106.111.94.62 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 8 20:54:21 cps sshd[12735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.94.62 user=r.r Sep 8 20:54:23 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2 Sep 8 20:54:25 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2 Sep 8 20:54:28 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2 Sep 8 20:54:30 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.111.94.62	2019-09-09 03:58:22

类型

评论内容

时间

attack

Sep  8 20:54:21 cps sshd[12735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.94.62  user=r.r
Sep  8 20:54:23 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2
Sep  8 20:54:25 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2
Sep  8 20:54:28 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2
Sep  8 20:54:30 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2

........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=106.111.94.62

2019-09-09 03:58:22

相同子网IP讨论:

IP	类型	评论内容	时间
106.111.94.49	attackbots	Automatic report - Port Scan Attack	2020-03-09 20:08:09
106.111.94.199	attackspam	Unauthorized connection attempt detected from IP address 106.111.94.199 to port 22 [J]	2020-01-30 20:14:51
106.111.94.207	attackspam	$f2bV_matches	2019-09-12 06:20:49
106.111.94.207	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-09-11 23:42:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.111.94.62
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51319
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.111.94.62.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 09 03:58:17 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 62.94.111.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 62.94.111.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
201.114.252.23	attack	Oct 1 00:42:24 HOST sshd[4774]: reveeclipse mapping checking getaddrinfo for dsl-201-114-252-23-dyn.prod-infinhostnameum.com.mx [201.114.252.23] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 1 00:42:26 HOST sshd[4774]: Failed password for invalid user hurt from 201.114.252.23 port 58358 ssh2 Oct 1 00:42:26 HOST sshd[4774]: Received disconnect from 201.114.252.23: 11: Bye Bye [preauth] Oct 1 00:58:05 HOST sshd[5180]: reveeclipse mapping checking getaddrinfo for dsl-201-114-252-23-dyn.prod-infinhostnameum.com.mx [201.114.252.23] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 1 00:58:07 HOST sshd[5180]: Failed password for invalid user evangelista from 201.114.252.23 port 50502 ssh2 Oct 1 00:58:07 HOST sshd[5180]: Received disconnect from 201.114.252.23: 11: Bye Bye [preauth] Oct 1 01:01:53 HOST sshd[5295]: reveeclipse mapping checking getaddrinfo for dsl-201-114-252-23-dyn.prod-infinhostnameum.com.mx [201.114.252.23] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 1 01:01:55 HOST sshd........ -------------------------------	2019-10-05 02:58:33
95.168.180.70	attack	9090/udp 8080/udp 7070/udp... [2019-09-20/10-04]21pkt,19pt.(udp)	2019-10-05 03:16:25
58.63.245.207	attackspambots	firewall-block, port(s): 445/tcp	2019-10-05 03:11:23
187.190.236.88	attackbotsspam	Oct 4 14:57:41 lnxweb62 sshd[23973]: Failed password for root from 187.190.236.88 port 45430 ssh2 Oct 4 14:57:41 lnxweb62 sshd[23973]: Failed password for root from 187.190.236.88 port 45430 ssh2	2019-10-05 03:27:21
45.172.190.21	attackspambots	Automatic report - Port Scan Attack	2019-10-05 03:23:34
62.210.37.82	attackbotsspam	$f2bV_matches	2019-10-05 03:28:03
14.17.86.45	attack	445/tcp 445/tcp 445/tcp... [2019-08-03/10-04]10pkt,1pt.(tcp)	2019-10-05 03:15:52
157.230.109.166	attackbotsspam	Oct 4 16:14:55 microserver sshd[39015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.109.166 user=root Oct 4 16:14:56 microserver sshd[39015]: Failed password for root from 157.230.109.166 port 42822 ssh2 Oct 4 16:18:24 microserver sshd[39593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.109.166 user=root Oct 4 16:18:27 microserver sshd[39593]: Failed password for root from 157.230.109.166 port 54064 ssh2 Oct 4 16:21:54 microserver sshd[40205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.109.166 user=root Oct 4 16:32:18 microserver sshd[41531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.109.166 user=root Oct 4 16:32:20 microserver sshd[41531]: Failed password for root from 157.230.109.166 port 42552 ssh2 Oct 4 16:35:49 microserver sshd[42136]: pam_unix(sshd:auth): authentication failure; logna	2019-10-05 02:51:08
185.211.245.198	attackbots	Oct 4 15:05:38 relay postfix/smtpd\[15172\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 15:05:45 relay postfix/smtpd\[16296\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 15:11:11 relay postfix/smtpd\[15170\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 15:11:19 relay postfix/smtpd\[15172\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 15:20:40 relay postfix/smtpd\[16294\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-05 03:21:42
103.95.97.178	attack	proto=tcp . spt=43765 . dpt=25 . (Listed on truncate-gbudb also unsubscore and rbldns-ru) (488)	2019-10-05 03:10:05
178.128.111.153	attack	$f2bV_matches	2019-10-05 03:04:19
142.44.184.79	attackspam	(sshd) Failed SSH login from 142.44.184.79 (US/United States/California/Tustin/ip79.ip-142-44-184.net/[AS16276 OVH SAS]): 1 in the last 3600 secs	2019-10-05 02:56:50
34.97.59.112	attackspambots	SSH Bruteforce	2019-10-05 03:24:07
222.186.175.6	attackspambots	Oct 4 15:01:47 xtremcommunity sshd\[180806\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.6 user=root Oct 4 15:01:49 xtremcommunity sshd\[180806\]: Failed password for root from 222.186.175.6 port 13596 ssh2 Oct 4 15:01:53 xtremcommunity sshd\[180806\]: Failed password for root from 222.186.175.6 port 13596 ssh2 Oct 4 15:01:57 xtremcommunity sshd\[180806\]: Failed password for root from 222.186.175.6 port 13596 ssh2 Oct 4 15:02:01 xtremcommunity sshd\[180806\]: Failed password for root from 222.186.175.6 port 13596 ssh2 ...	2019-10-05 03:07:43
212.92.123.192	attack	Multiple failed RDP login attempts	2019-10-05 03:02:10

最近上报的IP列表

103.81.141.135	92.92.144.23	74.55.49.75	110.2.3.75
206.254.29.5	157.75.31.188	147.3.147.182	203.4.63.139
12.247.194.87	182.84.37.5	153.26.140.62	248.130.180.4
37.59.224.39	102.229.15.51	35.156.70.95	103.154.185.140
32.186.40.50	187.248.181.74	13.223.216.92	79.44.254.12