122.51.100.64 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Guangzhou Haizhiguang Communication Technology Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	" "	2020-05-04 16:34:00

相同子网IP讨论:

IP	类型	评论内容	时间
122.51.100.84	spamattack	122.51.100.181 - - [20/May/2020:13:13:31 +0200] "GET /horde/imp/test.php HTTP/1.1" 404 3534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Fire$ 122.51.100.181 - - [20/May/2020:13:13:34 +0200] "GET /login?from=0.000000 HTTP/1.1" 302 514 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Fire$ 122.51.100.181 - - [20/May/2020:13:13:34 +0200] "GET /login?from=0.000000 HTTP/1.1" 404 3534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Fir$ 122.51.100.181 - - [20/May/2020:13:13:36 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 302 532 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/2010$ 122.51.100.181 - - [20/May/2020:13:13:38 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 3534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/201$122.51.100.181 - - [20/May/2020:13:13:38 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 302 532 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/2010$ 122.51.100.181 - - [20/May/2020:13:13:40 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 3534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/201$	2020-05-20 20:59:06
122.51.100.84	attackbotsspam	Mar 18 19:51:51 zn008 sshd[26381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.100.84 user=r.r Mar 18 19:51:53 zn008 sshd[26381]: Failed password for r.r from 122.51.100.84 port 33076 ssh2 Mar 18 19:51:53 zn008 sshd[26381]: Received disconnect from 122.51.100.84: 11: Bye Bye [preauth] Mar 18 19:58:24 zn008 sshd[26863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.100.84 user=r.r Mar 18 19:58:26 zn008 sshd[26863]: Failed password for r.r from 122.51.100.84 port 33710 ssh2 Mar 18 19:58:26 zn008 sshd[26863]: Received disconnect from 122.51.100.84: 11: Bye Bye [preauth] Mar 18 20:01:00 zn008 sshd[27255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.100.84 user=r.r Mar 18 20:01:02 zn008 sshd[27255]: Failed password for r.r from 122.51.100.84 port 44124 ssh2 Mar 18 20:01:02 zn008 sshd[27255]: Received disconnect from 122.51......... -------------------------------	2020-03-19 08:08:31

类型

评论内容

时间

122.51.100.84

spamattack

122.51.100.181 - - [20/May/2020:13:13:31 +0200] "GET /horde/imp/test.php HTTP/1.1" 404 3534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Fire$
122.51.100.181 - - [20/May/2020:13:13:34 +0200] "GET /login?from=0.000000 HTTP/1.1" 302 514 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Fire$
122.51.100.181 - - [20/May/2020:13:13:34 +0200] "GET /login?from=0.000000 HTTP/1.1" 404 3534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Fir$
122.51.100.181 - - [20/May/2020:13:13:36 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 302 532 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/2010$
122.51.100.181 - - [20/May/2020:13:13:38 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 3534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/201$122.51.100.181 - - [20/May/2020:13:13:38 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 302 532 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/2010$
122.51.100.181 - - [20/May/2020:13:13:40 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 3534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/201$

2020-05-20 20:59:06

122.51.100.84

attackbotsspam

Mar 18 19:51:51 zn008 sshd[26381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.100.84  user=r.r
Mar 18 19:51:53 zn008 sshd[26381]: Failed password for r.r from 122.51.100.84 port 33076 ssh2
Mar 18 19:51:53 zn008 sshd[26381]: Received disconnect from 122.51.100.84: 11: Bye Bye [preauth]
Mar 18 19:58:24 zn008 sshd[26863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.100.84  user=r.r
Mar 18 19:58:26 zn008 sshd[26863]: Failed password for r.r from 122.51.100.84 port 33710 ssh2
Mar 18 19:58:26 zn008 sshd[26863]: Received disconnect from 122.51.100.84: 11: Bye Bye [preauth]
Mar 18 20:01:00 zn008 sshd[27255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.100.84  user=r.r
Mar 18 20:01:02 zn008 sshd[27255]: Failed password for r.r from 122.51.100.84 port 44124 ssh2
Mar 18 20:01:02 zn008 sshd[27255]: Received disconnect from 122.51.........
-------------------------------

2020-03-19 08:08:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.51.100.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6622
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.51.100.64.			IN	A

;; AUTHORITY SECTION:
.			199	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050400 1800 900 604800 86400

;; Query time: 47 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 16:33:55 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 64.100.51.122.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.100.51.122.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
191.17.190.205	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/191.17.190.205/ BR - 1H : (927) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN27699 IP : 191.17.190.205 CIDR : 191.17.0.0/16 PREFIX COUNT : 267 UNIQUE IP COUNT : 6569728 WYKRYTE ATAKI Z ASN27699 : 1H - 8 3H - 17 6H - 27 12H - 61 24H - 110 DateTime : 2019-10-02 05:44:04 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-02 20:22:16
60.30.180.158	attackbots	$f2bV_matches	2019-10-02 20:15:17
150.249.114.20	attack	Oct 2 12:43:16 gw1 sshd[13098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.249.114.20 Oct 2 12:43:18 gw1 sshd[13098]: Failed password for invalid user test from 150.249.114.20 port 41140 ssh2 ...	2019-10-02 20:20:00
167.114.157.86	attackbots	Oct 2 07:01:43 site2 sshd\[685\]: Invalid user user from 167.114.157.86Oct 2 07:01:45 site2 sshd\[685\]: Failed password for invalid user user from 167.114.157.86 port 33036 ssh2Oct 2 07:05:30 site2 sshd\[760\]: Invalid user tu from 167.114.157.86Oct 2 07:05:32 site2 sshd\[760\]: Failed password for invalid user tu from 167.114.157.86 port 51616 ssh2Oct 2 07:09:09 site2 sshd\[1039\]: Invalid user jennyfer from 167.114.157.86 ...	2019-10-02 20:37:58
217.61.14.223	attackspambots	Oct 2 02:22:49 hpm sshd\[22075\]: Invalid user add from 217.61.14.223 Oct 2 02:22:49 hpm sshd\[22075\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.14.223 Oct 2 02:22:51 hpm sshd\[22075\]: Failed password for invalid user add from 217.61.14.223 port 42894 ssh2 Oct 2 02:26:54 hpm sshd\[22375\]: Invalid user xnm from 217.61.14.223 Oct 2 02:26:54 hpm sshd\[22375\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.14.223	2019-10-02 20:30:51
129.150.70.20	attackbotsspam	Oct 2 09:25:17 dev0-dcfr-rnet sshd[17351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.150.70.20 Oct 2 09:25:19 dev0-dcfr-rnet sshd[17351]: Failed password for invalid user mysql from 129.150.70.20 port 19163 ssh2 Oct 2 09:29:12 dev0-dcfr-rnet sshd[17358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.150.70.20	2019-10-02 20:21:17
106.12.207.197	attackbotsspam	SSH Brute Force, server-1 sshd[8143]: Failed password for invalid user www from 106.12.207.197 port 50694 ssh2	2019-10-02 20:44:01
103.79.90.120	attackbotsspam	103.79.90.120 - web \[01/Oct/2019:19:56:38 -0700\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 25103.79.90.120 - admin \[01/Oct/2019:20:29:37 -0700\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 25103.79.90.120 - dysin \[01/Oct/2019:20:43:39 -0700\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 25 ...	2019-10-02 20:13:55
106.248.41.245	attackbotsspam	[ssh] SSH attack	2019-10-02 20:13:33
41.164.195.204	attackbotsspam	Oct 2 14:00:17 MK-Soft-VM5 sshd[1840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.164.195.204 Oct 2 14:00:19 MK-Soft-VM5 sshd[1840]: Failed password for invalid user studio from 41.164.195.204 port 48820 ssh2 ...	2019-10-02 20:36:32
167.71.211.102	attackspambots	Oct 2 02:31:53 sachi sshd\[17152\]: Invalid user niao from 167.71.211.102 Oct 2 02:31:53 sachi sshd\[17152\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.211.102 Oct 2 02:31:55 sachi sshd\[17152\]: Failed password for invalid user niao from 167.71.211.102 port 49888 ssh2 Oct 2 02:35:59 sachi sshd\[17546\]: Invalid user bcbackup from 167.71.211.102 Oct 2 02:35:59 sachi sshd\[17546\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.211.102	2019-10-02 20:41:06
165.227.69.39	attackspambots	Oct 2 13:30:02 dev0-dcde-rnet sshd[26473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.69.39 Oct 2 13:30:04 dev0-dcde-rnet sshd[26473]: Failed password for invalid user uftp from 165.227.69.39 port 50820 ssh2 Oct 2 13:33:31 dev0-dcde-rnet sshd[26499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.69.39	2019-10-02 20:19:35
222.186.42.163	attackspambots	Oct 2 12:35:57 marvibiene sshd[41959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.163 user=root Oct 2 12:35:59 marvibiene sshd[41959]: Failed password for root from 222.186.42.163 port 48154 ssh2 Oct 2 12:36:02 marvibiene sshd[41959]: Failed password for root from 222.186.42.163 port 48154 ssh2 Oct 2 12:35:57 marvibiene sshd[41959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.163 user=root Oct 2 12:35:59 marvibiene sshd[41959]: Failed password for root from 222.186.42.163 port 48154 ssh2 Oct 2 12:36:02 marvibiene sshd[41959]: Failed password for root from 222.186.42.163 port 48154 ssh2 ...	2019-10-02 20:38:55
185.117.118.187	attackbots	\[2019-10-02 13:45:33\] NOTICE\[14660\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '185.117.118.187:57908' $callid: 1178156610-2003191812-766498810$ - Failed to authenticate \[2019-10-02 13:45:33\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-10-02T13:45:33.192+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="1178156610-2003191812-766498810",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/185.117.118.187/57908",Challenge="1570016733/06939daa075f0975ad9ce6fc01208541",Response="230ae2f6cd7148fbca204c94cf472151",ExpectedResponse="" \[2019-10-02 13:45:33\] NOTICE\[3817\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '185.117.118.187:57908' $callid: 1178156610-2003191812-766498810$ - Failed to authenticate \[2019-10-02 13:45:33\] SECURITY\[1715\] res_security_log.c: SecurityEvent="Challenge	2019-10-02 20:27:32
51.68.143.28	attackspambots	Oct 2 14:10:35 mail sshd\[5737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.143.28 Oct 2 14:10:38 mail sshd\[5737\]: Failed password for invalid user user3 from 51.68.143.28 port 55226 ssh2 Oct 2 14:14:31 mail sshd\[6333\]: Invalid user mysquel from 51.68.143.28 port 40036 Oct 2 14:14:31 mail sshd\[6333\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.143.28 Oct 2 14:14:33 mail sshd\[6333\]: Failed password for invalid user mysquel from 51.68.143.28 port 40036 ssh2	2019-10-02 20:29:24

最近上报的IP列表

104.128.64.146	152.146.79.65	45.71.100.67	101.73.75.110
66.236.50.174	180.65.214.52	189.203.182.55	214.182.75.2
70.164.212.183	176.142.126.157	39.96.172.31	88.27.167.184
192.168.1.21	187.225.212.147	178.46.212.55	165.227.106.12
95.47.61.48	103.17.38.249	185.203.208.178	91.195.35.124