154.160.4.107 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ghana

运营商(isp): Scancom Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Mobile ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 16 13:34:39 our-server-hostname postfix/smtpd[10902]: connect from unknown[154.160.4.107] Oct x@x Oct 16 13:34:41 our-server-hostname postfix/smtpd[10902]: lost connection after RCPT from unknown[154.160.4.107] Oct 16 13:34:41 our-server-hostname postfix/smtpd[10902]: disconnect from unknown[154.160.4.107] Oct 16 13:34:47 our-server-hostname postfix/smtpd[23393]: connect from unknown[154.160.4.107] Oct x@x Oct 16 13:34:50 our-server-hostname postfix/smtpd[23393]: lost connection after RCPT from unknown[154.160.4.107] Oct 16 13:34:50 our-server-hostname postfix/smtpd[23393]: disconnect from unknown[154.160.4.107] Oct 16 13:35:09 our-server-hostname postfix/smtpd[15333]: connect from unknown[154.160.4.107] Oct x@x Oct 16 13:35:12 our-server-hostname postfix/smtpd[15333]: lost connection after RCPT from unknown[154.160.4.107] Oct 16 13:35:12 our-server-hostname postfix/smtpd[15333]: disconnect from unknown[154.160.4.107] Oct 16 13:36:14 our-server-hostname postfix/smtp........ -------------------------------	2019-10-16 15:47:24

类型

评论内容

时间

attack

Oct 16 13:34:39 our-server-hostname postfix/smtpd[10902]: connect from unknown[154.160.4.107]
Oct x@x
Oct 16 13:34:41 our-server-hostname postfix/smtpd[10902]: lost connection after RCPT from unknown[154.160.4.107]
Oct 16 13:34:41 our-server-hostname postfix/smtpd[10902]: disconnect from unknown[154.160.4.107]
Oct 16 13:34:47 our-server-hostname postfix/smtpd[23393]: connect from unknown[154.160.4.107]
Oct x@x
Oct 16 13:34:50 our-server-hostname postfix/smtpd[23393]: lost connection after RCPT from unknown[154.160.4.107]
Oct 16 13:34:50 our-server-hostname postfix/smtpd[23393]: disconnect from unknown[154.160.4.107]
Oct 16 13:35:09 our-server-hostname postfix/smtpd[15333]: connect from unknown[154.160.4.107]
Oct x@x
Oct 16 13:35:12 our-server-hostname postfix/smtpd[15333]: lost connection after RCPT from unknown[154.160.4.107]
Oct 16 13:35:12 our-server-hostname postfix/smtpd[15333]: disconnect from unknown[154.160.4.107]
Oct 16 13:36:14 our-server-hostname postfix/smtp........
-------------------------------

2019-10-16 15:47:24

相同子网IP讨论:

IP	类型	评论内容	时间
154.160.4.96	attackspambots	HTTP wp-login.php - 154.160.4.96	2020-08-14 19:00:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.160.4.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51736
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.160.4.107.			IN	A

;; AUTHORITY SECTION:
.			59	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101600 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 16 15:47:21 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 107.4.160.154.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.4.160.154.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
42.112.213.140	attack	445/tcp 445/tcp 445/tcp... [2019-07-27/09-08]6pkt,1pt.(tcp)	2019-09-09 09:31:54
189.171.48.101	attack	Sep 8 13:06:20 hanapaa sshd\[16199\]: Invalid user david from 189.171.48.101 Sep 8 13:06:20 hanapaa sshd\[16199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.171.48.101 Sep 8 13:06:22 hanapaa sshd\[16199\]: Failed password for invalid user david from 189.171.48.101 port 43510 ssh2 Sep 8 13:10:29 hanapaa sshd\[16653\]: Invalid user customer from 189.171.48.101 Sep 8 13:10:29 hanapaa sshd\[16653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.171.48.101	2019-09-09 09:09:21
220.181.108.83	attackspambots	Automatic report - Banned IP Access	2019-09-09 08:48:27
150.95.212.72	attackspambots	Sep 9 03:22:45 ArkNodeAT sshd\[21704\]: Invalid user tomas from 150.95.212.72 Sep 9 03:22:45 ArkNodeAT sshd\[21704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.212.72 Sep 9 03:22:46 ArkNodeAT sshd\[21704\]: Failed password for invalid user tomas from 150.95.212.72 port 60500 ssh2	2019-09-09 09:30:41
210.120.112.18	attackspambots	Sep 9 03:25:31 ArkNodeAT sshd\[22167\]: Invalid user test6 from 210.120.112.18 Sep 9 03:25:31 ArkNodeAT sshd\[22167\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.120.112.18 Sep 9 03:25:33 ArkNodeAT sshd\[22167\]: Failed password for invalid user test6 from 210.120.112.18 port 43430 ssh2	2019-09-09 09:35:59
133.130.99.77	attackspambots	Sep 9 02:33:20 s64-1 sshd[22303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.130.99.77 Sep 9 02:33:21 s64-1 sshd[22303]: Failed password for invalid user web from 133.130.99.77 port 49210 ssh2 Sep 9 02:39:30 s64-1 sshd[22401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.130.99.77 ...	2019-09-09 08:57:01
106.87.49.218	attackspambots	Sep 8 22:29:09 pkdns2 sshd\[58837\]: Invalid user admin from 106.87.49.218Sep 8 22:29:11 pkdns2 sshd\[58837\]: Failed password for invalid user admin from 106.87.49.218 port 42944 ssh2Sep 8 22:29:13 pkdns2 sshd\[58837\]: Failed password for invalid user admin from 106.87.49.218 port 42944 ssh2Sep 8 22:29:15 pkdns2 sshd\[58837\]: Failed password for invalid user admin from 106.87.49.218 port 42944 ssh2Sep 8 22:29:17 pkdns2 sshd\[58837\]: Failed password for invalid user admin from 106.87.49.218 port 42944 ssh2Sep 8 22:29:20 pkdns2 sshd\[58837\]: Failed password for invalid user admin from 106.87.49.218 port 42944 ssh2 ...	2019-09-09 09:00:15
37.79.254.216	attack	2019-09-09T00:43:32.315622abusebot-6.cloudsearch.cf sshd\[2731\]: Invalid user teamspeak@123 from 37.79.254.216 port 33832	2019-09-09 08:46:02
76.10.128.88	attack	Sep 8 15:31:33 hiderm sshd\[19772\]: Invalid user admin1 from 76.10.128.88 Sep 8 15:31:33 hiderm sshd\[19772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76-10-128-88.dsl.teksavvy.com Sep 8 15:31:35 hiderm sshd\[19772\]: Failed password for invalid user admin1 from 76.10.128.88 port 47448 ssh2 Sep 8 15:37:27 hiderm sshd\[20377\]: Invalid user upload from 76.10.128.88 Sep 8 15:37:27 hiderm sshd\[20377\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76-10-128-88.dsl.teksavvy.com	2019-09-09 09:42:49
153.35.123.27	attack	Sep 9 03:05:52 host sshd\[48105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.35.123.27 user=root Sep 9 03:05:54 host sshd\[48105\]: Failed password for root from 153.35.123.27 port 38278 ssh2 ...	2019-09-09 09:09:45
45.136.109.34	attackbots	09/08/2019-19:39:50.909025 45.136.109.34 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-09 09:07:51
111.39.27.219	attackspam	Sep 9 02:23:06 ncomp postfix/smtpd[3722]: warning: unknown[111.39.27.219]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 02:23:21 ncomp postfix/smtpd[3722]: warning: unknown[111.39.27.219]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 02:23:36 ncomp postfix/smtpd[3722]: warning: unknown[111.39.27.219]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-09-09 09:10:28
41.39.77.233	attackspam	445/tcp 445/tcp 445/tcp [2019-08-27/09-08]3pkt	2019-09-09 09:41:14
185.86.180.171	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-07-09/09-08]13pkt,1pt.(tcp)	2019-09-09 09:01:03
150.117.94.110	attackspambots	23/tcp 23/tcp 23/tcp... [2019-07-09/09-08]4pkt,1pt.(tcp)	2019-09-09 09:18:35

最近上报的IP列表

98.203.228.84	12.233.100.109	249.67.192.94	169.93.63.58
93.200.136.127	212.32.13.65	104.168.211.253	204.13.187.92
151.53.184.181	199.9.130.155	101.33.137.130	73.3.158.67
44.211.227.91	43.78.2.5	118.2.225.32	24.65.12.142
53.1.188.196	191.129.249.245	180.248.120.10	89.248.174.206