106.111.132.104

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 106.111.132.104 to port 2323	2020-05-30 19:22:30

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.111.132.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44043
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.111.132.104.		IN	A

;; AUTHORITY SECTION:
.			387	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020053000 1800 900 604800 86400

;; Query time: 131 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 30 19:22:25 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 104.132.111.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.132.111.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
199.249.230.111	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.249.230.111 user=root Failed password for root from 199.249.230.111 port 16207 ssh2 Failed password for root from 199.249.230.111 port 16207 ssh2 Failed password for root from 199.249.230.111 port 16207 ssh2 Failed password for root from 199.249.230.111 port 16207 ssh2	2019-06-24 08:56:33
59.110.152.52	attackspam	firewall-block, port(s): 1433/tcp, 7002/tcp, 9200/tcp	2019-06-24 08:50:50
116.193.159.66	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-24 09:07:13
58.64.144.109	attackspambots	Jun 23 19:59:03 sshgateway sshd\[9989\]: Invalid user glassfish from 58.64.144.109 Jun 23 19:59:03 sshgateway sshd\[9989\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.64.144.109 Jun 23 19:59:05 sshgateway sshd\[9989\]: Failed password for invalid user glassfish from 58.64.144.109 port 46174 ssh2	2019-06-24 09:10:25
106.12.88.165	attack	Jun 23 13:24:11 * sshd[21554]: Failed password for invalid user jacques from 106.12.88.165 port 47438 ssh2 Jun 23 13:27:20 * sshd[21577]: Failed password for invalid user endeavour from 106.12.88.165 port 43910 ssh2 Jun 23 13:29:01 * sshd[21588]: Failed password for invalid user mysql from 106.12.88.165 port 57620 ssh2 Jun 23 13:30:41 * sshd[21599]: Failed password for invalid user TFS from 106.12.88.165 port 43084 ssh2 Jun 23 13:32:19 * sshd[21607]: Failed password for invalid user zo from 106.12.88.165 port 56788 ssh2 Jun 23 13:33:54 * sshd[21614]: Failed password for invalid user arturo from 106.12.88.165 port 42254 ssh2 Jun 23 13:35:28 * sshd[21625]: Failed password for invalid user confluence from 106.12.88.165 port 55950 ssh2 Jun 23 13:37:03 * sshd[21632]: Failed password for invalid user ts3server from 106.12.88.165 port 41420 ssh2 Jun 23 13:38:42 * sshd[21642]: Failed password for invalid user test from 106.12.88.165 port 55122 ssh2 Jun 23 13:40:17 * sshd[21724]: Failed password fo	2019-06-24 08:35:32
108.222.68.232	attackbots	SSH bruteforce	2019-06-24 09:22:30
91.232.188.5	attackbots	Brute Force Joomla Admin Login	2019-06-24 09:18:49
68.183.95.97	attackbots	k+ssh-bruteforce	2019-06-24 08:55:55
209.17.96.106	attackbots	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-24 08:39:20
193.201.224.220	attackbots	[24/Jun/2019:02:20:42 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" [24/Jun/2019:02:20:58 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"	2019-06-24 09:19:56
62.210.89.215	attackbots	\[2019-06-23 15:59:32\] SECURITY\[1857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-06-23T15:59:32.203-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="2746557107",SessionID="0x7fc424245928",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.89.215/5592",ACLName="no_extension_match" \[2019-06-23 15:59:35\] NOTICE\[1849\] chan_sip.c: Registration from '"702" \' failed for '62.210.89.215:5655' - Wrong password \[2019-06-23 15:59:35\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-23T15:59:35.530-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="702",SessionID="0x7fc424131548",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.89.215/5655",Challenge="328d2710",ReceivedChallenge="328d2710",ReceivedHash="597ec3718c072ef7681e490502b6f50a" \[2019-06-23 15:59:35\] NOTICE\[1849\] chan_sip.c: Registration from '"702" \' faile	2019-06-24 09:00:15
185.220.101.0	attack	Automatic report - Web App Attack	2019-06-24 09:19:10
218.92.0.200	attackbotsspam	Jun 24 02:26:07 dev sshd\[5201\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.200 user=root Jun 24 02:26:09 dev sshd\[5201\]: Failed password for root from 218.92.0.200 port 54200 ssh2 ...	2019-06-24 08:43:33
185.10.68.16	attackspam	firewall-block, port(s): 8545/tcp	2019-06-24 08:42:57
59.144.137.186	attack	Jun 24 07:35:52 itv-usvr-02 sshd[5484]: Invalid user support from 59.144.137.186 port 41761 Jun 24 07:35:52 itv-usvr-02 sshd[5484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.144.137.186 Jun 24 07:35:52 itv-usvr-02 sshd[5484]: Invalid user support from 59.144.137.186 port 41761 Jun 24 07:35:54 itv-usvr-02 sshd[5484]: Failed password for invalid user support from 59.144.137.186 port 41761 ssh2 Jun 24 07:36:11 itv-usvr-02 sshd[5488]: Invalid user cisco from 59.144.137.186 port 48783	2019-06-24 08:48:07

最近上报的IP列表

187.200.69.33	23.100.105.121	179.83.125.202	86.150.234.135
111.94.40.187	197.211.198.162	191.232.234.17	202.21.104.246
183.157.167.82	171.240.76.112	183.157.166.171	197.255.160.226
178.32.47.218	67.44.176.180	47.186.253.245	190.211.217.139
81.14.182.98	156.222.169.137	51.68.189.111	121.35.168.125