118.70.203.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt from IP address 118.70.203.68 on Port 445(SMB)	2019-07-10 09:57:02

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 118.70.203.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37091
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;118.70.203.68.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070901 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 10 09:56:55 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 68.203.70.118.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 68.203.70.118.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
183.57.46.131	attack	Port scan: Attack repeated for 24 hours	2020-09-15 03:30:02
196.0.122.26	attackspam	Sep 14 18:14:14 mail.srvfarm.net postfix/smtpd[2055976]: warning: unknown[196.0.122.26]: SASL PLAIN authentication failed: Sep 14 18:14:14 mail.srvfarm.net postfix/smtpd[2055976]: lost connection after AUTH from unknown[196.0.122.26] Sep 14 18:22:41 mail.srvfarm.net postfix/smtpd[2073584]: warning: unknown[196.0.122.26]: SASL PLAIN authentication failed: Sep 14 18:22:41 mail.srvfarm.net postfix/smtpd[2073584]: lost connection after AUTH from unknown[196.0.122.26] Sep 14 18:22:58 mail.srvfarm.net postfix/smtpd[2073939]: warning: unknown[196.0.122.26]: SASL PLAIN authentication failed:	2020-09-15 03:44:35
193.35.51.21	attackbotsspam	Sep 14 20:31:03 l03 postfix/smtps/smtpd[26098]: warning: unknown[193.35.51.21]: SASL LOGIN authentication failed: authentication failure Sep 14 20:31:07 l03 postfix/smtps/smtpd[26098]: warning: unknown[193.35.51.21]: SASL LOGIN authentication failed: authentication failure Sep 14 20:35:04 l03 postfix/smtps/smtpd[26963]: warning: unknown[193.35.51.21]: SASL LOGIN authentication failed: authentication failure Sep 14 20:35:08 l03 postfix/smtps/smtpd[26963]: warning: unknown[193.35.51.21]: SASL LOGIN authentication failed: authentication failure ...	2020-09-15 03:37:47
49.88.112.76	attackbotsspam	2020-09-14 10:21:48.849299-0500 localhost sshd[91635]: Failed password for root from 49.88.112.76 port 44027 ssh2	2020-09-15 03:57:02
103.40.200.175	attackspambots	Sep 13 18:37:13 mail.srvfarm.net postfix/smtps/smtpd[1230507]: warning: unknown[103.40.200.175]: SASL PLAIN authentication failed: Sep 13 18:37:13 mail.srvfarm.net postfix/smtps/smtpd[1230507]: lost connection after AUTH from unknown[103.40.200.175] Sep 13 18:41:07 mail.srvfarm.net postfix/smtps/smtpd[1230509]: warning: unknown[103.40.200.175]: SASL PLAIN authentication failed: Sep 13 18:41:08 mail.srvfarm.net postfix/smtps/smtpd[1230509]: lost connection after AUTH from unknown[103.40.200.175] Sep 13 18:43:19 mail.srvfarm.net postfix/smtpd[1232282]: warning: unknown[103.40.200.175]: SASL PLAIN authentication failed:	2020-09-15 03:39:32
89.248.162.179	attackbots	Yet another port scanner as most of the visits from Incrediserve LTD (incrediserve.net)	2020-09-15 03:59:12
80.48.133.56	attackbotsspam	Sep 14 19:02:54 mail.srvfarm.net postfix/smtpd[2078253]: warning: unknown[80.48.133.56]: SASL PLAIN authentication failed: Sep 14 19:02:54 mail.srvfarm.net postfix/smtpd[2078253]: lost connection after AUTH from unknown[80.48.133.56] Sep 14 19:05:02 mail.srvfarm.net postfix/smtps/smtpd[2077848]: warning: unknown[80.48.133.56]: SASL PLAIN authentication failed: Sep 14 19:05:03 mail.srvfarm.net postfix/smtps/smtpd[2077848]: lost connection after AUTH from unknown[80.48.133.56] Sep 14 19:10:48 mail.srvfarm.net postfix/smtps/smtpd[2079598]: warning: unknown[80.48.133.56]: SASL PLAIN authentication failed:	2020-09-15 03:41:28
116.125.141.56	attackspambots	Sep 14 20:25:30 localhost sshd\[8712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.125.141.56 user=root Sep 14 20:25:32 localhost sshd\[8712\]: Failed password for root from 116.125.141.56 port 44054 ssh2 Sep 14 20:29:33 localhost sshd\[8887\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.125.141.56 user=proxy Sep 14 20:29:35 localhost sshd\[8887\]: Failed password for proxy from 116.125.141.56 port 46152 ssh2 Sep 14 20:33:34 localhost sshd\[9112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.125.141.56 user=root ...	2020-09-15 03:31:31
5.188.206.30	attackbots	5.188.206.30:63067 - - [13/Sep/2020:18:44:02 +0200] "\x03" 400 311	2020-09-15 03:36:36
129.28.192.71	attackspambots	Sep 14 19:32:41 scw-6657dc sshd[23166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.192.71 user=root Sep 14 19:32:41 scw-6657dc sshd[23166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.192.71 user=root Sep 14 19:32:43 scw-6657dc sshd[23166]: Failed password for root from 129.28.192.71 port 48684 ssh2 ...	2020-09-15 03:58:52
195.206.105.217	attackbots	195.206.105.217 (CH/Switzerland/-), 7 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 14 13:44:05 server2 sshd[7812]: Invalid user admin from 62.210.37.82 Sep 14 13:43:42 server2 sshd[7456]: Invalid user admin from 162.247.74.217 Sep 14 13:43:45 server2 sshd[7456]: Failed password for invalid user admin from 162.247.74.217 port 51736 ssh2 Sep 14 13:44:08 server2 sshd[7812]: Failed password for invalid user admin from 62.210.37.82 port 36772 ssh2 Sep 14 13:43:38 server2 sshd[7404]: Invalid user admin from 195.206.105.217 Sep 14 13:43:40 server2 sshd[7404]: Failed password for invalid user admin from 195.206.105.217 port 55792 ssh2 Sep 14 13:44:32 server2 sshd[7925]: Invalid user admin from 107.189.10.245 IP Addresses Blocked: 62.210.37.82 (FR/France/-) 162.247.74.217 (US/United States/-)	2020-09-15 03:30:26
94.154.105.247	attack	Sep 13 18:11:45 mail.srvfarm.net postfix/smtpd[1217748]: warning: unknown[94.154.105.247]: SASL PLAIN authentication failed: Sep 13 18:11:45 mail.srvfarm.net postfix/smtpd[1217748]: lost connection after AUTH from unknown[94.154.105.247] Sep 13 18:12:25 mail.srvfarm.net postfix/smtps/smtpd[1215851]: warning: unknown[94.154.105.247]: SASL PLAIN authentication failed: Sep 13 18:12:25 mail.srvfarm.net postfix/smtps/smtpd[1215851]: lost connection after AUTH from unknown[94.154.105.247] Sep 13 18:13:53 mail.srvfarm.net postfix/smtpd[1230212]: warning: unknown[94.154.105.247]: SASL PLAIN authentication failed:	2020-09-15 03:52:15
190.211.243.82	attackbotsspam	TCP ports : 7102 / 20672	2020-09-15 03:29:48
52.231.78.9	attackspambots	Sep 14 11:45:48 mail.srvfarm.net postfix/smtps/smtpd[1913724]: warning: unknown[52.231.78.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 11:47:35 mail.srvfarm.net postfix/smtps/smtpd[1914411]: warning: unknown[52.231.78.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 11:49:21 mail.srvfarm.net postfix/smtps/smtpd[1917174]: warning: unknown[52.231.78.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 11:51:08 mail.srvfarm.net postfix/smtps/smtpd[1913994]: warning: unknown[52.231.78.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 11:52:53 mail.srvfarm.net postfix/smtps/smtpd[1919583]: warning: unknown[52.231.78.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-09-15 03:53:25
189.90.203.179	attack	Sep 13 18:33:10 mail.srvfarm.net postfix/smtpd[1230212]: warning: 189-90-203-179.isimples.com.br[189.90.203.179]: SASL PLAIN authentication failed: Sep 13 18:33:11 mail.srvfarm.net postfix/smtpd[1230212]: lost connection after AUTH from 189-90-203-179.isimples.com.br[189.90.203.179] Sep 13 18:34:11 mail.srvfarm.net postfix/smtps/smtpd[1230771]: warning: 189-90-203-179.isimples.com.br[189.90.203.179]: SASL PLAIN authentication failed: Sep 13 18:34:12 mail.srvfarm.net postfix/smtps/smtpd[1230771]: lost connection after AUTH from 189-90-203-179.isimples.com.br[189.90.203.179] Sep 13 18:42:35 mail.srvfarm.net postfix/smtps/smtpd[1230509]: lost connection after AUTH from 189-90-203-179.isimples.com.br[189.90.203.179]	2020-09-15 03:38:17

最近上报的IP列表

171.240.215.146	36.75.56.180	212.46.234.66	106.12.107.213
188.0.163.90	252.148.16.170	132.145.192.87	94.97.22.251
181.120.140.134	41.160.113.203	182.187.7.6	91.142.167.176
103.76.188.36	122.241.93.96	27.116.18.122	171.245.55.142
202.175.87.102	186.95.161.104	200.166.248.111	190.207.190.173