145.102.6.127 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): University of Twente

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Port scan on 1 port(s): 53	2019-08-08 15:36:54

相同子网IP讨论:

IP	类型	评论内容	时间
145.102.6.73	attackspam	Port scan on 1 port(s): 53	2020-06-25 03:23:48
145.102.6.58	attackspam	Port scan on 1 port(s): 53	2020-06-25 03:15:42
145.102.6.49	attackbots	Port scan on 1 port(s): 53	2020-06-25 03:01:10
145.102.6.49	attack	Port scan on 1 port(s): 53	2020-05-16 22:39:45
145.102.6.86	attackspambots	Port scan on 1 port(s): 53	2020-05-16 22:39:01
145.102.6.46	attackbots	Port scan on 1 port(s): 53	2020-04-28 01:12:56
145.102.6.57	attack	Port scan on 1 port(s): 53	2020-04-28 01:12:42
145.102.6.58	attackbotsspam	Port scan on 1 port(s): 53	2020-04-28 01:10:27
145.102.6.49	attack	Port scan on 1 port(s): 53	2020-04-19 23:38:00
145.102.6.73	attackspam	Port scan on 1 port(s): 53	2020-04-19 23:37:49
145.102.6.57	attackbotsspam	Port scan on 1 port(s): 53	2020-04-11 03:33:54
145.102.6.86	attack	Port scan on 1 port(s): 53	2020-04-11 03:33:36
145.102.6.46	attackspambots	Port scan on 1 port(s): 53	2020-04-11 03:25:51
145.102.6.73	attackspam	Port scan detected on *	2020-03-21 05:29:57
145.102.6.55	attackbots	Port scan on 1 port(s): 53	2020-03-19 21:23:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.102.6.127
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4632
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.102.6.127.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 15:36:48 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

127.6.102.145.in-addr.arpa domain name pointer please.visit.www.openintel.nl.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
127.6.102.145.in-addr.arpa	name = please.visit.www.openintel.nl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
197.33.166.67	attack	Unauthorized connection attempt from IP address 197.33.166.67 on Port 445(SMB)	2020-03-16 23:49:03
107.23.28.65	attack	Mar 16 12:58:40 alonganon sshd[8390]: Did not receive identification string from 107.23.28.65 Mar 16 13:00:04 alonganon sshd[8435]: Did not receive identification string from 107.23.28.65 Mar 16 13:00:34 alonganon sshd[8445]: Received disconnect from 107.23.28.65 port 44384:11: Normal Shutdown, Thank you for playing [preauth] Mar 16 13:00:34 alonganon sshd[8445]: Disconnected from 107.23.28.65 port 44384 [preauth] Mar 16 13:00:53 alonganon sshd[8454]: Received disconnect from 107.23.28.65 port 55280:11: Normal Shutdown, Thank you for playing [preauth] Mar 16 13:00:53 alonganon sshd[8454]: Disconnected from 107.23.28.65 port 55280 [preauth] Mar 16 13:01:14 alonganon sshd[8460]: Received disconnect from 107.23.28.65 port 37946:11: Normal Shutdown, Thank you for playing [preauth] Mar 16 13:01:14 alonganon sshd[8460]: Disconnected from 107.23.28.65 port 37946 [preauth] Mar 16 13:01:33 alonganon sshd[8466]: Received disconnect from 107.23.28.65 port 48846:11: Normal Shutdown........ -------------------------------	2020-03-17 00:11:05
162.243.129.9	attack	RPC Portmapper DUMP Request Detected	2020-03-16 23:35:38
150.109.126.175	attack	2020-03-16T14:29:12.528780randservbullet-proofcloud-66.localdomain sshd[1630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.126.175 user=root 2020-03-16T14:29:14.538983randservbullet-proofcloud-66.localdomain sshd[1630]: Failed password for root from 150.109.126.175 port 34394 ssh2 2020-03-16T14:45:13.912661randservbullet-proofcloud-66.localdomain sshd[1704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.126.175 user=root 2020-03-16T14:45:15.517042randservbullet-proofcloud-66.localdomain sshd[1704]: Failed password for root from 150.109.126.175 port 59154 ssh2 ...	2020-03-16 23:51:40
91.212.150.146	attackbotsspam	Tried sshing with brute force.	2020-03-16 23:57:59
92.118.38.42	attack	$f2bV_matches	2020-03-16 23:25:12
45.112.186.53	attack	Unauthorized connection attempt from IP address 45.112.186.53 on Port 445(SMB)	2020-03-16 23:02:48
63.82.48.113	attackspambots	Mar 16 13:24:27 web01 postfix/smtpd[12370]: connect from comb.saparel.com[63.82.48.113] Mar 16 13:24:27 web01 policyd-spf[12375]: None; identhostnamey=helo; client-ip=63.82.48.113; helo=comb.kranbery.com; envelope-from=x@x Mar 16 13:24:27 web01 policyd-spf[12375]: Pass; identhostnamey=mailfrom; client-ip=63.82.48.113; helo=comb.kranbery.com; envelope-from=x@x Mar x@x Mar 16 13:24:27 web01 postfix/smtpd[12370]: disconnect from comb.saparel.com[63.82.48.113] Mar 16 13:25:33 web01 postfix/smtpd[12674]: connect from comb.saparel.com[63.82.48.113] Mar 16 13:25:33 web01 policyd-spf[12676]: None; identhostnamey=helo; client-ip=63.82.48.113; helo=comb.kranbery.com; envelope-from=x@x Mar 16 13:25:33 web01 policyd-spf[12676]: Pass; identhostnamey=mailfrom; client-ip=63.82.48.113; helo=comb.kranbery.com; envelope-from=x@x Mar x@x Mar 16 13:25:34 web01 postfix/smtpd[12674]: disconnect from comb.saparel.com[63.82.48.113] Mar 16 13:26:51 web01 postfix/smtpd[12670]: connect from comb......... -------------------------------	2020-03-16 23:15:37
139.199.50.159	attackbots	Mar 16 15:58:58 OPSO sshd\[22175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.50.159 user=root Mar 16 15:59:00 OPSO sshd\[22175\]: Failed password for root from 139.199.50.159 port 60637 ssh2 Mar 16 16:08:51 OPSO sshd\[23393\]: Invalid user kigwasshoi from 139.199.50.159 port 35311 Mar 16 16:08:51 OPSO sshd\[23393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.50.159 Mar 16 16:08:53 OPSO sshd\[23393\]: Failed password for invalid user kigwasshoi from 139.199.50.159 port 35311 ssh2	2020-03-17 00:07:43
188.254.0.160	attackbots	Mar 16 09:29:22 askasleikir sshd[42514]: Failed password for root from 188.254.0.160 port 47764 ssh2	2020-03-17 00:10:44
47.104.68.177	attackbots	47.104.68.177 - - \[16/Mar/2020:15:45:18 +0100\] "POST /wp-login.php HTTP/1.0" 200 7427 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 47.104.68.177 - - \[16/Mar/2020:15:45:22 +0100\] "POST /wp-login.php HTTP/1.0" 200 7242 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 47.104.68.177 - - \[16/Mar/2020:15:45:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 7239 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-03-16 23:23:39
178.62.21.80	attackbots	Mar 16 15:45:07 vmd26974 sshd[32334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.21.80 Mar 16 15:45:09 vmd26974 sshd[32334]: Failed password for invalid user tmpu01 from 178.62.21.80 port 39482 ssh2 ...	2020-03-16 23:56:51
209.97.148.173	attackbotsspam	SSH Brute-Forcing (server2)	2020-03-16 23:13:15
74.208.57.138	attackspam	MYH,DEF GET /wordpress/wp-admin/	2020-03-16 23:58:44
120.132.11.186	attack	Lines containing failures of 120.132.11.186 Mar 16 06:31:43 zabbix sshd[122012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.11.186 user=r.r Mar 16 06:31:45 zabbix sshd[122012]: Failed password for r.r from 120.132.11.186 port 32904 ssh2 Mar 16 06:31:45 zabbix sshd[122012]: Received disconnect from 120.132.11.186 port 32904:11: Bye Bye [preauth] Mar 16 06:31:45 zabbix sshd[122012]: Disconnected from authenticating user r.r 120.132.11.186 port 32904 [preauth] Mar 16 06:52:48 zabbix sshd[123127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.11.186 user=r.r Mar 16 06:52:50 zabbix sshd[123127]: Failed password for r.r from 120.132.11.186 port 36388 ssh2 Mar 16 06:52:50 zabbix sshd[123127]: Received disconnect from 120.132.11.186 port 36388:11: Bye Bye [preauth] Mar 16 06:52:50 zabbix sshd[123127]: Disconnected from authenticating user r.r 120.132.11.186 port 36388 [preaut........ ------------------------------	2020-03-16 23:46:56

最近上报的IP列表

185.49.64.6	59.175.15.245	49.74.15.246	36.72.217.127
5.12.197.56	217.67.2.105	123.19.56.15	117.93.16.30
113.173.186.64	37.214.40.200	81.19.8.110	218.61.70.124
156.218.183.188	184.82.147.125	180.122.65.48	113.87.136.81
117.18.190.231	14.182.220.126	94.23.41.149	37.6.217.1