172.166.106.148

基本信息:

城市(city): London

省份(region): England

国家(country): United Kingdom

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.166.106.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24846
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;172.166.106.148.		IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025080901 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 10 10:45:54 CST 2025
;; MSG SIZE  rcvd: 108

HOST信息:

b'Host 148.106.166.172.in-addr.arpa. not found: 3(NXDOMAIN)
'

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.106.166.172.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
176.210.160.189	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 04:47:39
192.35.168.233	attackbotsspam	TCP (SYN) 192.35.168.233:29747 -> port 12292, len 44	2020-09-07 04:33:39
222.186.169.192	attack	Sep 6 21:02:50 instance-2 sshd[29110]: Failed password for root from 222.186.169.192 port 2698 ssh2 Sep 6 21:02:54 instance-2 sshd[29110]: Failed password for root from 222.186.169.192 port 2698 ssh2 Sep 6 21:02:59 instance-2 sshd[29110]: Failed password for root from 222.186.169.192 port 2698 ssh2 Sep 6 21:03:03 instance-2 sshd[29110]: Failed password for root from 222.186.169.192 port 2698 ssh2	2020-09-07 05:10:30
106.52.90.84	attackspam	2020-09-06T13:46:47.6939961495-001 sshd[55905]: Invalid user admin from 106.52.90.84 port 40804 2020-09-06T13:46:47.6970121495-001 sshd[55905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.90.84 2020-09-06T13:46:47.6939961495-001 sshd[55905]: Invalid user admin from 106.52.90.84 port 40804 2020-09-06T13:46:49.6397081495-001 sshd[55905]: Failed password for invalid user admin from 106.52.90.84 port 40804 ssh2 2020-09-06T13:50:07.1210741495-001 sshd[56173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.90.84 user=root 2020-09-06T13:50:09.5205531495-001 sshd[56173]: Failed password for root from 106.52.90.84 port 58680 ssh2 ...	2020-09-07 04:56:13
185.172.110.223	attack	srvr3: (mod_security) mod_security (id:920350) triggered by 185.172.110.223 (NL/Netherlands/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/06 17:46:19 [error] 32503#0: 274 [client 185.172.110.223] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159940717969.882392"] [ref "o0,14v21,14"], client: 185.172.110.223, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-07 04:35:44
190.21.44.202	attack	Sep 6 04:45:59 sshgateway sshd\[27681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190-21-44-202.baf.movistar.cl user=root Sep 6 04:46:01 sshgateway sshd\[27681\]: Failed password for root from 190.21.44.202 port 58770 ssh2 Sep 6 04:53:54 sshgateway sshd\[28654\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190-21-44-202.baf.movistar.cl user=root	2020-09-07 04:38:39
88.135.39.26	attackbotsspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-07 04:49:29
23.242.132.241	attack	Automatic report - Banned IP Access	2020-09-07 04:42:06
179.254.51.222	attack	Automatic report - Port Scan Attack	2020-09-07 04:57:41
221.228.109.146	attackbots	SSH login attempts.	2020-09-07 04:52:07
36.99.180.242	attack	2020-09-06 14:09:32.150802-0500 localhost sshd[70744]: Failed password for root from 36.99.180.242 port 34440 ssh2	2020-09-07 05:01:31
68.183.12.127	attackbotsspam	Sep 6 20:44:43 jumpserver sshd[26233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.12.127 user=root Sep 6 20:44:46 jumpserver sshd[26233]: Failed password for root from 68.183.12.127 port 50070 ssh2 Sep 6 20:48:58 jumpserver sshd[26380]: Invalid user skynet from 68.183.12.127 port 55378 ...	2020-09-07 04:50:20
212.70.149.83	attack	Sep 6 22:46:12 v22019058497090703 postfix/smtpd[8702]: warning: unknown[212.70.149.83]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 22:46:39 v22019058497090703 postfix/smtpd[8702]: warning: unknown[212.70.149.83]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 22:47:05 v22019058497090703 postfix/smtpd[8702]: warning: unknown[212.70.149.83]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-07 04:48:56
3.84.172.31	attackspam	Port Scan: TCP/443	2020-09-07 04:42:25
140.143.207.57	attack	Failed password for root from 140.143.207.57 port 40208 ssh2	2020-09-07 05:01:58

最近上报的IP列表

71.76.221.95	195.26.242.168	142.93.3.113	46.101.40.34
135.119.16.163	82.156.149.212	45.153.34.139	206.168.34.82
121.41.166.129	162.251.95.240	113.190.193.202	111.231.205.108
27.150.188.145	197.49.38.178	15.34.63.235	192.168.31.155
207.167.67.230	108.107.251.202	0.102.68.36	65.49.1.156