119.145.164.6 - IPInfo

基本信息:

城市(city): Foshan

省份(region): Guangdong

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-03-20 23:43:01
attackbots	1433/tcp 1433/tcp 1433/tcp... [2019-10-30/12-24]9pkt,1pt.(tcp)	2019-12-25 00:14:08
attack	Fail2Ban Ban Triggered	2019-11-29 04:13:32
attackbots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-10-16 02:11:41

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.145.164.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55707
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.145.164.6.			IN	A

;; AUTHORITY SECTION:
.			232	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101501 1800 900 604800 86400

;; Query time: 81 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 16 02:11:35 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 6.164.145.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.164.145.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.85.42.229	attack	Sep 23 11:25:10 abendstille sshd\[19959\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Sep 23 11:25:12 abendstille sshd\[19959\]: Failed password for root from 112.85.42.229 port 19167 ssh2 Sep 23 11:25:14 abendstille sshd\[20063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Sep 23 11:25:14 abendstille sshd\[19959\]: Failed password for root from 112.85.42.229 port 19167 ssh2 Sep 23 11:25:15 abendstille sshd\[20063\]: Failed password for root from 112.85.42.229 port 64513 ssh2 ...	2020-09-23 17:45:59
178.62.12.192	attack	Sep 23 10:39:23 pve1 sshd[32175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.12.192 Sep 23 10:39:26 pve1 sshd[32175]: Failed password for invalid user deployer from 178.62.12.192 port 54032 ssh2 ...	2020-09-23 17:50:05
167.172.46.87	attack	Sep 23 04:17:58 r.ca sshd[15446]: Failed password for invalid user testuser from 167.172.46.87 port 51708 ssh2	2020-09-23 17:53:02
111.229.76.239	attackbots	Sep 22 23:55:35 r.ca sshd[11973]: Failed password for invalid user deepak from 111.229.76.239 port 35334 ssh2	2020-09-23 18:10:25
54.38.55.136	attackspam	Sep 23 04:57:21 gitlab sshd[596134]: Failed password for invalid user test_user from 54.38.55.136 port 40764 ssh2 Sep 23 04:59:24 gitlab sshd[596441]: Invalid user operator from 54.38.55.136 port 45910 Sep 23 04:59:24 gitlab sshd[596441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.55.136 Sep 23 04:59:24 gitlab sshd[596441]: Invalid user operator from 54.38.55.136 port 45910 Sep 23 04:59:26 gitlab sshd[596441]: Failed password for invalid user operator from 54.38.55.136 port 45910 ssh2 ...	2020-09-23 18:09:32
42.3.194.138	attackbotsspam	Sep 22 17:01:35 ssh2 sshd[20490]: Invalid user guest from 42.3.194.138 port 42202 Sep 22 17:01:35 ssh2 sshd[20490]: Failed password for invalid user guest from 42.3.194.138 port 42202 ssh2 Sep 22 17:01:36 ssh2 sshd[20490]: Connection closed by invalid user guest 42.3.194.138 port 42202 [preauth] ...	2020-09-23 17:45:02
189.4.2.58	attackspam	Sep 22 21:04:27 r.ca sshd[28879]: Failed password for root from 189.4.2.58 port 41488 ssh2	2020-09-23 18:07:38
218.29.54.108	attackspam	$f2bV_matches	2020-09-23 17:52:36
138.68.255.120	attack	2020-09-23T00:09:01.806877abusebot-2.cloudsearch.cf sshd[29538]: Invalid user sammy from 138.68.255.120 port 55530 2020-09-23T00:09:01.813930abusebot-2.cloudsearch.cf sshd[29538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.255.120 2020-09-23T00:09:01.806877abusebot-2.cloudsearch.cf sshd[29538]: Invalid user sammy from 138.68.255.120 port 55530 2020-09-23T00:09:03.970950abusebot-2.cloudsearch.cf sshd[29538]: Failed password for invalid user sammy from 138.68.255.120 port 55530 ssh2 2020-09-23T00:18:45.637387abusebot-2.cloudsearch.cf sshd[29560]: Invalid user ircd from 138.68.255.120 port 34316 2020-09-23T00:18:45.643419abusebot-2.cloudsearch.cf sshd[29560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.255.120 2020-09-23T00:18:45.637387abusebot-2.cloudsearch.cf sshd[29560]: Invalid user ircd from 138.68.255.120 port 34316 2020-09-23T00:18:47.639773abusebot-2.cloudsearch.cf sshd[29560]: F ...	2020-09-23 17:48:25
1.10.250.58	attackspambots	Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=10124 . dstport=23 . (3054)	2020-09-23 18:01:20
116.0.56.110	attack	20/9/22@13:01:49: FAIL: Alarm-Network address from=116.0.56.110 20/9/22@13:01:50: FAIL: Alarm-Network address from=116.0.56.110 ...	2020-09-23 17:37:11
60.251.149.148	attackbotsspam	Unauthorized connection attempt from IP address 60.251.149.148 on Port 445(SMB)	2020-09-23 18:01:05
184.179.216.145	attackspambots	(imapd) Failed IMAP login from 184.179.216.145 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Sep 23 10:25:54 ir1 dovecot[1917636]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=184.179.216.145, lip=5.63.12.44, TLS, session=	2020-09-23 17:33:07
183.250.202.89	attackbotsspam	(sshd) Failed SSH login from 183.250.202.89 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 22 12:46:12 server sshd[1799]: Invalid user user8 from 183.250.202.89 port 65178 Sep 22 12:46:13 server sshd[1799]: Failed password for invalid user user8 from 183.250.202.89 port 65178 ssh2 Sep 22 12:57:49 server sshd[5149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.250.202.89 user=root Sep 22 12:57:52 server sshd[5149]: Failed password for root from 183.250.202.89 port 9117 ssh2 Sep 22 13:01:47 server sshd[6336]: Invalid user suporte from 183.250.202.89 port 36964	2020-09-23 17:34:39
159.203.81.28	attackbots	TCP (SYN) 159.203.81.28:48992 -> port 16326, len 44	2020-09-23 17:56:13

最近上报的IP列表

46.77.86.179	32.135.198.248	148.204.53.72	159.244.36.199
34.136.26.7	108.54.123.136	151.5.149.83	98.112.240.4
96.234.104.82	128.214.236.57	103.236.188.40	213.95.123.82
144.200.164.166	103.138.109.76	39.172.92.96	122.239.162.198
183.94.197.206	24.34.102.11	10.146.164.173	128.135.138.83