116.239.106.19

Basic Info

City: Shanghai

Region: Shanghai

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 25 15:17:16 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:17 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:17 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:17 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:18 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:18 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:18 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:19 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:19 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:19 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:20 eola postfix/smtpd[3621]:........ -------------------------------	2019-11-28 03:31:05

Type

Details

Datetime

attack

Nov 25 15:17:16 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:17 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19]
Nov 25 15:17:17 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2
Nov 25 15:17:17 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:18 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19]
Nov 25 15:17:18 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2
Nov 25 15:17:18 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:19 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19]
Nov 25 15:17:19 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2
Nov 25 15:17:19 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19]
Nov 25 15:17:20 eola postfix/smtpd[3621]:........
-------------------------------

2019-11-28 03:31:05

Comments on same subnet:

IP	Type	Details	Datetime
116.239.106.193	attackbotsspam	Dec 10 19:17:14 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:15 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:16 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:18 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:19 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:20 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:21 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication fa ...	2019-12-11 02:34:07
116.239.106.21	attackspam	Nov 30 21:57:21 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:21 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:21 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:22 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:22 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:22 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:23 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:23 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:23 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:23 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:25 eola postfix/sm........ -------------------------------	2019-12-01 14:23:56
116.239.106.239	attack	Nov 30 09:26:53 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:53 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:53 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:53 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:54 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:54 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:54 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:55 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:55 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:55 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:56 eola ........ -------------------------------	2019-11-30 23:25:11
116.239.106.108	attackspam	Blocked 116.239.106.108 For sending bad password count 8 tried : support & support & support & support & support@ & support@ & support@ & support@	2019-11-27 20:41:32
116.239.106.91	attackspam	Nov 26 01:17:32 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:33 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:33 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:34 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:34 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:34 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:34 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:36 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/sm........ -------------------------------	2019-11-26 19:41:45
116.239.106.46	attack	Nov 24 21:05:43 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:43 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:43 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:43 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:45 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:45 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:45 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:46 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:46 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:47 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:47 eola postfix/sm........ -------------------------------	2019-11-26 09:16:45
116.239.106.35	attackspambots	SSH invalid-user multiple login try	2019-09-02 20:33:07
116.239.106.127	attackbots	Aug 31 17:25:30 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:31 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:31 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:31 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:32 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:32 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:32 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:33 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:33 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:33 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:34 eola ........ -------------------------------	2019-09-01 11:14:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.239.106.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4576
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.239.106.19.			IN	A

;; AUTHORITY SECTION:
.			509	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112701 1800 900 604800 86400

;; Query time: 774 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 28 03:31:02 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 19.106.239.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.106.239.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.108.66.21	attack	firewall-block, port(s): 443/tcp	2019-07-25 21:45:19
2001:e68:543a:e516:ddfd:fac2:d329:75cb	attack	PHI,WP GET /wp-login.php	2019-07-25 21:43:24
81.19.210.191	attackbotsspam	Spam	2019-07-25 21:07:15
101.255.117.126	attack	Automatic report - Port Scan Attack	2019-07-25 21:00:04
182.61.33.47	attack	ssh failed login	2019-07-25 21:28:14
114.235.132.107	attackbotsspam	[Aegis] @ 2019-07-25 13:41:12 0100 -> Sendmail rejected message.	2019-07-25 21:09:29
61.16.140.98	attack	[25.07.2019 17:25:17] Login failure for user user from 61.16.140.98	2019-07-25 21:42:22
37.139.16.227	attack	DATE:2019-07-25 15:06:43, IP:37.139.16.227, PORT:ssh SSH brute force auth (ermes)	2019-07-25 21:38:43
51.68.198.119	attack	Jul 25 12:41:28 animalibera sshd[32010]: Invalid user cumulus from 51.68.198.119 port 50376 ...	2019-07-25 21:01:15
125.64.94.211	attack	25.07.2019 12:40:30 Connection to port 540 blocked by firewall	2019-07-25 21:35:18
23.235.206.123	attack	23.235.206.123 - - [25/Jul/2019:14:56:23 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 23.235.206.123 - - [25/Jul/2019:14:56:24 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 23.235.206.123 - - [25/Jul/2019:14:56:24 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 23.235.206.123 - - [25/Jul/2019:14:56:25 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 23.235.206.123 - - [25/Jul/2019:14:56:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 23.235.206.123 - - [25/Jul/2019:14:56:26 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-25 21:51:17
104.248.62.208	attack	2019-07-25T14:36:00.595503 sshd[9180]: Invalid user tristan from 104.248.62.208 port 53382 2019-07-25T14:36:00.612583 sshd[9180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.62.208 2019-07-25T14:36:00.595503 sshd[9180]: Invalid user tristan from 104.248.62.208 port 53382 2019-07-25T14:36:02.628569 sshd[9180]: Failed password for invalid user tristan from 104.248.62.208 port 53382 ssh2 2019-07-25T14:40:37.158980 sshd[9261]: Invalid user test2 from 104.248.62.208 port 48522 ...	2019-07-25 21:33:55
88.249.249.27	attack	Automatic report - Port Scan Attack	2019-07-25 21:17:35
59.175.144.11	attackbots	25.07.2019 13:13:40 Connection to port 8545 blocked by firewall	2019-07-25 21:18:33
148.70.59.114	attackspambots	Jul 25 15:36:30 legacy sshd[17825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.59.114 Jul 25 15:36:33 legacy sshd[17825]: Failed password for invalid user nt from 148.70.59.114 port 33820 ssh2 Jul 25 15:42:55 legacy sshd[18033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.59.114 ...	2019-07-25 21:48:37

Recently Reported IPs

221.157.92.194	45.5.97.99	145.2.36.153	219.175.241.179
110.179.86.206	113.187.115.63	37.0.247.29	92.108.221.26
85.158.185.179	106.13.234.197	219.25.81.50	64.120.2.176
126.204.58.72	80.237.33.119	139.224.168.145	65.183.160.192
165.129.54.65	182.236.30.193	156.96.56.162	219.76.222.98