104.131.106.23

基本信息:

城市(city): Clifton

省份(region): New Jersey

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.131.106.203	attack	fail2ban/Sep 22 12:32:49 h1962932 sshd[22769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203 user=root Sep 22 12:32:51 h1962932 sshd[22769]: Failed password for root from 104.131.106.203 port 56742 ssh2 Sep 22 12:38:52 h1962932 sshd[23428]: Invalid user support from 104.131.106.203 port 38902 Sep 22 12:38:52 h1962932 sshd[23428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203 Sep 22 12:38:52 h1962932 sshd[23428]: Invalid user support from 104.131.106.203 port 38902 Sep 22 12:38:54 h1962932 sshd[23428]: Failed password for invalid user support from 104.131.106.203 port 38902 ssh2	2020-09-22 20:55:58
104.131.106.203	attackspam	(sshd) Failed SSH login from 104.131.106.203 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 21 14:39:52 optimus sshd[17929]: Failed password for invalid user admin from 104.131.106.203 port 55952 ssh2 Sep 21 15:31:31 optimus sshd[22812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203 user=root Sep 21 15:31:33 optimus sshd[22812]: Failed password for root from 104.131.106.203 port 32822 ssh2 Sep 21 15:32:18 optimus sshd[23139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203 user=root Sep 21 15:32:20 optimus sshd[23139]: Failed password for root from 104.131.106.203 port 44230 ssh2	2020-09-22 05:05:27

类型

评论内容

时间

104.131.106.203

attack

fail2ban/Sep 22 12:32:49 h1962932 sshd[22769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203  user=root
Sep 22 12:32:51 h1962932 sshd[22769]: Failed password for root from 104.131.106.203 port 56742 ssh2
Sep 22 12:38:52 h1962932 sshd[23428]: Invalid user support from 104.131.106.203 port 38902
Sep 22 12:38:52 h1962932 sshd[23428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203
Sep 22 12:38:52 h1962932 sshd[23428]: Invalid user support from 104.131.106.203 port 38902
Sep 22 12:38:54 h1962932 sshd[23428]: Failed password for invalid user support from 104.131.106.203 port 38902 ssh2

2020-09-22 20:55:58

104.131.106.203

attackspam

(sshd) Failed SSH login from 104.131.106.203 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 21 14:39:52 optimus sshd[17929]: Failed password for invalid user admin from 104.131.106.203 port 55952 ssh2
Sep 21 15:31:31 optimus sshd[22812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203  user=root
Sep 21 15:31:33 optimus sshd[22812]: Failed password for root from 104.131.106.203 port 32822 ssh2
Sep 21 15:32:18 optimus sshd[23139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203  user=root
Sep 21 15:32:20 optimus sshd[23139]: Failed password for root from 104.131.106.203 port 44230 ssh2

2020-09-22 05:05:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.106.23
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49989
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.106.23.			IN	A

;; AUTHORITY SECTION:
.			179	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031901 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 20 11:47:25 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 23.106.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 23.106.131.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.234.219.105	attackbots	smtp probe/invalid login attempt	2019-12-24 03:29:12
202.88.246.161	attackbotsspam	Dec 23 16:29:41 markkoudstaal sshd[20656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.88.246.161 Dec 23 16:29:43 markkoudstaal sshd[20656]: Failed password for invalid user prats from 202.88.246.161 port 56629 ssh2 Dec 23 16:36:34 markkoudstaal sshd[21204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.88.246.161	2019-12-24 03:48:29
206.189.202.165	attackbotsspam	Dec 23 05:07:36 web9 sshd\[10099\]: Invalid user melger from 206.189.202.165 Dec 23 05:07:36 web9 sshd\[10099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.202.165 Dec 23 05:07:39 web9 sshd\[10099\]: Failed password for invalid user melger from 206.189.202.165 port 56598 ssh2 Dec 23 05:13:37 web9 sshd\[10957\]: Invalid user michaelmau from 206.189.202.165 Dec 23 05:13:37 web9 sshd\[10957\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.202.165	2019-12-24 03:40:24
111.231.237.245	attackspambots	Dec 23 10:38:51 TORMINT sshd\[24582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.237.245 user=root Dec 23 10:38:53 TORMINT sshd\[24582\]: Failed password for root from 111.231.237.245 port 33633 ssh2 Dec 23 10:43:36 TORMINT sshd\[24884\]: Invalid user sydney from 111.231.237.245 Dec 23 10:43:36 TORMINT sshd\[24884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.237.245 ...	2019-12-24 04:00:23
114.112.58.134	attackspambots	Unauthorized SSH login attempts	2019-12-24 03:43:48
129.204.210.237	attackspam	Apr 24 10:29:28 yesfletchmain sshd\[19541\]: Invalid user sentry from 129.204.210.237 port 56464 Apr 24 10:29:28 yesfletchmain sshd\[19541\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.210.237 Apr 24 10:29:30 yesfletchmain sshd\[19541\]: Failed password for invalid user sentry from 129.204.210.237 port 56464 ssh2 Apr 24 10:32:11 yesfletchmain sshd\[19597\]: Invalid user amssys from 129.204.210.237 port 53262 Apr 24 10:32:11 yesfletchmain sshd\[19597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.210.237 ...	2019-12-24 03:59:19
46.225.129.84	attackbots	SMB Server BruteForce Attack	2019-12-24 03:50:20
129.204.38.136	attackbots	Apr 19 12:26:32 yesfletchmain sshd\[22856\]: Invalid user nr from 129.204.38.136 port 38920 Apr 19 12:26:32 yesfletchmain sshd\[22856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.38.136 Apr 19 12:26:34 yesfletchmain sshd\[22856\]: Failed password for invalid user nr from 129.204.38.136 port 38920 ssh2 Apr 19 12:30:32 yesfletchmain sshd\[23152\]: Invalid user desktop from 129.204.38.136 port 37330 Apr 19 12:30:32 yesfletchmain sshd\[23152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.38.136 ...	2019-12-24 03:43:02
129.204.42.58	attack	May 21 11:28:26 yesfletchmain sshd\[31372\]: Invalid user probench from 129.204.42.58 port 43267 May 21 11:28:26 yesfletchmain sshd\[31372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.42.58 May 21 11:28:28 yesfletchmain sshd\[31372\]: Failed password for invalid user probench from 129.204.42.58 port 43267 ssh2 May 21 11:33:29 yesfletchmain sshd\[31477\]: Invalid user jazz from 129.204.42.58 port 55322 May 21 11:33:29 yesfletchmain sshd\[31477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.42.58 ...	2019-12-24 03:37:47
167.99.65.138	attackspam	Dec 23 17:01:30 icinga sshd[11615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.65.138 Dec 23 17:01:32 icinga sshd[11615]: Failed password for invalid user winna from 167.99.65.138 port 32828 ssh2 ...	2019-12-24 03:33:00
169.239.176.231	attackspam	DATE:2019-12-23 15:55:50, IP:169.239.176.231, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-12-24 03:37:00
185.143.223.81	attack	Dec 23 20:09:37 h2177944 kernel: \[326946.943833\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=23766 PROTO=TCP SPT=59834 DPT=48524 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 20:09:37 h2177944 kernel: \[326946.943849\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=23766 PROTO=TCP SPT=59834 DPT=48524 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 20:14:07 h2177944 kernel: \[327217.067223\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=28131 PROTO=TCP SPT=59834 DPT=14295 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 20:14:07 h2177944 kernel: \[327217.067236\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=28131 PROTO=TCP SPT=59834 DPT=14295 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 20:14:47 h2177944 kernel: \[327256.660600\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.1	2019-12-24 03:53:29
196.189.57.241	attackbotsspam	Unauthorized connection attempt detected from IP address 196.189.57.241 to port 445	2019-12-24 03:48:59
129.211.130.66	attackbotsspam	Dec 23 20:09:04 icinga sshd[30853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.130.66 Dec 23 20:09:06 icinga sshd[30853]: Failed password for invalid user greear from 129.211.130.66 port 52380 ssh2 ...	2019-12-24 03:25:58
156.218.94.231	attack	wget call in url	2019-12-24 04:01:18

最近上报的IP列表

177.152.185.130	104.131.108.172	104.131.113.239	104.131.113.74
104.131.12.61	104.131.127.132	104.131.127.199	104.131.130.231
104.131.131.168	104.131.132.133	104.131.132.148	172.221.218.249
104.131.133.124	104.131.136.214	104.131.137.177	104.131.139.80
104.131.143.147	104.131.15.247	168.253.202.212	104.131.158.169