城市(city): Hong Kong
省份(region): unknown
国家(country): Hong Kong
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 107.148.130.47 | attackbotsspam | Portscan or hack attempt detected by psad/fwsnort |
2020-07-26 00:15:03 |
| 107.148.130.164 | attackbotsspam | May 23 22:14:15 debian-2gb-nbg1-2 kernel: \[12523666.093397\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=107.148.130.164 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=62088 PROTO=TCP SPT=57072 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-05-24 06:03:05 |
b'#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 107.148.0.0 - 107.149.255.255
CIDR: 107.148.0.0/15
NetName: PT-82-10
NetHandle: NET-107-148-0-0-1
Parent: NET107 (NET-107-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: PEG TECH INC (PT-82)
RegDate: 2013-11-08
Updated: 2024-07-17
Comment: Geofeed https://www.raksmart.com/ip2location.csv
Ref: https://rdap.arin.net/registry/ip/107.148.0.0
OrgName: PEG TECH INC
OrgId: PT-82
Address: 2805 Mission College Blvd
City: Santa Clara
StateProv: CA
PostalCode: 95054
Country: US
RegDate: 2012-03-27
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/PT-82
OrgTechHandle: NOC12550-ARIN
OrgTechName: NOC
OrgTechPhone: +1-408-692-5581
OrgTechEmail: noc@petaexpress.com
OrgTechRef: https://rdap.arin.net/registry/entity/NOC12550-ARIN
OrgNOCHandle: NOC12550-ARIN
OrgNOCName: NOC
OrgNOCPhone: +1-408-692-5581
OrgNOCEmail: noc@petaexpress.com
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC12550-ARIN
OrgAbuseHandle: ABUSE3497-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-408-692-5581
OrgAbuseEmail: abuse@petaexpress.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3497-ARIN
# end
# start
NetRange: 107.148.128.0 - 107.148.131.255
CIDR: 107.148.128.0/22
NetName: PEG-HK-202505
NetHandle: NET-107-148-128-0-1
Parent: PT-82-10 (NET-107-148-0-0-1)
NetType: Reassigned
OriginAS:
Customer: PEG-HK (C10854284)
RegDate: 2024-05-24
Updated: 2024-05-24
Ref: https://rdap.arin.net/registry/ip/107.148.128.0
CustName: PEG-HK
Address: 2 Dai Hei St, Tai Po Industrial Estate
City: HONG KONG
StateProv:
PostalCode:
Country: CN
RegDate: 2024-05-24
Updated: 2024-05-24
Ref: https://rdap.arin.net/registry/entity/C10854284
OrgTechHandle: NOC12550-ARIN
OrgTechName: NOC
OrgTechPhone: +1-408-692-5581
OrgTechEmail: noc@petaexpress.com
OrgTechRef: https://rdap.arin.net/registry/entity/NOC12550-ARIN
OrgNOCHandle: NOC12550-ARIN
OrgNOCName: NOC
OrgNOCPhone: +1-408-692-5581
OrgNOCEmail: noc@petaexpress.com
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC12550-ARIN
OrgAbuseHandle: ABUSE3497-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-408-692-5581
OrgAbuseEmail: abuse@petaexpress.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3497-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#'; <<>> DiG 9.10.3-P4-Ubuntu <<>> 107.148.130.233
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56016
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;107.148.130.233. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026050300 1800 900 604800 86400
;; Query time: 32 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 03 22:00:36 CST 2026
;; MSG SIZE rcvd: 108b'Host 233.130.148.107.in-addr.arpa not found: 2(SERVFAIL)
'server can't find 107.148.130.233.in-addr.arpa: SERVFAIL| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 171.244.10.50 | attackbots | Oct 20 09:55:41 marvibiene sshd[13142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.10.50 user=root Oct 20 09:55:43 marvibiene sshd[13142]: Failed password for root from 171.244.10.50 port 36584 ssh2 Oct 20 10:14:03 marvibiene sshd[13270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.10.50 user=root Oct 20 10:14:05 marvibiene sshd[13270]: Failed password for root from 171.244.10.50 port 58220 ssh2 ... |
2019-10-20 18:50:31 |
| 144.135.85.184 | attackbotsspam | Oct 20 00:38:40 auw2 sshd\[23488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.135.85.184 user=root Oct 20 00:38:42 auw2 sshd\[23488\]: Failed password for root from 144.135.85.184 port 54887 ssh2 Oct 20 00:44:27 auw2 sshd\[24076\]: Invalid user wduser from 144.135.85.184 Oct 20 00:44:27 auw2 sshd\[24076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.135.85.184 Oct 20 00:44:29 auw2 sshd\[24076\]: Failed password for invalid user wduser from 144.135.85.184 port 16786 ssh2 |
2019-10-20 18:45:08 |
| 113.125.26.101 | attack | vps1:sshd-InvalidUser |
2019-10-20 19:02:49 |
| 193.31.24.113 | attackbots | 10/20/2019-12:47:51.675833 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic |
2019-10-20 19:13:21 |
| 191.238.214.26 | attack | *Port Scan* detected from 191.238.214.26 (BR/Brazil/-). 4 hits in the last 85 seconds |
2019-10-20 18:58:35 |
| 193.70.89.152 | attack | CloudCIX Reconnaissance Scan Detected, PTR: 152.ip-193-70-89.eu. |
2019-10-20 19:13:36 |
| 42.236.162.72 | attack | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/42.236.162.72/ CN - 1H : (427) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 42.236.162.72 CIDR : 42.224.0.0/12 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 ATTACKS DETECTED ASN4837 : 1H - 7 3H - 15 6H - 39 12H - 61 24H - 132 DateTime : 2019-10-20 05:46:27 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-20 18:56:14 |
| 222.186.173.142 | attackspambots | Oct 20 15:50:23 gw1 sshd[16971]: Failed password for root from 222.186.173.142 port 61894 ssh2 Oct 20 15:50:40 gw1 sshd[16971]: error: maximum authentication attempts exceeded for root from 222.186.173.142 port 61894 ssh2 [preauth] ... |
2019-10-20 19:01:38 |
| 106.13.81.242 | attack | Oct 20 08:05:38 Ubuntu-1404-trusty-64-minimal sshd\[14422\]: Invalid user santo from 106.13.81.242 Oct 20 08:05:38 Ubuntu-1404-trusty-64-minimal sshd\[14422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.81.242 Oct 20 08:05:40 Ubuntu-1404-trusty-64-minimal sshd\[14422\]: Failed password for invalid user santo from 106.13.81.242 port 46010 ssh2 Oct 20 08:23:02 Ubuntu-1404-trusty-64-minimal sshd\[29916\]: Invalid user ilanthirayan from 106.13.81.242 Oct 20 08:23:02 Ubuntu-1404-trusty-64-minimal sshd\[29916\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.81.242 |
2019-10-20 19:00:11 |
| 52.37.77.98 | attackbots | 10/20/2019-06:59:07.265649 52.37.77.98 Protocol: 6 SURICATA TLS invalid record/traffic |
2019-10-20 19:16:18 |
| 123.207.233.222 | attack | Invalid user terminfo from 123.207.233.222 port 51070 |
2019-10-20 18:42:58 |
| 144.217.166.92 | attackbotsspam | Oct 19 19:09:03 php1 sshd\[25126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.166.92 user=root Oct 19 19:09:05 php1 sshd\[25126\]: Failed password for root from 144.217.166.92 port 52370 ssh2 Oct 19 19:13:03 php1 sshd\[25438\]: Invalid user th from 144.217.166.92 Oct 19 19:13:03 php1 sshd\[25438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.166.92 Oct 19 19:13:06 php1 sshd\[25438\]: Failed password for invalid user th from 144.217.166.92 port 43817 ssh2 |
2019-10-20 19:15:41 |
| 54.36.172.105 | attackspambots | Invalid user audreym from 54.36.172.105 port 50576 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.172.105 Failed password for invalid user audreym from 54.36.172.105 port 50576 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.172.105 user=root Failed password for root from 54.36.172.105 port 42016 ssh2 |
2019-10-20 19:15:07 |
| 128.199.212.82 | attack | Oct 20 00:41:56 ny01 sshd[27134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.212.82 Oct 20 00:41:58 ny01 sshd[27134]: Failed password for invalid user tmp from 128.199.212.82 port 38589 ssh2 Oct 20 00:46:39 ny01 sshd[27560]: Failed password for root from 128.199.212.82 port 57915 ssh2 |
2019-10-20 18:49:23 |
| 222.186.180.223 | attackspam | Oct 20 12:49:54 legacy sshd[11041]: Failed password for root from 222.186.180.223 port 8672 ssh2 Oct 20 12:49:59 legacy sshd[11041]: Failed password for root from 222.186.180.223 port 8672 ssh2 Oct 20 12:50:11 legacy sshd[11041]: error: maximum authentication attempts exceeded for root from 222.186.180.223 port 8672 ssh2 [preauth] ... |
2019-10-20 18:51:47 |