106.111.166.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Aug 24 23:25:22 itv-usvr-01 sshd[12876]: Invalid user admin from 106.111.166.140 Aug 24 23:25:22 itv-usvr-01 sshd[12876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.166.140 Aug 24 23:25:22 itv-usvr-01 sshd[12876]: Invalid user admin from 106.111.166.140 Aug 24 23:25:24 itv-usvr-01 sshd[12876]: Failed password for invalid user admin from 106.111.166.140 port 3937 ssh2 Aug 24 23:25:22 itv-usvr-01 sshd[12876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.166.140 Aug 24 23:25:22 itv-usvr-01 sshd[12876]: Invalid user admin from 106.111.166.140 Aug 24 23:25:24 itv-usvr-01 sshd[12876]: Failed password for invalid user admin from 106.111.166.140 port 3937 ssh2 Aug 24 23:25:26 itv-usvr-01 sshd[12876]: Failed password for invalid user admin from 106.111.166.140 port 3937 ssh2	2019-08-29 22:22:36

类型

评论内容

时间

attackbots

Aug 24 23:25:22 itv-usvr-01 sshd[12876]: Invalid user admin from 106.111.166.140
Aug 24 23:25:22 itv-usvr-01 sshd[12876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.166.140
Aug 24 23:25:22 itv-usvr-01 sshd[12876]: Invalid user admin from 106.111.166.140
Aug 24 23:25:24 itv-usvr-01 sshd[12876]: Failed password for invalid user admin from 106.111.166.140 port 3937 ssh2
Aug 24 23:25:22 itv-usvr-01 sshd[12876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.166.140
Aug 24 23:25:22 itv-usvr-01 sshd[12876]: Invalid user admin from 106.111.166.140
Aug 24 23:25:24 itv-usvr-01 sshd[12876]: Failed password for invalid user admin from 106.111.166.140 port 3937 ssh2
Aug 24 23:25:26 itv-usvr-01 sshd[12876]: Failed password for invalid user admin from 106.111.166.140 port 3937 ssh2

2019-08-29 22:22:36

相同子网IP讨论:

IP	类型	评论内容	时间
106.111.166.92	attack	Trying ports that it shouldn't be.	2020-08-11 05:48:09
106.111.166.171	attackspambots	Brute-Force	2020-07-27 16:20:27
106.111.166.26	attack	Sep 22 08:45:47 josie sshd[18294]: Invalid user service from 106.111.166.26 Sep 22 08:45:47 josie sshd[18294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.166.26 Sep 22 08:45:48 josie sshd[18294]: Failed password for invalid user service from 106.111.166.26 port 54213 ssh2 Sep 22 08:45:52 josie sshd[18294]: Failed password for invalid user service from 106.111.166.26 port 54213 ssh2 Sep 22 08:45:56 josie sshd[18294]: Failed password for invalid user service from 106.111.166.26 port 54213 ssh2 Sep 22 08:46:00 josie sshd[18294]: Failed password for invalid user service from 106.111.166.26 port 54213 ssh2 Sep 22 08:46:04 josie sshd[18294]: Failed password for invalid user service from 106.111.166.26 port 54213 ssh2 Sep 25 11:50:04 josie sshd[4888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.166.26 user=r.r Sep 25 11:50:07 josie sshd[4888]: Failed password for r.r from........ -------------------------------	2019-09-26 17:08:15
106.111.166.96	attackbotsspam	Sep 15 07:11:58 ms-srv sshd[1430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.166.96 Sep 15 07:12:01 ms-srv sshd[1430]: Failed password for invalid user admin from 106.111.166.96 port 6937 ssh2	2019-09-15 19:22:57
106.111.166.209	attack	2019-09-04T13:09:24.620709abusebot-7.cloudsearch.cf sshd\[1687\]: Invalid user service from 106.111.166.209 port 46416	2019-09-05 01:07:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.111.166.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2059
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.111.166.140.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 29 22:22:26 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 140.166.111.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 140.166.111.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
200.146.227.146	attack	can 200.146.227.146 [06/Oct/2020:02:58:55 "http://pesantrenpuloair.com/V2/wp-login.php" "POST /V2/wp-login.php 302 260 200.146.227.146 [06/Oct/2020:02:58:57 "http://pesantrenpuloair.com/V2/wp-login.php" "POST /V2/wp-login.php 302 260 200.146.227.146 [06/Oct/2020:02:58:59 "http://pesantrenpuloair.com/V2/wp-login.php" "POST /V2/wp-login.php 302 260	2020-10-06 06:36:06
140.143.195.181	attack	bruteforce detected	2020-10-06 06:51:27
5.165.91.67	attackspambots	TCP (SYN) 5.165.91.67:22295 -> port 23, len 40	2020-10-06 06:19:16
219.154.3.46	attackbots	TCP (SYN) 219.154.3.46:36615 -> port 1433, len 44	2020-10-06 06:27:53
112.85.42.176	attackbotsspam	Oct 6 00:38:21 minden010 sshd[31435]: Failed password for root from 112.85.42.176 port 22733 ssh2 Oct 6 00:38:24 minden010 sshd[31435]: Failed password for root from 112.85.42.176 port 22733 ssh2 Oct 6 00:38:27 minden010 sshd[31435]: Failed password for root from 112.85.42.176 port 22733 ssh2 Oct 6 00:38:30 minden010 sshd[31435]: Failed password for root from 112.85.42.176 port 22733 ssh2 ...	2020-10-06 06:42:18
217.153.157.227	attackspambots	8728/tcp [2020-10-04]1pkt	2020-10-06 06:26:09
112.85.42.230	attackbots	Oct 6 00:14:35 vpn01 sshd[11957]: Failed password for root from 112.85.42.230 port 59116 ssh2 Oct 6 00:14:48 vpn01 sshd[11957]: Failed password for root from 112.85.42.230 port 59116 ssh2 Oct 6 00:14:48 vpn01 sshd[11957]: error: maximum authentication attempts exceeded for root from 112.85.42.230 port 59116 ssh2 [preauth] ...	2020-10-06 06:21:49
139.59.102.170	attack	Oct 5 19:08:57 mellenthin sshd[19326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.102.170 user=root Oct 5 19:08:59 mellenthin sshd[19326]: Failed password for invalid user root from 139.59.102.170 port 37134 ssh2	2020-10-06 06:29:37
167.71.202.93	attackspambots	167.71.202.93 - - [05/Oct/2020:13:55:34 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.202.93 - - [05/Oct/2020:13:55:36 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.202.93 - - [05/Oct/2020:13:55:39 +0100] "POST /wp-login.php HTTP/1.1" 200 1845 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-06 06:48:16
202.164.208.19	attackbotsspam	Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=58885 . dstport=445 SMB . (3545)	2020-10-06 06:51:10
80.254.48.254	attackbots	leo_www	2020-10-06 06:41:44
174.204.206.159	attack	Brute forcing email accounts	2020-10-06 06:25:01
1.28.224.144	attackspambots	TCP (SYN) 1.28.224.144:37727 -> port 8080, len 40	2020-10-06 06:27:11
171.231.17.136	attackspam	445/tcp [2020-10-04]1pkt	2020-10-06 06:26:37
49.70.40.131	attackbots	52869/tcp 52869/tcp [2020-10-04]2pkt	2020-10-06 06:42:59

最近上报的IP列表

128.14.209.147	141.70.240.133	42.104.97.231	121.61.60.120
155.98.42.46	7.84.233.13	74.124.16.34	176.191.214.86
78.241.106.232	64.201.58.100	92.128.241.111	169.181.237.180
82.164.51.27	27.34.246.41	103.77.183.62	20.1.167.53
78.166.95.88	218.28.165.11	217.9.246.20	30.153.192.91