116.239.106.19

Basic Info

City: Shanghai

Region: Shanghai

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 25 15:17:16 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:17 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:17 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:17 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:18 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:18 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:18 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:19 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:19 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:19 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:20 eola postfix/smtpd[3621]:........ -------------------------------	2019-11-28 03:31:05

Type

Details

Datetime

attack

Nov 25 15:17:16 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:17 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19]
Nov 25 15:17:17 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2
Nov 25 15:17:17 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:18 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19]
Nov 25 15:17:18 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2
Nov 25 15:17:18 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:19 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19]
Nov 25 15:17:19 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2
Nov 25 15:17:19 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:20 eola postfix/smtpd[3621]:........
-------------------------------

2019-11-28 03:31:05

Comments on same subnet:

IP	Type	Details	Datetime
116.239.106.193	attackbotsspam	Dec 10 19:17:14 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:15 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:16 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:18 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:19 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:20 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:21 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication fa ...	2019-12-11 02:34:07
116.239.106.21	attackspam	Nov 30 21:57:21 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:21 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:21 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:22 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:22 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:22 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:23 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:23 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:23 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:23 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:25 eola postfix/sm........ -------------------------------	2019-12-01 14:23:56
116.239.106.239	attack	Nov 30 09:26:53 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:53 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:53 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:53 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:54 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:54 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:54 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:55 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:55 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:55 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:56 eola ........ -------------------------------	2019-11-30 23:25:11
116.239.106.108	attackspam	Blocked 116.239.106.108 For sending bad password count 8 tried : support & support & support & support & support@ & support@ & support@ & support@	2019-11-27 20:41:32
116.239.106.91	attackspam	Nov 26 01:17:32 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:33 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:33 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:34 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:34 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:34 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:34 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:36 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/sm........ -------------------------------	2019-11-26 19:41:45
116.239.106.46	attack	Nov 24 21:05:43 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:43 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:43 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:43 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:45 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:45 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:45 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:46 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:46 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:47 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:47 eola postfix/sm........ -------------------------------	2019-11-26 09:16:45
116.239.106.35	attackspambots	SSH invalid-user multiple login try	2019-09-02 20:33:07
116.239.106.127	attackbots	Aug 31 17:25:30 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:31 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:31 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:31 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:32 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:32 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:32 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:33 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:33 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:33 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:34 eola ........ -------------------------------	2019-09-01 11:14:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.239.106.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4576
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.239.106.19.			IN	A

;; AUTHORITY SECTION:
.			509	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112701 1800 900 604800 86400

;; Query time: 774 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 28 03:31:02 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 19.106.239.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.106.239.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
60.174.118.123	attackspambots	Chat Spam	2019-10-05 06:22:55
211.253.25.21	attackspam	Oct 4 12:31:15 sachi sshd\[11286\]: Invalid user Wash@123 from 211.253.25.21 Oct 4 12:31:16 sachi sshd\[11286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.253.25.21 Oct 4 12:31:18 sachi sshd\[11286\]: Failed password for invalid user Wash@123 from 211.253.25.21 port 38502 ssh2 Oct 4 12:35:52 sachi sshd\[11671\]: Invalid user 123Leonard from 211.253.25.21 Oct 4 12:35:52 sachi sshd\[11671\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.253.25.21	2019-10-05 06:36:00
51.15.251.56	attackspam	Oct 4 21:37:18 master sshd[11422]: Failed password for invalid user ubnt from 51.15.251.56 port 56676 ssh2 Oct 4 21:37:21 master sshd[11424]: Failed password for invalid user admin from 51.15.251.56 port 42042 ssh2 Oct 4 21:37:25 master sshd[11426]: Failed password for root from 51.15.251.56 port 53106 ssh2 Oct 4 21:37:28 master sshd[11428]: Failed password for invalid user 1234 from 51.15.251.56 port 43266 ssh2 Oct 4 21:37:32 master sshd[11430]: Failed password for invalid user usuario from 51.15.251.56 port 55324 ssh2 Oct 4 21:37:35 master sshd[11432]: Failed password for invalid user support from 51.15.251.56 port 41808 ssh2 Oct 4 21:37:39 master sshd[11434]: Failed password for invalid user admin from 51.15.251.56 port 57196 ssh2 Oct 4 21:37:42 master sshd[11436]: Failed password for root from 51.15.251.56 port 41710 ssh2 Oct 4 21:37:46 master sshd[11438]: Failed password for invalid user asd from 51.15.251.56 port 57036 ssh2 Oct 4 21:37:50 master sshd[11440]: Failed password for root from 51.15	2019-10-05 06:18:08
94.177.161.168	attack	SSH Bruteforce	2019-10-05 06:30:44
51.38.57.78	attackbots	SSH-BruteForce	2019-10-05 06:40:33
222.186.175.6	attackspam	2019-10-04T22:23:52.544114abusebot-7.cloudsearch.cf sshd\[21345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.6 user=root	2019-10-05 06:32:32
185.176.27.162	attackspambots	Oct 5 00:22:24 mc1 kernel: \[1514154.166410\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.162 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=42654 PROTO=TCP SPT=46024 DPT=4999 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 5 00:22:34 mc1 kernel: \[1514164.447005\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.162 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=52982 PROTO=TCP SPT=46024 DPT=10060 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 5 00:25:24 mc1 kernel: \[1514334.732029\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.162 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=57122 PROTO=TCP SPT=46024 DPT=2030 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-05 06:26:29
14.207.28.223	attackbots	Chat Spam	2019-10-05 06:20:18
197.32.170.135	attackspam	Oct 4 21:33:02 master sshd[11418]: Failed password for invalid user admin from 197.32.170.135 port 40700 ssh2	2019-10-05 06:22:18
180.248.241.226	attackbotsspam	2019-10-04T22:31:59.856638abusebot-4.cloudsearch.cf sshd\[31493\]: Invalid user 123@123 from 180.248.241.226 port 46839	2019-10-05 06:41:58
46.148.112.94	attackbotsspam	B: Magento admin pass test (wrong country)	2019-10-05 06:05:02
222.186.173.238	attackspam	Triggered by Fail2Ban at Ares web server	2019-10-05 06:13:47
90.84.241.185	attack	SSH scan ::	2019-10-05 06:21:28
80.211.110.91	attackbotsspam	Oct 4 12:10:53 hanapaa sshd\[2549\]: Invalid user LouLou@123 from 80.211.110.91 Oct 4 12:10:53 hanapaa sshd\[2549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.110.91 Oct 4 12:10:55 hanapaa sshd\[2549\]: Failed password for invalid user LouLou@123 from 80.211.110.91 port 36650 ssh2 Oct 4 12:15:06 hanapaa sshd\[2901\]: Invalid user Chain2017 from 80.211.110.91 Oct 4 12:15:06 hanapaa sshd\[2901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.110.91	2019-10-05 06:31:24
210.92.91.223	attackspam	Oct 4 10:21:46 kapalua sshd\[2469\]: Invalid user 123Second from 210.92.91.223 Oct 4 10:21:46 kapalua sshd\[2469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.92.91.223 Oct 4 10:21:48 kapalua sshd\[2469\]: Failed password for invalid user 123Second from 210.92.91.223 port 41480 ssh2 Oct 4 10:25:48 kapalua sshd\[2821\]: Invalid user Pa55w0rd@123 from 210.92.91.223 Oct 4 10:25:48 kapalua sshd\[2821\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.92.91.223	2019-10-05 06:24:28

Recently Reported IPs

221.157.92.194	45.5.97.99	145.2.36.153	219.175.241.179
110.179.86.206	113.187.115.63	37.0.247.29	92.108.221.26
85.158.185.179	106.13.234.197	219.25.81.50	64.120.2.176
126.204.58.72	80.237.33.119	139.224.168.145	65.183.160.192
165.129.54.65	182.236.30.193	156.96.56.162	219.76.222.98