116.68.199.199

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Bangladesh

运营商(isp): Agni Systems Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-27 20:40:19

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.68.199.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19565
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.68.199.199.			IN	A

;; AUTHORITY SECTION:
.			512	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112700 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 27 20:40:15 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 199.199.68.116.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 199.199.68.116.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
139.199.119.76	attackbotsspam	May 13 16:39:29 pornomens sshd\[10523\]: Invalid user admin from 139.199.119.76 port 33202 May 13 16:39:29 pornomens sshd\[10523\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.119.76 May 13 16:39:31 pornomens sshd\[10523\]: Failed password for invalid user admin from 139.199.119.76 port 33202 ssh2 ...	2020-05-14 00:47:56
58.212.197.127	attackbots	May 13 12:35:20 ws24vmsma01 sshd[89022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.212.197.127 May 13 12:35:22 ws24vmsma01 sshd[89022]: Failed password for invalid user user from 58.212.197.127 port 36711 ssh2 ...	2020-05-14 00:29:45
111.231.75.5	attackspam	May 13 16:33:38 Ubuntu-1404-trusty-64-minimal sshd\[431\]: Invalid user iwizservice from 111.231.75.5 May 13 16:33:38 Ubuntu-1404-trusty-64-minimal sshd\[431\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.5 May 13 16:33:41 Ubuntu-1404-trusty-64-minimal sshd\[431\]: Failed password for invalid user iwizservice from 111.231.75.5 port 42572 ssh2 May 13 16:52:10 Ubuntu-1404-trusty-64-minimal sshd\[14032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.5 user=root May 13 16:52:13 Ubuntu-1404-trusty-64-minimal sshd\[14032\]: Failed password for root from 111.231.75.5 port 47284 ssh2	2020-05-14 00:38:18
114.27.112.194	attackbotsspam	20/5/13@08:35:39: FAIL: Alarm-Network address from=114.27.112.194 20/5/13@08:35:39: FAIL: Alarm-Network address from=114.27.112.194 ...	2020-05-14 00:42:54
35.238.120.26	attackspam	23/tcp [2020-05-13]1pkt	2020-05-14 00:39:51
50.67.20.192	attack	May 13 16:03:08 host sshd[37765]: Invalid user deploy from 50.67.20.192 port 32830 ...	2020-05-14 00:54:41
106.54.237.119	attack	2020-05-13T14:30:22.867571vps751288.ovh.net sshd\[21915\]: Invalid user mjb from 106.54.237.119 port 46942 2020-05-13T14:30:22.878559vps751288.ovh.net sshd\[21915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.237.119 2020-05-13T14:30:24.878101vps751288.ovh.net sshd\[21915\]: Failed password for invalid user mjb from 106.54.237.119 port 46942 ssh2 2020-05-13T14:35:37.528779vps751288.ovh.net sshd\[21954\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.237.119 user=root 2020-05-13T14:35:39.774137vps751288.ovh.net sshd\[21954\]: Failed password for root from 106.54.237.119 port 47672 ssh2	2020-05-14 00:41:50
104.248.151.241	attackbots	SSH Bruteforce attack	2020-05-14 00:57:02
222.186.180.41	attack	May 13 18:56:35 * sshd[29269]: Failed password for root from 222.186.180.41 port 46254 ssh2 May 13 18:56:47 * sshd[29269]: error: maximum authentication attempts exceeded for root from 222.186.180.41 port 46254 ssh2 [preauth]	2020-05-14 00:58:50
45.143.223.200	attack	2020-05-13T14:35:56.681737 X postfix/smtpd[3396583]: NOQUEUE: reject: RCPT from unknown[45.143.223.200]: 554 5.7.1 Service unavailable; Client host [45.143.223.200] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBL485521 / https://www.spamhaus.org/query/ip/45.143.223.200; from= to= proto=ESMTP helo=	2020-05-14 00:30:15
164.132.108.135	attack	May 13 21:30:14 gw1 sshd[13892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.108.135 May 13 21:30:16 gw1 sshd[13892]: Failed password for invalid user informix from 164.132.108.135 port 40502 ssh2 ...	2020-05-14 00:37:09
54.36.148.46	attack	[Wed May 13 19:35:42.031275 2020] [:error] [pid 23852:tid 140604151064320] [client 54.36.148.46:16352] [client 54.36.148.46] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "AhrefsBot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "183"] [id "913102"] [msg "Found User-Agent associated with web crawler/bot"] [data "Matched Data: AhrefsBot found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; ahrefsbot/6.1; +http://ahrefs.com/robot/)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-crawler"] [tag "OWASP_CRS"] [tag "OWASP_CRS/AUTOMATION/CRAWLER"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/alamat/1948-klimatologi/agroklimatologi/kalender-tanam-katam-terpadu/kalender-tanam-kata ...	2020-05-14 00:41:13
222.186.173.238	attackspambots	May 13 18:24:47 sso sshd[2467]: Failed password for root from 222.186.173.238 port 62922 ssh2 May 13 18:24:52 sso sshd[2467]: Failed password for root from 222.186.173.238 port 62922 ssh2 ...	2020-05-14 00:40:27
35.227.108.34	attackbotsspam	May 13 16:23:25 scw-6657dc sshd[3544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.227.108.34 May 13 16:23:25 scw-6657dc sshd[3544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.227.108.34 May 13 16:23:28 scw-6657dc sshd[3544]: Failed password for invalid user phion from 35.227.108.34 port 33968 ssh2 ...	2020-05-14 01:03:03
95.31.245.93	attack	WordPress wp-login brute force :: 95.31.245.93 0.116 - [13/May/2020:12:35:21 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1837 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-05-14 01:05:17

最近上报的IP列表

110.138.150.145	39.43.119.175	178.67.73.248	192.129.254.127
14.184.111.84	84.195.44.26	104.131.199.240	86.98.157.101
59.175.145.101	220.136.73.158	37.6.109.31	192.158.14.231
103.220.37.29	112.78.180.17	36.85.105.169	27.198.80.39
171.229.249.246	83.110.241.47	183.100.194.165	246.241.50.153