121.235.20.141

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	2020-01-04 07:10:47 H=(ylmf-pc) [121.235.20.141]:50252 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2020-01-04 07:10:47 H=(ylmf-pc) [121.235.20.141]:50775 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2020-01-04 07:10:48 H=(ylmf-pc) [121.235.20.141]:56662 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc ...	2020-01-05 01:24:02

类型

评论内容

时间

attackbotsspam

2020-01-04 07:10:47 H=(ylmf-pc) [121.235.20.141]:50252 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc
2020-01-04 07:10:47 H=(ylmf-pc) [121.235.20.141]:50775 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc
2020-01-04 07:10:48 H=(ylmf-pc) [121.235.20.141]:56662 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc
...

2020-01-05 01:24:02

相同子网IP讨论:

IP	类型	评论内容	时间
121.235.20.247	attackbotsspam	2020-03-18 08:10:56 dovecot_login authenticator failed for (ddirod.com) [121.235.20.247]:56111 I=[192.147.25.65]:465: 535 Incorrect authentication data (set_id=ler@lerctr.org) 2020-03-18 08:11:18 dovecot_login authenticator failed for (ddirod.com) [121.235.20.247]:56614 I=[192.147.25.65]:465: 535 Incorrect authentication data (set_id=ler@lerctr.org) 2020-03-18 08:11:44 dovecot_login authenticator failed for (ddirod.com) [121.235.20.247]:57475 I=[192.147.25.65]:465: 535 Incorrect authentication data (set_id=ler@lerctr.org) ...	2020-03-18 21:34:43

类型

评论内容

时间

121.235.20.247

attackbotsspam

2020-03-18 08:10:56 dovecot_login authenticator failed for (ddirod.com) [121.235.20.247]:56111 I=[192.147.25.65]:465: 535 Incorrect authentication data (set_id=ler@lerctr.org)
2020-03-18 08:11:18 dovecot_login authenticator failed for (ddirod.com) [121.235.20.247]:56614 I=[192.147.25.65]:465: 535 Incorrect authentication data (set_id=ler@lerctr.org)
2020-03-18 08:11:44 dovecot_login authenticator failed for (ddirod.com) [121.235.20.247]:57475 I=[192.147.25.65]:465: 535 Incorrect authentication data (set_id=ler@lerctr.org)
...

2020-03-18 21:34:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.235.20.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33979
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.235.20.141.			IN	A

;; AUTHORITY SECTION:
.			339	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010400 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 05 01:23:58 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

141.20.235.121.in-addr.arpa domain name pointer 141.20.235.121.broad.wx.js.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
141.20.235.121.in-addr.arpa	name = 141.20.235.121.broad.wx.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
188.166.16.36	attackbots	(sshd) Failed SSH login from 188.166.16.36 (NL/Netherlands/-): 5 in the last 3600 secs	2020-09-29 21:38:32
219.153.33.234	attack	Sep 29 11:33:34 [host] sshd[24987]: Invalid user d Sep 29 11:33:34 [host] sshd[24987]: pam_unix(sshd: Sep 29 11:33:36 [host] sshd[24987]: Failed passwor	2020-09-29 21:37:40
103.66.96.230	attack	Sep 29 15:19:29 buvik sshd[19955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.66.96.230 Sep 29 15:19:31 buvik sshd[19955]: Failed password for invalid user almir from 103.66.96.230 port 7075 ssh2 Sep 29 15:24:06 buvik sshd[20626]: Invalid user ftp from 103.66.96.230 ...	2020-09-29 21:30:18
116.72.200.140	attackbots	Telnet Honeypot -> Telnet Bruteforce / Login	2020-09-29 21:26:54
167.71.211.45	attackspambots	Sep 29 13:05:09 game-panel sshd[30169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.211.45 Sep 29 13:05:10 game-panel sshd[30169]: Failed password for invalid user git from 167.71.211.45 port 33338 ssh2 Sep 29 13:09:40 game-panel sshd[30427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.211.45	2020-09-29 21:27:54
192.254.74.22	attack	192.254.74.22 - - [29/Sep/2020:13:59:25 +0100] "POST /wp-login.php HTTP/1.1" 200 2556 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.254.74.22 - - [29/Sep/2020:13:59:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2540 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.254.74.22 - - [29/Sep/2020:13:59:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2592 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 21:12:18
95.107.45.197	attackspambots	Telnet Server BruteForce Attack	2020-09-29 21:30:49
186.96.102.198	attack	Sep 29 15:07:31 PorscheCustomer sshd[25963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.96.102.198 Sep 29 15:07:33 PorscheCustomer sshd[25963]: Failed password for invalid user toor from 186.96.102.198 port 57309 ssh2 Sep 29 15:12:04 PorscheCustomer sshd[26055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.96.102.198 ...	2020-09-29 21:25:43
45.87.220.76	attackbotsspam	received phishing	2020-09-29 21:33:38
182.61.133.172	attackspam	2020-09-29T08:02:28.183508yoshi.linuxbox.ninja sshd[3413823]: Invalid user demo from 182.61.133.172 port 56118 2020-09-29T08:02:30.177256yoshi.linuxbox.ninja sshd[3413823]: Failed password for invalid user demo from 182.61.133.172 port 56118 ssh2 2020-09-29T08:05:43.768676yoshi.linuxbox.ninja sshd[3416075]: Invalid user redmine from 182.61.133.172 port 39978 ...	2020-09-29 21:17:19
184.154.139.18	attackspambots	(From 1) 1	2020-09-29 21:35:13
194.150.235.8	attackspam	Sep 29 00:25:57 mail.srvfarm.net postfix/smtpd[2235369]: NOQUEUE: reject: RCPT from unknown[194.150.235.8]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Sep 29 00:26:59 mail.srvfarm.net postfix/smtpd[2235351]: NOQUEUE: reject: RCPT from unknown[194.150.235.8]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Sep 29 00:28:29 mail.srvfarm.net postfix/smtpd[2237844]: NOQUEUE: reject: RCPT from unknown[194.150.235.8]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Sep 29 00:29:29 mail.srvfarm.net postfix/smtpd[2071208]: NOQUEUE: reject: RCPT from unknown[194.150.235.8]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo=	2020-09-29 21:12:02
165.232.47.194	attackbots	Sep 28 23:27:15 xxxxxxx4 sshd[18461]: Invalid user gpadmin from 165.232.47.194 port 43718 Sep 28 23:27:15 xxxxxxx4 sshd[18461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.232.47.194 Sep 28 23:27:17 xxxxxxx4 sshd[18461]: Failed password for invalid user gpadmin from 165.232.47.194 port 43718 ssh2 Sep 28 23:38:22 xxxxxxx4 sshd[19460]: Invalid user postgres from 165.232.47.194 port 52242 Sep 28 23:38:22 xxxxxxx4 sshd[19460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.232.47.194 Sep 28 23:38:24 xxxxxxx4 sshd[19460]: Failed password for invalid user postgres from 165.232.47.194 port 52242 ssh2 Sep 28 23:42:22 xxxxxxx4 sshd[20086]: Invalid user kibana from 165.232.47.194 port 37044 Sep 28 23:42:22 xxxxxxx4 sshd[20086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.232.47.194 Sep 28 23:42:23 xxxxxxx4 sshd[20086]: Failed password for inv........ ------------------------------	2020-09-29 21:28:58
58.64.215.150	attack	2020-09-29T05:08:14.376157suse-nuc sshd[5216]: User root from 58.64.215.150 not allowed because listed in DenyUsers ...	2020-09-29 21:06:16
61.132.52.24	attack	Invalid user hue from 61.132.52.24 port 33496	2020-09-29 21:25:15

最近上报的IP列表

124.248.196.96	139.219.185.201	100.169.145.232	204.78.143.216
191.19.59.47	161.197.191.250	54.36.148.190	130.124.178.212
113.187.116.72	153.107.92.69	143.146.160.161	105.255.61.21
219.78.131.94	221.137.40.102	168.189.24.56	171.125.212.71
159.89.80.10	93.47.194.181	158.224.62.18	109.169.63.38