217.68.214.235

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Turkey

运营商(isp): Garanti Bilisim Teknolojisi ve Ticaret T.A.S.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:16:06

相同子网IP讨论:

IP	类型	评论内容	时间
217.68.214.18	attackbots	slow and persistent scanner	2019-10-29 19:40:31
217.68.214.182	attackbotsspam	slow and persistent scanner	2019-10-29 18:24:49
217.68.214.14	attackbots	slow and persistent scanner	2019-10-29 04:11:53
217.68.214.155	attack	slow and persistent scanner	2019-10-29 03:34:59
217.68.214.169	attack	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:32:25
217.68.214.173	attackspambots	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:32:08
217.68.214.176	attackspambots	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:31:41
217.68.214.177	attackbotsspam	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:31:27
217.68.214.18	attackspam	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:29:35
217.68.214.180	attackspam	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:29:15
217.68.214.182	attackspambots	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:28:42
217.68.214.185	attackbots	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:28:23
217.68.214.188	attack	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:27:04
217.68.214.190	attackspam	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:26:47
217.68.214.193	attackbotsspam	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 04:26:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 217.68.214.235
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6743
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;217.68.214.235.			IN	A

;; AUTHORITY SECTION:
.			559	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102701 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 28 04:16:03 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

235.214.68.217.in-addr.arpa domain name pointer notused.garantiteknoloji.com.tr.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
235.214.68.217.in-addr.arpa	name = notused.garantiteknoloji.com.tr.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
92.246.76.193	attackspam	Dec 6 01:36:44 h2177944 kernel: \[8467781.568737\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.246.76.193 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=9669 PROTO=TCP SPT=57066 DPT=15905 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 6 01:51:08 h2177944 kernel: \[8468645.586197\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.246.76.193 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=37805 PROTO=TCP SPT=57066 DPT=15848 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 6 01:59:31 h2177944 kernel: \[8469148.729968\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.246.76.193 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=43341 PROTO=TCP SPT=57066 DPT=15915 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 6 02:03:20 h2177944 kernel: \[8469376.797822\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.246.76.193 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=35751 PROTO=TCP SPT=57066 DPT=15900 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 6 02:27:27 h2177944 kernel: \[8470823.530689\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.246.76.193 DST=85.214.11	2019-12-06 09:43:57
103.63.109.74	attackspam	Dec 5 20:01:38 XXX sshd[22281]: Invalid user squid from 103.63.109.74 port 53358	2019-12-06 10:05:38
27.254.90.106	attackspam	Dec 5 15:24:13 wbs sshd\[28952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.90.106 user=root Dec 5 15:24:16 wbs sshd\[28952\]: Failed password for root from 27.254.90.106 port 55808 ssh2 Dec 5 15:31:14 wbs sshd\[29605\]: Invalid user abby from 27.254.90.106 Dec 5 15:31:14 wbs sshd\[29605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.90.106 Dec 5 15:31:16 wbs sshd\[29605\]: Failed password for invalid user abby from 27.254.90.106 port 32788 ssh2	2019-12-06 09:36:47
178.128.222.84	attack	Dec 5 22:44:51 firewall sshd[18054]: Invalid user root6666 from 178.128.222.84 Dec 5 22:44:53 firewall sshd[18054]: Failed password for invalid user root6666 from 178.128.222.84 port 41484 ssh2 Dec 5 22:51:39 firewall sshd[18300]: Invalid user news7777 from 178.128.222.84 ...	2019-12-06 09:58:48
149.56.46.220	attack	$f2bV_matches	2019-12-06 10:06:52
122.114.155.196	attackspambots	2019-12-06T04:59:59.940204abusebot.cloudsearch.cf sshd\[2894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.155.196 user=root	2019-12-06 13:01:23
183.150.250.45	attack	WordPress brute force	2019-12-06 09:50:49
185.153.196.97	attack	firewall-block, port(s): 2375/tcp, 8088/tcp	2019-12-06 09:52:09
191.31.77.51	attackbotsspam	Automatic report - Port Scan Attack	2019-12-06 10:01:51
37.57.90.48	attack	firewall-block, port(s): 23/tcp	2019-12-06 13:00:29
106.12.111.201	attack	Dec 6 01:33:05 pi sshd\[15314\]: Failed password for invalid user server from 106.12.111.201 port 49142 ssh2 Dec 6 01:40:16 pi sshd\[15741\]: Invalid user skard from 106.12.111.201 port 55702 Dec 6 01:40:16 pi sshd\[15741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.111.201 Dec 6 01:40:19 pi sshd\[15741\]: Failed password for invalid user skard from 106.12.111.201 port 55702 ssh2 Dec 6 01:47:30 pi sshd\[16064\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.111.201 user=root ...	2019-12-06 10:01:31
62.234.154.64	attack	Dec 6 02:38:21 localhost sshd\[12544\]: Invalid user miro from 62.234.154.64 Dec 6 02:38:21 localhost sshd\[12544\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.154.64 Dec 6 02:38:23 localhost sshd\[12544\]: Failed password for invalid user miro from 62.234.154.64 port 33976 ssh2 Dec 6 02:44:26 localhost sshd\[12842\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.154.64 user=www-data Dec 6 02:44:28 localhost sshd\[12842\]: Failed password for www-data from 62.234.154.64 port 33456 ssh2 ...	2019-12-06 09:47:31
190.145.160.68	attackbots	Unauthorized connection attempt from IP address 190.145.160.68 on Port 445(SMB)	2019-12-06 09:38:08
80.211.205.227	attackspam	Lines containing failures of 80.211.205.227 Dec 4 06:36:33 shared05 sshd[370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.205.227 user=r.r Dec 4 06:36:35 shared05 sshd[370]: Failed password for r.r from 80.211.205.227 port 57186 ssh2 Dec 4 06:36:35 shared05 sshd[370]: Received disconnect from 80.211.205.227 port 57186:11: Bye Bye [preauth] Dec 4 06:36:35 shared05 sshd[370]: Disconnected from authenticating user r.r 80.211.205.227 port 57186 [preauth] Dec 4 06:55:53 shared05 sshd[7540]: Invalid user admin from 80.211.205.227 port 40748 Dec 4 06:55:53 shared05 sshd[7540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.205.227 Dec 4 06:55:55 shared05 sshd[7540]: Failed password for invalid user admin from 80.211.205.227 port 40748 ssh2 Dec 4 06:55:55 shared05 sshd[7540]: Received disconnect from 80.211.205.227 port 40748:11: Bye Bye [preauth] Dec 4 06:55:55 shared05........ ------------------------------	2019-12-06 10:11:19
200.69.250.253	attackbots	Brute-force attempt banned	2019-12-06 10:03:26

最近上报的IP列表

206.16.58.101	217.68.214.229	70.193.109.14	217.68.214.228
169.228.219.142	217.68.214.23	50.63.40.235	209.169.164.218
46.142.162.185	68.35.154.216	52.246.141.199	37.230.137.218
97.55.96.18	44.253.74.143	123.4.3.152	217.68.214.224
46.186.202.117	217.68.214.221	220.151.30.135	84.149.26.175