122.117.189.103

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan (Province of China)

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 122.117.189.103 on Port 445(SMB)	2020-04-01 02:28:04

相同子网IP讨论:

IP	类型	评论内容	时间
122.117.189.71	attackspam	Honeypot attack, port: 4567, PTR: 122-117-189-71.HINET-IP.hinet.net.	2020-01-27 19:31:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.117.189.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35328
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.117.189.103.		IN	A

;; AUTHORITY SECTION:
.			150	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033101 1800 900 604800 86400

;; Query time: 151 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 02:28:00 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

103.189.117.122.in-addr.arpa domain name pointer 122-117-189-103.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
103.189.117.122.in-addr.arpa	name = 122-117-189-103.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
142.93.50.178	attackbotsspam	Jul 28 23:17:08 vpn01 sshd\[16037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root Jul 28 23:17:11 vpn01 sshd\[16037\]: Failed password for root from 142.93.50.178 port 59938 ssh2 Jul 28 23:32:21 vpn01 sshd\[16061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root	2019-07-29 07:06:38
200.236.99.110	attack	2019-07-29T00:01:51.964282lon01.zurich-datacenter.net sshd\[14112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.236.99.110 user=root 2019-07-29T00:01:54.174795lon01.zurich-datacenter.net sshd\[14112\]: Failed password for root from 200.236.99.110 port 49629 ssh2 2019-07-29T00:06:33.097909lon01.zurich-datacenter.net sshd\[14251\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.236.99.110 user=root 2019-07-29T00:06:35.353738lon01.zurich-datacenter.net sshd\[14251\]: Failed password for root from 200.236.99.110 port 47148 ssh2 2019-07-29T00:11:11.586592lon01.zurich-datacenter.net sshd\[14353\]: Invalid user from 200.236.99.110 port 44673 ...	2019-07-29 07:05:55
190.3.201.17	attackspambots	firewall-block, port(s): 2323/tcp	2019-07-29 07:04:29
203.128.242.166	attackbotsspam	Jul 29 01:06:05 vps647732 sshd[32160]: Failed password for root from 203.128.242.166 port 32787 ssh2 ...	2019-07-29 07:14:59
106.12.30.229	attack	Jul 26 21:18:41 archiv sshd[6447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.30.229 user=r.r Jul 26 21:18:43 archiv sshd[6447]: Failed password for r.r from 106.12.30.229 port 53824 ssh2 Jul 26 21:18:43 archiv sshd[6447]: Received disconnect from 106.12.30.229 port 53824:11: Bye Bye [preauth] Jul 26 21:18:43 archiv sshd[6447]: Disconnected from 106.12.30.229 port 53824 [preauth] Jul 26 21:26:54 archiv sshd[6603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.30.229 user=r.r Jul 26 21:26:56 archiv sshd[6603]: Failed password for r.r from 106.12.30.229 port 56152 ssh2 Jul 26 21:26:56 archiv sshd[6603]: Received disconnect from 106.12.30.229 port 56152:11: Bye Bye [preauth] Jul 26 21:26:56 archiv sshd[6603]: Disconnected from 106.12.30.229 port 56152 [preauth] Jul 26 21:31:06 archiv sshd[6675]: Connection closed by 106.12.30.229 port 55774 [preauth] Jul 26 21:34:13 archi........ -------------------------------	2019-07-29 07:33:22
119.18.63.233	attack	xmlrpc attack	2019-07-29 07:21:46
178.151.143.112	attackspambots	Spam to target mail address hacked/leaked/bought from Kachingle	2019-07-29 06:50:53
104.238.116.94	attackspambots	Jul 28 23:06:08 debian sshd\[31966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.238.116.94 user=root Jul 28 23:06:10 debian sshd\[31966\]: Failed password for root from 104.238.116.94 port 33078 ssh2 ...	2019-07-29 06:54:57
103.129.220.138	attack	xmlrpc attack	2019-07-29 07:19:56
51.15.68.9	attackspambots	Jul 28 23:27:56 v22018076622670303 sshd\[27067\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.68.9 user=root Jul 28 23:27:58 v22018076622670303 sshd\[27067\]: Failed password for root from 51.15.68.9 port 57184 ssh2 Jul 28 23:32:19 v22018076622670303 sshd\[27075\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.68.9 user=root ...	2019-07-29 07:10:13
61.86.79.44	attack	20 attempts against mh-ssh on az-b2b-mysql01-prod.mon.megagrouptrade.com	2019-07-29 07:31:25
5.254.250.172	attackbotsspam	port scan and connect, tcp 23 (telnet)	2019-07-29 07:28:49
52.246.189.88	attack	Jul 29 02:08:23 server sshd\[8345\]: User root from 52.246.189.88 not allowed because listed in DenyUsers Jul 29 02:08:23 server sshd\[8345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.246.189.88 user=root Jul 29 02:08:26 server sshd\[8345\]: Failed password for invalid user root from 52.246.189.88 port 33394 ssh2 Jul 29 02:14:51 server sshd\[15722\]: User root from 52.246.189.88 not allowed because listed in DenyUsers Jul 29 02:14:51 server sshd\[15722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.246.189.88 user=root	2019-07-29 07:34:40
62.210.214.118	attackspambots	2019/07/29 01:04:48 [error] 887#887: 29 FastCGI sent in stderr: "PHP message: [62.210.214.118] user 9had: authentication failure for "https://nihad.dk/wp-admin/": Password Mismatch" while reading response header from upstream, client: 62.210.214.118, server: nihad.dk, request: "POST /wp-login.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm-nihad.dk.sock:", host: "nihad.dk" 2019/07/29 01:04:48 [error] 887#887: 31 FastCGI sent in stderr: "PHP message: [62.210.214.118] user [login]: authentication failure for "https://nihad.dk/wp-admin/": Password Mismatch" while reading response header from upstream, client: 62.210.214.118, server: nihad.dk, request: "POST /xmlrpc.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm-nihad.dk.sock:", host: "nihad.dk" ...	2019-07-29 07:07:48
115.68.184.71	attackbotsspam	xmlrpc attack	2019-07-29 07:35:23

最近上报的IP列表

139.45.193.29	42.115.168.135	179.42.201.45	95.179.241.121
129.211.75.126	55.164.207.240	195.154.42.43	39.40.115.128
122.226.162.79	223.146.125.159	58.141.34.254	139.80.6.158
217.77.212.54	52.194.138.91	190.95.170.3	203.176.196.201
14.239.187.33	11.123.114.6	61.177.46.216	108.192.117.69