116.6.234.142 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Apr 27 08:52:02 server1 sshd\[25116\]: Failed password for invalid user paintball from 116.6.234.142 port 63763 ssh2 Apr 27 08:56:26 server1 sshd\[26492\]: Invalid user fuckyou from 116.6.234.142 Apr 27 08:56:26 server1 sshd\[26492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.142 Apr 27 08:56:29 server1 sshd\[26492\]: Failed password for invalid user fuckyou from 116.6.234.142 port 63764 ssh2 Apr 27 09:00:41 server1 sshd\[28346\]: Invalid user magento from 116.6.234.142 ...	2020-04-27 23:02:16
attackspam	k+ssh-bruteforce	2020-04-19 21:39:45

类型

评论内容

时间

attackbots

Apr 27 08:52:02 server1 sshd\[25116\]: Failed password for invalid user paintball from 116.6.234.142 port 63763 ssh2
Apr 27 08:56:26 server1 sshd\[26492\]: Invalid user fuckyou from 116.6.234.142
Apr 27 08:56:26 server1 sshd\[26492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.142 
Apr 27 08:56:29 server1 sshd\[26492\]: Failed password for invalid user fuckyou from 116.6.234.142 port 63764 ssh2
Apr 27 09:00:41 server1 sshd\[28346\]: Invalid user magento from 116.6.234.142
...

2020-04-27 23:02:16

attackspam

k+ssh-bruteforce

2020-04-19 21:39:45

相同子网IP讨论:

IP	类型	评论内容	时间
116.6.234.141	attackbots	Aug 26 23:53:05 gospond sshd[4455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.141 user=root Aug 26 23:53:07 gospond sshd[4455]: Failed password for root from 116.6.234.141 port 34656 ssh2 ...	2020-08-27 10:24:20
116.6.234.141	attackspam	Aug 15 12:37:24 rancher-0 sshd[1093782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.141 user=root Aug 15 12:37:25 rancher-0 sshd[1093782]: Failed password for root from 116.6.234.141 port 11963 ssh2 ...	2020-08-15 19:01:36
116.6.234.141	attackbots	2020-08-07T05:48:14.085350amanda2.illicoweb.com sshd\[2073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.141 user=root 2020-08-07T05:48:16.470423amanda2.illicoweb.com sshd\[2073\]: Failed password for root from 116.6.234.141 port 21431 ssh2 2020-08-07T05:49:54.320440amanda2.illicoweb.com sshd\[2321\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.141 user=root 2020-08-07T05:49:55.769063amanda2.illicoweb.com sshd\[2321\]: Failed password for root from 116.6.234.141 port 21432 ssh2 2020-08-07T05:51:36.336149amanda2.illicoweb.com sshd\[2686\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.141 user=root ...	2020-08-07 17:29:54
116.6.234.141	attackbots	Jul 30 18:40:31 NPSTNNYC01T sshd[11503]: Failed password for root from 116.6.234.141 port 33603 ssh2 Jul 30 18:43:50 NPSTNNYC01T sshd[11792]: Failed password for root from 116.6.234.141 port 33604 ssh2 ...	2020-07-31 08:23:50
116.6.234.141	attack	Automatic report - Banned IP Access	2020-07-30 13:46:33
116.6.234.141	attackspambots	Jul 16 00:07:55 DAAP sshd[27980]: Invalid user rohana from 116.6.234.141 port 36217 Jul 16 00:07:55 DAAP sshd[27980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.141 Jul 16 00:07:55 DAAP sshd[27980]: Invalid user rohana from 116.6.234.141 port 36217 Jul 16 00:07:57 DAAP sshd[27980]: Failed password for invalid user rohana from 116.6.234.141 port 36217 ssh2 Jul 16 00:11:31 DAAP sshd[28131]: Invalid user ese from 116.6.234.141 port 36218 ...	2020-07-16 07:45:21
116.6.234.141	attackspambots	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 116.6.234.141, Reason:[(sshd) Failed SSH login from 116.6.234.141 (CN/China/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-07-12 12:07:07
116.6.234.141	attackbots	2020-07-09T20:11:29.693599mail.standpoint.com.ua sshd[19816]: Invalid user lemwal from 116.6.234.141 port 34037 2020-07-09T20:11:29.696138mail.standpoint.com.ua sshd[19816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.141 2020-07-09T20:11:29.693599mail.standpoint.com.ua sshd[19816]: Invalid user lemwal from 116.6.234.141 port 34037 2020-07-09T20:11:32.510052mail.standpoint.com.ua sshd[19816]: Failed password for invalid user lemwal from 116.6.234.141 port 34037 ssh2 2020-07-09T20:13:54.394438mail.standpoint.com.ua sshd[20141]: Invalid user annemarie from 116.6.234.141 port 34038 ...	2020-07-10 01:22:19
116.6.234.145	attackspam	May 28 19:34:19 host sshd[32464]: Invalid user gdm from 116.6.234.145 port 32308 ...	2020-05-29 02:57:51
116.6.234.145	attackspam	May 27 20:14:16 piServer sshd[15517]: Failed password for root from 116.6.234.145 port 63407 ssh2 May 27 20:18:24 piServer sshd[16144]: Failed password for root from 116.6.234.145 port 63409 ssh2 ...	2020-05-28 02:35:49
116.6.234.145	attackbotsspam	(sshd) Failed SSH login from 116.6.234.145 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 24 18:19:09 amsweb01 sshd[3227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.145 user=root May 24 18:19:11 amsweb01 sshd[3227]: Failed password for root from 116.6.234.145 port 29675 ssh2 May 24 18:27:28 amsweb01 sshd[4022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.145 user=root May 24 18:27:31 amsweb01 sshd[4022]: Failed password for root from 116.6.234.145 port 29676 ssh2 May 24 18:30:09 amsweb01 sshd[4385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.145 user=root	2020-05-25 02:52:32
116.6.234.145	attackbotsspam	Invalid user uoc from 116.6.234.145 port 45929	2020-05-24 06:57:17
116.6.234.145	attackbotsspam	Brute-force attempt banned	2020-05-16 02:41:36

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.6.234.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34232
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.6.234.142.			IN	A

;; AUTHORITY SECTION:
.			583	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041900 1800 900 604800 86400

;; Query time: 140 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 19 21:39:39 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 142.234.6.116.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.234.6.116.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
111.229.124.215	attack	$f2bV_matches	2020-06-01 14:31:15
222.186.173.215	attackspambots	2020-06-01T09:18:27.747596afi-git.jinr.ru sshd[28570]: Failed password for root from 222.186.173.215 port 17320 ssh2 2020-06-01T09:18:30.762296afi-git.jinr.ru sshd[28570]: Failed password for root from 222.186.173.215 port 17320 ssh2 2020-06-01T09:18:33.660742afi-git.jinr.ru sshd[28570]: Failed password for root from 222.186.173.215 port 17320 ssh2 2020-06-01T09:18:33.660895afi-git.jinr.ru sshd[28570]: error: maximum authentication attempts exceeded for root from 222.186.173.215 port 17320 ssh2 [preauth] 2020-06-01T09:18:33.660910afi-git.jinr.ru sshd[28570]: Disconnecting: Too many authentication failures [preauth] ...	2020-06-01 14:21:44
78.128.113.77	attackbotsspam	2020-06-01 08:19:01 dovecot_login authenticator failed for $ip-113-77.4vendeta.com.$ \[78.128.113.77\]: 535 Incorrect authentication data $set_id=inarcassaonline@opso.it$ 2020-06-01 08:19:10 dovecot_login authenticator failed for $ip-113-77.4vendeta.com.$ \[78.128.113.77\]: 535 Incorrect authentication data 2020-06-01 08:19:20 dovecot_login authenticator failed for $ip-113-77.4vendeta.com.$ \[78.128.113.77\]: 535 Incorrect authentication data 2020-06-01 08:19:26 dovecot_login authenticator failed for $ip-113-77.4vendeta.com.$ \[78.128.113.77\]: 535 Incorrect authentication data 2020-06-01 08:19:39 dovecot_login authenticator failed for $ip-113-77.4vendeta.com.$ \[78.128.113.77\]: 535 Incorrect authentication data 2020-06-01 08:19:39 dovecot_login authenticator failed for $ip-113-77.4vendeta.com.$ \[78.128.113.77\]: 535 Incorrect authentication data	2020-06-01 14:21:13
54.223.114.32	attackbots	ssh brute force	2020-06-01 14:44:36
159.203.27.100	attackbots	159.203.27.100 - - [01/Jun/2020:06:15:43 +0200] "GET /wp-login.php HTTP/1.1" 200 6364 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.27.100 - - [01/Jun/2020:06:15:44 +0200] "POST /wp-login.php HTTP/1.1" 200 6615 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.27.100 - - [01/Jun/2020:06:15:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-01 14:27:01
104.248.164.123	attackbotsspam	Jun 1 08:15:30 hosting sshd[15808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.164.123 user=root Jun 1 08:15:32 hosting sshd[15808]: Failed password for root from 104.248.164.123 port 59474 ssh2 ...	2020-06-01 14:44:04
51.38.130.63	attackbotsspam	Jun 1 07:21:48 eventyay sshd[23387]: Failed password for root from 51.38.130.63 port 56712 ssh2 Jun 1 07:25:36 eventyay sshd[23519]: Failed password for root from 51.38.130.63 port 33570 ssh2 ...	2020-06-01 14:10:11
159.65.41.57	attack	159.65.41.57 - - \[01/Jun/2020:05:52:24 +0200\] "POST /wp-login.php HTTP/1.0" 200 6524 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 159.65.41.57 - - \[01/Jun/2020:05:52:26 +0200\] "POST /wp-login.php HTTP/1.0" 200 6526 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 159.65.41.57 - - \[01/Jun/2020:05:52:30 +0200\] "POST /wp-login.php HTTP/1.0" 200 6382 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-06-01 14:06:43
222.186.169.192	attackspambots	2020-06-01T08:59:32.388909afi-git.jinr.ru sshd[23919]: Failed password for root from 222.186.169.192 port 14904 ssh2 2020-06-01T08:59:36.742737afi-git.jinr.ru sshd[23919]: Failed password for root from 222.186.169.192 port 14904 ssh2 2020-06-01T08:59:40.501142afi-git.jinr.ru sshd[23919]: Failed password for root from 222.186.169.192 port 14904 ssh2 2020-06-01T08:59:40.501282afi-git.jinr.ru sshd[23919]: error: maximum authentication attempts exceeded for root from 222.186.169.192 port 14904 ssh2 [preauth] 2020-06-01T08:59:40.501296afi-git.jinr.ru sshd[23919]: Disconnecting: Too many authentication failures [preauth] ...	2020-06-01 14:11:52
91.121.211.59	attackbotsspam	Jun 1 05:45:40 server sshd[5867]: Failed password for root from 91.121.211.59 port 44156 ssh2 Jun 1 05:49:08 server sshd[6010]: Failed password for root from 91.121.211.59 port 49534 ssh2 ...	2020-06-01 14:13:14
185.143.74.73	attackspam	Jun 1 08:36:17 relay postfix/smtpd\[10918\]: warning: unknown\[185.143.74.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 1 08:37:55 relay postfix/smtpd\[4820\]: warning: unknown\[185.143.74.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 1 08:37:56 relay postfix/smtpd\[9485\]: warning: unknown\[185.143.74.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 1 08:39:33 relay postfix/smtpd\[26293\]: warning: unknown\[185.143.74.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 1 08:39:39 relay postfix/smtpd\[10905\]: warning: unknown\[185.143.74.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-01 14:47:44
91.126.98.41	attack	$f2bV_matches	2020-06-01 14:24:40
185.199.225.135	attack	SmallBizIT.US 1 packets to tcp(3389)	2020-06-01 14:31:45
122.176.24.90	attack	1590983501 - 06/01/2020 05:51:41 Host: 122.176.24.90/122.176.24.90 Port: 445 TCP Blocked	2020-06-01 14:40:58
112.85.42.180	attackbotsspam	Jun 1 08:14:30 abendstille sshd\[7572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.180 user=root Jun 1 08:14:31 abendstille sshd\[7575\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.180 user=root Jun 1 08:14:32 abendstille sshd\[7572\]: Failed password for root from 112.85.42.180 port 31160 ssh2 Jun 1 08:14:33 abendstille sshd\[7575\]: Failed password for root from 112.85.42.180 port 9408 ssh2 Jun 1 08:14:36 abendstille sshd\[7572\]: Failed password for root from 112.85.42.180 port 31160 ssh2 ...	2020-06-01 14:20:53

最近上报的IP列表

159.65.136.196	117.70.194.220	81.34.187.112	106.12.121.47
93.211.213.48	60.189.98.92	116.111.157.183	185.192.108.219
134.209.221.1	112.87.5.69	221.127.21.167	76.170.190.184
144.217.0.43	180.231.11.182	49.86.26.151	192.241.239.46
157.52.145.29	124.113.240.27	45.135.164.10	186.29.69.196