122.52.131.214

基本信息:

城市(city): Magugpo Poblacion

省份(region): Davao

国家(country): Philippines

运营商(isp): N-Pax Cebu Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	1433/tcp 445/tcp... [2020-05-28/07-19]7pkt,2pt.(tcp)	2020-07-20 05:15:49
attackbots	445/tcp 1433/tcp... [2020-05-17/06-22]4pkt,2pt.(tcp)	2020-06-22 19:48:29
attackbots	SMB Server BruteForce Attack	2020-06-05 03:59:49
attackspambots	Honeypot attack, port: 445, PTR: 122.52.131.214.pldt.net.	2020-02-04 16:26:38
attackspambots	Unauthorized connection attempt detected from IP address 122.52.131.214 to port 1433 [J]	2020-01-06 18:01:07
attack	Scanning random ports - tries to find possible vulnerable services	2020-01-01 04:35:58
attackspambots	Unauthorized connection attempt detected from IP address 122.52.131.214 to port 445	2019-12-31 08:26:05
attackbots	" "	2019-11-24 09:19:32
attackbots	1433/tcp 445/tcp... [2019-10-02/11-10]17pkt,2pt.(tcp)	2019-11-10 14:16:32

相同子网IP讨论:

IP	类型	评论内容	时间
122.52.131.52	attackbots	Honeypot attack, port: 445, PTR: 122.52.131.52.pldt.net.	2020-02-09 21:19:10
122.52.131.52	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 11-12-2019 06:25:17.	2019-12-11 20:45:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.52.131.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51566
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.52.131.214.			IN	A

;; AUTHORITY SECTION:
.			334	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110901 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 10 14:16:27 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

214.131.52.122.in-addr.arpa domain name pointer 122.52.131.214.pldt.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
214.131.52.122.in-addr.arpa	name = 122.52.131.214.pldt.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
195.154.114.140	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-19 19:06:00
61.164.246.45	attackspam	Jul 19 16:16:41 gw1 sshd[4515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.164.246.45 Jul 19 16:16:44 gw1 sshd[4515]: Failed password for invalid user upload from 61.164.246.45 port 55788 ssh2 ...	2020-07-19 19:22:44
106.13.226.112	attackspambots	Jul 19 11:16:56 lukav-desktop sshd\[28113\]: Invalid user mitch from 106.13.226.112 Jul 19 11:16:56 lukav-desktop sshd\[28113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.226.112 Jul 19 11:16:58 lukav-desktop sshd\[28113\]: Failed password for invalid user mitch from 106.13.226.112 port 34276 ssh2 Jul 19 11:21:22 lukav-desktop sshd\[28153\]: Invalid user cff from 106.13.226.112 Jul 19 11:21:22 lukav-desktop sshd\[28153\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.226.112	2020-07-19 19:04:00
119.166.183.17	attackbots	2020-07-18 UTC: (2x) - lorenzo(2x)	2020-07-19 19:23:20
124.158.164.146	attackspam	Jul 19 00:42:16 dignus sshd[25310]: Failed password for invalid user utl from 124.158.164.146 port 33186 ssh2 Jul 19 00:47:04 dignus sshd[25791]: Invalid user mysql from 124.158.164.146 port 51070 Jul 19 00:47:04 dignus sshd[25791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 Jul 19 00:47:06 dignus sshd[25791]: Failed password for invalid user mysql from 124.158.164.146 port 51070 ssh2 Jul 19 00:52:02 dignus sshd[26348]: Invalid user huawei from 124.158.164.146 port 45286 ...	2020-07-19 19:28:54
112.122.5.6	attackspam	Jul 19 11:34:10 scw-tender-jepsen sshd[6879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.122.5.6 Jul 19 11:34:12 scw-tender-jepsen sshd[6879]: Failed password for invalid user madhu from 112.122.5.6 port 26510 ssh2	2020-07-19 19:34:27
192.99.5.94	attack	192.99.5.94 - - [19/Jul/2020:12:05:13 +0100] "POST /wp-login.php HTTP/1.1" 200 5548 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.5.94 - - [19/Jul/2020:12:08:40 +0100] "POST /wp-login.php HTTP/1.1" 200 5548 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.5.94 - - [19/Jul/2020:12:11:07 +0100] "POST /wp-login.php HTTP/1.1" 200 5548 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-07-19 19:14:14
119.28.178.213	attackbots	2020-07-19T10:10:40+0200 Failed SSH Authentication/Brute Force Attack. (Server 4)	2020-07-19 19:16:47
184.105.247.204	attackbots	TCP (SYN) 184.105.247.204:46440 -> port 2323, len 40	2020-07-19 19:00:44
175.198.83.204	attackbotsspam	2020-07-19T09:58:24+0200 Failed SSH Authentication/Brute Force Attack. (Server 4)	2020-07-19 19:08:03
210.22.78.74	attackbotsspam	Jul 19 11:41:44 * sshd[5680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.22.78.74 Jul 19 11:41:47 * sshd[5680]: Failed password for invalid user jjh from 210.22.78.74 port 64224 ssh2	2020-07-19 19:15:00
117.103.2.114	attack	Jul 19 09:54:48 ns382633 sshd\[19199\]: Invalid user tillid from 117.103.2.114 port 55296 Jul 19 09:54:48 ns382633 sshd\[19199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.103.2.114 Jul 19 09:54:50 ns382633 sshd\[19199\]: Failed password for invalid user tillid from 117.103.2.114 port 55296 ssh2 Jul 19 10:01:22 ns382633 sshd\[20680\]: Invalid user ts3 from 117.103.2.114 port 34258 Jul 19 10:01:22 ns382633 sshd\[20680\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.103.2.114	2020-07-19 19:33:58
103.194.89.37	attackbots	TCP (SYN) 103.194.89.37:64493 -> port 445, len 52	2020-07-19 19:04:15
14.139.62.139	attackspambots	TCP (SYN) 14.139.62.139:32414 -> port 1433, len 44	2020-07-19 18:55:53
113.200.60.74	attack	Jul 19 12:12:21 abendstille sshd\[21199\]: Invalid user admin from 113.200.60.74 Jul 19 12:12:21 abendstille sshd\[21199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.200.60.74 Jul 19 12:12:23 abendstille sshd\[21199\]: Failed password for invalid user admin from 113.200.60.74 port 56654 ssh2 Jul 19 12:16:09 abendstille sshd\[24643\]: Invalid user ccm-1 from 113.200.60.74 Jul 19 12:16:09 abendstille sshd\[24643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.200.60.74 ...	2020-07-19 19:27:47

最近上报的IP列表

113.16.155.254	194.87.111.98	189.205.185.22	207.244.151.151
103.250.165.138	185.240.96.173	83.212.75.191	93.174.89.55
49.232.170.92	157.245.96.234	118.24.105.21	67.233.124.140
190.189.203.25	149.71.49.21	209.99.131.228	192.115.165.11
221.203.22.245	203.188.248.130	117.6.57.8	78.163.137.186