106.118.200.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Hebei Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jan 4 05:44:38 debian-2gb-nbg1-2 kernel: \[372403.598511\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.118.200.5 DST=195.201.40.59 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=65292 DF PROTO=TCP SPT=28879 DPT=23 WINDOW=14520 RES=0x00 SYN URGP=0	2020-01-04 20:57:36

类型

评论内容

时间

attackspambots

Jan  4 05:44:38 debian-2gb-nbg1-2 kernel: \[372403.598511\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.118.200.5 DST=195.201.40.59 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=65292 DF PROTO=TCP SPT=28879 DPT=23 WINDOW=14520 RES=0x00 SYN URGP=0

2020-01-04 20:57:36

相同子网IP讨论:

IP	类型	评论内容	时间
106.118.200.245	attackbotsspam	Unauthorized connection attempt detected from IP address 106.118.200.245 to port 23 [J]	2020-01-23 00:56:22
106.118.200.52	attack	Unauthorized connection attempt detected from IP address 106.118.200.52 to port 23 [J]	2020-01-20 08:11:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.118.200.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10239
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.118.200.5.			IN	A

;; AUTHORITY SECTION:
.			396	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010400 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 04 20:57:28 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 5.200.118.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.200.118.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
111.230.248.125	attackspambots	Nov 4 16:22:27 xeon sshd[12389]: Failed password for invalid user wpyan from 111.230.248.125 port 52634 ssh2	2019-11-05 03:25:37
117.207.205.133	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-05 03:41:51
102.133.232.70	attack	Time: Mon Nov 4 11:22:43 2019 -0300 IP: 102.133.232.70 (ZA/South Africa/-) Failures: 30 (smtpauth) Interval: 3600 seconds Blocked: Permanent Block	2019-11-05 03:55:07
202.133.54.228	attack	Unauthorized connection attempt from IP address 202.133.54.228 on Port 445(SMB)	2019-11-05 03:24:53
14.169.34.203	attackbotsspam	Unauthorised access (Nov 4) SRC=14.169.34.203 LEN=52 TTL=117 ID=7457 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-05 04:01:02
89.248.160.178	attackspam	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-11-05 04:03:21
116.14.223.233	attackbotsspam	firewall-block, port(s): 82/tcp	2019-11-05 03:40:07
182.53.96.49	attack	Unauthorized connection attempt from IP address 182.53.96.49 on Port 445(SMB)	2019-11-05 03:20:00
222.186.175.182	attackspam	2019-11-04T20:40:59.501820lon01.zurich-datacenter.net sshd\[6166\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root 2019-11-04T20:41:01.708692lon01.zurich-datacenter.net sshd\[6166\]: Failed password for root from 222.186.175.182 port 23012 ssh2 2019-11-04T20:41:06.699050lon01.zurich-datacenter.net sshd\[6166\]: Failed password for root from 222.186.175.182 port 23012 ssh2 2019-11-04T20:41:27.441999lon01.zurich-datacenter.net sshd\[6183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root 2019-11-04T20:41:29.488487lon01.zurich-datacenter.net sshd\[6183\]: Failed password for root from 222.186.175.182 port 44070 ssh2 ...	2019-11-05 03:42:28
52.57.124.27	attack	ET SCAN Potential SSH Scan - port: 22 proto: TCP cat: Attempted Information Leak	2019-11-05 03:56:29
193.169.255.10	attack	SpamReport	2019-11-05 03:41:29
61.153.103.143	attack	Unauthorized connection attempt from IP address 61.153.103.143 on Port 445(SMB)	2019-11-05 03:33:06
112.78.156.248	attackbots	Unauthorized connection attempt from IP address 112.78.156.248 on Port 445(SMB)	2019-11-05 03:43:46
92.119.160.90	attackbotsspam	firewall-block, port(s): 535/tcp, 540/tcp, 569/tcp, 571/tcp, 607/tcp, 635/tcp, 659/tcp, 668/tcp, 678/tcp, 706/tcp, 734/tcp, 742/tcp, 745/tcp, 747/tcp, 785/tcp, 808/tcp, 811/tcp, 828/tcp, 830/tcp, 836/tcp, 842/tcp, 871/tcp, 881/tcp, 901/tcp, 906/tcp, 908/tcp, 918/tcp, 930/tcp, 956/tcp, 960/tcp, 965/tcp, 999/tcp, 1002/tcp, 1004/tcp, 1030/tcp, 1048/tcp, 1059/tcp, 1094/tcp, 1120/tcp, 1268/tcp, 1269/tcp, 1292/tcp, 4451/tcp, 4498/tcp, 5423/tcp, 5453/tcp, 5455/tcp, 5456/tcp, 5458/tcp, 5463/tcp, 5474/tcp, 5502/tcp, 7774/tcp, 9006/tcp, 9014/tcp, 9022/tcp, 9034/tcp, 9041/tcp, 9056/tcp, 9107/tcp, 9112/tcp, 9113/tcp, 9126/tcp, 9127/tcp, 9134/tcp, 9136/tcp, 9138/tcp, 9155/tcp, 9162/tcp, 9199/tcp, 9203/tcp, 9222/tcp, 9246/tcp, 9250/tcp, 9251/tcp, 9292/tcp, 9294/tcp, 9308/tcp, 10121/tcp, 33898/tcp, 33903/tcp	2019-11-05 03:58:26
178.176.19.90	attack	2019-11-04T17:43:29.468930host3.slimhost.com.ua sshd[1709625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.176.19.90 2019-11-04T17:43:29.463902host3.slimhost.com.ua sshd[1709625]: Invalid user nagios from 178.176.19.90 port 34473 2019-11-04T17:43:31.274458host3.slimhost.com.ua sshd[1709625]: Failed password for invalid user nagios from 178.176.19.90 port 34473 ssh2 2019-11-04T17:47:52.869448host3.slimhost.com.ua sshd[1714589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.176.19.90 user=root 2019-11-04T17:47:55.117978host3.slimhost.com.ua sshd[1714589]: Failed password for root from 178.176.19.90 port 53885 ssh2 ...	2019-11-05 03:43:13

最近上报的IP列表

94.54.38.9	149.253.116.60	195.236.38.40	175.146.92.120
215.186.118.46	59.243.229.25	205.20.224.220	27.97.101.78
83.65.104.166	76.5.5.182	170.57.198.149	57.83.16.79
153.44.112.37	199.171.2.7	216.103.161.38	73.97.1.218
85.8.251.36	187.169.38.95	169.153.25.27	118.252.31.203