必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Somalia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
暂无关于此IP的讨论, 沙发请点上方按钮
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.68.148.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53572
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;102.68.148.5.			IN	A

;; AUTHORITY SECTION:
.			267	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023102100 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 21 19:43:56 CST 2023
;; MSG SIZE  rcvd: 105
HOST信息:
Host 5.148.68.102.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.148.68.102.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
54.37.17.21 attackbotsspam
54.37.17.21 - - [09/Sep/2020:10:53:34 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
54.37.17.21 - - [09/Sep/2020:10:53:35 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
54.37.17.21 - - [09/Sep/2020:10:53:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-09-09 17:53:01
46.105.149.168 attack
46.105.149.168 (FR/France/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep  9 02:22:39 jbs1 sshd[5214]: Failed password for root from 46.105.149.168 port 37472 ssh2
Sep  9 02:23:45 jbs1 sshd[5522]: Failed password for root from 195.223.211.242 port 34906 ssh2
Sep  9 02:15:38 jbs1 sshd[3180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.50.8  user=root
Sep  9 02:14:10 jbs1 sshd[2677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.75.34  user=root
Sep  9 02:14:11 jbs1 sshd[2677]: Failed password for root from 81.68.75.34 port 41346 ssh2
Sep  9 02:15:41 jbs1 sshd[3180]: Failed password for root from 162.243.50.8 port 39721 ssh2

IP Addresses Blocked:
2020-09-09 17:48:04
185.220.103.4 attack
Time:     Wed Sep  9 10:20:17 2020 +0200
IP:       185.220.103.4 (DE/Germany/realitywinner.tor-exit.calyxinstitute.org)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked:  Permanent Block [LF_SSHD]

Log entries:

Sep  9 10:20:05 ca-3-ams1 sshd[62138]: Failed password for root from 185.220.103.4 port 60732 ssh2
Sep  9 10:20:08 ca-3-ams1 sshd[62138]: Failed password for root from 185.220.103.4 port 60732 ssh2
Sep  9 10:20:11 ca-3-ams1 sshd[62138]: Failed password for root from 185.220.103.4 port 60732 ssh2
Sep  9 10:20:13 ca-3-ams1 sshd[62138]: Failed password for root from 185.220.103.4 port 60732 ssh2
Sep  9 10:20:16 ca-3-ams1 sshd[62138]: Failed password for root from 185.220.103.4 port 60732 ssh2
2020-09-09 18:08:15
47.104.85.14 attackbots
xmlrpc attack
2020-09-09 18:12:09
167.248.133.49 attack
[Wed Sep 09 15:04:27.846786 2020] [:error] [pid 3687:tid 140413889410816] [client 167.248.133.49:54684] [client 167.248.133.49] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "X1iMixY@wYKpP8eltPSKqgAAAF8"]
...
2020-09-09 17:44:13
222.186.175.217 attackspam
Sep  9 14:29:36 gw1 sshd[24987]: Failed password for root from 222.186.175.217 port 3440 ssh2
Sep  9 14:29:40 gw1 sshd[24987]: Failed password for root from 222.186.175.217 port 3440 ssh2
...
2020-09-09 17:33:32
45.227.255.4 attackbotsspam
Sep  9 12:05:38 db sshd[18705]: Invalid user admin from 45.227.255.4 port 43292
...
2020-09-09 18:06:54
222.186.180.147 attackbotsspam
Sep  9 11:32:06 eventyay sshd[21091]: Failed password for root from 222.186.180.147 port 48138 ssh2
Sep  9 11:32:18 eventyay sshd[21091]: error: maximum authentication attempts exceeded for root from 222.186.180.147 port 48138 ssh2 [preauth]
Sep  9 11:32:24 eventyay sshd[21094]: Failed password for root from 222.186.180.147 port 44820 ssh2
...
2020-09-09 17:35:23
61.177.172.142 attack
Sep  9 09:44:32 localhost sshd[75504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.142  user=root
Sep  9 09:44:35 localhost sshd[75504]: Failed password for root from 61.177.172.142 port 30619 ssh2
Sep  9 09:44:38 localhost sshd[75504]: Failed password for root from 61.177.172.142 port 30619 ssh2
Sep  9 09:44:32 localhost sshd[75504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.142  user=root
Sep  9 09:44:35 localhost sshd[75504]: Failed password for root from 61.177.172.142 port 30619 ssh2
Sep  9 09:44:38 localhost sshd[75504]: Failed password for root from 61.177.172.142 port 30619 ssh2
Sep  9 09:44:32 localhost sshd[75504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.142  user=root
Sep  9 09:44:35 localhost sshd[75504]: Failed password for root from 61.177.172.142 port 30619 ssh2
Sep  9 09:44:38 localhost sshd[75504]: Fa
...
2020-09-09 17:51:22
132.232.112.96 attackspambots
Sep  9 01:26:53 moo sshd[19236]: Failed password for r.r from 132.232.112.96 port 34498 ssh2
Sep  9 01:42:00 moo sshd[20006]: Failed password for invalid user em3 from 132.232.112.96 port 38522 ssh2
Sep  9 01:46:59 moo sshd[20478]: Failed password for invalid user fm from 132.232.112.96 port 57998 ssh2
Sep  9 02:00:48 moo sshd[21166]: Failed password for r.r from 132.232.112.96 port 59966 ssh2
Sep  9 02:05:13 moo sshd[21386]: Failed password for invalid user fffff from 132.232.112.96 port 51202 ssh2
Sep  9 02:18:36 moo sshd[22142]: Failed password for r.r from 132.232.112.96 port 53166 ssh2
Sep  9 02:23:06 moo sshd[22340]: Failed password for invalid user lotto from 132.232.112.96 port 44402 ssh2
Sep  9 02:36:21 moo sshd[22933]: Failed password for r.r from 132.232.112.96 port 46358 ssh2
Sep  9 02:40:55 moo sshd[23212]: Failed password for r.r from 132.232.112.96 port 37594 ssh2
Sep  9 02:45:29 moo sshd[23421]: Failed password for r.r from 132.232.112.96 port 57062 ssh2
........
------------------------------
2020-09-09 17:37:58
2.57.122.204 attack
Sep  9 09:51:53 internal-server-tf sshd\[5745\]: Invalid user tomcat from 2.57.122.204Sep  9 09:52:43 internal-server-tf sshd\[5759\]: Invalid user ansible from 2.57.122.204
...
2020-09-09 17:57:53
220.167.100.60 attack
ssh brute force attempt
2020-09-09 18:05:17
202.77.105.110 attack
...
2020-09-09 18:05:48
113.247.226.163 attackspambots
Sep  9 08:53:44 gitea sshd[6212]: Invalid user apache from 113.247.226.163 port 34012
Sep  9 08:54:03 gitea sshd[13769]: Invalid user sync from 113.247.226.163 port 38024
2020-09-09 18:04:09
61.113.200.142 attack
trying to access non-authorized port
2020-09-09 17:32:16

最近上报的IP列表

102.68.143.16 102.68.152.217 102.68.196.173 102.67.99.137
102.67.88.234 102.67.79.50 102.67.95.225 102.68.134.125
102.67.77.168 102.67.92.235 102.67.53.118 102.68.116.125
102.67.37.124 102.67.249.200 102.67.23.53 102.67.60.21
102.67.231.51 102.67.244.94 102.67.189.103 102.67.180.24