180.121.138.106

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	2019-06-28T20:15:26.342541 X postfix/smtpd[18407]: warning: unknown[180.121.138.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-28T21:40:22.134373 X postfix/smtpd[30215]: warning: unknown[180.121.138.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-29T01:13:53.347544 X postfix/smtpd[5015]: warning: unknown[180.121.138.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-29 12:45:41

类型

评论内容

时间

attackbots

2019-06-28T20:15:26.342541 X postfix/smtpd[18407]: warning: unknown[180.121.138.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2019-06-28T21:40:22.134373 X postfix/smtpd[30215]: warning: unknown[180.121.138.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2019-06-29T01:13:53.347544 X postfix/smtpd[5015]: warning: unknown[180.121.138.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

2019-06-29 12:45:41

相同子网IP讨论:

IP	类型	评论内容	时间
180.121.138.49	attack	Mar 13 18:58:20 mailman postfix/smtpd[23906]: warning: unknown[180.121.138.49]: SASL LOGIN authentication failed: authentication failure	2020-03-14 08:20:47
180.121.138.75	attackspambots	2019-06-29T10:23:39.499915 X postfix/smtpd[21268]: warning: unknown[180.121.138.75]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-29T10:25:36.244560 X postfix/smtpd[21370]: warning: unknown[180.121.138.75]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-29T10:31:15.282042 X postfix/smtpd[22857]: warning: unknown[180.121.138.75]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-29 23:06:35
180.121.138.122	attack	2019-06-24T22:35:09.094543 X postfix/smtpd[980]: warning: unknown[180.121.138.122]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T00:01:46.141725 X postfix/smtpd[12155]: warning: unknown[180.121.138.122]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T00:02:00.400460 X postfix/smtpd[12155]: warning: unknown[180.121.138.122]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-25 11:56:40
180.121.138.188	attackbots	2019-06-22T06:34:01.146275 X postfix/smtpd[34046]: warning: unknown[180.121.138.188]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-22T06:34:27.149178 X postfix/smtpd[34046]: warning: unknown[180.121.138.188]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-22T06:35:36.238352 X postfix/smtpd[34059]: warning: unknown[180.121.138.188]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-22 14:45:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.121.138.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58519
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.121.138.106.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 29 12:45:30 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 106.138.121.180.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 106.138.121.180.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
46.105.209.45	attack	Dec 17 17:29:10 mail postfix/smtpd[7307]: warning: ip45.ip-46-105-209.eu[46.105.209.45]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 17:29:10 mail postfix/smtpd[8747]: warning: ip45.ip-46-105-209.eu[46.105.209.45]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 17:29:10 mail postfix/smtpd[8748]: warning: ip45.ip-46-105-209.eu[46.105.209.45]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 17:29:10 mail postfix/smtpd[8745]: warning: ip45.ip-46-105-209.eu[46.105.209.45]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 17:29:10 mail postfix/smtpd[7375]: warning: ip45.ip-46-105-209.eu[46.105.209.45]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 17:29:10 mail postfix/smtpd[8760]: warning: ip45.ip-46-105-209.eu[46.105.209.45]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-12-18 00:50:01
103.61.37.231	attackbotsspam	Dec 17 17:32:48 minden010 sshd[23804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.61.37.231 Dec 17 17:32:51 minden010 sshd[23804]: Failed password for invalid user biogene from 103.61.37.231 port 50760 ssh2 Dec 17 17:38:43 minden010 sshd[25975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.61.37.231 ...	2019-12-18 00:55:41
77.247.109.63	attackspam	\[2019-12-17 11:57:12\] NOTICE\[2839\] chan_sip.c: Registration from '393 \' failed for '77.247.109.63:5060' - Wrong password \[2019-12-17 11:57:12\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-17T11:57:12.812-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="393",SessionID="0x7f0fb4121288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.109.63/5060",Challenge="7fa8517b",ReceivedChallenge="7fa8517b",ReceivedHash="4255023eef1b696ffbc98ce00179472e" \[2019-12-17 11:57:14\] NOTICE\[2839\] chan_sip.c: Registration from '392 \' failed for '77.247.109.63:5060' - Wrong password \[2019-12-17 11:57:14\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-17T11:57:14.429-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="392",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.1	2019-12-18 00:58:47
103.242.116.210	attackspambots	Dec 17 15:24:45 grey postfix/smtpd\[15453\]: NOQUEUE: reject: RCPT from stroke.pahlupi.com\[103.242.116.210\]: 554 5.7.1 Service unavailable\; Client host \[103.242.116.210\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[103.242.116.210\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-18 00:52:58
104.248.4.117	attack	Dec 17 06:38:18 web9 sshd\[15069\]: Invalid user britta from 104.248.4.117 Dec 17 06:38:18 web9 sshd\[15069\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.4.117 Dec 17 06:38:21 web9 sshd\[15069\]: Failed password for invalid user britta from 104.248.4.117 port 43120 ssh2 Dec 17 06:43:43 web9 sshd\[15888\]: Invalid user settle from 104.248.4.117 Dec 17 06:43:43 web9 sshd\[15888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.4.117	2019-12-18 00:45:57
40.92.10.76	attack	Dec 17 19:28:05 debian-2gb-vpn-nbg1-1 kernel: [978451.522610] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.10.76 DST=78.46.192.101 LEN=48 TOS=0x00 PREC=0x00 TTL=105 ID=32217 DF PROTO=TCP SPT=62689 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-18 00:47:15
121.134.159.21	attack	$f2bV_matches	2019-12-18 00:51:23
78.47.19.206	attack	Dec 17 16:54:42 pi sshd\[32115\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.47.19.206 Dec 17 16:54:44 pi sshd\[32115\]: Failed password for invalid user brass from 78.47.19.206 port 56590 ssh2 Dec 17 17:00:20 pi sshd\[32372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.47.19.206 user=root Dec 17 17:00:22 pi sshd\[32372\]: Failed password for root from 78.47.19.206 port 39326 ssh2 Dec 17 17:05:44 pi sshd\[32634\]: Invalid user bertuccelli from 78.47.19.206 port 49574 ...	2019-12-18 01:28:56
87.246.7.34	attackbotsspam	Dec 17 18:09:23 webserver postfix/smtpd\[15856\]: warning: unknown\[87.246.7.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 18:09:39 webserver postfix/smtpd\[15856\]: warning: unknown\[87.246.7.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 18:10:10 webserver postfix/smtpd\[15856\]: warning: unknown\[87.246.7.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 18:10:41 webserver postfix/smtpd\[15856\]: warning: unknown\[87.246.7.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 18:11:13 webserver postfix/smtpd\[15856\]: warning: unknown\[87.246.7.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-18 01:20:29
94.181.94.12	attackspam	Dec 17 05:05:47 web9 sshd\[32576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.181.94.12 user=root Dec 17 05:05:49 web9 sshd\[32576\]: Failed password for root from 94.181.94.12 port 59328 ssh2 Dec 17 05:11:35 web9 sshd\[1155\]: Invalid user quagga from 94.181.94.12 Dec 17 05:11:35 web9 sshd\[1155\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.181.94.12 Dec 17 05:11:37 web9 sshd\[1155\]: Failed password for invalid user quagga from 94.181.94.12 port 39398 ssh2	2019-12-18 01:28:29
185.47.187.180	attack	Dec 17 17:31:31 nextcloud sshd\[18124\]: Invalid user passwd12345 from 185.47.187.180 Dec 17 17:31:31 nextcloud sshd\[18124\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.47.187.180 Dec 17 17:31:33 nextcloud sshd\[18124\]: Failed password for invalid user passwd12345 from 185.47.187.180 port 47762 ssh2 ...	2019-12-18 01:19:19
163.172.60.213	attackspam	wp-login.php	2019-12-18 00:56:50
189.59.110.124	attackspam	Dec 17 13:42:36 server sshd\[5948\]: Failed password for invalid user ftpuser from 189.59.110.124 port 59710 ssh2 Dec 17 19:54:22 server sshd\[13550\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.59.110.124.dynamic.adsl.gvt.net.br user=root Dec 17 19:54:23 server sshd\[13550\]: Failed password for root from 189.59.110.124 port 36805 ssh2 Dec 17 20:03:40 server sshd\[15945\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.59.110.124.dynamic.adsl.gvt.net.br user=root Dec 17 20:03:47 server sshd\[15945\]: Failed password for root from 189.59.110.124 port 42137 ssh2 ...	2019-12-18 01:10:29
125.227.130.5	attackbotsspam	$f2bV_matches	2019-12-18 01:11:38
129.226.67.209	attack	RDP brute forcing (d)	2019-12-18 01:07:28

最近上报的IP列表

51.75.25.150	1.46.64.83	123.204.135.224	223.240.211.156
1.56.27.89	59.168.52.190	218.166.138.215	177.44.17.182
111.179.199.113	36.230.148.46	86.98.75.19	191.53.197.103
114.38.130.133	134.132.75.159	108.61.204.172	136.182.229.213
198.211.120.234	146.69.33.89	38.183.244.222	85.255.201.236