必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
Oct  7 11:19:41 dhoomketu sshd[3625984]: Failed password for root from 106.75.139.131 port 40808 ssh2
Oct  7 11:21:25 dhoomketu sshd[3626010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 11:21:26 dhoomketu sshd[3626010]: Failed password for root from 106.75.139.131 port 57422 ssh2
Oct  7 11:23:06 dhoomketu sshd[3626061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 11:23:08 dhoomketu sshd[3626061]: Failed password for root from 106.75.139.131 port 45804 ssh2
...
2020-10-07 20:38:21
attackbotsspam
Oct  7 09:44:01 dhoomketu sshd[3623264]: Failed password for root from 106.75.139.131 port 53698 ssh2
Oct  7 09:45:35 dhoomketu sshd[3623291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 09:45:38 dhoomketu sshd[3623291]: Failed password for root from 106.75.139.131 port 42080 ssh2
Oct  7 09:47:19 dhoomketu sshd[3623324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 09:47:22 dhoomketu sshd[3623324]: Failed password for root from 106.75.139.131 port 58694 ssh2
...
2020-10-07 12:23:48
相同子网IP讨论:
IP 类型 评论内容 时间
106.75.139.232 attackspam
SSH invalid-user multiple login try
2020-06-20 21:26:46
106.75.139.232 attackbots
Jun 13 19:06:23 ns392434 sshd[17156]: Invalid user hi from 106.75.139.232 port 39624
Jun 13 19:06:23 ns392434 sshd[17156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.232
Jun 13 19:06:23 ns392434 sshd[17156]: Invalid user hi from 106.75.139.232 port 39624
Jun 13 19:06:25 ns392434 sshd[17156]: Failed password for invalid user hi from 106.75.139.232 port 39624 ssh2
Jun 13 19:08:39 ns392434 sshd[17214]: Invalid user kapil from 106.75.139.232 port 59130
Jun 13 19:08:39 ns392434 sshd[17214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.232
Jun 13 19:08:39 ns392434 sshd[17214]: Invalid user kapil from 106.75.139.232 port 59130
Jun 13 19:08:42 ns392434 sshd[17214]: Failed password for invalid user kapil from 106.75.139.232 port 59130 ssh2
Jun 13 19:10:19 ns392434 sshd[17340]: Invalid user bwd from 106.75.139.232 port 45248
2020-06-14 04:08:00
106.75.139.232 attackbotsspam
Ssh brute force
2020-06-05 08:08:07
106.75.139.232 attackspambots
SSH brute force attempt
2020-06-01 05:44:12
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.139.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64645
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.139.131.			IN	A

;; AUTHORITY SECTION:
.			443	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100602 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 07 12:23:45 CST 2020
;; MSG SIZE  rcvd: 118
HOST信息:
Host 131.139.75.106.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 131.139.75.106.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
81.22.45.250 attackspambots
09/12/2019-08:36:49.376451 81.22.45.250 Protocol: 6 ET SCAN NMAP -sS window 1024
2019-09-12 22:27:38
121.233.120.151 attackbots
CN China - Failures: 20 ftpd
2019-09-12 22:34:42
111.26.161.8 attack
CN China - Hits: 11
2019-09-12 22:46:33
191.53.56.253 attackbotsspam
Sep 11 23:47:56 web1 postfix/smtpd[10186]: warning: unknown[191.53.56.253]: SASL PLAIN authentication failed: authentication failure
...
2019-09-12 22:12:41
61.161.108.152 attack
" "
2019-09-12 23:00:40
1.175.174.81 attackbots
Honeypot attack, port: 23, PTR: 1-175-174-81.dynamic-ip.hinet.net.
2019-09-12 22:59:23
211.206.180.157 attack
KR South Korea - Hits: 11
2019-09-12 22:31:48
155.94.139.193 attackspam
RU - 1H : (193)  Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : RU 
 NAME ASN : ASN8100 
 
 IP : 155.94.139.193 
 
 CIDR : 155.94.136.0/21 
 
 PREFIX COUNT : 593 
 
 UNIQUE IP COUNT : 472064 
 
 
 WYKRYTE ATAKI Z ASN8100 :  
  1H - 2 
  3H - 3 
  6H - 4 
 12H - 11 
 24H - 22 
 
 INFO : Looking for resource vulnerabilities 403 Detected and Blocked by ADMIN  - data recovery 
  https://help-dysk.pl
2019-09-12 22:44:13
49.249.243.235 attack
Sep 12 04:27:39 web9 sshd\[17993\]: Invalid user admin from 49.249.243.235
Sep 12 04:27:39 web9 sshd\[17993\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.249.243.235
Sep 12 04:27:41 web9 sshd\[17993\]: Failed password for invalid user admin from 49.249.243.235 port 49147 ssh2
Sep 12 04:34:04 web9 sshd\[19272\]: Invalid user postgres from 49.249.243.235
Sep 12 04:34:04 web9 sshd\[19272\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.249.243.235
2019-09-12 22:52:21
106.75.10.4 attack
Sep 12 05:39:56 microserver sshd[31437]: Invalid user teamspeak3 from 106.75.10.4 port 38747
Sep 12 05:39:56 microserver sshd[31437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4
Sep 12 05:39:58 microserver sshd[31437]: Failed password for invalid user teamspeak3 from 106.75.10.4 port 38747 ssh2
Sep 12 05:43:01 microserver sshd[32038]: Invalid user admin from 106.75.10.4 port 52337
Sep 12 05:43:01 microserver sshd[32038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4
Sep 12 05:55:14 microserver sshd[33798]: Invalid user support from 106.75.10.4 port 50108
Sep 12 05:55:14 microserver sshd[33798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4
Sep 12 05:55:16 microserver sshd[33798]: Failed password for invalid user support from 106.75.10.4 port 50108 ssh2
Sep 12 05:58:26 microserver sshd[34097]: Invalid user administrator from 106.75.10.4 port 35437
S
2019-09-12 22:25:16
158.69.226.6 attackbots
\[2019-09-11 23:58:17\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-11T23:58:17.065-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="300011442922550329",SessionID="0x7fd9a86cbbd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.226.6/50622",ACLName="no_extension_match"
\[2019-09-12 00:01:16\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-12T00:01:16.838-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="200011442922550329",SessionID="0x7fd9a863a768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.226.6/54856",ACLName="no_extension_match"
\[2019-09-12 00:04:00\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-12T00:04:00.291-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="100011442922550329",SessionID="0x7fd9a863a768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.226.6/61697",ACLName="
2019-09-12 22:48:36
110.143.83.82 attack
@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-12 13:57:15,245 INFO [amun_request_handler] PortScan Detected on Port: 445 (110.143.83.82)
2019-09-12 22:55:47
176.159.57.134 attackbots
Sep 12 14:55:50 lnxweb62 sshd[13844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.159.57.134
2019-09-12 22:36:19
130.207.54.144 attackspambots
Port scan on 1 port(s): 53
2019-09-12 22:48:06
192.241.167.200 attackspambots
Sep 12 07:54:35 ny01 sshd[1437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.167.200
Sep 12 07:54:37 ny01 sshd[1437]: Failed password for invalid user 123456789 from 192.241.167.200 port 35464 ssh2
Sep 12 08:00:28 ny01 sshd[2960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.167.200
2019-09-12 22:29:00

最近上报的IP列表

141.172.90.126 89.92.98.3 45.95.168.141 10.116.50.207
120.236.55.130 49.245.198.169 122.139.119.164 159.89.10.220
23.97.96.15 45.251.33.87 234.131.164.87 96.86.67.234
190.75.149.11 47.30.178.158 113.110.229.190 42.194.217.169
120.53.108.58 202.83.42.202 122.51.238.227 121.229.62.94