106.5.172.242 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
106.5.172.207	attack	Unauthorized connection attempt detected from IP address 106.5.172.207 to port 445 [T]	2020-01-28 09:16:34
106.5.172.77	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-25 17:41:35,575 INFO [shellcode_manager] (106.5.172.77) no match, writing hexdump (f108b8fa8b8908f5065d122544667a75 :2105884) - MS17010 (EternalBlue)	2019-08-26 15:47:50

类型

评论内容

时间

106.5.172.207

attack

Unauthorized connection attempt detected from IP address 106.5.172.207 to port 445 [T]

2020-01-28 09:16:34

106.5.172.77

attackbotsspam

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-25 17:41:35,575 INFO [shellcode_manager] (106.5.172.77) no match, writing hexdump (f108b8fa8b8908f5065d122544667a75 :2105884) - MS17010 (EternalBlue)

2019-08-26 15:47:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.5.172.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8381
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;106.5.172.242.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022800 1800 900 604800 86400

;; Query time: 82 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 14:39:23 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

Host 242.172.5.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.172.5.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
193.35.51.23	attackbots	Sep 28 14:46:18 srv01 postfix/smtpd\[21896\]: warning: unknown\[193.35.51.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 14:46:35 srv01 postfix/smtpd\[18042\]: warning: unknown\[193.35.51.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 14:49:04 srv01 postfix/smtpd\[21903\]: warning: unknown\[193.35.51.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 14:49:22 srv01 postfix/smtpd\[21903\]: warning: unknown\[193.35.51.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 14:51:09 srv01 postfix/smtpd\[32675\]: warning: unknown\[193.35.51.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-28 20:51:28
49.88.112.72	attack	Sep 28 15:37:41 pkdns2 sshd\[26022\]: Failed password for root from 49.88.112.72 port 42897 ssh2Sep 28 15:42:58 pkdns2 sshd\[26292\]: Failed password for root from 49.88.112.72 port 23656 ssh2Sep 28 15:43:01 pkdns2 sshd\[26292\]: Failed password for root from 49.88.112.72 port 23656 ssh2Sep 28 15:43:04 pkdns2 sshd\[26292\]: Failed password for root from 49.88.112.72 port 23656 ssh2Sep 28 15:44:00 pkdns2 sshd\[26323\]: Failed password for root from 49.88.112.72 port 30666 ssh2Sep 28 15:44:02 pkdns2 sshd\[26323\]: Failed password for root from 49.88.112.72 port 30666 ssh2 ...	2020-09-28 20:45:31
167.172.207.139	attackbotsspam	Sep 28 10:12:20 inter-technics sshd[30639]: Invalid user alex from 167.172.207.139 port 34662 Sep 28 10:12:20 inter-technics sshd[30639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.207.139 Sep 28 10:12:20 inter-technics sshd[30639]: Invalid user alex from 167.172.207.139 port 34662 Sep 28 10:12:21 inter-technics sshd[30639]: Failed password for invalid user alex from 167.172.207.139 port 34662 ssh2 Sep 28 10:15:40 inter-technics sshd[30857]: Invalid user vnc from 167.172.207.139 port 41542 ...	2020-09-28 20:38:27
112.74.94.219	attackbots	TCP (SYN) 112.74.94.219:39104 -> port 8080, len 60	2020-09-28 20:33:45
183.232.228.66	attackbots	Lines containing failures of 183.232.228.66 Sep 28 11:00:11 MAKserver05 sshd[2190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.232.228.66 user=r.r Sep 28 11:00:13 MAKserver05 sshd[2190]: Failed password for r.r from 183.232.228.66 port 57758 ssh2 Sep 28 11:00:13 MAKserver05 sshd[2190]: Received disconnect from 183.232.228.66 port 57758:11: Bye Bye [preauth] Sep 28 11:00:13 MAKserver05 sshd[2190]: Disconnected from authenticating user r.r 183.232.228.66 port 57758 [preauth] Sep 28 11:33:19 MAKserver05 sshd[4545]: Invalid user rh from 183.232.228.66 port 35406 Sep 28 11:33:19 MAKserver05 sshd[4545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.232.228.66 Sep 28 11:33:21 MAKserver05 sshd[4545]: Failed password for invalid user rh from 183.232.228.66 port 35406 ssh2 Sep 28 11:33:21 MAKserver05 sshd[4545]: Received disconnect from 183.232.228.66 port 35406:11: Bye Bye [preauth] S........ ------------------------------	2020-09-28 20:19:01
176.26.166.66	attack	(sshd) Failed SSH login from 176.26.166.66 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 08:07:16 server sshd[17445]: Invalid user webftp from 176.26.166.66 port 60260 Sep 28 08:07:18 server sshd[17445]: Failed password for invalid user webftp from 176.26.166.66 port 60260 ssh2 Sep 28 08:18:10 server sshd[20693]: Invalid user test1 from 176.26.166.66 port 45749 Sep 28 08:18:12 server sshd[20693]: Failed password for invalid user test1 from 176.26.166.66 port 45749 ssh2 Sep 28 08:22:18 server sshd[22147]: Invalid user dinesh from 176.26.166.66 port 50602	2020-09-28 20:56:31
49.232.172.254	attackbotsspam	Brute%20Force%20SSH	2020-09-28 20:41:57
159.89.9.22	attack	Sep 28 14:27:31 h2779839 sshd[29509]: Invalid user ftp from 159.89.9.22 port 32984 Sep 28 14:27:31 h2779839 sshd[29509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.9.22 Sep 28 14:27:31 h2779839 sshd[29509]: Invalid user ftp from 159.89.9.22 port 32984 Sep 28 14:27:33 h2779839 sshd[29509]: Failed password for invalid user ftp from 159.89.9.22 port 32984 ssh2 Sep 28 14:30:58 h2779839 sshd[29605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.9.22 user=root Sep 28 14:31:01 h2779839 sshd[29605]: Failed password for root from 159.89.9.22 port 42104 ssh2 Sep 28 14:34:36 h2779839 sshd[29688]: Invalid user andy from 159.89.9.22 port 51222 Sep 28 14:34:36 h2779839 sshd[29688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.9.22 Sep 28 14:34:36 h2779839 sshd[29688]: Invalid user andy from 159.89.9.22 port 51222 Sep 28 14:34:38 h2779839 sshd[29688]: ...	2020-09-28 20:50:49
1.186.57.150	attackbotsspam	(sshd) Failed SSH login from 1.186.57.150 (IN/India/sitmng.ac.in): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD	2020-09-28 20:39:53
85.104.18.166	attackbotsspam	Unauthorized connection attempt from IP address 85.104.18.166 on Port 445(SMB)	2020-09-28 20:23:40
191.43.12.85	attackbots	Sep 28 13:33:09 srv-ubuntu-dev3 sshd[80507]: Invalid user jeff from 191.43.12.85 Sep 28 13:33:09 srv-ubuntu-dev3 sshd[80507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.43.12.85 Sep 28 13:33:09 srv-ubuntu-dev3 sshd[80507]: Invalid user jeff from 191.43.12.85 Sep 28 13:33:11 srv-ubuntu-dev3 sshd[80507]: Failed password for invalid user jeff from 191.43.12.85 port 35618 ssh2 Sep 28 13:37:38 srv-ubuntu-dev3 sshd[81076]: Invalid user usuario2 from 191.43.12.85 Sep 28 13:37:38 srv-ubuntu-dev3 sshd[81076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.43.12.85 Sep 28 13:37:38 srv-ubuntu-dev3 sshd[81076]: Invalid user usuario2 from 191.43.12.85 Sep 28 13:37:39 srv-ubuntu-dev3 sshd[81076]: Failed password for invalid user usuario2 from 191.43.12.85 port 39737 ssh2 Sep 28 13:42:04 srv-ubuntu-dev3 sshd[81596]: Invalid user sss from 191.43.12.85 ...	2020-09-28 20:57:20
104.248.145.254	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-28 20:40:54
165.232.72.42	attackspam	uvcm 165.232.72.42 [28/Sep/2020:03:37:06 "-" "GET /wp-login.php?redirect_to=http%3A%2F%2Fbelajarweb.net%2Fwp-admin%2F&reauth=1 200 7203 165.232.72.42 [28/Sep/2020:03:37:09 "-" "GET /wp-login.php?redirect_to=http%3A%2F%2Fbelajarweb.net%2Fwp-admin%2F&reauth=1 200 4183 165.232.72.42 [28/Sep/2020:03:38:32 "-" "GET /wp-login.php?redirect_to=https%3A%2F%2Fsaveasbrand.com%2Fwp-admin%2F&reauth=1 200 4638	2020-09-28 20:48:59
106.52.181.236	attackspambots	Tried sshing with brute force.	2020-09-28 20:29:47
88.241.42.121	attackbots	1601239211 - 09/27/2020 22:40:11 Host: 88.241.42.121/88.241.42.121 Port: 445 TCP Blocked	2020-09-28 20:34:28

最近上报的IP列表

106.5.143.6	106.5.143.236	106.40.240.75	106.5.172.7
106.5.173.127	106.5.143.215	106.5.174.137	106.5.143.198
106.5.174.47	106.5.202.101	106.5.202.102	106.5.165.225
106.40.240.76	106.5.202.114	106.5.202.116	106.40.240.78
106.40.240.8	106.40.240.81	106.40.240.82	106.40.240.85