116.239.106.19

Basic Info

City: Shanghai

Region: Shanghai

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 25 15:17:16 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:17 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:17 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:17 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:18 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:18 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:18 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:19 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:19 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:19 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:20 eola postfix/smtpd[3621]:........ -------------------------------	2019-11-28 03:31:05

Type

Details

Datetime

attack

Nov 25 15:17:16 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:17 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19]
Nov 25 15:17:17 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2
Nov 25 15:17:17 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:18 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19]
Nov 25 15:17:18 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2
Nov 25 15:17:18 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:19 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19]
Nov 25 15:17:19 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2
Nov 25 15:17:19 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:20 eola postfix/smtpd[3621]:........
-------------------------------

2019-11-28 03:31:05

Comments on same subnet:

IP	Type	Details	Datetime
116.239.106.193	attackbotsspam	Dec 10 19:17:14 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:15 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:16 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:18 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:19 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:20 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:21 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication fa ...	2019-12-11 02:34:07
116.239.106.21	attackspam	Nov 30 21:57:21 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:21 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:21 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:22 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:22 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:22 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:23 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:23 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:23 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:23 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:25 eola postfix/sm........ -------------------------------	2019-12-01 14:23:56
116.239.106.239	attack	Nov 30 09:26:53 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:53 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:53 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:53 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:54 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:54 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:54 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:55 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:55 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:55 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:56 eola ........ -------------------------------	2019-11-30 23:25:11
116.239.106.108	attackspam	Blocked 116.239.106.108 For sending bad password count 8 tried : support & support & support & support & support@ & support@ & support@ & support@	2019-11-27 20:41:32
116.239.106.91	attackspam	Nov 26 01:17:32 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:33 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:33 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:34 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:34 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:34 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:34 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:36 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/sm........ -------------------------------	2019-11-26 19:41:45
116.239.106.46	attack	Nov 24 21:05:43 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:43 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:43 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:43 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:45 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:45 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:45 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:46 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:46 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:47 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:47 eola postfix/sm........ -------------------------------	2019-11-26 09:16:45
116.239.106.35	attackspambots	SSH invalid-user multiple login try	2019-09-02 20:33:07
116.239.106.127	attackbots	Aug 31 17:25:30 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:31 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:31 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:31 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:32 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:32 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:32 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:33 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:33 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:33 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:34 eola ........ -------------------------------	2019-09-01 11:14:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.239.106.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4576
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.239.106.19.			IN	A

;; AUTHORITY SECTION:
.			509	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112701 1800 900 604800 86400

;; Query time: 774 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 28 03:31:02 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 19.106.239.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.106.239.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.211.27.10	attack	[ssh] SSH attack	2019-08-06 10:04:22
49.207.180.197	attackbots	Aug 5 21:52:15 plusreed sshd[21459]: Invalid user rakhi from 49.207.180.197 ...	2019-08-06 10:03:30
42.159.89.4	attackbotsspam	Aug 6 02:21:49 mail sshd\[24619\]: Failed password for invalid user applprod from 42.159.89.4 port 52270 ssh2 Aug 6 02:37:17 mail sshd\[24817\]: Invalid user rian from 42.159.89.4 port 57498 Aug 6 02:37:17 mail sshd\[24817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.89.4 ...	2019-08-06 09:44:04
183.150.0.132	attackbots	account brute force by foreign IP	2019-08-06 10:34:05
167.99.194.54	attackspambots	Aug 6 04:06:45 vmd17057 sshd\[7898\]: Invalid user alejandra from 167.99.194.54 port 48806 Aug 6 04:06:45 vmd17057 sshd\[7898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.194.54 Aug 6 04:06:48 vmd17057 sshd\[7898\]: Failed password for invalid user alejandra from 167.99.194.54 port 48806 ssh2 ...	2019-08-06 10:21:33
223.242.247.121	attackspam	account brute force by foreign IP	2019-08-06 10:36:14
180.97.145.58	attack	account brute force by foreign IP	2019-08-06 10:27:48
160.179.249.212	attackbotsspam	2019-08-02T19:03:12.664542wiz-ks3 sshd[16557]: Invalid user ubnt from 160.179.249.212 port 2322 2019-08-02T19:03:12.796951wiz-ks3 sshd[16557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.179.249.212 2019-08-02T19:03:12.664542wiz-ks3 sshd[16557]: Invalid user ubnt from 160.179.249.212 port 2322 2019-08-02T19:03:14.445373wiz-ks3 sshd[16557]: Failed password for invalid user ubnt from 160.179.249.212 port 2322 ssh2 2019-08-02T19:03:12.796951wiz-ks3 sshd[16557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.179.249.212 2019-08-02T19:03:12.664542wiz-ks3 sshd[16557]: Invalid user ubnt from 160.179.249.212 port 2322 2019-08-02T19:03:14.445373wiz-ks3 sshd[16557]: Failed password for invalid user ubnt from 160.179.249.212 port 2322 ssh2 2019-08-02T19:03:15.343153wiz-ks3 sshd[16559]: Invalid user admin from 160.179.249.212 port 31343 2019-08-02T19:03:15.469821wiz-ks3 sshd[16559]: pam_unix(sshd:auth): authentication failure; lo	2019-08-06 10:04:03
202.45.147.17	attackbotsspam	Aug 6 03:32:18 legacy sshd[17415]: Failed password for root from 202.45.147.17 port 53046 ssh2 Aug 6 03:36:54 legacy sshd[17503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.45.147.17 Aug 6 03:36:57 legacy sshd[17503]: Failed password for invalid user dev from 202.45.147.17 port 50168 ssh2 ...	2019-08-06 09:54:15
159.89.229.244	attackspam	Aug 6 03:53:42 SilenceServices sshd[5618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.229.244 Aug 6 03:53:44 SilenceServices sshd[5618]: Failed password for invalid user lw from 159.89.229.244 port 42104 ssh2 Aug 6 03:57:31 SilenceServices sshd[8644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.229.244	2019-08-06 10:06:16
180.76.15.32	attackbotsspam	Automatic report - Banned IP Access	2019-08-06 10:24:47
213.183.101.89	attackbotsspam	Aug 6 03:32:25 lnxweb61 sshd[455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.183.101.89 Aug 6 03:32:26 lnxweb61 sshd[455]: Failed password for invalid user ana from 213.183.101.89 port 34306 ssh2 Aug 6 03:37:12 lnxweb61 sshd[4711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.183.101.89	2019-08-06 09:46:46
185.143.221.104	attack	Port scan: Attacks repeated for a week	2019-08-06 10:19:26
178.140.194.209	attackspam	2019-07-29T10:48:04.248478wiz-ks3 sshd[18122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=broadband-178-140-194-209.ip.moscow.rt.ru user=root 2019-07-29T10:48:05.980798wiz-ks3 sshd[18122]: Failed password for root from 178.140.194.209 port 51164 ssh2 2019-07-29T10:48:08.394033wiz-ks3 sshd[18122]: Failed password for root from 178.140.194.209 port 51164 ssh2 2019-07-29T10:48:04.248478wiz-ks3 sshd[18122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=broadband-178-140-194-209.ip.moscow.rt.ru user=root 2019-07-29T10:48:05.980798wiz-ks3 sshd[18122]: Failed password for root from 178.140.194.209 port 51164 ssh2 2019-07-29T10:48:08.394033wiz-ks3 sshd[18122]: Failed password for root from 178.140.194.209 port 51164 ssh2 2019-07-29T10:48:04.248478wiz-ks3 sshd[18122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=broadband-178-140-194-209.ip.moscow.rt.ru user=root 2019-07-29T10:48:05.9807	2019-08-06 09:42:55
175.126.163.116	attackspam	2019-08-03T13:42:10.806447wiz-ks3 sshd[13038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.126.163.116 user=root 2019-08-03T13:42:12.667278wiz-ks3 sshd[13038]: Failed password for root from 175.126.163.116 port 55706 ssh2 2019-08-03T13:42:14.619441wiz-ks3 sshd[13040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.126.163.116 user=root 2019-08-03T13:42:16.028750wiz-ks3 sshd[13040]: Failed password for root from 175.126.163.116 port 56618 ssh2 2019-08-03T13:42:18.362222wiz-ks3 sshd[13042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.126.163.116 user=root 2019-08-03T13:42:20.323208wiz-ks3 sshd[13042]: Failed password for root from 175.126.163.116 port 57386 ssh2 2019-08-03T13:42:22.717106wiz-ks3 sshd[13044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.126.163.116 user=root 2019-08-03T13:42:24.893849wiz-ks3 sshd[13044]: Fa	2019-08-06 09:45:40

Recently Reported IPs

221.157.92.194	45.5.97.99	145.2.36.153	219.175.241.179
110.179.86.206	113.187.115.63	37.0.247.29	92.108.221.26
85.158.185.179	106.13.234.197	219.25.81.50	64.120.2.176
126.204.58.72	80.237.33.119	139.224.168.145	65.183.160.192
165.129.54.65	182.236.30.193	156.96.56.162	219.76.222.98