122.246.134.70

基本信息:

城市(city): Ningbo

省份(region): Zhejiang

国家(country): China

运营商(isp): ChinaNet Zhejiang Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-12 05:35:16

相同子网IP讨论:

IP	类型	评论内容	时间
122.246.134.48	attack	Nov1007:17:07server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:17:11server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:01:39server4pure-ftpd:\(\?@122.246.134.48\)[WARNING]Authenticationfailedforuser[www]Nov1007:16:41server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:40:59server4pure-ftpd:\(\?@125.71.164.73\)[WARNING]Authenticationfailedforuser[www]Nov1007:01:32server4pure-ftpd:\(\?@122.246.134.48\)[WARNING]Authenticationfailedforuser[www]Nov1007:16:52server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:16:56server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:17:24server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:17:18server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]IPAddressesBlocked:82.147.220.206\(SA/SaudiArabia/-\)	2019-11-10 15:15:34

类型

评论内容

时间

122.246.134.48

attack

Nov1007:17:07server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:17:11server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:01:39server4pure-ftpd:\(\?@122.246.134.48\)[WARNING]Authenticationfailedforuser[www]Nov1007:16:41server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:40:59server4pure-ftpd:\(\?@125.71.164.73\)[WARNING]Authenticationfailedforuser[www]Nov1007:01:32server4pure-ftpd:\(\?@122.246.134.48\)[WARNING]Authenticationfailedforuser[www]Nov1007:16:52server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:16:56server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:17:24server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]Nov1007:17:18server4pure-ftpd:\(\?@82.147.220.206\)[WARNING]Authenticationfailedforuser[www]IPAddressesBlocked:82.147.220.206\(SA/SaudiArabia/-\)

2019-11-10 15:15:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.246.134.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57383
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.246.134.70.			IN	A

;; AUTHORITY SECTION:
.			200	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111101 1800 900 604800 86400

;; Query time: 737 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 12 05:35:13 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 70.134.246.122.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.134.246.122.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.253.38.31	attack	2020-06-17 06:58:19.659998-0500 localhost smtpd[67830]: NOQUEUE: reject: RCPT from unknown[123.253.38.31]: 554 5.7.1 Service unavailable; Client host [123.253.38.31] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/123.253.38.31; from= to= proto=ESMTP helo=<123.253.38-26.onesky.net.bd>	2020-06-17 22:38:57
117.4.80.26	attackspambots	Unauthorized connection attempt from IP address 117.4.80.26 on Port 445(SMB)	2020-06-17 22:58:27
102.68.72.117	attackspambots	DATE:2020-06-17 14:02:45, IP:102.68.72.117, PORT:5900 VNC brute force auth on honeypot server (epe-honey1-hq)	2020-06-17 23:09:41
210.190.60.213	attack	2020-06-17 06:53:53.109824-0500 localhost smtpd[67314]: NOQUEUE: reject: RCPT from 210.190.60.213.dynamic.reverse-mundo-r.com[213.60.190.210]: 554 5.7.1 Service unavailable; Client host [213.60.190.210] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/213.60.190.210; from= to= proto=ESMTP helo=<210.190.60.213.dynamic.reverse-mundo-r.com>	2020-06-17 22:40:07
109.113.42.98	attack	Icarus honeypot on github	2020-06-17 23:09:20
27.22.31.235	attackspambots	Jun 17 08:00:12 esmtp postfix/smtpd[25796]: lost connection after AUTH from unknown[27.22.31.235] Jun 17 08:00:14 esmtp postfix/smtpd[25796]: lost connection after AUTH from unknown[27.22.31.235] Jun 17 08:00:15 esmtp postfix/smtpd[25796]: lost connection after AUTH from unknown[27.22.31.235] Jun 17 08:00:17 esmtp postfix/smtpd[25796]: lost connection after AUTH from unknown[27.22.31.235] Jun 17 08:00:18 esmtp postfix/smtpd[25796]: lost connection after AUTH from unknown[27.22.31.235] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.22.31.235	2020-06-17 22:44:52
191.102.83.164	attackbotsspam	Jun 17 13:59:28 abendstille sshd\[9048\]: Invalid user www from 191.102.83.164 Jun 17 13:59:28 abendstille sshd\[9048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.102.83.164 Jun 17 13:59:30 abendstille sshd\[9048\]: Failed password for invalid user www from 191.102.83.164 port 16865 ssh2 Jun 17 14:03:09 abendstille sshd\[12823\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.102.83.164 user=root Jun 17 14:03:10 abendstille sshd\[12823\]: Failed password for root from 191.102.83.164 port 45153 ssh2 ...	2020-06-17 22:43:09
46.101.245.176	attack	Jun 17 14:03:08 mail sshd[26422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.245.176 Jun 17 14:03:10 mail sshd[26422]: Failed password for invalid user teste from 46.101.245.176 port 40320 ssh2 ...	2020-06-17 22:43:50
174.219.134.90	attackbotsspam	Brute forcing email accounts	2020-06-17 22:33:00
110.93.240.71	attackspambots	Unauthorized connection attempt from IP address 110.93.240.71 on Port 445(SMB)	2020-06-17 22:49:54
20.40.1.68	attackspambots	Unauthorized connection attempt detected from IP address 20.40.1.68 to port 6379 [T]	2020-06-17 23:05:01
34.76.47.142	attackspambots	Unauthorized connection attempt detected from IP address 34.76.47.142 to port 9001 [T]	2020-06-17 22:48:24
181.129.165.139	attackbotsspam	Jun 17 16:47:23 server sshd[30118]: Failed password for invalid user wxl from 181.129.165.139 port 46770 ssh2 Jun 17 16:51:13 server sshd[1415]: Failed password for root from 181.129.165.139 port 46674 ssh2 Jun 17 16:55:05 server sshd[5104]: Failed password for backup from 181.129.165.139 port 46590 ssh2	2020-06-17 23:04:10
108.12.225.85	attackbotsspam	Brute force attempt	2020-06-17 22:52:19
182.73.177.82	attack	Unauthorized connection attempt from IP address 182.73.177.82 on Port 445(SMB)	2020-06-17 23:02:10

最近上报的IP列表

123.163.22.59	109.108.229.79	14.162.21.80	188.165.232.202
190.145.39.36	114.39.199.142	167.157.20.247	194.184.98.141
146.241.215.240	190.38.238.67	82.162.48.41	190.202.231.101
49.235.226.55	185.96.235.193	190.48.89.210	80.252.151.194
111.246.1.170	82.213.251.41	180.165.115.205	64.52.168.169