91.106.199.142

基本信息:

城市(city): Karlskrona

省份(region): Blekinge

国家(country): Sweden

运营商(isp): City Network Hosting AB

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Lines containing failures of 91.106.199.142 Feb 15 13:11:38 majoron sshd[21606]: Invalid user sah from 91.106.199.142 port 50822 Feb 15 13:11:38 majoron sshd[21606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.142 Feb 15 13:11:40 majoron sshd[21606]: Failed password for invalid user sah from 91.106.199.142 port 50822 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=91.106.199.142	2020-02-17 04:56:43

类型

评论内容

时间

attackspam

Lines containing failures of 91.106.199.142
Feb 15 13:11:38 majoron sshd[21606]: Invalid user sah from 91.106.199.142 port 50822
Feb 15 13:11:38 majoron sshd[21606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.142 
Feb 15 13:11:40 majoron sshd[21606]: Failed password for invalid user sah from 91.106.199.142 port 50822 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=91.106.199.142

2020-02-17 04:56:43

相同子网IP讨论:

IP	类型	评论内容	时间
91.106.199.101	attack	Invalid user reza from 91.106.199.101 port 50854	2020-09-22 23:01:42
91.106.199.101	attackbots	Sep 22 11:59:39 mx sshd[877552]: Failed password for root from 91.106.199.101 port 55022 ssh2 Sep 22 12:03:38 mx sshd[877631]: Invalid user arkserver from 91.106.199.101 port 36704 Sep 22 12:03:38 mx sshd[877631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.101 Sep 22 12:03:38 mx sshd[877631]: Invalid user arkserver from 91.106.199.101 port 36704 Sep 22 12:03:40 mx sshd[877631]: Failed password for invalid user arkserver from 91.106.199.101 port 36704 ssh2 ...	2020-09-22 15:05:42
91.106.199.101	attackbotsspam	Sep 21 23:03:34 vps639187 sshd\[1783\]: Invalid user reza from 91.106.199.101 port 53970 Sep 21 23:03:34 vps639187 sshd\[1783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.101 Sep 21 23:03:36 vps639187 sshd\[1783\]: Failed password for invalid user reza from 91.106.199.101 port 53970 ssh2 ...	2020-09-22 07:07:16
91.106.199.101	attack	Invalid user info5 from 91.106.199.101 port 59030	2020-09-16 01:01:12
91.106.199.101	attackspambots	Sep 2 19:44:13 l02a sshd[5397]: Invalid user vbox from 91.106.199.101 Sep 2 19:44:13 l02a sshd[5397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.101 Sep 2 19:44:13 l02a sshd[5397]: Invalid user vbox from 91.106.199.101 Sep 2 19:44:14 l02a sshd[5397]: Failed password for invalid user vbox from 91.106.199.101 port 50408 ssh2	2020-09-03 03:34:18
91.106.199.101	attackspam	Sep 2 12:38:30 haigwepa sshd[26266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.101 Sep 2 12:38:33 haigwepa sshd[26266]: Failed password for invalid user sistemas from 91.106.199.101 port 33072 ssh2 ...	2020-09-02 19:12:21
91.106.199.101	attackspambots	Aug 31 17:01:23 eventyay sshd[25085]: Failed password for root from 91.106.199.101 port 60536 ssh2 Aug 31 17:05:40 eventyay sshd[25114]: Failed password for root from 91.106.199.101 port 36948 ssh2 ...	2020-09-01 01:22:34
91.106.199.101	attack	Aug 28 16:37:39 vps639187 sshd\[9552\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.101 user=root Aug 28 16:37:41 vps639187 sshd\[9552\]: Failed password for root from 91.106.199.101 port 60710 ssh2 Aug 28 16:41:26 vps639187 sshd\[9675\]: Invalid user test from 91.106.199.101 port 39292 Aug 28 16:41:26 vps639187 sshd\[9675\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.101 ...	2020-08-29 00:59:55
91.106.199.101	attackbots	prod11 ...	2020-08-19 19:29:41
91.106.199.101	attackspambots	(sshd) Failed SSH login from 91.106.199.101 (SE/Sweden/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 17 14:49:35 s1 sshd[13812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.101 user=root Aug 17 14:49:36 s1 sshd[13812]: Failed password for root from 91.106.199.101 port 41204 ssh2 Aug 17 14:58:12 s1 sshd[14191]: Invalid user admin from 91.106.199.101 port 45610 Aug 17 14:58:14 s1 sshd[14191]: Failed password for invalid user admin from 91.106.199.101 port 45610 ssh2 Aug 17 15:02:05 s1 sshd[14576]: Invalid user mns from 91.106.199.101 port 54714	2020-08-18 01:56:42
91.106.199.101	attack	20 attempts against mh-ssh on echoip	2020-08-10 18:57:55
91.106.199.101	attackbots	Jul 28 14:38:31 meumeu sshd[342460]: Invalid user bdc from 91.106.199.101 port 58604 Jul 28 14:38:31 meumeu sshd[342460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.101 Jul 28 14:38:31 meumeu sshd[342460]: Invalid user bdc from 91.106.199.101 port 58604 Jul 28 14:38:33 meumeu sshd[342460]: Failed password for invalid user bdc from 91.106.199.101 port 58604 ssh2 Jul 28 14:42:28 meumeu sshd[342659]: Invalid user songlin from 91.106.199.101 port 42026 Jul 28 14:42:28 meumeu sshd[342659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.101 Jul 28 14:42:28 meumeu sshd[342659]: Invalid user songlin from 91.106.199.101 port 42026 Jul 28 14:42:31 meumeu sshd[342659]: Failed password for invalid user songlin from 91.106.199.101 port 42026 ssh2 Jul 28 14:46:23 meumeu sshd[342850]: Invalid user wuyan from 91.106.199.101 port 53680 ...	2020-07-28 21:00:08
91.106.199.101	attackbotsspam	Brute force attempt	2020-07-27 02:19:07
91.106.199.101	attack	Brute-force attempt banned	2020-07-26 16:26:54
91.106.199.101	attack	Jul 23 02:03:20 * sshd[12631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.199.101 Jul 23 02:03:22 * sshd[12631]: Failed password for invalid user lynch from 91.106.199.101 port 38942 ssh2	2020-07-23 08:30:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.106.199.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18846
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.106.199.142.			IN	A

;; AUTHORITY SECTION:
.			450	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021601 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 04:56:39 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 142.199.106.91.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.199.106.91.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
118.126.112.72	attackspambots	Jun 5 16:05:00 server sshd\[184643\]: Invalid user server from 118.126.112.72 Jun 5 16:05:00 server sshd\[184643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.112.72 Jun 5 16:05:02 server sshd\[184643\]: Failed password for invalid user server from 118.126.112.72 port 37422 ssh2 ...	2019-07-17 11:16:39
87.65.89.126	attack	Honeypot attack, port: 5555, PTR: 126.89-65-87.adsl-dyn.isp.belgacom.be.	2019-07-17 11:35:40
117.62.132.229	attack	Jul 6 11:32:01 server sshd\[657\]: Invalid user admin from 117.62.132.229 Jul 6 11:32:01 server sshd\[657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.62.132.229 Jul 6 11:32:03 server sshd\[657\]: Failed password for invalid user admin from 117.62.132.229 port 53012 ssh2 ...	2019-07-17 11:21:34
181.169.126.20	attack	WordPress XMLRPC scan :: 181.169.126.20 0.176 BYPASS [17/Jul/2019:07:04:00 1000] [censored_4] "GET /xmlrpc.php HTTP/1.1" 405 53 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"	2019-07-17 11:11:13
158.69.241.196	attack	\[2019-07-16 23:06:52\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-16T23:06:52.686-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="03800946313113298",SessionID="0x7f06f823f758",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.241.196/6807",ACLName="no_extension_match" \[2019-07-16 23:06:54\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-16T23:06:54.267-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="03800946313113298",SessionID="0x7f06f823f758",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.241.196/5274",ACLName="no_extension_match" \[2019-07-16 23:08:23\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-16T23:08:23.827-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="03900046313113298",SessionID="0x7f06f804c2c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.241.196/12501",ACLNa	2019-07-17 11:30:00
222.122.94.10	attackspambots	Jul 16 01:12:18 shared03 sshd[14773]: Invalid user tf2server from 222.122.94.10 Jul 16 01:12:18 shared03 sshd[14773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.122.94.10 Jul 16 01:12:20 shared03 sshd[14773]: Failed password for invalid user tf2server from 222.122.94.10 port 46126 ssh2 Jul 16 01:12:21 shared03 sshd[14773]: Received disconnect from 222.122.94.10 port 46126:11: Bye Bye [preauth] Jul 16 01:12:21 shared03 sshd[14773]: Disconnected from 222.122.94.10 port 46126 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=222.122.94.10	2019-07-17 11:40:00
117.198.91.189	attackspambots	Apr 20 13:44:49 server sshd\[222696\]: Invalid user admin from 117.198.91.189 Apr 20 13:44:49 server sshd\[222696\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.198.91.189 Apr 20 13:44:51 server sshd\[222696\]: Failed password for invalid user admin from 117.198.91.189 port 37269 ssh2 ...	2019-07-17 11:47:24
82.253.121.15	attack	Jul 17 02:01:24 XXXXXX sshd[601]: Invalid user oracle from 82.253.121.15 port 35350	2019-07-17 11:44:48
118.163.107.56	attackbotsspam	Jul 16 23:18:13 sshgateway sshd\[15644\]: Invalid user ftptest from 118.163.107.56 Jul 16 23:18:13 sshgateway sshd\[15644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.107.56 Jul 16 23:18:15 sshgateway sshd\[15644\]: Failed password for invalid user ftptest from 118.163.107.56 port 57868 ssh2	2019-07-17 11:11:42
181.115.181.198	attackspam	Automatic report - Port Scan Attack	2019-07-17 11:32:00
185.2.5.29	attackspam	Automatic report - Banned IP Access	2019-07-17 11:09:03
36.110.78.62	attackspam	Jul 17 03:54:52 srv03 sshd\[12454\]: Invalid user user from 36.110.78.62 port 52396 Jul 17 03:54:52 srv03 sshd\[12454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.110.78.62 Jul 17 03:54:54 srv03 sshd\[12454\]: Failed password for invalid user user from 36.110.78.62 port 52396 ssh2	2019-07-17 11:28:11
195.154.61.206	attack	16.07.2019 21:03:35 HTTPs access blocked by firewall	2019-07-17 11:26:25
5.79.121.159	attackbotsspam	Automatic report - Banned IP Access	2019-07-17 11:49:25
219.255.154.230	attackspambots	TCP 60 49921 → personal-agent(5555) [SYN] Seq=0 Win=55334 Len=0	2019-07-17 11:25:32

最近上报的IP列表

178.176.193.55	52.0.64.81	184.103.253.123	113.108.125.228
147.231.140.28	149.111.140.161	126.9.154.193	172.99.173.226
98.234.54.4	123.244.13.56	177.165.207.124	60.250.152.137
134.169.241.244	219.5.176.15	58.152.1.158	184.75.227.158
169.2.65.52	73.121.75.191	194.88.90.29	208.237.25.4