45.55.72.106 - IPInfo

基本信息:

城市(city): Clifton

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	[Aegis] @ 2019-09-15 14:19:48 0100 -> Common web attack.	2019-09-16 01:56:43

相同子网IP讨论:

IP	类型	评论内容	时间
45.55.72.69	attack	firewall-block, port(s): 21221/tcp	2020-07-20 23:14:48
45.55.72.69	attackspam	20373/tcp 12392/tcp 11727/tcp... [2020-06-21/07-08]56pkt,19pt.(tcp)	2020-07-08 21:03:29
45.55.72.69	attackbotsspam	TCP (SYN) 45.55.72.69:50150 -> port 11727, len 44	2020-07-07 00:49:28
45.55.72.69	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 24964 resulting in total of 4 scans from 45.55.0.0/16 block.	2020-06-24 21:04:06
45.55.72.69	attackspam	Jun 24 11:04:51 odroid64 sshd\[15407\]: Invalid user lfq from 45.55.72.69 Jun 24 11:04:51 odroid64 sshd\[15407\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.72.69 ...	2020-06-24 17:20:17
45.55.72.69	attackspam	Jun 19 14:57:55 v22019038103785759 sshd\[24261\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.72.69 user=root Jun 19 14:57:56 v22019038103785759 sshd\[24261\]: Failed password for root from 45.55.72.69 port 58552 ssh2 Jun 19 15:01:08 v22019038103785759 sshd\[24534\]: Invalid user server from 45.55.72.69 port 57834 Jun 19 15:01:08 v22019038103785759 sshd\[24534\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.72.69 Jun 19 15:01:11 v22019038103785759 sshd\[24534\]: Failed password for invalid user server from 45.55.72.69 port 57834 ssh2 ...	2020-06-20 01:14:07
45.55.72.69	attack	Jun 10 01:34:56 server sshd[32402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.72.69 Jun 10 01:34:58 server sshd[32402]: Failed password for invalid user od123 from 45.55.72.69 port 52652 ssh2 Jun 10 01:38:21 server sshd[32693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.72.69 ...	2020-06-10 07:39:17
45.55.72.69	attackspam	Brute-force attempt banned	2020-06-05 17:20:57
45.55.72.69	attackbotsspam	Jun 4 06:26:10 tuxlinux sshd[60053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.72.69 user=root Jun 4 06:26:13 tuxlinux sshd[60053]: Failed password for root from 45.55.72.69 port 44400 ssh2 Jun 4 06:26:10 tuxlinux sshd[60053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.72.69 user=root Jun 4 06:26:13 tuxlinux sshd[60053]: Failed password for root from 45.55.72.69 port 44400 ssh2 Jun 4 06:41:52 tuxlinux sshd[63387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.72.69 user=root ...	2020-06-04 16:42:56
45.55.72.69	attackspam	2020-05-29T09:50:54.659536homeassistant sshd[4430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.72.69 user=root 2020-05-29T09:50:56.917890homeassistant sshd[4430]: Failed password for root from 45.55.72.69 port 42924 ssh2 ...	2020-05-29 18:47:48
45.55.72.69	attackbotsspam	Fail2Ban - SSH Bruteforce Attempt	2020-05-27 01:25:28
45.55.72.69	attackbots	Invalid user miyazawa from 45.55.72.69 port 46976	2020-05-24 14:26:24
45.55.72.69	attackspam	May 22 21:20:32 itv-usvr-01 sshd[18322]: Invalid user rjc from 45.55.72.69 May 22 21:20:32 itv-usvr-01 sshd[18322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.72.69 May 22 21:20:32 itv-usvr-01 sshd[18322]: Invalid user rjc from 45.55.72.69 May 22 21:20:35 itv-usvr-01 sshd[18322]: Failed password for invalid user rjc from 45.55.72.69 port 47248 ssh2	2020-05-22 22:27:50
45.55.72.69	attack	Invalid user mztian from 45.55.72.69 port 48358	2020-05-22 03:45:02
45.55.72.69	attackbots	$f2bV_matches	2020-05-16 13:58:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.55.72.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2174
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.55.72.106.			IN	A

;; AUTHORITY SECTION:
.			3191	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091500 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 16 01:56:29 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 106.72.55.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 106.72.55.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
84.22.2.137	attackspambots	Automatic report - Port Scan Attack	2019-10-21 17:00:22
165.22.25.220	attackbotsspam	Oct 21 10:59:44 server sshd\[2047\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.25.220 user=root Oct 21 10:59:47 server sshd\[2047\]: Failed password for root from 165.22.25.220 port 45806 ssh2 Oct 21 11:22:01 server sshd\[7641\]: Invalid user developer from 165.22.25.220 Oct 21 11:22:01 server sshd\[7641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.25.220 Oct 21 11:22:03 server sshd\[7641\]: Failed password for invalid user developer from 165.22.25.220 port 41304 ssh2 ...	2019-10-21 16:43:08
222.124.150.157	attackspam	Automatic report - XMLRPC Attack	2019-10-21 16:51:44
178.128.59.109	attack	Oct 21 07:05:11 www sshd\[239049\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.59.109 user=root Oct 21 07:05:13 www sshd\[239049\]: Failed password for root from 178.128.59.109 port 35584 ssh2 Oct 21 07:09:14 www sshd\[239208\]: Invalid user ubnt from 178.128.59.109 ...	2019-10-21 16:39:08
51.38.65.243	attackspambots	SSH brutforce	2019-10-21 16:47:32
222.186.42.4	attack	DATE:2019-10-21 10:31:16, IP:222.186.42.4, PORT:ssh SSH brute force auth on honeypot server (honey-neo-dc-bis)	2019-10-21 16:53:57
190.228.16.101	attackbots	2019-10-21T04:40:30.907862shield sshd\[26819\]: Invalid user 123 from 190.228.16.101 port 56560 2019-10-21T04:40:30.911994shield sshd\[26819\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host101.190-228-16.telecom.net.ar 2019-10-21T04:40:33.197102shield sshd\[26819\]: Failed password for invalid user 123 from 190.228.16.101 port 56560 ssh2 2019-10-21T04:45:21.633776shield sshd\[27581\]: Invalid user 1r\$4 from 190.228.16.101 port 49382 2019-10-21T04:45:21.638046shield sshd\[27581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host101.190-228-16.telecom.net.ar	2019-10-21 16:45:19
223.145.110.231	attackbots	Fail2Ban - FTP Abuse Attempt	2019-10-21 16:35:22
177.191.188.73	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/177.191.188.73/ BR - 1H : (240) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN53006 IP : 177.191.188.73 CIDR : 177.191.0.0/16 PREFIX COUNT : 15 UNIQUE IP COUNT : 599808 ATTACKS DETECTED ASN53006 : 1H - 1 3H - 2 6H - 4 12H - 7 24H - 14 DateTime : 2019-10-21 05:48:12 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-21 16:45:01
185.40.15.13	attack	" "	2019-10-21 16:30:21
111.75.149.221	attack	Oct 21 10:18:33 vmanager6029 postfix/smtpd\[14725\]: warning: unknown\[111.75.149.221\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 21 10:18:44 vmanager6029 postfix/smtpd\[14725\]: warning: unknown\[111.75.149.221\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-21 16:33:34
78.187.73.3	attackspambots	Automatic report - Port Scan Attack	2019-10-21 16:52:37
213.91.179.246	attack	Oct 21 06:47:38 tuotantolaitos sshd[26961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.91.179.246 Oct 21 06:47:40 tuotantolaitos sshd[26961]: Failed password for invalid user legal3 from 213.91.179.246 port 42265 ssh2 ...	2019-10-21 16:57:45
89.248.174.193	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 6379 proto: TCP cat: Misc Attack	2019-10-21 16:39:37
51.38.176.147	attackbots	Oct 21 09:04:30 MK-Soft-VM4 sshd[25380]: Failed password for root from 51.38.176.147 port 33658 ssh2 ...	2019-10-21 16:52:23

最近上报的IP列表

70.62.26.243	63.101.41.4	110.174.199.104	223.238.102.195
202.7.78.220	211.217.175.49	185.209.85.113	42.249.153.17
100.176.55.123	63.245.120.11	186.105.75.173	152.182.148.188
56.109.169.23	32.114.90.235	116.133.144.222	107.22.87.90
103.215.150.7	128.173.245.68	77.119.130.220	76.28.25.61