91.106.94.169 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Iran, Islamic Republic of

运营商(isp): PJSC Badr Rayan Jonoob

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 91.106.94.169 to port 23 [J]	2020-02-23 18:08:43

相同子网IP讨论:

IP	类型	评论内容	时间
91.106.94.95	attackspam	Unauthorized connection attempt detected from IP address 91.106.94.95 to port 23 [J]	2020-01-31 04:34:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.106.94.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36802
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.106.94.169.			IN	A

;; AUTHORITY SECTION:
.			505	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022300 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 23 18:08:37 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 169.94.106.91.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 169.94.106.91.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
34.84.193.213	attackspam	Sep 30 23:50:09 localhost kernel: [3639627.820349] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=34.84.193.213 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=137 ID=2106 DF PROTO=TCP SPT=8484 DPT=49258 SEQ=1837534764 ACK=3485335553 WINDOW=8192 RES=0x00 ECE ACK SYN URGP=0 OPT (0204058C) Sep 30 23:50:12 localhost kernel: [3639630.819203] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=34.84.193.213 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=137 ID=9031 DF PROTO=TCP SPT=8484 DPT=49258 SEQ=1837534764 ACK=3485335553 WINDOW=8192 RES=0x00 ECE ACK SYN URGP=0 OPT (0204058C) Sep 30 23:50:18 localhost kernel: [3639636.820859] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=34.84.193.213 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=137 ID=27324 DF PROTO=TCP SPT=8484 DPT=49258 SEQ=1837534764 ACK=3485335553 WINDOW=8192 RES=0x00 ACK SYN URGP=0 OPT (0204058C)	2019-10-01 16:36:02
190.85.234.215	attackspambots	SSH Brute-Force attacks	2019-10-01 16:45:56
185.244.25.133	attack	2019/10/01 07:45:01 \[info\] 25677\#0: \*1075 client sent invalid request while reading client request line, client: 185.244.25.133, server: mail.hermescis.com, request: "GET login.cgi HTTP/1.1"	2019-10-01 16:07:18
51.75.65.209	attack	Oct 1 05:46:55 SilenceServices sshd[1788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.65.209 Oct 1 05:46:57 SilenceServices sshd[1788]: Failed password for invalid user bt from 51.75.65.209 port 54322 ssh2 Oct 1 05:50:27 SilenceServices sshd[2757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.65.209	2019-10-01 16:22:18
14.161.41.49	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 01-10-2019 04:50:19.	2019-10-01 16:31:47
180.76.109.211	attackspam	Oct 1 01:26:50 xb3 sshd[17250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.109.211 user=r.r Oct 1 01:26:52 xb3 sshd[17250]: Failed password for r.r from 180.76.109.211 port 42454 ssh2 Oct 1 01:26:52 xb3 sshd[17250]: Received disconnect from 180.76.109.211: 11: Bye Bye [preauth] Oct 1 01:44:36 xb3 sshd[28749]: Failed password for invalid user tihostname from 180.76.109.211 port 39678 ssh2 Oct 1 01:44:36 xb3 sshd[28749]: Received disconnect from 180.76.109.211: 11: Bye Bye [preauth] Oct 1 01:48:23 xb3 sshd[26724]: Failed password for invalid user fowler from 180.76.109.211 port 46344 ssh2 Oct 1 01:48:24 xb3 sshd[26724]: Received disconnect from 180.76.109.211: 11: Bye Bye [preauth] Oct 1 01:52:07 xb3 sshd[22788]: Failed password for invalid user teamspeak2 from 180.76.109.211 port 53002 ssh2 Oct 1 01:52:07 xb3 sshd[22788]: Received disconnect from 180.76.109.211: 11: Bye Bye [preauth] ........ ----------------------------------------------- https:/	2019-10-01 16:07:39
213.108.152.129	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/213.108.152.129/ PL - 1H : (225) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN49715 IP : 213.108.152.129 CIDR : 213.108.152.0/21 PREFIX COUNT : 4 UNIQUE IP COUNT : 3072 WYKRYTE ATAKI Z ASN49715 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-01 05:50:04 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 16:40:35
210.150.78.131	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/210.150.78.131/ JP - 1H : (123) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : JP NAME ASN : ASN2514 IP : 210.150.78.131 CIDR : 210.150.0.0/16 PREFIX COUNT : 158 UNIQUE IP COUNT : 2074624 WYKRYTE ATAKI Z ASN2514 : 1H - 1 3H - 2 6H - 3 12H - 4 24H - 4 DateTime : 2019-10-01 05:50:39 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 16:10:51
111.251.159.114	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/111.251.159.114/ TW - 1H : (216) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 111.251.159.114 CIDR : 111.251.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 17 3H - 43 6H - 56 12H - 86 24H - 148 DateTime : 2019-10-01 05:50:39 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 16:11:53
140.143.53.145	attackbotsspam	Oct 1 06:45:43 server sshd\[28206\]: Invalid user beginner from 140.143.53.145 port 15876 Oct 1 06:45:43 server sshd\[28206\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.53.145 Oct 1 06:45:45 server sshd\[28206\]: Failed password for invalid user beginner from 140.143.53.145 port 15876 ssh2 Oct 1 06:49:53 server sshd\[3671\]: Invalid user ram from 140.143.53.145 port 51944 Oct 1 06:49:53 server sshd\[3671\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.53.145	2019-10-01 16:46:23
176.124.23.255	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/176.124.23.255/ RU - 1H : (422) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN47694 IP : 176.124.23.255 CIDR : 176.124.0.0/19 PREFIX COUNT : 4 UNIQUE IP COUNT : 19456 WYKRYTE ATAKI Z ASN47694 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 2 DateTime : 2019-10-01 05:50:04 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 16:40:56
217.16.11.115	attack	2019-10-01T06:38:34.155202abusebot-5.cloudsearch.cf sshd\[9692\]: Invalid user wyr from 217.16.11.115 port 3648	2019-10-01 16:19:18
91.222.19.225	attackspam	" "	2019-10-01 16:15:00
45.136.109.199	attack	firewall-block, port(s): 6859/tcp, 7216/tcp	2019-10-01 16:47:22
51.75.133.167	attack	Oct 1 07:09:21 tuotantolaitos sshd[6753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.133.167 Oct 1 07:09:23 tuotantolaitos sshd[6753]: Failed password for invalid user abc123 from 51.75.133.167 port 48012 ssh2 ...	2019-10-01 16:15:21

最近上报的IP列表

210.61.41.218	190.157.157.227	189.146.144.4	189.126.76.187
182.150.204.142	181.17.14.102	178.36.42.52	177.92.247.105
177.10.105.86	177.8.55.110	175.153.245.52	171.101.22.63
170.79.83.101	197.127.197.8	31.238.183.120	168.227.16.197
127.143.69.246	112.137.197.170	124.195.206.128	83.145.24.176