必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Zhengzhou Giant Computer Network Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackbotsspam
Unauthorised access (Jul 16) SRC=122.114.30.111 LEN=40 TTL=236 ID=3493 TCP DPT=1433 WINDOW=1024 SYN
2020-07-16 17:14:57
attackbotsspam
Honeypot attack, port: 445, PTR: PTR record not found
2020-03-03 16:18:12
attack
Unauthorized connection attempt detected from IP address 122.114.30.111 to port 1433 [T]
2020-01-15 22:45:38
相同子网IP讨论:
IP 类型 评论内容 时间
122.114.30.17 attack
Lines containing failures of 122.114.30.17
May 18 21:16:42 own sshd[20100]: Invalid user wjt from 122.114.30.17 port 35824
May 18 21:16:42 own sshd[20100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.30.17
May 18 21:16:43 own sshd[20100]: Failed password for invalid user wjt from 122.114.30.17 port 35824 ssh2
May 18 21:16:44 own sshd[20100]: Received disconnect from 122.114.30.17 port 35824:11: Bye Bye [preauth]
May 18 21:16:44 own sshd[20100]: Disconnected from invalid user wjt 122.114.30.17 port 35824 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=122.114.30.17
2020-05-20 02:08:08
122.114.30.171 attack
Apr 13 01:53:59 server770 sshd[19161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.30.171  user=r.r
Apr 13 01:54:00 server770 sshd[19161]: Failed password for r.r from 122.114.30.171 port 45880 ssh2
Apr 13 01:54:01 server770 sshd[19161]: Received disconnect from 122.114.30.171 port 45880:11: Bye Bye [preauth]
Apr 13 01:54:01 server770 sshd[19161]: Disconnected from 122.114.30.171 port 45880 [preauth]
Apr 13 02:05:19 server770 sshd[19261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.30.171  user=r.r
Apr 13 02:05:22 server770 sshd[19261]: Failed password for r.r from 122.114.30.171 port 35216 ssh2
Apr 13 02:05:22 server770 sshd[19261]: Received disconnect from 122.114.30.171 port 35216:11: Bye Bye [preauth]
Apr 13 02:05:22 server770 sshd[19261]: Disconnected from 122.114.30.171 port 35216 [preauth]
Apr 13 02:09:06 server770 sshd[19458]: Invalid user guest3 from 122.114.........
-------------------------------
2020-04-14 06:07:10
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.114.30.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36142
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.114.30.111.			IN	A

;; AUTHORITY SECTION:
.			359	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011500 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 15 22:45:32 CST 2020
;; MSG SIZE  rcvd: 118
HOST信息:
Host 111.30.114.122.in-addr.arpa not found: 2(SERVFAIL)
NSLOOKUP信息:
;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 111.30.114.122.in-addr.arpa: SERVFAIL

相关IP信息:
最新评论:
IP 类型 评论内容 时间
183.88.18.40 attack
Oct 26 11:20:47 nandi sshd[21599]: reveeclipse mapping checking getaddrinfo for mx-ll-183.88.18-40.dynamic.3bb.in.th [183.88.18.40] failed - POSSIBLE BREAK-IN ATTEMPT!
Oct 26 11:20:47 nandi sshd[21599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.88.18.40  user=r.r
Oct 26 11:20:49 nandi sshd[21599]: Failed password for r.r from 183.88.18.40 port 33804 ssh2
Oct 26 11:20:50 nandi sshd[21599]: Received disconnect from 183.88.18.40: 11: Bye Bye [preauth]
Oct 26 11:42:53 nandi sshd[5620]: reveeclipse mapping checking getaddrinfo for mx-ll-183.88.18-40.dynamic.3bb.in.th [183.88.18.40] failed - POSSIBLE BREAK-IN ATTEMPT!
Oct 26 11:42:53 nandi sshd[5620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.88.18.40  user=r.r
Oct 26 11:42:56 nandi sshd[5620]: Failed password for r.r from 183.88.18.40 port 57256 ssh2
Oct 26 11:42:56 nandi sshd[5620]: Received disconnect from 183.88.18.40: 11: ........
-------------------------------
2019-10-26 20:13:42
1.207.250.78 attack
Oct 26 15:21:09 sauna sshd[243676]: Failed password for root from 1.207.250.78 port 22703 ssh2
...
2019-10-26 20:26:58
189.108.40.2 attackbotsspam
Oct 26 12:05:13 unicornsoft sshd\[8740\]: User root from 189.108.40.2 not allowed because not listed in AllowUsers
Oct 26 12:05:13 unicornsoft sshd\[8740\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.108.40.2  user=root
Oct 26 12:05:15 unicornsoft sshd\[8740\]: Failed password for invalid user root from 189.108.40.2 port 40334 ssh2
2019-10-26 20:31:51
129.204.147.84 attack
Oct 26 14:00:11 eventyay sshd[3622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.147.84
Oct 26 14:00:12 eventyay sshd[3622]: Failed password for invalid user pi from 129.204.147.84 port 55414 ssh2
Oct 26 14:05:40 eventyay sshd[3711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.147.84
...
2019-10-26 20:18:34
222.186.175.216 attackspam
SSH brutforce
2019-10-26 20:34:24
117.185.62.146 attack
Oct 25 20:20:33 auw2 sshd\[10984\]: Invalid user com from 117.185.62.146
Oct 25 20:20:33 auw2 sshd\[10984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.185.62.146
Oct 25 20:20:34 auw2 sshd\[10984\]: Failed password for invalid user com from 117.185.62.146 port 45950 ssh2
Oct 25 20:25:29 auw2 sshd\[11364\]: Invalid user utah from 117.185.62.146
Oct 25 20:25:29 auw2 sshd\[11364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.185.62.146
2019-10-26 20:05:15
2604:a880:400:d0::4c0b:d001 attack
Automatic report - XMLRPC Attack
2019-10-26 20:15:58
121.237.168.230 attack
Lines containing failures of 121.237.168.230
Oct 26 13:35:47 mellenthin sshd[16762]: Invalid user hduser from 121.237.168.230 port 32289
Oct 26 13:35:47 mellenthin sshd[16762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.237.168.230
Oct 26 13:35:48 mellenthin sshd[16762]: Failed password for invalid user hduser from 121.237.168.230 port 32289 ssh2
Oct 26 13:35:49 mellenthin sshd[16762]: Received disconnect from 121.237.168.230 port 32289:11: Bye Bye [preauth]
Oct 26 13:35:49 mellenthin sshd[16762]: Disconnected from invalid user hduser 121.237.168.230 port 32289 [preauth]
Oct 26 13:44:52 mellenthin sshd[17404]: User r.r from 121.237.168.230 not allowed because not listed in AllowUsers
Oct 26 13:44:52 mellenthin sshd[17404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.237.168.230  user=r.r


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=121.237.168.230
2019-10-26 20:36:50
59.44.152.108 attackbots
Oct 26 09:00:25 firewall sshd[4524]: Invalid user avendoria from 59.44.152.108
Oct 26 09:00:26 firewall sshd[4524]: Failed password for invalid user avendoria from 59.44.152.108 port 42322 ssh2
Oct 26 09:05:45 firewall sshd[4640]: Invalid user pq from 59.44.152.108
...
2019-10-26 20:15:23
206.189.132.204 attack
Invalid user test from 206.189.132.204 port 55892
2019-10-26 20:05:46
80.82.77.33 attack
10/26/2019-14:05:08.074695 80.82.77.33 Protocol: 17 ET DROP Dshield Block Listed Source group 1
2019-10-26 20:37:15
92.118.38.38 attack
Oct 26 14:13:16 webserver postfix/smtpd\[6791\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 26 14:13:55 webserver postfix/smtpd\[7077\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 26 14:14:32 webserver postfix/smtpd\[7077\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 26 14:15:13 webserver postfix/smtpd\[7077\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 26 14:15:52 webserver postfix/smtpd\[6791\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
...
2019-10-26 20:19:51
123.234.219.226 attack
2019-10-26T12:05:22.190736abusebot-5.cloudsearch.cf sshd\[17689\]: Invalid user cjohnson from 123.234.219.226 port 58962
2019-10-26 20:30:00
222.186.52.78 attack
Oct 26 08:14:52 ny01 sshd[8666]: Failed password for root from 222.186.52.78 port 52365 ssh2
Oct 26 08:14:54 ny01 sshd[8666]: Failed password for root from 222.186.52.78 port 52365 ssh2
Oct 26 08:14:56 ny01 sshd[8666]: Failed password for root from 222.186.52.78 port 52365 ssh2
2019-10-26 20:24:05
74.82.47.19 attackspambots
scan r
2019-10-26 20:08:23

最近上报的IP列表

106.54.96.68 94.73.199.57 87.236.185.222 86.225.58.233
58.187.70.250 49.49.20.49 42.236.82.246 42.119.241.13
42.119.59.139 42.117.217.144 42.117.157.132 42.112.165.72
31.131.66.150 27.224.137.5 1.69.235.168 1.69.76.171
1.53.116.11 1.52.129.0 1.2.174.78 222.93.104.213