116.68.244.204

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Star Broadband Services

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Nov 29 01:14:50 aragorn sshd[964]: Invalid user hduser from 116.68.244.204 Nov 29 01:21:48 aragorn sshd[3075]: Invalid user git from 116.68.244.204 Nov 29 01:21:49 aragorn sshd[3076]: Invalid user git from 116.68.244.204 Nov 29 01:21:49 aragorn sshd[3074]: Invalid user git from 116.68.244.204 ...	2019-11-29 19:38:26

类型

评论内容

时间

attackspam

Nov 29 01:14:50 aragorn sshd[964]: Invalid user hduser from 116.68.244.204
Nov 29 01:21:48 aragorn sshd[3075]: Invalid user git from 116.68.244.204
Nov 29 01:21:49 aragorn sshd[3076]: Invalid user git from 116.68.244.204
Nov 29 01:21:49 aragorn sshd[3074]: Invalid user git from 116.68.244.204
...

2019-11-29 19:38:26

相同子网IP讨论:

IP	类型	评论内容	时间
116.68.244.202	attackbotsspam	leo_www	2020-03-29 14:02:17
116.68.244.203	attack	Feb 17 09:05:51 : SSH login attempts with invalid user	2020-02-18 07:48:36
116.68.244.202	attackspam	Feb 16 15:27:53 server sshd\[24012\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.244.202 user=root Feb 16 15:27:55 server sshd\[24012\]: Failed password for root from 116.68.244.202 port 41010 ssh2 Feb 16 15:30:42 server sshd\[24665\]: Invalid user rozin from 116.68.244.202 Feb 16 15:30:42 server sshd\[24665\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.244.202 Feb 16 15:30:43 server sshd\[24665\]: Failed password for invalid user rozin from 116.68.244.202 port 52324 ssh2 ...	2020-02-16 21:28:54
116.68.244.202	attackspambots	Feb 15 14:14:07 sachi sshd\[8320\]: Invalid user user4 from 116.68.244.202 Feb 15 14:14:07 sachi sshd\[8320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.244.202 Feb 15 14:14:08 sachi sshd\[8320\]: Failed password for invalid user user4 from 116.68.244.202 port 49520 ssh2 Feb 15 14:20:02 sachi sshd\[8886\]: Invalid user hotel from 116.68.244.202 Feb 15 14:20:02 sachi sshd\[8886\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.244.202	2020-02-16 08:24:01
116.68.244.202	attack	Feb 7 14:05:53 prox sshd[4250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.244.202 Feb 7 14:05:55 prox sshd[4250]: Failed password for invalid user jcz from 116.68.244.202 port 58710 ssh2	2020-02-08 02:06:35
116.68.244.202	attackspam	$f2bV_matches	2019-12-24 19:49:20
116.68.244.202	attackbots	Nov 27 06:30:44 web8 sshd\[7266\]: Invalid user admin03 from 116.68.244.202 Nov 27 06:30:44 web8 sshd\[7266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.244.202 Nov 27 06:30:46 web8 sshd\[7266\]: Failed password for invalid user admin03 from 116.68.244.202 port 34672 ssh2 Nov 27 06:39:21 web8 sshd\[11472\]: Invalid user castonguay from 116.68.244.202 Nov 27 06:39:21 web8 sshd\[11472\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.244.202	2019-11-27 14:50:26
116.68.244.202	attack	Nov 27 06:04:56 web8 sshd\[26769\]: Invalid user haugan from 116.68.244.202 Nov 27 06:04:56 web8 sshd\[26769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.244.202 Nov 27 06:04:58 web8 sshd\[26769\]: Failed password for invalid user haugan from 116.68.244.202 port 57644 ssh2 Nov 27 06:13:40 web8 sshd\[31022\]: Invalid user abc from 116.68.244.202 Nov 27 06:13:40 web8 sshd\[31022\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.244.202	2019-11-27 14:14:13
116.68.244.125	attackspambots	Unauthorized connection attempt from IP address 116.68.244.125 on Port 445(SMB)	2019-10-06 01:47:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.68.244.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29322
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.68.244.204.			IN	A

;; AUTHORITY SECTION:
.			441	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112900 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 29 19:38:18 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 204.244.68.116.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 204.244.68.116.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
41.139.0.34	attackspam	Sep 15 00:14:14 mail.srvfarm.net postfix/smtps/smtpd[2201905]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: Sep 15 00:14:14 mail.srvfarm.net postfix/smtps/smtpd[2201905]: lost connection after AUTH from unknown[41.139.0.34] Sep 15 00:14:57 mail.srvfarm.net postfix/smtps/smtpd[2203408]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed: Sep 15 00:14:57 mail.srvfarm.net postfix/smtps/smtpd[2203408]: lost connection after AUTH from unknown[41.139.0.34] Sep 15 00:21:37 mail.srvfarm.net postfix/smtpd[2240874]: warning: unknown[41.139.0.34]: SASL PLAIN authentication failed:	2020-09-15 07:26:34
177.130.160.245	attackbotsspam	Sep 14 18:29:40 mail.srvfarm.net postfix/smtpd[2073486]: warning: unknown[177.130.160.245]: SASL PLAIN authentication failed: Sep 14 18:29:40 mail.srvfarm.net postfix/smtpd[2073486]: lost connection after AUTH from unknown[177.130.160.245] Sep 14 18:31:44 mail.srvfarm.net postfix/smtps/smtpd[2075240]: warning: unknown[177.130.160.245]: SASL PLAIN authentication failed: Sep 14 18:31:44 mail.srvfarm.net postfix/smtps/smtpd[2075240]: lost connection after AUTH from unknown[177.130.160.245] Sep 14 18:34:56 mail.srvfarm.net postfix/smtpd[2073941]: warning: unknown[177.130.160.245]: SASL PLAIN authentication failed:	2020-09-15 07:19:07
54.39.147.2	attackspambots	SSH BruteForce Attack	2020-09-15 07:37:27
61.136.66.70	attackspambots	$f2bV_matches	2020-09-15 07:25:44
188.166.251.87	attackbots	Sep 14 19:29:43 mail sshd\[8198\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.251.87 user=root ...	2020-09-15 07:36:13
45.239.143.30	attackspam	Sep 14 18:37:47 mail.srvfarm.net postfix/smtpd[2073486]: warning: unknown[45.239.143.30]: SASL PLAIN authentication failed: Sep 14 18:37:48 mail.srvfarm.net postfix/smtpd[2073486]: lost connection after AUTH from unknown[45.239.143.30] Sep 14 18:38:44 mail.srvfarm.net postfix/smtps/smtpd[2075240]: warning: unknown[45.239.143.30]: SASL PLAIN authentication failed: Sep 14 18:38:46 mail.srvfarm.net postfix/smtps/smtpd[2075240]: lost connection after AUTH from unknown[45.239.143.30] Sep 14 18:47:27 mail.srvfarm.net postfix/smtps/smtpd[2079372]: warning: unknown[45.239.143.30]: SASL PLAIN authentication failed:	2020-09-15 07:11:16
124.13.28.191	attackbotsspam	Sep 14 13:59:05 firewall sshd[9781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.13.28.191 Sep 14 13:59:05 firewall sshd[9781]: Invalid user testing from 124.13.28.191 Sep 14 13:59:07 firewall sshd[9781]: Failed password for invalid user testing from 124.13.28.191 port 34514 ssh2 ...	2020-09-15 07:42:02
128.199.123.0	attack	Sep 15 00:07:08 vpn01 sshd[16138]: Failed password for root from 128.199.123.0 port 42340 ssh2 ...	2020-09-15 07:44:17
145.239.82.87	attackbotsspam	$f2bV_matches	2020-09-15 07:20:50
115.238.97.2	attack	Time: Mon Sep 14 22:10:08 2020 +0200 IP: 115.238.97.2 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 14 21:52:26 ca-3-ams1 sshd[35858]: Invalid user test from 115.238.97.2 port 4177 Sep 14 21:52:28 ca-3-ams1 sshd[35858]: Failed password for invalid user test from 115.238.97.2 port 4177 ssh2 Sep 14 22:05:50 ca-3-ams1 sshd[36592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.97.2 user=root Sep 14 22:05:52 ca-3-ams1 sshd[36592]: Failed password for root from 115.238.97.2 port 3145 ssh2 Sep 14 22:10:03 ca-3-ams1 sshd[36921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.97.2 user=root	2020-09-15 07:38:30
196.0.122.26	attackbotsspam	Sep 14 18:14:14 mail.srvfarm.net postfix/smtpd[2055976]: warning: unknown[196.0.122.26]: SASL PLAIN authentication failed: Sep 14 18:14:14 mail.srvfarm.net postfix/smtpd[2055976]: lost connection after AUTH from unknown[196.0.122.26] Sep 14 18:22:41 mail.srvfarm.net postfix/smtpd[2073584]: warning: unknown[196.0.122.26]: SASL PLAIN authentication failed: Sep 14 18:22:41 mail.srvfarm.net postfix/smtpd[2073584]: lost connection after AUTH from unknown[196.0.122.26] Sep 14 18:22:58 mail.srvfarm.net postfix/smtpd[2073939]: warning: unknown[196.0.122.26]: SASL PLAIN authentication failed:	2020-09-15 07:17:21
188.92.213.151	attack	Sep 14 22:39:35 mail.srvfarm.net postfix/smtpd[2162648]: warning: unknown[188.92.213.151]: SASL PLAIN authentication failed: Sep 14 22:39:35 mail.srvfarm.net postfix/smtpd[2162648]: lost connection after AUTH from unknown[188.92.213.151] Sep 14 22:44:17 mail.srvfarm.net postfix/smtps/smtpd[2179122]: warning: unknown[188.92.213.151]: SASL PLAIN authentication failed: Sep 14 22:44:17 mail.srvfarm.net postfix/smtps/smtpd[2179122]: lost connection after AUTH from unknown[188.92.213.151] Sep 14 22:44:37 mail.srvfarm.net postfix/smtpd[2177412]: warning: unknown[188.92.213.151]: SASL PLAIN authentication failed:	2020-09-15 07:18:35
212.70.149.20	attackbots	Sep 15 01:14:42 srv01 postfix/smtpd\[11238\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 01:14:44 srv01 postfix/smtpd\[15134\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 01:14:48 srv01 postfix/smtpd\[16989\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 01:14:48 srv01 postfix/smtpd\[16998\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 01:15:06 srv01 postfix/smtpd\[15134\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-15 07:16:23
222.186.175.154	attack	Sep 14 23:33:16 ip-172-31-42-142 sshd\[19307\]: Failed password for root from 222.186.175.154 port 42958 ssh2\ Sep 14 23:33:26 ip-172-31-42-142 sshd\[19307\]: Failed password for root from 222.186.175.154 port 42958 ssh2\ Sep 14 23:33:30 ip-172-31-42-142 sshd\[19307\]: Failed password for root from 222.186.175.154 port 42958 ssh2\ Sep 14 23:33:36 ip-172-31-42-142 sshd\[19323\]: Failed password for root from 222.186.175.154 port 64066 ssh2\ Sep 14 23:33:59 ip-172-31-42-142 sshd\[19325\]: Failed password for root from 222.186.175.154 port 29542 ssh2\	2020-09-15 07:39:04
103.228.254.248	attack	20 attempts against mh-ssh on wood	2020-09-15 07:28:20

最近上报的IP列表

122.152.233.127	52.225.132.84	124.126.10.10	185.245.84.52
189.59.33.238	103.206.128.137	5.34.183.182	233.9.8.187
81.218.182.21	153.122.118.109	80.150.66.130	39.110.118.53
177.38.180.156	201.86.69.118	188.225.26.211	3.232.49.51
223.99.207.250	193.158.48.45	210.2.171.75	102.114.194.182