196.0.34.106 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Uganda

运营商(isp): Uganda Telecom Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Mobile ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 16 18:09:41 mail.srvfarm.net postfix/smtpd[3583724]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed: Sep 16 18:09:41 mail.srvfarm.net postfix/smtpd[3583724]: lost connection after AUTH from unknown[196.0.34.106] Sep 16 18:09:47 mail.srvfarm.net postfix/smtpd[3585661]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed: Sep 16 18:09:47 mail.srvfarm.net postfix/smtpd[3585661]: lost connection after AUTH from unknown[196.0.34.106] Sep 16 18:10:32 mail.srvfarm.net postfix/smtps/smtpd[3585224]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed:	2020-09-18 01:45:54
attackspam	Sep 16 18:09:41 mail.srvfarm.net postfix/smtpd[3583724]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed: Sep 16 18:09:41 mail.srvfarm.net postfix/smtpd[3583724]: lost connection after AUTH from unknown[196.0.34.106] Sep 16 18:09:47 mail.srvfarm.net postfix/smtpd[3585661]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed: Sep 16 18:09:47 mail.srvfarm.net postfix/smtpd[3585661]: lost connection after AUTH from unknown[196.0.34.106] Sep 16 18:10:32 mail.srvfarm.net postfix/smtps/smtpd[3585224]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed:	2020-09-17 17:47:25

类型

评论内容

时间

attack

Sep 16 18:09:41 mail.srvfarm.net postfix/smtpd[3583724]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed: 
Sep 16 18:09:41 mail.srvfarm.net postfix/smtpd[3583724]: lost connection after AUTH from unknown[196.0.34.106]
Sep 16 18:09:47 mail.srvfarm.net postfix/smtpd[3585661]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed: 
Sep 16 18:09:47 mail.srvfarm.net postfix/smtpd[3585661]: lost connection after AUTH from unknown[196.0.34.106]
Sep 16 18:10:32 mail.srvfarm.net postfix/smtps/smtpd[3585224]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed:

2020-09-18 01:45:54

attackspam

Sep 16 18:09:41 mail.srvfarm.net postfix/smtpd[3583724]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed: 
Sep 16 18:09:41 mail.srvfarm.net postfix/smtpd[3583724]: lost connection after AUTH from unknown[196.0.34.106]
Sep 16 18:09:47 mail.srvfarm.net postfix/smtpd[3585661]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed: 
Sep 16 18:09:47 mail.srvfarm.net postfix/smtpd[3585661]: lost connection after AUTH from unknown[196.0.34.106]
Sep 16 18:10:32 mail.srvfarm.net postfix/smtps/smtpd[3585224]: warning: unknown[196.0.34.106]: SASL PLAIN authentication failed:

2020-09-17 17:47:25

相同子网IP讨论:

IP	类型	评论内容	时间
196.0.34.142	attack	Brute Force	2020-08-27 19:07:06
196.0.34.134	attackspambots	SASL PLAIN auth failed: ruser=...	2020-07-16 08:28:33
196.0.34.134	attackspam	(UG/Uganda/-) SMTP Bruteforcing attempts	2020-06-05 18:34:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.0.34.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10513
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.0.34.106.			IN	A

;; AUTHORITY SECTION:
.			461	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091602 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 17 08:57:29 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 106.34.0.196.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 106.34.0.196.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
61.219.11.153	attackspam	TCP (SYN) 61.219.11.153:63988 -> port 8080, len 44	2020-09-05 15:02:07
190.99.179.166	attack	Sep 4 18:49:54 mellenthin postfix/smtpd[29582]: NOQUEUE: reject: RCPT from dsl-emcali-190.99.179.166.emcali.net.co[190.99.179.166]: 554 5.7.1 Service unavailable; Client host [190.99.179.166] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/190.99.179.166; from= to= proto=ESMTP helo=	2020-09-05 15:21:45
5.196.70.107	attackspambots	$f2bV_matches	2020-09-05 15:20:17
94.102.51.28	attackbots	firewall-block, port(s): 717/tcp, 1784/tcp, 2750/tcp, 3715/tcp, 8120/tcp, 8197/tcp, 8214/tcp, 8498/tcp, 9669/tcp, 11261/tcp, 11532/tcp, 12180/tcp, 12427/tcp, 12649/tcp, 13080/tcp, 13817/tcp, 13938/tcp, 17122/tcp, 18633/tcp, 18660/tcp, 26634/tcp, 26997/tcp, 32598/tcp, 33933/tcp, 34840/tcp, 35297/tcp, 36400/tcp, 37752/tcp, 39315/tcp, 39550/tcp, 40067/tcp, 40658/tcp, 41198/tcp, 41331/tcp, 41538/tcp, 41936/tcp, 42205/tcp, 42447/tcp, 43645/tcp, 44610/tcp, 45079/tcp, 45195/tcp, 45827/tcp, 49880/tcp, 49922/tcp, 50570/tcp, 50746/tcp, 50867/tcp, 51202/tcp, 51372/tcp, 51883/tcp, 51954/tcp, 53950/tcp, 59468/tcp, 61341/tcp, 62357/tcp, 64871/tcp	2020-09-05 15:06:25
49.233.26.75	attack	Invalid user nexus from 49.233.26.75 port 37156	2020-09-05 15:16:53
185.220.103.8	attackbotsspam	Sep 5 14:26:06 itv-usvr-01 sshd[18133]: Invalid user admin from 185.220.103.8	2020-09-05 15:34:52
95.163.196.191	attackspam	Scanned 3 times in the last 24 hours on port 22	2020-09-05 15:19:42
45.231.255.130	attackspam	Attempts to probe for or exploit a Drupal 7.69 site on url: /phpmyadmin/index.php. Reported by the module https://www.drupal.org/project/abuseipdb.	2020-09-05 15:22:23
89.248.167.141	attack	Port scan: Attack repeated for 24 hours	2020-09-05 15:08:18
112.169.152.105	attackbotsspam	Sep 5 05:54:08 ws26vmsma01 sshd[72382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.169.152.105 Sep 5 05:54:11 ws26vmsma01 sshd[72382]: Failed password for invalid user iz from 112.169.152.105 port 33720 ssh2 ...	2020-09-05 15:33:23
96.54.228.119	attack	reported through recidive - multiple failed attempts(SSH)	2020-09-05 15:10:53
51.11.136.167	attackbots	2× attempts to log on to WP. However, we do not use WP. Last visit 2020-09-04 10:58:55	2020-09-05 15:14:45
51.210.151.134	attackbotsspam	xmlrpc attack	2020-09-05 15:33:54
141.98.10.211	attackspambots	Sep 5 08:53:13 master sshd[81509]: Invalid user admin from 141.98.10.211 port 34385 Sep 5 08:53:30 master sshd[81574]: Invalid user Admin from 141.98.10.211 port 35211 ...	2020-09-05 15:09:34
175.215.138.52	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-09-05 15:28:49

最近上报的IP列表

76.208.240.116	189.157.227.25	77.41.168.147	105.212.57.153
177.15.14.117	187.109.39.72	99.179.182.94	208.216.204.81
151.231.119.144	70.242.54.238	105.146.111.244	187.85.206.116
139.123.211.25	195.50.215.9	68.156.183.101	181.174.128.106
24.128.19.227	61.187.119.162	176.169.9.160	209.220.220.65