217.112.142.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hungary

运营商(isp): 23VNet Kft.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jun 5 05:54:02 mail.srvfarm.net postfix/smtpd[2919893]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 5 05:54:05 mail.srvfarm.net postfix/smtpd[2917238]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 5 05:54:08 mail.srvfarm.net postfix/smtpd[2917165]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 5 05:57:59 mail.srvfarm.net postfix/smtpd[2919892]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]	2020-06-05 16:38:00
attackspambots	May 20 17:54:22 mail.srvfarm.net postfix/smtpd[1511169]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= May 20 17:55:22 mail.srvfarm.net postfix/smtpd[1512841]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= May 20 17:55:29 mail.srvfarm.net postfix/smtpd[1514146]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= May 20 17:59:18 mail.srvfarm.net postfix/smtpd[1512839]: NOQUEUE: reject: RCPT from unknown[217.	2020-05-21 00:50:37
attackspam	Mar 19 05:45:38 mail.srvfarm.net postfix/smtpd[1960991]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 19 05:45:52 mail.srvfarm.net postfix/smtpd[1957494]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 19 05:46:26 mail.srvfarm.net postfix/smtpd[1942653]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 19 05:47:18 mail.srvfarm.net postfix/smtpd[1942653]: NOQUEUE: reject: RCPT from unknown[217.112.142.148]: 450 4	2020-03-19 18:37:33
attack	Lines containing failures of 217.112.142.148 Jan 1 15:26:42 shared01 postfix/smtpd[22527]: connect from accept.yobaat.com[217.112.142.148] Jan 1 15:26:42 shared01 policyd-spf[24105]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=217.112.142.148; helo=accept.moveincool.com; envelope-from=x@x Jan x@x Jan 1 15:26:42 shared01 postfix/smtpd[22527]: disconnect from accept.yobaat.com[217.112.142.148] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Jan 1 15:28:52 shared01 postfix/smtpd[21352]: connect from accept.yobaat.com[217.112.142.148] Jan 1 15:28:52 shared01 policyd-spf[24160]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=217.112.142.148; helo=accept.moveincool.com; envelope-from=x@x Jan x@x Jan 1 15:28:52 shared01 postfix/smtpd[21352]: disconnect from accept.yobaat.com[217.112.142.148] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Jan 1 15:29:15 shared01 postfix/smtpd[21352]: connect from ........ ------------------------------	2020-01-02 02:45:46
attackbots	Dec 17 01:20:30 web01 postfix/smtpd[27564]: connect from accept.yobaat.com[217.112.142.148] Dec 17 01:20:30 web01 policyd-spf[28242]: None; identhostnamey=helo; client-ip=217.112.142.148; helo=accept.noinsectssk1.com; envelope-from=x@x Dec 17 01:20:30 web01 policyd-spf[28242]: Pass; identhostnamey=mailfrom; client-ip=217.112.142.148; helo=accept.noinsectssk1.com; envelope-from=x@x Dec x@x Dec 17 01:20:30 web01 postfix/smtpd[27564]: disconnect from accept.yobaat.com[217.112.142.148] Dec 17 01:23:08 web01 postfix/smtpd[28598]: connect from accept.yobaat.com[217.112.142.148] Dec 17 01:23:08 web01 policyd-spf[28670]: None; identhostnamey=helo; client-ip=217.112.142.148; helo=accept.noinsectssk1.com; envelope-from=x@x Dec 17 01:23:08 web01 policyd-spf[28670]: Pass; identhostnamey=mailfrom; client-ip=217.112.142.148; helo=accept.noinsectssk1.com; envelope-from=x@x Dec x@x Dec 17 01:23:09 web01 postfix/smtpd[28598]: disconnect from accept.yobaat.com[217.112.142.148] Dec 17 01:........ -------------------------------	2019-12-22 17:54:38

相同子网IP讨论:

IP	类型	评论内容	时间
217.112.142.211	attackbotsspam	E-Mail Spam (RBL) [REJECTED]	2020-10-02 03:09:40
217.112.142.211	attackspam	E-Mail Spam (RBL) [REJECTED]	2020-10-01 19:21:08
217.112.142.252	attack	Email Spam	2020-09-30 09:54:47
217.112.142.252	attackspambots	Email Spam	2020-09-30 02:47:26
217.112.142.252	attack	E-Mail Spam (RBL) [REJECTED]	2020-09-29 18:50:37
217.112.142.227	attackspambots	E-Mail Spam (RBL) [REJECTED]	2020-09-28 04:02:01
217.112.142.227	attack	E-Mail Spam (RBL) [REJECTED]	2020-09-27 20:19:23
217.112.142.231	attackbotsspam	E-Mail Spam (RBL) [REJECTED]	2020-09-27 03:54:08
217.112.142.231	attack	E-Mail Spam (RBL) [REJECTED]	2020-09-26 19:56:08
217.112.142.97	attack	2020-09-10 1kGRvY-0000PW-Fg H=righteous.yarkaci.com \(righteous.hrajplus.com\) \[217.112.142.97\] rejected REMOVED : REJECTED - You seem to be a spammer! 2020-09-11 1kGleA-0002Z6-4n H=righteous.yarkaci.com \(righteous.hrajplus.com\) \[217.112.142.97\] rejected REMOVED : REJECTED - You seem to be a spammer! 2020-09-11 H=righteous.yarkaci.com \(righteous.hrajplus.com\) \[217.112.142.97\] F=\ rejected RCPT \: Mail not accepted. 217.112.142.97 is listed at a DNSBL.	2020-09-13 03:11:51
217.112.142.97	attackbotsspam	2020-09-10 1kGRvY-0000PW-Fg H=righteous.yarkaci.com \(righteous.hrajplus.com\) \[217.112.142.97\] rejected REMOVED : REJECTED - You seem to be a spammer! 2020-09-11 1kGleA-0002Z6-4n H=righteous.yarkaci.com \(righteous.hrajplus.com\) \[217.112.142.97\] rejected REMOVED : REJECTED - You seem to be a spammer! 2020-09-11 H=righteous.yarkaci.com \(righteous.hrajplus.com\) \[217.112.142.97\] F=\ rejected RCPT \: Mail not accepted. 217.112.142.97 is listed at a DNSBL.	2020-09-12 19:17:51
217.112.142.68	attackbots	E-Mail Spam (RBL) [REJECTED]	2020-08-31 02:46:14
217.112.142.22	attackspam	E-Mail Spam (RBL) [REJECTED]	2020-08-29 12:58:28
217.112.142.153	attackspambots	Postfix attempt blocked due to public blacklist entry	2020-08-28 23:05:09
217.112.142.221	attackbotsspam	Postfix attempt blocked due to public blacklist entry	2020-08-28 04:58:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 217.112.142.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29779
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;217.112.142.148.		IN	A

;; AUTHORITY SECTION:
.			254	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122200 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 22 17:54:34 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

148.142.112.217.in-addr.arpa domain name pointer accept.yobaat.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.142.112.217.in-addr.arpa	name = accept.yobaat.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
23.94.167.109	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-04 23:56:49
105.184.196.48	attack	[portscan] tcp/23 [TELNET] *(RWIN=35735)(08041230)	2019-08-04 23:05:31
212.34.125.166	attackspambots	[portscan] tcp/23 [TELNET] *(RWIN=14600)(08041230)	2019-08-04 23:18:51
23.94.112.61	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-04 23:57:38
222.186.174.96	attackbots	[portscan] tcp/22 [SSH] *(RWIN=16384)(08041230)	2019-08-04 23:17:08
41.220.162.71	attack	SMB Server BruteForce Attack	2019-08-04 23:52:48
104.152.52.5	attack	[MultiHost/MultiPort scan (19)] tcp/106, tcp/110, tcp/111, tcp/113, tcp/119, tcp/135, tcp/139, tcp/1433, tcp/21, tcp/22, tcp/23, tcp/26, tcp/3306, tcp/37, tcp/445, tcp/5060, tcp/554, tcp/79, tcp/88 [scan/connect: 38 time(s)] *(RWIN=14600)(08041230)	2019-08-04 23:39:02
45.160.179.224	attackbotsspam	[portscan] tcp/23 [TELNET] *(RWIN=48887)(08041230)	2019-08-04 23:49:40
74.197.156.227	attackspam	[portscan] tcp/23 [TELNET] *(RWIN=24259)(08041230)	2019-08-04 23:08:27
113.116.16.132	attackspambots	[portscan] tcp/23 [TELNET] *(RWIN=18036)(08041230)	2019-08-04 23:03:44
46.249.109.124	attackbotsspam	firewall-block, port(s): 445/tcp	2019-08-04 23:11:17
124.251.60.84	attackspambots	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-04 23:01:37
121.156.143.184	attack	[portscan] tcp/23 [TELNET] *(RWIN=14129)(08041230)	2019-08-04 23:33:36
187.120.114.100	attackspambots	DATE:2019-08-04 14:04:49, IP:187.120.114.100, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis)	2019-08-05 00:04:37
42.235.174.53	attackspam	[portscan] tcp/23 [TELNET] *(RWIN=64394)(08041230)	2019-08-04 23:51:36

最近上报的IP列表

95.211.203.160	175.5.119.214	68.202.117.16	106.54.127.159
45.39.165.180	25.248.138.0	83.112.230.237	84.209.32.6
201.72.241.134	59.165.87.60	26.148.227.6	146.45.225.50
197.169.148.24	144.229.80.82	16.151.87.247	192.235.250.59
214.204.125.20	91.223.46.251	114.219.68.244	100.48.156.116