106.111.94.62 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 8 20:54:21 cps sshd[12735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.94.62 user=r.r Sep 8 20:54:23 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2 Sep 8 20:54:25 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2 Sep 8 20:54:28 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2 Sep 8 20:54:30 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.111.94.62	2019-09-09 03:58:22

类型

评论内容

时间

attack

Sep  8 20:54:21 cps sshd[12735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.111.94.62  user=r.r
Sep  8 20:54:23 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2
Sep  8 20:54:25 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2
Sep  8 20:54:28 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2
Sep  8 20:54:30 cps sshd[12735]: Failed password for r.r from 106.111.94.62 port 48351 ssh2

........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=106.111.94.62

2019-09-09 03:58:22

相同子网IP讨论:

IP	类型	评论内容	时间
106.111.94.49	attackbots	Automatic report - Port Scan Attack	2020-03-09 20:08:09
106.111.94.199	attackspam	Unauthorized connection attempt detected from IP address 106.111.94.199 to port 22 [J]	2020-01-30 20:14:51
106.111.94.207	attackspam	$f2bV_matches	2019-09-12 06:20:49
106.111.94.207	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-09-11 23:42:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.111.94.62
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51319
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.111.94.62.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 09 03:58:17 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 62.94.111.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 62.94.111.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.180.142	attackspam	Feb 11 16:16:54 MK-Soft-Root1 sshd[6597]: Failed password for root from 222.186.180.142 port 53150 ssh2 Feb 11 16:17:00 MK-Soft-Root1 sshd[6597]: Failed password for root from 222.186.180.142 port 53150 ssh2 ...	2020-02-11 23:28:28
112.85.42.188	attack	02/11/2020-09:56:54.449858 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-02-11 22:59:34
123.206.190.82	attack	Feb 11 14:42:54 silence02 sshd[25715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.190.82 Feb 11 14:42:56 silence02 sshd[25715]: Failed password for invalid user tmp from 123.206.190.82 port 45950 ssh2 Feb 11 14:47:19 silence02 sshd[26042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.190.82	2020-02-11 23:29:23
201.119.37.181	attackspambots	Feb 11 15:46:14 dedicated sshd[27994]: Invalid user ayk from 201.119.37.181 port 45868	2020-02-11 22:53:00
182.242.143.78	attackbotsspam	Automatic report - SSH Brute-Force Attack	2020-02-11 23:03:22
78.196.136.19	attack	SSH/22 MH Probe, BF, Hack -	2020-02-11 23:20:25
113.160.208.244	attackspam	Feb 11 14:47:30 raspberrypi sshd\[30199\]: Did not receive identification string from 113.160.208.244 ...	2020-02-11 23:18:57
92.252.175.34	attackbotsspam	Fail2Ban Ban Triggered	2020-02-11 22:40:24
77.40.62.132	attackspam	2020-02-11 14:47:25 auth_login authenticator failed for (localhost.localdomain) [77.40.62.132]: 535 Incorrect authentication data (set_id=news@mhasc.org) 2020-02-11 14:47:25 auth_login authenticator failed for (localhost.localdomain) [77.40.62.132]: 535 Incorrect authentication data (set_id=help@mhasc.org) ...	2020-02-11 23:24:22
142.44.185.242	attackspam	Feb 11 14:23:14 rdssrv1 sshd[2242]: Invalid user bot from 142.44.185.242 Feb 11 14:23:16 rdssrv1 sshd[2242]: Failed password for invalid user bot from 142.44.185.242 port 51052 ssh2 Feb 11 14:27:45 rdssrv1 sshd[2902]: Invalid user gyu from 142.44.185.242 Feb 11 14:27:47 rdssrv1 sshd[2902]: Failed password for invalid user gyu from 142.44.185.242 port 55660 ssh2 Feb 11 14:29:53 rdssrv1 sshd[2996]: Invalid user sss from 142.44.185.242 Feb 11 14:29:56 rdssrv1 sshd[2996]: Failed password for invalid user sss from 142.44.185.242 port 48546 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=142.44.185.242	2020-02-11 22:44:45
80.82.65.74	attackbots	10800/tcp 3131/tcp 83/tcp... [2019-12-11/2020-02-11]2796pkt,369pt.(tcp)	2020-02-11 22:51:46
2.134.171.86	attackspam	20/2/11@08:47:42: FAIL: Alarm-Network address from=2.134.171.86 20/2/11@08:47:42: FAIL: Alarm-Network address from=2.134.171.86 ...	2020-02-11 23:07:01
118.26.136.162	attackspambots	Feb 11 14:40:18 game-panel sshd[27753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.26.136.162 Feb 11 14:40:20 game-panel sshd[27753]: Failed password for invalid user ccj from 118.26.136.162 port 49654 ssh2 Feb 11 14:49:46 game-panel sshd[28101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.26.136.162	2020-02-11 23:25:23
42.188.96.75	attack	SSH/22 MH Probe, BF, Hack -	2020-02-11 23:25:46
49.88.160.167	attackbots	Feb 11 14:48:00 grey postfix/smtpd\[19251\]: NOQUEUE: reject: RCPT from unknown\[49.88.160.167\]: 554 5.7.1 Service unavailable\; Client host \[49.88.160.167\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[49.88.160.167\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-11 22:52:35

最近上报的IP列表

103.81.141.135	92.92.144.23	74.55.49.75	110.2.3.75
206.254.29.5	157.75.31.188	147.3.147.182	203.4.63.139
12.247.194.87	182.84.37.5	153.26.140.62	248.130.180.4
37.59.224.39	102.229.15.51	35.156.70.95	103.154.185.140
32.186.40.50	187.248.181.74	13.223.216.92	79.44.254.12