116.239.106.239

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 30 09:26:53 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:53 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:53 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:53 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:54 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:54 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:54 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:55 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239] Nov 30 09:26:55 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2 Nov 30 09:26:55 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239] Nov 30 09:26:56 eola ........ -------------------------------	2019-11-30 23:25:11

Type

Details

Datetime

attack

Nov 30 09:26:53 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239]
Nov 30 09:26:53 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239]
Nov 30 09:26:53 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2
Nov 30 09:26:53 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239]
Nov 30 09:26:54 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239]
Nov 30 09:26:54 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2
Nov 30 09:26:54 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239]
Nov 30 09:26:55 eola postfix/smtpd[32146]: lost connection after AUTH from unknown[116.239.106.239]
Nov 30 09:26:55 eola postfix/smtpd[32146]: disconnect from unknown[116.239.106.239] ehlo=1 auth=0/1 commands=1/2
Nov 30 09:26:55 eola postfix/smtpd[32146]: connect from unknown[116.239.106.239]
Nov 30 09:26:56 eola ........
-------------------------------

2019-11-30 23:25:11

Comments on same subnet:

IP	Type	Details	Datetime
116.239.106.193	attackbotsspam	Dec 10 19:17:14 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:15 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:16 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:18 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:19 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:20 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication failed: authentication failure Dec 10 19:17:21 wasp postfix/smtpd[15868]: warning: unknown[116.239.106.193]: SASL LOGIN authentication fa ...	2019-12-11 02:34:07
116.239.106.21	attackspam	Nov 30 21:57:21 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:21 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:21 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:22 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:22 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:22 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:23 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:23 eola postfix/smtpd[24884]: lost connection after AUTH from unknown[116.239.106.21] Nov 30 21:57:23 eola postfix/smtpd[24884]: disconnect from unknown[116.239.106.21] ehlo=1 auth=0/1 commands=1/2 Nov 30 21:57:23 eola postfix/smtpd[24884]: connect from unknown[116.239.106.21] Nov 30 21:57:25 eola postfix/sm........ -------------------------------	2019-12-01 14:23:56
116.239.106.19	attack	Nov 25 15:17:16 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:17 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:17 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:17 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:18 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:18 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:18 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:19 eola postfix/smtpd[3621]: lost connection after AUTH from unknown[116.239.106.19] Nov 25 15:17:19 eola postfix/smtpd[3621]: disconnect from unknown[116.239.106.19] ehlo=1 auth=0/1 commands=1/2 Nov 25 15:17:19 eola postfix/smtpd[3621]: connect from unknown[116.239.106.19] Nov 25 15:17:20 eola postfix/smtpd[3621]:........ -------------------------------	2019-11-28 03:31:05
116.239.106.108	attackspam	Blocked 116.239.106.108 For sending bad password count 8 tried : support & support & support & support & support@ & support@ & support@ & support@	2019-11-27 20:41:32
116.239.106.91	attackspam	Nov 26 01:17:32 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:33 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:33 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:34 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:34 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:34 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:34 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/smtpd[24928]: lost connection after AUTH from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/smtpd[24928]: disconnect from unknown[116.239.106.91] ehlo=1 auth=0/1 commands=1/2 Nov 26 01:17:36 eola postfix/smtpd[24928]: connect from unknown[116.239.106.91] Nov 26 01:17:36 eola postfix/sm........ -------------------------------	2019-11-26 19:41:45
116.239.106.46	attack	Nov 24 21:05:43 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:43 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:43 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:43 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:45 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:45 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:45 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:46 eola postfix/smtpd[32636]: lost connection after AUTH from unknown[116.239.106.46] Nov 24 21:05:46 eola postfix/smtpd[32636]: disconnect from unknown[116.239.106.46] ehlo=1 auth=0/1 commands=1/2 Nov 24 21:05:47 eola postfix/smtpd[32636]: connect from unknown[116.239.106.46] Nov 24 21:05:47 eola postfix/sm........ -------------------------------	2019-11-26 09:16:45
116.239.106.35	attackspambots	SSH invalid-user multiple login try	2019-09-02 20:33:07
116.239.106.127	attackbots	Aug 31 17:25:30 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:31 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:31 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:31 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:32 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:32 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:32 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:33 eola postfix/smtpd[24599]: lost connection after AUTH from unknown[116.239.106.127] Aug 31 17:25:33 eola postfix/smtpd[24599]: disconnect from unknown[116.239.106.127] ehlo=1 auth=0/1 commands=1/2 Aug 31 17:25:33 eola postfix/smtpd[24599]: connect from unknown[116.239.106.127] Aug 31 17:25:34 eola ........ -------------------------------	2019-09-01 11:14:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.239.106.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3461
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.239.106.239.		IN	A

;; AUTHORITY SECTION:
.			486	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113000 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 23:24:54 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 239.106.239.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 239.106.239.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.209.174.92	attackspam	Apr 1 12:59:32 *** sshd[11147]: User root from 200.209.174.92 not allowed because not listed in AllowUsers	2020-04-01 21:07:56
119.41.203.33	attack	Brute Force	2020-04-01 21:06:21
103.133.215.146	attackspam	$f2bV_matches	2020-04-01 21:47:01
182.226.228.82	attackbotsspam	Automatic report - Port Scan Attack	2020-04-01 21:49:19
5.63.151.124	attackbotsspam	1099/tcp 50880/tcp 3689/tcp... [2020-02-06/04-01]11pkt,11pt.(tcp)	2020-04-01 21:11:08
140.143.127.179	attackbotsspam	Apr 1 08:25:39 ny01 sshd[3586]: Failed password for root from 140.143.127.179 port 38862 ssh2 Apr 1 08:30:14 ny01 sshd[4178]: Failed password for root from 140.143.127.179 port 41190 ssh2	2020-04-01 21:14:34
113.189.150.243	attackspam	445/tcp [2020-04-01]1pkt	2020-04-01 21:36:18
71.6.233.81	attack	1099/tcp 8090/tcp 17185/udp... [2020-02-24/04-01]6pkt,5pt.(tcp),1pt.(udp)	2020-04-01 21:04:05
112.85.42.194	attack	Apr 1 15:32:58 ift sshd\[24898\]: Failed password for root from 112.85.42.194 port 39626 ssh2Apr 1 15:33:01 ift sshd\[24898\]: Failed password for root from 112.85.42.194 port 39626 ssh2Apr 1 15:33:03 ift sshd\[24898\]: Failed password for root from 112.85.42.194 port 39626 ssh2Apr 1 15:34:04 ift sshd\[24981\]: Failed password for root from 112.85.42.194 port 56331 ssh2Apr 1 15:35:09 ift sshd\[25281\]: Failed password for root from 112.85.42.194 port 34551 ssh2 ...	2020-04-01 21:17:11
113.125.44.80	attackspambots	Apr 1 14:25:28 srv-ubuntu-dev3 sshd[74669]: Invalid user idcqwe!@ from 113.125.44.80 Apr 1 14:25:28 srv-ubuntu-dev3 sshd[74669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.125.44.80 Apr 1 14:25:28 srv-ubuntu-dev3 sshd[74669]: Invalid user idcqwe!@ from 113.125.44.80 Apr 1 14:25:30 srv-ubuntu-dev3 sshd[74669]: Failed password for invalid user idcqwe!@ from 113.125.44.80 port 59842 ssh2 Apr 1 14:31:41 srv-ubuntu-dev3 sshd[75683]: Invalid user qwer@123321 from 113.125.44.80 Apr 1 14:31:41 srv-ubuntu-dev3 sshd[75683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.125.44.80 Apr 1 14:31:41 srv-ubuntu-dev3 sshd[75683]: Invalid user qwer@123321 from 113.125.44.80 Apr 1 14:31:43 srv-ubuntu-dev3 sshd[75683]: Failed password for invalid user qwer@123321 from 113.125.44.80 port 47242 ssh2 ...	2020-04-01 21:06:55
222.137.38.45	attackspam	23/tcp [2020-04-01]1pkt	2020-04-01 21:40:15
123.207.19.202	attackspam	Brute force attempt	2020-04-01 21:45:20
176.223.1.19	attack	23/tcp [2020-04-01]1pkt	2020-04-01 21:35:49
81.182.41.79	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 01-04-2020 13:35:17.	2020-04-01 21:09:20
103.122.92.48	attack	Automatic report - Brute Force attack using this IP address	2020-04-01 21:31:44

Recently Reported IPs

195.154.150.210	23.98.38.160	63.79.60.180	177.188.130.33
244.250.251.58	113.162.146.196	77.106.4.187	137.34.166.139
234.118.61.156	146.188.0.68	37.254.62.227	210.46.216.35
194.36.191.137	122.160.68.214	109.162.219.172	196.34.32.164
111.230.25.193	185.184.221.27	69.4.83.242	119.119.238.29