5.104.235.138 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Kazakhstan

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
5.104.235.150	attack	Unauthorized connection attempt from IP address 5.104.235.150 on Port 445(SMB)	2020-06-01 18:34:08
5.104.235.150	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 22:54:13,930 INFO [shellcode_manager] (5.104.235.150) no match, writing hexdump (cc7ae97bf9970241f9a0acc1561c56f5 :2446462) - MS17010 (EternalBlue)	2019-07-24 03:16:52

类型

评论内容

时间

5.104.235.150

attack

Unauthorized connection attempt from IP address 5.104.235.150 on Port 445(SMB)

2020-06-01 18:34:08

5.104.235.150

attackbotsspam

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 22:54:13,930 INFO [shellcode_manager] (5.104.235.150) no match, writing hexdump (cc7ae97bf9970241f9a0acc1561c56f5 :2446462) - MS17010 (EternalBlue)

2019-07-24 03:16:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.104.235.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18720
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;5.104.235.138.			IN	A

;; AUTHORITY SECTION:
.			302	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 14:05:03 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

b';; connection timed out; no servers could be reached
'

NSLOOKUP信息:

server can't find 5.104.235.138.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
95.181.191.136	attack	Apr 24 05:57:46 163-172-32-151 sshd[25790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.181.191.136.16clouds.com user=root Apr 24 05:57:48 163-172-32-151 sshd[25790]: Failed password for root from 95.181.191.136 port 58046 ssh2 ...	2020-04-24 12:34:00
211.157.179.38	attack	(sshd) Failed SSH login from 211.157.179.38 (CN/China/-): 5 in the last 3600 secs	2020-04-24 12:51:02
93.84.86.69	attackspambots	Wordpress malicious attack:[sshd]	2020-04-24 12:25:48
210.97.40.34	attack	Invalid user ultra from 210.97.40.34 port 33654	2020-04-24 12:31:34
121.122.40.109	attackbotsspam	Apr 23 23:57:57 lanister sshd[31835]: Invalid user ei from 121.122.40.109 Apr 23 23:57:57 lanister sshd[31835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.122.40.109 Apr 23 23:57:57 lanister sshd[31835]: Invalid user ei from 121.122.40.109 Apr 23 23:57:58 lanister sshd[31835]: Failed password for invalid user ei from 121.122.40.109 port 48087 ssh2	2020-04-24 12:27:51
45.148.10.64	attack	20/4/23@23:58:13: FAIL: Alarm-Telnet address from=45.148.10.64 ...	2020-04-24 12:20:12
190.8.149.146	attack	Apr 24 06:09:23 server sshd[12432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.8.149.146 Apr 24 06:09:25 server sshd[12432]: Failed password for invalid user ju from 190.8.149.146 port 55171 ssh2 Apr 24 06:12:53 server sshd[12651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.8.149.146 ...	2020-04-24 12:40:34
185.50.149.14	attackbotsspam	Apr 24 06:42:20 relay postfix/smtpd\[17189\]: warning: unknown\[185.50.149.14\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 24 06:48:11 relay postfix/smtpd\[16161\]: warning: unknown\[185.50.149.14\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 24 06:48:29 relay postfix/smtpd\[17692\]: warning: unknown\[185.50.149.14\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 24 06:49:01 relay postfix/smtpd\[16161\]: warning: unknown\[185.50.149.14\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 24 06:49:16 relay postfix/smtpd\[9887\]: warning: unknown\[185.50.149.14\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-04-24 12:56:21
62.234.2.59	attack	Apr 24 00:53:49 firewall sshd[1843]: Invalid user test1 from 62.234.2.59 Apr 24 00:53:51 firewall sshd[1843]: Failed password for invalid user test1 from 62.234.2.59 port 59830 ssh2 Apr 24 00:57:53 firewall sshd[1892]: Invalid user mf from 62.234.2.59 ...	2020-04-24 12:32:27
61.95.233.61	attackspambots	Apr 24 05:57:55 * sshd[8218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.95.233.61 Apr 24 05:57:58 * sshd[8218]: Failed password for invalid user admin from 61.95.233.61 port 56800 ssh2	2020-04-24 12:29:28
217.112.128.234	attackspambots	Apr 24 05:36:20 web01.agentur-b-2.de postfix/smtpd[500606]: NOQUEUE: reject: RCPT from unknown[217.112.128.234]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 24 05:36:20 web01.agentur-b-2.de postfix/smtpd[499263]: NOQUEUE: reject: RCPT from unknown[217.112.128.234]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 24 05:36:21 web01.agentur-b-2.de postfix/smtpd[499257]: NOQUEUE: reject: RCPT from unknown[217.112.128.234]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 24 05:36:21 web01.agentur-b-2.de postfix/smtpd[499241]: NOQUEUE: reject: RCPT from unknown[217.112.128.234]: 450 4.7.1	2020-04-24 12:55:12
222.186.175.148	attackspam	2020-04-24T04:21:57.443399shield sshd\[3750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root 2020-04-24T04:21:59.290964shield sshd\[3750\]: Failed password for root from 222.186.175.148 port 63774 ssh2 2020-04-24T04:22:02.797434shield sshd\[3750\]: Failed password for root from 222.186.175.148 port 63774 ssh2 2020-04-24T04:22:05.854608shield sshd\[3750\]: Failed password for root from 222.186.175.148 port 63774 ssh2 2020-04-24T04:22:08.991766shield sshd\[3750\]: Failed password for root from 222.186.175.148 port 63774 ssh2	2020-04-24 12:24:23
89.232.60.163	attackbotsspam	Brute-force attempt banned	2020-04-24 12:31:56
201.90.101.165	attack	2020-04-23T23:37:47.3304341495-001 sshd[16428]: Invalid user kl from 201.90.101.165 port 46002 2020-04-23T23:37:47.3346721495-001 sshd[16428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.90.101.165 2020-04-23T23:37:47.3304341495-001 sshd[16428]: Invalid user kl from 201.90.101.165 port 46002 2020-04-23T23:37:49.0477161495-001 sshd[16428]: Failed password for invalid user kl from 201.90.101.165 port 46002 ssh2 2020-04-23T23:41:01.8718991495-001 sshd[16515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.90.101.165 user=root 2020-04-23T23:41:03.8860921495-001 sshd[16515]: Failed password for root from 201.90.101.165 port 34778 ssh2 ...	2020-04-24 12:43:20
181.65.252.9	attackbots	prod11 ...	2020-04-24 12:31:01

最近上报的IP列表

220.87.74.159	191.196.177.2	95.85.106.126	36.95.155.122
143.110.157.74	23.81.121.74	103.83.179.38	103.73.74.182
189.50.146.126	122.114.55.176	47.99.135.205	190.123.94.252
193.202.13.208	114.219.107.61	111.202.151.2	79.143.95.235
23.231.38.182	34.66.30.51	96.19.120.250	189.211.234.19