122.246.92.142

基本信息:

城市(city): Ningbo

省份(region): Zhejiang

国家(country): China

运营商(isp): ChinaNet Zhejiang Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Brute force attempt	2020-07-21 08:28:05

相同子网IP讨论:

IP	类型	评论内容	时间
122.246.92.228	attackspam	Aug 24 15:34:33 nandi sshd[5472]: Invalid user jason from 122.246.92.228 Aug 24 15:34:33 nandi sshd[5472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.246.92.228 Aug 24 15:34:35 nandi sshd[5472]: Failed password for invalid user jason from 122.246.92.228 port 37074 ssh2 Aug 24 15:34:35 nandi sshd[5472]: Received disconnect from 122.246.92.228: 11: Bye Bye [preauth] Aug 24 15:54:56 nandi sshd[17194]: Invalid user test1 from 122.246.92.228 Aug 24 15:54:56 nandi sshd[17194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.246.92.228 Aug 24 15:54:59 nandi sshd[17194]: Failed password for invalid user test1 from 122.246.92.228 port 55628 ssh2 Aug 24 15:54:59 nandi sshd[17194]: Received disconnect from 122.246.92.228: 11: Bye Bye [preauth] Aug 24 15:56:51 nandi sshd[18715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.246.92.228 user=r......... -------------------------------	2020-08-27 09:53:11

类型

评论内容

时间

122.246.92.228

attackspam

Aug 24 15:34:33 nandi sshd[5472]: Invalid user jason from 122.246.92.228
Aug 24 15:34:33 nandi sshd[5472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.246.92.228 
Aug 24 15:34:35 nandi sshd[5472]: Failed password for invalid user jason from 122.246.92.228 port 37074 ssh2
Aug 24 15:34:35 nandi sshd[5472]: Received disconnect from 122.246.92.228: 11: Bye Bye [preauth]
Aug 24 15:54:56 nandi sshd[17194]: Invalid user test1 from 122.246.92.228
Aug 24 15:54:56 nandi sshd[17194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.246.92.228 
Aug 24 15:54:59 nandi sshd[17194]: Failed password for invalid user test1 from 122.246.92.228 port 55628 ssh2
Aug 24 15:54:59 nandi sshd[17194]: Received disconnect from 122.246.92.228: 11: Bye Bye [preauth]
Aug 24 15:56:51 nandi sshd[18715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.246.92.228  user=r.........
-------------------------------

2020-08-27 09:53:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.246.92.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15971
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.246.92.142.			IN	A

;; AUTHORITY SECTION:
.			406	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072002 1800 900 604800 86400

;; Query time: 177 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 21 08:28:02 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 142.92.246.122.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.92.246.122.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.127.107.70	attack	Invalid user vital from 123.127.107.70 port 45072 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.127.107.70 Failed password for invalid user vital from 123.127.107.70 port 45072 ssh2 Invalid user mysql from 123.127.107.70 port 43250 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.127.107.70	2019-12-08 19:47:55
159.203.32.174	attackbotsspam	Dec 8 02:50:22 ny01 sshd[27605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.32.174 Dec 8 02:50:24 ny01 sshd[27605]: Failed password for invalid user wwwwwwwww from 159.203.32.174 port 40632 ssh2 Dec 8 02:56:27 ny01 sshd[28594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.32.174	2019-12-08 19:41:53
104.131.169.32	attackbotsspam	104.131.169.32 - - \[08/Dec/2019:10:34:52 +0000\] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.131.169.32 - - \[08/Dec/2019:10:34:53 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-12-08 19:22:36
222.186.42.4	attack	Dec 8 12:37:09 sd-53420 sshd\[15172\]: User root from 222.186.42.4 not allowed because none of user's groups are listed in AllowGroups Dec 8 12:37:10 sd-53420 sshd\[15172\]: Failed none for invalid user root from 222.186.42.4 port 16002 ssh2 Dec 8 12:37:10 sd-53420 sshd\[15172\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Dec 8 12:37:12 sd-53420 sshd\[15172\]: Failed password for invalid user root from 222.186.42.4 port 16002 ssh2 Dec 8 12:37:16 sd-53420 sshd\[15172\]: Failed password for invalid user root from 222.186.42.4 port 16002 ssh2 ...	2019-12-08 19:39:12
69.94.131.71	attack	Email Spam	2019-12-08 19:34:28
159.203.201.18	attack	12/08/2019-01:26:58.540966 159.203.201.18 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-08 19:19:58
222.186.175.169	attackspambots	Dec 8 12:45:25 nextcloud sshd\[13371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.169 user=root Dec 8 12:45:27 nextcloud sshd\[13371\]: Failed password for root from 222.186.175.169 port 57956 ssh2 Dec 8 12:45:32 nextcloud sshd\[13371\]: Failed password for root from 222.186.175.169 port 57956 ssh2 ...	2019-12-08 19:46:08
5.151.180.12	attackbotsspam	UTC: 2019-12-07 port: 23/tcp	2019-12-08 19:44:10
52.191.249.187	attackspam	5060/udp 5060/udp 5060/udp [2019-11-29/12-08]3pkt	2019-12-08 19:45:26
171.237.170.34	attack	$f2bV_matches	2019-12-08 19:31:32
222.186.175.220	attackspam	SSH Brute-Force reported by Fail2Ban	2019-12-08 19:51:13
144.217.214.100	attack	SSH Brute-Forcing (ownc)	2019-12-08 19:20:25
73.167.84.250	attackspam	Unauthorized connection attempt detected from IP address 73.167.84.250 to port 22	2019-12-08 19:41:07
189.112.109.185	attackbots	Dec 8 13:19:40 server sshd\[15371\]: Invalid user edbserv from 189.112.109.185 Dec 8 13:19:40 server sshd\[15371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.109.185 Dec 8 13:19:42 server sshd\[15371\]: Failed password for invalid user edbserv from 189.112.109.185 port 48596 ssh2 Dec 8 13:26:33 server sshd\[17556\]: Invalid user ahti from 189.112.109.185 Dec 8 13:26:33 server sshd\[17556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.109.185 ...	2019-12-08 19:56:53
142.93.154.90	attackbotsspam	Dec 8 08:30:22 MK-Soft-VM6 sshd[2376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.154.90 Dec 8 08:30:24 MK-Soft-VM6 sshd[2376]: Failed password for invalid user eat from 142.93.154.90 port 60455 ssh2 ...	2019-12-08 19:20:52

最近上报的IP列表

18.167.66.127	187.111.7.193	46.25.86.59	208.28.211.102
112.218.76.163	47.170.29.21	42.226.163.194	47.133.221.196
105.14.158.181	68.142.175.70	52.24.38.230	123.63.242.249
54.156.110.78	209.145.223.152	75.182.24.94	98.127.59.7
81.254.133.209	45.238.7.110	217.252.176.191	2.161.30.251