118.99.104.132

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): Biznet ISP

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Dec 8 18:50:06 ns382633 sshd\[4968\]: Invalid user www from 118.99.104.132 port 54630 Dec 8 18:50:06 ns382633 sshd\[4968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.132 Dec 8 18:50:08 ns382633 sshd\[4968\]: Failed password for invalid user www from 118.99.104.132 port 54630 ssh2 Dec 8 19:12:29 ns382633 sshd\[9425\]: Invalid user minot from 118.99.104.132 port 34680 Dec 8 19:12:29 ns382633 sshd\[9425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.132	2019-12-09 04:02:56
attackbots	Dec 8 13:06:43 vps691689 sshd[30789]: Failed password for root from 118.99.104.132 port 54842 ssh2 Dec 8 13:13:12 vps691689 sshd[30989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.132 ...	2019-12-08 20:25:09
attack	Dec 2 10:01:49 pornomens sshd\[23102\]: Invalid user fawbush from 118.99.104.132 port 34940 Dec 2 10:01:49 pornomens sshd\[23102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.132 Dec 2 10:01:52 pornomens sshd\[23102\]: Failed password for invalid user fawbush from 118.99.104.132 port 34940 ssh2 ...	2019-12-02 18:21:22

类型

评论内容

时间

attackbotsspam

Dec  8 18:50:06 ns382633 sshd\[4968\]: Invalid user www from 118.99.104.132 port 54630
Dec  8 18:50:06 ns382633 sshd\[4968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.132
Dec  8 18:50:08 ns382633 sshd\[4968\]: Failed password for invalid user www from 118.99.104.132 port 54630 ssh2
Dec  8 19:12:29 ns382633 sshd\[9425\]: Invalid user minot from 118.99.104.132 port 34680
Dec  8 19:12:29 ns382633 sshd\[9425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.132

2019-12-09 04:02:56

attackbots

Dec  8 13:06:43 vps691689 sshd[30789]: Failed password for root from 118.99.104.132 port 54842 ssh2
Dec  8 13:13:12 vps691689 sshd[30989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.132
...

2019-12-08 20:25:09

attack

Dec  2 10:01:49 pornomens sshd\[23102\]: Invalid user fawbush from 118.99.104.132 port 34940
Dec  2 10:01:49 pornomens sshd\[23102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.132
Dec  2 10:01:52 pornomens sshd\[23102\]: Failed password for invalid user fawbush from 118.99.104.132 port 34940 ssh2
...

2019-12-02 18:21:22

相同子网IP讨论:

IP	类型	评论内容	时间
118.99.104.151	attack	Oct 6 14:14:51 lnxweb61 sshd[16776]: Failed password for root from 118.99.104.151 port 34028 ssh2 Oct 6 14:19:12 lnxweb61 sshd[20572]: Failed password for root from 118.99.104.151 port 41428 ssh2	2020-10-06 21:01:50
118.99.104.151	attack	Oct 6 06:09:43 plg sshd[1711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.151 user=root Oct 6 06:09:44 plg sshd[1711]: Failed password for invalid user root from 118.99.104.151 port 35878 ssh2 Oct 6 06:10:56 plg sshd[1736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.151 user=root Oct 6 06:10:58 plg sshd[1736]: Failed password for invalid user root from 118.99.104.151 port 50764 ssh2 Oct 6 06:12:14 plg sshd[1753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.151 user=root Oct 6 06:12:16 plg sshd[1753]: Failed password for invalid user root from 118.99.104.151 port 37418 ssh2 Oct 6 06:13:31 plg sshd[1773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.151 user=root ...	2020-10-06 12:42:47
118.99.104.145	attack	Sep 28 16:16:34 server sshd[19167]: Failed password for root from 118.99.104.145 port 50278 ssh2 Sep 28 16:21:36 server sshd[21842]: Failed password for root from 118.99.104.145 port 58330 ssh2 Sep 28 16:26:39 server sshd[24514]: Failed password for invalid user frederick from 118.99.104.145 port 38146 ssh2	2020-09-29 00:17:21
118.99.104.145	attackspambots	$f2bV_matches	2020-09-28 16:19:50
118.99.104.145	attack	Sep 26 21:54:02 Ubuntu-1404-trusty-64-minimal sshd\[1716\]: Invalid user mehdi from 118.99.104.145 Sep 26 21:54:02 Ubuntu-1404-trusty-64-minimal sshd\[1716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.145 Sep 26 21:54:04 Ubuntu-1404-trusty-64-minimal sshd\[1716\]: Failed password for invalid user mehdi from 118.99.104.145 port 39784 ssh2 Sep 26 21:58:03 Ubuntu-1404-trusty-64-minimal sshd\[4752\]: Invalid user ivan from 118.99.104.145 Sep 26 21:58:03 Ubuntu-1404-trusty-64-minimal sshd\[4752\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.145	2020-09-27 06:17:32
118.99.104.145	attackspam	Sep 26 14:33:37 DAAP sshd[25460]: Invalid user movies from 118.99.104.145 port 46392 Sep 26 14:33:37 DAAP sshd[25460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.145 Sep 26 14:33:37 DAAP sshd[25460]: Invalid user movies from 118.99.104.145 port 46392 Sep 26 14:33:39 DAAP sshd[25460]: Failed password for invalid user movies from 118.99.104.145 port 46392 ssh2 Sep 26 14:38:06 DAAP sshd[25499]: Invalid user jessica from 118.99.104.145 port 54676 ...	2020-09-26 22:39:50
118.99.104.145	attackspambots	(sshd) Failed SSH login from 118.99.104.145 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 26 04:14:07 server2 sshd[13864]: Invalid user nikhil from 118.99.104.145 port 43326 Sep 26 04:14:09 server2 sshd[13864]: Failed password for invalid user nikhil from 118.99.104.145 port 43326 ssh2 Sep 26 04:25:05 server2 sshd[15894]: Invalid user centos from 118.99.104.145 port 58862 Sep 26 04:25:06 server2 sshd[15894]: Failed password for invalid user centos from 118.99.104.145 port 58862 ssh2 Sep 26 04:29:32 server2 sshd[16586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.145 user=root	2020-09-26 14:25:17
118.99.104.138	attack	Invalid user ftpu from 118.99.104.138 port 54694	2020-08-29 16:33:08
118.99.104.138	attackspam	Failed password for invalid user sunil from 118.99.104.138 port 57252 ssh2	2020-08-19 00:06:06
118.99.104.138	attackbotsspam	Aug 17 00:26:26 sso sshd[20538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.138 Aug 17 00:26:28 sso sshd[20538]: Failed password for invalid user pi from 118.99.104.138 port 49786 ssh2 ...	2020-08-17 07:45:48
118.99.104.138	attack	Aug 15 00:26:16 rotator sshd\[13771\]: Failed password for root from 118.99.104.138 port 37790 ssh2Aug 15 00:29:27 rotator sshd\[13831\]: Failed password for root from 118.99.104.138 port 47278 ssh2Aug 15 00:30:51 rotator sshd\[14589\]: Failed password for root from 118.99.104.138 port 39016 ssh2Aug 15 00:32:22 rotator sshd\[14616\]: Failed password for root from 118.99.104.138 port 58986 ssh2Aug 15 00:33:56 rotator sshd\[14638\]: Failed password for root from 118.99.104.138 port 50722 ssh2Aug 15 00:35:32 rotator sshd\[15409\]: Failed password for root from 118.99.104.138 port 42460 ssh2 ...	2020-08-15 08:10:23
118.99.104.138	attackbotsspam	Aug 14 05:33:40 prod4 sshd\[10336\]: Failed password for root from 118.99.104.138 port 33978 ssh2 Aug 14 05:38:06 prod4 sshd\[11560\]: Failed password for root from 118.99.104.138 port 37492 ssh2 Aug 14 05:42:39 prod4 sshd\[12638\]: Failed password for root from 118.99.104.138 port 41012 ssh2 ...	2020-08-14 12:26:17
118.99.104.138	attackspambots	Aug 7 07:02:35 santamaria sshd\[13130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.138 user=root Aug 7 07:02:37 santamaria sshd\[13130\]: Failed password for root from 118.99.104.138 port 58750 ssh2 Aug 7 07:07:32 santamaria sshd\[13234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.138 user=root ...	2020-08-07 13:10:27
118.99.104.138	attack	Aug 4 05:51:16 server sshd[9374]: Failed password for root from 118.99.104.138 port 39698 ssh2 Aug 4 05:55:09 server sshd[10674]: Failed password for root from 118.99.104.138 port 35694 ssh2 Aug 4 05:58:55 server sshd[11780]: Failed password for root from 118.99.104.138 port 59896 ssh2	2020-08-04 12:35:26
118.99.104.138	attackspambots	2020-07-31T19:16:02.069945ks3355764 sshd[18607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.104.138 user=root 2020-07-31T19:16:04.094266ks3355764 sshd[18607]: Failed password for root from 118.99.104.138 port 50520 ssh2 ...	2020-08-01 03:27:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 118.99.104.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33355
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;118.99.104.132.			IN	A

;; AUTHORITY SECTION:
.			194	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120200 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 02 18:21:17 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 132.104.99.118.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 132.104.99.118.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.68.255.161	attackbots	Aug 19 05:46:50 icecube postfix/smtpd[41944]: NOQUEUE: reject: RCPT from unknown[49.68.255.161]: 554 5.7.1 Service unavailable; Client host [49.68.255.161] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/49.68.255.161; from= to= proto=ESMTP helo=	2020-08-19 19:15:41
120.239.196.59	attack	Invalid user board from 120.239.196.59 port 16240	2020-08-19 19:23:31
132.232.27.49	attack	CN bad_bot	2020-08-19 19:20:22
91.106.199.101	attackbots	prod11 ...	2020-08-19 19:29:41
202.102.107.14	attackspam	Invalid user host from 202.102.107.14 port 60948	2020-08-19 19:02:09
104.248.112.159	attackbots	104.248.112.159 - - [19/Aug/2020:04:46:39 +0100] "POST /wp-login.php HTTP/1.1" 200 1836 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.112.159 - - [19/Aug/2020:04:46:51 +0100] "POST /wp-login.php HTTP/1.1" 200 1835 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.112.159 - - [19/Aug/2020:04:46:51 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-19 19:13:38
177.152.124.21	attackbotsspam	2020-08-19T05:52:19.212199shield sshd\[32766\]: Invalid user ftptest from 177.152.124.21 port 52306 2020-08-19T05:52:19.220560shield sshd\[32766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.152.124.21 2020-08-19T05:52:21.590517shield sshd\[32766\]: Failed password for invalid user ftptest from 177.152.124.21 port 52306 ssh2 2020-08-19T05:57:24.350565shield sshd\[1421\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.152.124.21 user=root 2020-08-19T05:57:26.594274shield sshd\[1421\]: Failed password for root from 177.152.124.21 port 57604 ssh2	2020-08-19 19:35:52
117.103.2.114	attack	Fail2Ban	2020-08-19 19:20:53
154.8.151.45	attackbots	Aug 16 22:16:16 josie sshd[25930]: Invalid user anton from 154.8.151.45 Aug 16 22:16:16 josie sshd[25930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.151.45 Aug 16 22:16:17 josie sshd[25930]: Failed password for invalid user anton from 154.8.151.45 port 9996 ssh2 Aug 16 22:16:17 josie sshd[25931]: Received disconnect from 154.8.151.45: 11: Bye Bye Aug 16 22:23:05 josie sshd[27456]: Invalid user new from 154.8.151.45 Aug 16 22:23:05 josie sshd[27456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.151.45 Aug 16 22:23:07 josie sshd[27456]: Failed password for invalid user new from 154.8.151.45 port 28377 ssh2 Aug 16 22:23:07 josie sshd[27457]: Received disconnect from 154.8.151.45: 11: Bye Bye Aug 16 22:25:45 josie sshd[28095]: Invalid user shoutcast from 154.8.151.45 Aug 16 22:25:45 josie sshd[28095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=s........ -------------------------------	2020-08-19 19:02:46
14.189.231.55	attackbotsspam	Unauthorised access (Aug 19) SRC=14.189.231.55 LEN=52 TTL=106 ID=23498 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-19 19:01:54
193.112.44.102	attack	Invalid user naoya from 193.112.44.102 port 36144	2020-08-19 19:13:15
210.212.246.46	attackbotsspam	1597808791 - 08/19/2020 05:46:31 Host: 210.212.246.46/210.212.246.46 Port: 445 TCP Blocked	2020-08-19 19:29:09
192.157.233.175	attackspambots	SSH Login Bruteforce	2020-08-19 18:54:07
211.159.186.152	attackspam	Aug 19 03:46:33 IngegnereFirenze sshd[24232]: Failed password for invalid user fg from 211.159.186.152 port 38454 ssh2 ...	2020-08-19 19:27:23
153.92.4.206	attackspambots	2020-08-19T06:56:07.144277dmca.cloudsearch.cf sshd[25966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.92.4.206 user=root 2020-08-19T06:56:09.031857dmca.cloudsearch.cf sshd[25966]: Failed password for root from 153.92.4.206 port 47132 ssh2 2020-08-19T07:03:18.281122dmca.cloudsearch.cf sshd[26231]: Invalid user danko from 153.92.4.206 port 60298 2020-08-19T07:03:18.286280dmca.cloudsearch.cf sshd[26231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.92.4.206 2020-08-19T07:03:18.281122dmca.cloudsearch.cf sshd[26231]: Invalid user danko from 153.92.4.206 port 60298 2020-08-19T07:03:20.008384dmca.cloudsearch.cf sshd[26231]: Failed password for invalid user danko from 153.92.4.206 port 60298 ssh2 2020-08-19T07:06:07.133630dmca.cloudsearch.cf sshd[26294]: Invalid user tempo from 153.92.4.206 port 43376 ...	2020-08-19 19:05:02

最近上报的IP列表

72.252.196.30	36.83.53.222	234.215.33.26	113.57.96.226
88.247.81.92	196.218.141.126	160.154.145.64	46.24.181.6
176.18.163.62	204.69.196.142	1.255.231.178	130.7.143.50
211.56.107.78	192.31.210.12	146.188.153.26	106.155.246.43
197.185.10.104	188.49.186.200	17.251.57.108	5.235.69.205