hgb10502 sshd[17633]: User r.r from 189.120.0.100 not allowed because not listed in AllowUsers Jan 10 00:06:49 hgb10502 sshd[17633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.120.0.100 user=r.r Jan 10 00:06:51 hgb10502 sshd[17633]: Failed password for invalid user r.r from 189.120.0.100 port 57953 ssh2 Jan 10 00:06:51 hgb10502 sshd[17633]: Received disconnect from 189.120.0.100 port 57953:11: Bye Bye [preauth] Jan 10 00:06:51 hgb10502 sshd[17633]: Disconnected from 189.120.0.100 port 57953 [preauth] Jan 10 00:11:41 hgb10502 sshd[18167]: Invalid user torr from 189.120.0.100 port 24737 Jan 10 00:11:42 hgb10502 sshd[18167]: Failed password for invalid user torr from 189.120.0.100 port 24737 ssh2 Jan 10 00:11:43 hgb10502 sshd[18167]: Received disconnect from 189.120.0.100 port 24737:11: Bye Bye [preauth] Jan 10 00:11:43 hgb10502 sshd[18167]: Disconnected from 189.120.0.100 port 24737 [preauth] Jan 10 00:14:3........ -------------------------------	2020-01-12 07:35:52
49.88.112.113	attackbotsspam	Jan 11 18:21:00 plusreed sshd[23948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Jan 11 18:21:02 plusreed sshd[23948]: Failed password for root from 49.88.112.113 port 29984 ssh2 ...	2020-01-12 07:24:59
222.186.175.148	attackspam	Jan 12 00:26:33 jane sshd[29685]: Failed password for root from 222.186.175.148 port 47110 ssh2 Jan 12 00:26:36 jane sshd[29685]: Failed password for root from 222.186.175.148 port 47110 ssh2 ...	2020-01-12 07:27:56
200.109.214.123	attack	1578776765 - 01/11/2020 22:06:05 Host: 200.109.214.123/200.109.214.123 Port: 445 TCP Blocked	2020-01-12 07:16:56
185.211.245.198	attack	Jan 12 00:05:06 mail postfix/smtpd[18435]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Jan 12 00:05:06 mail postfix/smtpd[11019]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Jan 12 00:05:06 mail postfix/smtpd[8586]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Jan 12 00:05:21 mail postfix/smtpd[19068]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Jan 12 00:05:27 mail postfix/smtpd[18723]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Jan 12 00:05:27 mail postfix/smtpd[30940]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Jan 12 00:05:28 mail postfix/smtpd[18994]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Jan 12 00:05:46 mail postfix/smtps/smtpd[13980]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Jan 12 00:05:53 mail postfix/smtps/smtpd[17298]: warning: unknown[185.211.245.198]: SASL PLAIN authentication fail	2020-01-12 07:40:38
193.187.82.74	attack	2020-01-11 15:05:20 H=(tomcrewscpa.com) [193.187.82.74]:43181 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-01-11 15:05:20 H=(tomcrewscpa.com) [193.187.82.74]:43181 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-01-11 15:05:21 H=(tomcrewscpa.com) [193.187.82.74]:43181 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2020-01-12 07:43:45
143.176.230.43	attackbotsspam	Invalid user sftptest from 143.176.230.43 port 56604	2020-01-12 07:28:39
13.74.27.123	attack	2020-01-11T21:02:24.040732shield sshd\[2648\]: Invalid user phongsit from 13.74.27.123 port 55532 2020-01-11T21:02:24.044837shield sshd\[2648\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.74.27.123 2020-01-11T21:02:25.837439shield sshd\[2648\]: Failed password for invalid user phongsit from 13.74.27.123 port 55532 ssh2 2020-01-11T21:05:26.421132shield sshd\[4277\]: Invalid user chan from 13.74.27.123 port 59182 2020-01-11T21:05:26.423926shield sshd\[4277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.74.27.123	2020-01-12 07:37:14
106.12.43.142	attackspam	Jan 9 14:09:49 plesk sshd[1686]: Invalid user dsetiadi from 106.12.43.142 Jan 9 14:09:49 plesk sshd[1686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 Jan 9 14:09:50 plesk sshd[1686]: Failed password for invalid user dsetiadi from 106.12.43.142 port 43716 ssh2 Jan 9 14:09:50 plesk sshd[1686]: Received disconnect from 106.12.43.142: 11: Bye Bye [preauth] Jan 9 14:33:25 plesk sshd[3458]: Invalid user rankwatc from 106.12.43.142 Jan 9 14:33:25 plesk sshd[3458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 Jan 9 14:33:26 plesk sshd[3458]: Failed password for invalid user rankwatc from 106.12.43.142 port 58622 ssh2 Jan 9 14:33:26 plesk sshd[3458]: Received disconnect from 106.12.43.142: 11: Bye Bye [preauth] Jan 9 14:38:46 plesk sshd[3807]: Invalid user duj from 106.12.43.142 Jan 9 14:38:46 plesk sshd[3807]: pam_unix(sshd:auth): authentication failur........ -------------------------------	2020-01-12 07:23:23
222.186.175.217	attackspam	Jan 11 13:21:38 wbs sshd\[14128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Jan 11 13:21:40 wbs sshd\[14128\]: Failed password for root from 222.186.175.217 port 58088 ssh2 Jan 11 13:21:57 wbs sshd\[14162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Jan 11 13:21:58 wbs sshd\[14162\]: Failed password for root from 222.186.175.217 port 4878 ssh2 Jan 11 13:22:02 wbs sshd\[14162\]: Failed password for root from 222.186.175.217 port 4878 ssh2	2020-01-12 07:22:31
167.71.254.33	attack	Brute force attempt	2020-01-12 07:16:02

最近上报的IP列表

179.185.123.183	49.233.133.34	117.37.229.90	37.147.21.214
177.223.103.103	110.138.151.30	32.209.51.15	113.71.62.202
84.20.65.62	182.187.101.79	87.7.16.70	14.186.255.194
14.161.40.174	142.93.59.35	112.67.220.185	113.206.204.79
200.239.150.116	119.54.163.183	163.226.148.138	202.160.40.138