91.106.193.72 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Sweden

运营商(isp): City Network Hosting AB

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	$f2bV_matches	2020-09-03 20:51:58
attackspam	Sep 2 19:34:07 prod4 sshd\[8494\]: Invalid user contact from 91.106.193.72 Sep 2 19:34:09 prod4 sshd\[8494\]: Failed password for invalid user contact from 91.106.193.72 port 46622 ssh2 Sep 2 19:40:08 prod4 sshd\[11755\]: Invalid user user from 91.106.193.72 ...	2020-09-03 12:35:57
attack	Sep 2 19:34:07 prod4 sshd\[8494\]: Invalid user contact from 91.106.193.72 Sep 2 19:34:09 prod4 sshd\[8494\]: Failed password for invalid user contact from 91.106.193.72 port 46622 ssh2 Sep 2 19:40:08 prod4 sshd\[11755\]: Invalid user user from 91.106.193.72 ...	2020-09-03 04:54:15
attackspam	Aug 30 17:38:31 haigwepa sshd[3415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 Aug 30 17:38:33 haigwepa sshd[3415]: Failed password for invalid user alain from 91.106.193.72 port 41502 ssh2 ...	2020-08-31 00:58:15
attackspam	Aug 17 16:59:48 * sshd[28169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 Aug 17 16:59:50 * sshd[28169]: Failed password for invalid user e from 91.106.193.72 port 51640 ssh2	2020-08-17 23:25:48
attackbots	Aug 12 15:11:30 ajax sshd[9213]: Failed password for root from 91.106.193.72 port 42736 ssh2	2020-08-12 22:32:26
attackspambots	Aug 5 19:37:16 php1 sshd\[28165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root Aug 5 19:37:18 php1 sshd\[28165\]: Failed password for root from 91.106.193.72 port 36474 ssh2 Aug 5 19:41:30 php1 sshd\[28771\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root Aug 5 19:41:32 php1 sshd\[28771\]: Failed password for root from 91.106.193.72 port 48196 ssh2 Aug 5 19:45:40 php1 sshd\[29110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root	2020-08-06 13:48:24
attack	2020-07-04T05:20:11.122004n23.at sshd[2081190]: Failed password for invalid user orca from 91.106.193.72 port 55794 ssh2 2020-07-04T05:24:05.258714n23.at sshd[2084237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root 2020-07-04T05:24:07.072645n23.at sshd[2084237]: Failed password for root from 91.106.193.72 port 34056 ssh2 ...	2020-07-04 13:38:26
attack	...	2020-07-01 23:59:34
attackbots	2020-06-26T07:29:55.594743sorsha.thespaminator.com sshd[19906]: Invalid user openerp from 91.106.193.72 port 33000 2020-06-26T07:29:57.481530sorsha.thespaminator.com sshd[19906]: Failed password for invalid user openerp from 91.106.193.72 port 33000 ssh2 ...	2020-06-26 20:38:35
attack	2020-06-14 04:04:25.291799-0500 localhost sshd[21552]: Failed password for invalid user shashi from 91.106.193.72 port 49318 ssh2	2020-06-14 19:59:37
attackspambots	Jun 12 21:23:50 lnxmail61 sshd[31924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72	2020-06-13 04:06:48
attackspambots	$f2bV_matches	2020-06-09 17:36:50
attackspambots	Jun 8 06:47:39 vpn01 sshd[30790]: Failed password for root from 91.106.193.72 port 47488 ssh2 ...	2020-06-08 19:17:51
attackspam	Jun 6 04:30:41 web8 sshd\[28401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root Jun 6 04:30:43 web8 sshd\[28401\]: Failed password for root from 91.106.193.72 port 37842 ssh2 Jun 6 04:34:17 web8 sshd\[30175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root Jun 6 04:34:19 web8 sshd\[30175\]: Failed password for root from 91.106.193.72 port 40634 ssh2 Jun 6 04:37:57 web8 sshd\[32474\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root	2020-06-06 12:43:28
attack	Jun 2 12:02:38 webhost01 sshd[10675]: Failed password for root from 91.106.193.72 port 37262 ssh2 ...	2020-06-02 13:50:28
attackbots	Invalid user ocean from 91.106.193.72 port 40702	2020-05-30 18:06:38
attackspambots	May 28 17:51:01 nextcloud sshd\[19359\]: Invalid user admin from 91.106.193.72 May 28 17:51:01 nextcloud sshd\[19359\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 May 28 17:51:03 nextcloud sshd\[19359\]: Failed password for invalid user admin from 91.106.193.72 port 41172 ssh2	2020-05-29 04:05:56
attack	May 16 04:27:41 vps639187 sshd\[11836\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root May 16 04:27:43 vps639187 sshd\[11836\]: Failed password for root from 91.106.193.72 port 41858 ssh2 May 16 04:31:44 vps639187 sshd\[11895\]: Invalid user tbd from 91.106.193.72 port 51698 May 16 04:31:44 vps639187 sshd\[11895\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 ...	2020-05-16 13:26:34
attackspambots	May 8 22:42:28 ny01 sshd[3460]: Failed password for root from 91.106.193.72 port 53820 ssh2 May 8 22:48:15 ny01 sshd[4277]: Failed password for root from 91.106.193.72 port 59038 ssh2 May 8 22:51:52 ny01 sshd[4812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72	2020-05-09 18:14:42
attackbots	(sshd) Failed SSH login from 91.106.193.72 (SE/Sweden/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 6 14:51:35 srv sshd[8522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root May 6 14:51:36 srv sshd[8522]: Failed password for root from 91.106.193.72 port 35586 ssh2 May 6 15:01:11 srv sshd[8751]: Invalid user prometheus from 91.106.193.72 port 33324 May 6 15:01:12 srv sshd[8751]: Failed password for invalid user prometheus from 91.106.193.72 port 33324 ssh2 May 6 15:04:56 srv sshd[8820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=root	2020-05-06 20:08:34
attack	Repeated failed SSH attempt	2020-01-03 04:58:32
attack	Dec 31 15:42:35 game-panel sshd[1797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 Dec 31 15:42:37 game-panel sshd[1797]: Failed password for invalid user vesnauer from 91.106.193.72 port 46996 ssh2 Dec 31 15:45:15 game-panel sshd[1894]: Failed password for bin from 91.106.193.72 port 43892 ssh2	2019-12-31 23:58:54
attackspambots	Dec 29 14:17:38 web9 sshd\[23134\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 user=mysql Dec 29 14:17:40 web9 sshd\[23134\]: Failed password for mysql from 91.106.193.72 port 41950 ssh2 Dec 29 14:20:40 web9 sshd\[23547\]: Invalid user carin from 91.106.193.72 Dec 29 14:20:40 web9 sshd\[23547\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 Dec 29 14:20:42 web9 sshd\[23547\]: Failed password for invalid user carin from 91.106.193.72 port 44816 ssh2	2019-12-30 08:34:02
attackbots	Dec 28 16:39:44 localhost sshd[18261]: Failed password for root from 91.106.193.72 port 44954 ssh2 Dec 28 16:55:50 localhost sshd[19016]: Failed password for root from 91.106.193.72 port 57234 ssh2 Dec 28 16:58:47 localhost sshd[19172]: Failed password for invalid user http from 91.106.193.72 port 59428 ssh2	2019-12-29 00:33:35
attackbotsspam	SSH Brute Force, server-1 sshd[17865]: Failed password for invalid user db2admin from 91.106.193.72 port 46422 ssh2	2019-12-21 15:32:41
attackspam	Invalid user eugen from 91.106.193.72 port 54392	2019-12-14 05:51:30
attackspam	ssh failed login	2019-12-13 21:51:10
attackspam	Invalid user eugen from 91.106.193.72 port 54392	2019-12-13 06:30:57
attack	Dec 10 03:31:38 linuxvps sshd\[583\]: Invalid user QWE123ASD123 from 91.106.193.72 Dec 10 03:31:38 linuxvps sshd\[583\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 Dec 10 03:31:39 linuxvps sshd\[583\]: Failed password for invalid user QWE123ASD123 from 91.106.193.72 port 55762 ssh2 Dec 10 03:37:27 linuxvps sshd\[4388\]: Invalid user abcdefghijklmnopqrs from 91.106.193.72 Dec 10 03:37:27 linuxvps sshd\[4388\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72	2019-12-10 16:44:28

相同子网IP讨论:

IP	类型	评论内容	时间
91.106.193.7	attackspam	SSH login attempts with user root.	2019-11-30 04:37:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.106.193.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55161
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.106.193.72.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 07 18:07:43 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 72.193.106.91.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 72.193.106.91.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
125.167.116.197	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-30 17:34:03
106.124.131.214	attack	$f2bV_matches	2020-03-30 17:30:12
192.99.56.117	attackbotsspam	Mar 30 10:04:35 Invalid user mysql from 192.99.56.117 port 49020	2020-03-30 17:36:26
14.165.170.242	attackbotsspam	1585540302 - 03/30/2020 05:51:42 Host: 14.165.170.242/14.165.170.242 Port: 445 TCP Blocked	2020-03-30 17:25:45
213.165.162.29	attackspam	Lines containing failures of 213.165.162.29 Mar 23 06:14:39 shared03 postfix/smtpd[22616]: connect from c162-29.i02-1.onvol.net[213.165.162.29] Mar 23 06:14:41 shared03 policyd-spf[25145]: prepend Received-SPF: None (mailfrom) identhostnamey=mailfrom; client-ip=213.165.162.29; helo=c162-29.i02-1.onvol.net; envelope-from=x@x Mar x@x Mar x@x Mar 23 06:14:42 shared03 postfix/smtpd[22616]: lost connection after RCPT from c162-29.i02-1.onvol.net[213.165.162.29] Mar 23 06:14:42 shared03 postfix/smtpd[22616]: disconnect from c162-29.i02-1.onvol.net[213.165.162.29] ehlo=1 mail=1 rcpt=0/2 commands=2/4 Mar 24 23:20:39 shared03 postfix/smtpd[24941]: connect from c162-29.i02-1.onvol.net[213.165.162.29] Mar 24 23:20:40 shared03 policyd-spf[25918]: prepend Received-SPF: None (mailfrom) identhostnamey=mailfrom; client-ip=213.165.162.29; helo=c162-29.i02-1.onvol.net; envelope-from=x@x Mar x@x Mar x@x Mar x@x Mar 24 23:20:40 shared03 postfix/smtpd[24941]: lost connection after RCPT from ........ ------------------------------	2020-03-30 18:06:20
222.186.30.187	attackbots	2020-03-29 UTC: (2x) - root(2x)	2020-03-30 17:57:20
103.140.83.18	attack	$f2bV_matches	2020-03-30 17:28:46
160.124.138.155	attackbotsspam	$f2bV_matches	2020-03-30 17:59:04
37.59.123.166	attackspam	banned on SSHD	2020-03-30 17:38:29
118.172.199.121	attackbots	Honeypot attack, port: 445, PTR: node-13eh.pool-118-172.dynamic.totinternet.net.	2020-03-30 18:01:51
193.254.135.252	attack	banned on SSHD	2020-03-30 17:58:34
45.32.22.17	attackbots	xmlrpc attack	2020-03-30 17:23:24
182.61.5.137	attackspambots	5x Failed Password	2020-03-30 17:53:20
180.151.81.138	attackbotsspam	Mar 30 07:47:14 ns392434 sshd[5390]: Invalid user riina from 180.151.81.138 port 41524 Mar 30 07:47:14 ns392434 sshd[5390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.151.81.138 Mar 30 07:47:14 ns392434 sshd[5390]: Invalid user riina from 180.151.81.138 port 41524 Mar 30 07:47:17 ns392434 sshd[5390]: Failed password for invalid user riina from 180.151.81.138 port 41524 ssh2 Mar 30 08:20:06 ns392434 sshd[8295]: Invalid user kkm from 180.151.81.138 port 54470 Mar 30 08:20:06 ns392434 sshd[8295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.151.81.138 Mar 30 08:20:06 ns392434 sshd[8295]: Invalid user kkm from 180.151.81.138 port 54470 Mar 30 08:20:08 ns392434 sshd[8295]: Failed password for invalid user kkm from 180.151.81.138 port 54470 ssh2 Mar 30 08:23:24 ns392434 sshd[8545]: Invalid user jph from 180.151.81.138 port 58146	2020-03-30 17:30:30
113.181.219.233	attackbots	20/3/30@01:28:03: FAIL: Alarm-Network address from=113.181.219.233 ...	2020-03-30 17:28:28

最近上报的IP列表

124.133.107.116	91.187.103.61	94.233.0.79	112.85.12.104
144.0.227.80	114.39.114.181	118.4.200.149	74.199.110.243
133.242.228.107	14.204.105.144	159.224.52.97	177.85.142.157
170.80.227.243	178.27.249.231	84.166.181.8	197.1.195.181
188.254.181.220	162.56.105.229	177.21.128.89	201.56.55.93