117.22.252.106

基本信息:

城市(city): Xi'an

省份(region): Shaanxi

国家(country): China

运营商(isp): ChinaNet Shanxi (SN) Province Network

主机名(hostname): unknown

机构(organization): No.31,Jin-rong Street

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 07:59:05

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.22.252.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27998
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.22.252.106.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed May 01 21:22:47 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 106.252.22.117.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 106.252.22.117.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
169.60.224.3	attackbotsspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-15 12:44:48
1.64.173.182	attackspambots	Sep 15 06:28:17 minden010 sshd[11344]: Failed password for root from 1.64.173.182 port 51602 ssh2 Sep 15 06:32:37 minden010 sshd[12418]: Failed password for root from 1.64.173.182 port 36014 ssh2 ...	2020-09-15 12:45:52
85.238.101.190	attackspambots	SSH brute force	2020-09-15 12:30:13
176.31.162.82	attackbotsspam	$f2bV_matches	2020-09-15 12:54:56
122.114.70.12	attack	Automatic report - Banned IP Access	2020-09-15 12:29:49
54.248.31.8	attack	DATE:2020-09-15 05:23:53,IP:54.248.31.8,MATCHES:10,PORT:ssh	2020-09-15 12:58:25
198.55.127.248	attackbotsspam	Sep 14 23:53:02 nxxxxxxx0 sshd[23689]: Address 198.55.127.248 maps to 198.55.127.248.static.quadranet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 14 23:53:02 nxxxxxxx0 sshd[23689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.55.127.248 user=r.r Sep 14 23:53:03 nxxxxxxx0 sshd[23689]: Failed password for r.r from 198.55.127.248 port 45000 ssh2 Sep 14 23:53:03 nxxxxxxx0 sshd[23689]: Received disconnect from 198.55.127.248: 11: Bye Bye [preauth] Sep 14 23:58:55 nxxxxxxx0 sshd[24087]: Address 198.55.127.248 maps to 198.55.127.248.static.quadranet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 14 23:58:55 nxxxxxxx0 sshd[24087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.55.127.248 user=r.r Sep 14 23:58:57 nxxxxxxx0 sshd[24087]: Failed password for r.r from 198.55.127.248 port 53448 ssh2 Sep 14 23:58:57 nxxxxxxx........ -------------------------------	2020-09-15 12:37:49
51.83.42.212	attackbotsspam	Brute%20Force%20SSH	2020-09-15 12:43:44
37.59.123.166	attack	Sep 14 21:34:57 dignus sshd[27843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.123.166 Sep 14 21:34:59 dignus sshd[27843]: Failed password for invalid user SP35 from 37.59.123.166 port 49520 ssh2 Sep 14 21:38:50 dignus sshd[28207]: Invalid user qw from 37.59.123.166 port 34072 Sep 14 21:38:50 dignus sshd[28207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.123.166 Sep 14 21:38:51 dignus sshd[28207]: Failed password for invalid user qw from 37.59.123.166 port 34072 ssh2 ...	2020-09-15 12:53:28
194.149.33.10	attackbots	Sep 15 07:00:51 vmd17057 sshd[4749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.149.33.10 Sep 15 07:00:53 vmd17057 sshd[4749]: Failed password for invalid user teamspeak3 from 194.149.33.10 port 51502 ssh2 ...	2020-09-15 13:04:28
83.97.20.35	attack	TCP (SYN) 83.97.20.35:40612 -> port 7779, len 44	2020-09-15 13:01:48
196.28.226.146	attackbots	RDP Bruteforce	2020-09-15 13:04:02
195.54.167.152	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-14T15:11:47Z and 2020-09-14T17:00:09Z	2020-09-15 12:54:04
200.73.130.188	attackspambots	Sep 14 21:16:10 server sshd[53839]: Failed password for root from 200.73.130.188 port 58186 ssh2 Sep 14 21:21:45 server sshd[55269]: Failed password for root from 200.73.130.188 port 44814 ssh2 Sep 14 21:27:21 server sshd[56863]: Failed password for invalid user backupsmysql from 200.73.130.188 port 59242 ssh2	2020-09-15 12:34:34
5.79.239.130	attackbots	20/9/14@13:00:09: FAIL: Alarm-Network address from=5.79.239.130 ...	2020-09-15 12:53:45

最近上报的IP列表

112.220.72.116	67.215.20.217	221.12.58.156	36.73.165.125
31.179.239.131	79.198.157.227	68.223.1.34	67.217.14.149
188.34.86.26	192.236.161.70	71.41.150.121	155.201.76.236
93.92.202.217	128.175.213.119	220.69.33.171	42.1.215.18
185.108.88.26	46.18.200.249	85.115.248.80	23.253.183.115