160.20.109.51 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Turkey

运营商(isp): Verinoks Teknoloji Anonim Sirketi

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Scanning	2019-11-15 23:32:42
attackbots	SASL Brute Force	2019-11-14 15:48:26

相同子网IP讨论:

IP	类型	评论内容	时间
160.20.109.31	attackbots	Nov 14 09:12:38 our-server-hostname postfix/smtpd[12941]: connect from unknown[160.20.109.31] Nov x@x Nov x@x Nov 14 09:12:41 our-server-hostname postfix/smtpd[12941]: 19CA4A4001C: client=unknown[160.20.109.31] Nov 14 09:12:41 our-server-hostname postfix/smtpd[19541]: 90F51A4008E: client=unknown[127.0.0.1], orig_client=unknown[160.20.109.31] Nov 14 09:12:41 our-server-hostname amavis[10108]: (10108-16) Passed CLEAN, [160.20.109.31] [160.20.109.31] , mail_id: KF5nzsuQvkTY, Hhostnames: -, size: 4992, queued_as: 90F51A4008E, 110 ms Nov 14 09:12:46 our-server-hostname postfix/smtpd[7332]: connect from unknown[160.20.109.31] Nov x@x Nov x@x Nov 14 09:12:46 our-server-hostname postfix/smtpd[12941]: AB71CA40042: client=unknown[160.20.109.31] Nov x@x Nov 14 09:12:47 our-server-hostname postfix/smtpd[19702]: 30EECA4008E: client=unknown[127.0.0.1], orig_client=unknown[160.20.109.31] Nov 14 09:12:47 our-server-hostname amavis[19638]: (19638-03) Passed CLEAN, [160.20.109.31] [........ -------------------------------	2019-11-14 08:06:38
160.20.109.73	attackbots	Oct 23 15:16:34 mailman postfix/smtpd[17551]: NOQUEUE: reject: RCPT from unknown[160.20.109.73]: 554 5.7.1 Service unavailable; Client host [160.20.109.73] blocked using bl.fmb.la; Netblock listed in fmb.la level 2; from= to= proto=ESMTP helo= Oct 23 15:16:35 mailman postfix/smtpd[17551]: NOQUEUE: reject: RCPT from unknown[160.20.109.73]: 554 5.7.1 Service unavailable; Client host [160.20.109.73] blocked using bl.fmb.la; Netblock listed in fmb.la level 2; from= to= proto=ESMTP helo=	2019-10-24 05:09:53
160.20.109.63	attackbotsspam	X-Barracuda-Envelope-From: appeal@gravitystem.best X-Barracuda-Effective-Source-IP: UNKNOWN[160.20.109.63] X-Barracuda-Apparent-Source-IP: 160.20.109.63 From: " Troy Harrison" Date: Wed, 23 Oct 2019 06:26:11 -0500	2019-10-23 20:15:03
160.20.109.5	attackbots	X-Barracuda-Connect: hostmaster.hostingdunyam.com.tr[160.20.109.5] X-Barracuda-Start-Time: 1570889939 X-Barracuda-URL: https://172.17.6.40:443/cgi-mod/mark.cgi X-Barracuda-BRTS-Status: 1 X-Barracuda-BRTS-Evidence: baconbrain.icu	2019-10-15 20:21:42
160.20.109.4	attack	Oct 13 00:10:08 our-server-hostname postfix/smtpd[27373]: connect from unknown[160.20.109.4] Oct x@x Oct 13 00:11:09 our-server-hostname postfix/smtpd[27373]: disconnect from unknown[160.20.109.4] Oct 13 00:14:02 our-server-hostname postfix/smtpd[26665]: connect from unknown[160.20.109.4] Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct 13 00:14:09 our-server-hostname postfix/smtpd[26665]: too many errors after DATA from unknown[160.20.109.4] Oct 13 00:14:09 our-server-hostname postfix/smtpd[26665]: disconnect from unknown[160.20.109.4] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=160.20.109.4	2019-10-13 04:55:14
160.20.109.141	attackbotsspam	TCP Port: 25 _ invalid blocked barracudacentral zen-spamhaus _ _ _ _ (774)	2019-08-08 09:42:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 160.20.109.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34409
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;160.20.109.51.			IN	A

;; AUTHORITY SECTION:
.			371	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111400 1800 900 604800 86400

;; Query time: 507 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 14 15:48:22 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

51.109.20.160.in-addr.arpa domain name pointer hostmaster.hostingdunyam.com.tr.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
51.109.20.160.in-addr.arpa	name = hostmaster.hostingdunyam.com.tr.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
178.217.117.154	attackspambots	Autoban 178.217.117.154 AUTH/CONNECT	2020-08-30 03:01:59
14.99.81.218	attack	Aug 29 22:19:14 pkdns2 sshd\[52736\]: Address 14.99.81.218 maps to static-218.81.99.14-tataidc.co.in, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 29 22:19:14 pkdns2 sshd\[52736\]: Invalid user tomcat from 14.99.81.218Aug 29 22:19:15 pkdns2 sshd\[52736\]: Failed password for invalid user tomcat from 14.99.81.218 port 25881 ssh2Aug 29 22:22:35 pkdns2 sshd\[52875\]: Address 14.99.81.218 maps to static-218.81.99.14-tataidc.co.in, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 29 22:22:35 pkdns2 sshd\[52875\]: Invalid user meteor from 14.99.81.218Aug 29 22:22:38 pkdns2 sshd\[52875\]: Failed password for invalid user meteor from 14.99.81.218 port 2013 ssh2 ...	2020-08-30 03:25:17
37.49.225.120	attackspambots	2020-08-29T14:04:15.023089 X postfix/smtpd[29993]: NOQUEUE: reject: RCPT from unknown[37.49.225.120]: 554 5.7.1 Service unavailable; Client host [37.49.225.120] blocked using zen.spamhaus.org; from= to= proto=ESMTP helo=	2020-08-30 03:18:02
157.230.38.102	attackbotsspam	Aug 29 15:50:31 journals sshd\[6725\]: Invalid user lemon from 157.230.38.102 Aug 29 15:50:31 journals sshd\[6725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.38.102 Aug 29 15:50:33 journals sshd\[6725\]: Failed password for invalid user lemon from 157.230.38.102 port 51142 ssh2 Aug 29 15:54:48 journals sshd\[7200\]: Invalid user tu from 157.230.38.102 Aug 29 15:54:48 journals sshd\[7200\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.38.102 ...	2020-08-30 02:55:20
144.217.60.211	attackbotsspam	144.217.60.211 has been banned for [WebApp Attack] ...	2020-08-30 02:59:28
167.71.130.153	attackbots	167.71.130.153 - - [29/Aug/2020:18:43:43 +0200] "POST /wp-login.php HTTP/1.0" 200 4747 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-30 03:26:28
151.80.41.7	attack	151.80.41.7 - - \[29/Aug/2020:17:27:15 +0200\] "POST /wp-login.php HTTP/1.0" 200 5615 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 151.80.41.7 - - \[29/Aug/2020:17:27:16 +0200\] "POST /wp-login.php HTTP/1.0" 200 5435 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 151.80.41.7 - - \[29/Aug/2020:17:27:18 +0200\] "POST /wp-login.php HTTP/1.0" 200 5428 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-08-30 02:56:46
103.99.148.183	attackbots	Port Scan ...	2020-08-30 03:01:26
159.203.74.227	attackspam	32354/tcp 17856/tcp 704/tcp... [2020-06-29/08-29]109pkt,41pt.(tcp)	2020-08-30 03:20:29
122.51.248.76	attack	Aug 29 14:54:26 eventyay sshd[18382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.248.76 Aug 29 14:54:28 eventyay sshd[18382]: Failed password for invalid user test2 from 122.51.248.76 port 36210 ssh2 Aug 29 14:59:42 eventyay sshd[18497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.248.76 ...	2020-08-30 02:51:49
165.227.50.84	attackbotsspam	Invalid user fabian from 165.227.50.84 port 60532	2020-08-30 03:02:54
81.68.169.84	attackbotsspam	2020-08-29T20:22:43+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-08-30 03:04:02
162.243.129.68	attackbots	162.243.129.68 - - [29/Aug/2020:12:04:21 +0000] "GET / HTTP/1.1" 403 154 "-" "Mozilla/5.0 zgrab/0.x"	2020-08-30 03:09:54
51.15.226.137	attack	prod11 ...	2020-08-30 02:52:49
103.145.12.177	attack	[2020-08-29 13:46:16] NOTICE[1185] chan_sip.c: Registration from '"319" ' failed for '103.145.12.177:5310' - Wrong password [2020-08-29 13:46:16] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-29T13:46:16.257-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="319",SessionID="0x7f10c4286a78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.177/5310",Challenge="44879013",ReceivedChallenge="44879013",ReceivedHash="de4838cd7fe3144272e59c7d38e2fa70" [2020-08-29 13:46:16] NOTICE[1185] chan_sip.c: Registration from '"319" ' failed for '103.145.12.177:5310' - Wrong password [2020-08-29 13:46:16] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-29T13:46:16.374-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="319",SessionID="0x7f10c459e698",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.1 ...	2020-08-30 03:15:09

最近上报的IP列表

6.90.134.136	109.66.227.50	241.33.198.212	61.21.201.103
133.29.24.196	90.120.142.165	96.148.41.120	56.11.131.19
174.143.233.42	103.74.72.114	245.56.71.227	60.167.89.126
122.51.83.37	177.52.63.96	175.9.142.56	138.204.148.224
31.155.169.212	114.64.255.207	156.67.250.205	176.79.2.69