146.164.51.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Universidade Federal do Rio de Janeiro

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH brute force attempt	2020-06-15 09:43:29

相同子网IP讨论:

IP	类型	评论内容	时间
146.164.51.61	attackspambots	$f2bV_matches	2020-06-20 02:44:20
146.164.51.62	attackbotsspam	Jun 17 05:48:52 mail sshd[18393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.62 Jun 17 05:48:53 mail sshd[18393]: Failed password for invalid user test from 146.164.51.62 port 46560 ssh2 ...	2020-06-17 18:53:30
146.164.51.61	attack	Jun 14 15:43:33 lukav-desktop sshd\[1441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.61 user=root Jun 14 15:43:35 lukav-desktop sshd\[1441\]: Failed password for root from 146.164.51.61 port 47358 ssh2 Jun 14 15:47:14 lukav-desktop sshd\[1507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.61 user=root Jun 14 15:47:15 lukav-desktop sshd\[1507\]: Failed password for root from 146.164.51.61 port 34442 ssh2 Jun 14 15:50:47 lukav-desktop sshd\[1566\]: Invalid user userftp from 146.164.51.61	2020-06-14 21:15:15
146.164.51.50	attack	Jun 9 12:03:25 localhost sshd\[5460\]: Invalid user mattes from 146.164.51.50 port 57654 Jun 9 12:03:25 localhost sshd\[5460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.50 Jun 9 12:03:27 localhost sshd\[5460\]: Failed password for invalid user mattes from 146.164.51.50 port 57654 ssh2 ...	2020-06-10 01:58:17
146.164.51.50	attack	146.164.51.50 (BR/Brazil/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-06-04 22:24:49
146.164.51.60	attack	146.164.51.60 (BR/Brazil/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-06-04 22:22:13
146.164.51.59	attackbots	146.164.51.59 (BR/Brazil/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-06-04 22:21:51
146.164.51.53	attack	Jun 1 11:35:29 ns sshd[22111]: Connection from 146.164.51.53 port 36812 on 134.119.39.98 port 22 Jun 1 11:35:31 ns sshd[22111]: User r.r from 146.164.51.53 not allowed because not listed in AllowUsers Jun 1 11:35:31 ns sshd[22111]: Failed password for invalid user r.r from 146.164.51.53 port 36812 ssh2 Jun 1 11:35:31 ns sshd[22111]: Received disconnect from 146.164.51.53 port 36812:11: Bye Bye [preauth] Jun 1 11:35:31 ns sshd[22111]: Disconnected from 146.164.51.53 port 36812 [preauth] Jun 1 11:39:41 ns sshd[8413]: Connection from 146.164.51.53 port 37166 on 134.119.39.98 port 22 Jun 1 11:39:43 ns sshd[8413]: User r.r from 146.164.51.53 not allowed because not listed in AllowUsers Jun 1 11:39:43 ns sshd[8413]: Failed password for invalid user r.r from 146.164.51.53 port 37166 ssh2 Jun 1 11:39:43 ns sshd[8413]: Received disconnect from 146.164.51.53 port 37166:11: Bye Bye [preauth] Jun 1 11:39:43 ns sshd[8413]: Disconnected from 146.164.51.53 port 37166 [preaut........ -------------------------------	2020-06-01 23:11:26
146.164.51.50	attackspambots	Jun 1 07:55:36 pornomens sshd\[13182\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.50 user=root Jun 1 07:55:39 pornomens sshd\[13182\]: Failed password for root from 146.164.51.50 port 47392 ssh2 Jun 1 07:59:46 pornomens sshd\[13247\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.50 user=root ...	2020-06-01 14:28:25
146.164.51.58	attackbotsspam	$f2bV_matches	2020-05-30 22:44:06
146.164.51.49	attackspambots	May 30 07:13:05 askasleikir sshd[25918]: Failed password for git from 146.164.51.49 port 38694 ssh2 May 30 07:05:09 askasleikir sshd[25902]: Failed password for ftp from 146.164.51.49 port 39408 ssh2 May 30 07:01:14 askasleikir sshd[25896]: Failed password for root from 146.164.51.49 port 39786 ssh2	2020-05-30 20:56:48
146.164.51.50	attack	May 30 06:53:21 askasleikir sshd[25872]: Failed password for root from 146.164.51.50 port 40550 ssh2	2020-05-30 20:56:10
146.164.51.60	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-30 20:55:50
146.164.51.62	attackbots	May 30 07:09:07 askasleikir sshd[25910]: Failed password for invalid user zabbix from 146.164.51.62 port 39052 ssh2	2020-05-30 20:53:50
146.164.51.52	attackspam	May 30 05:50:20 pve1 sshd[25943]: Failed password for root from 146.164.51.52 port 41272 ssh2 ...	2020-05-30 12:31:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 146.164.51.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;146.164.51.55.			IN	A

;; AUTHORITY SECTION:
.			348	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061401 1800 900 604800 86400

;; Query time: 32 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 15 09:43:23 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 55.51.164.146.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.51.164.146.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
193.56.28.175	attackspam	Jun 25 05:56:26 relay postfix/smtpd\[8401\]: warning: unknown\[193.56.28.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 05:56:32 relay postfix/smtpd\[9545\]: warning: unknown\[193.56.28.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 05:56:42 relay postfix/smtpd\[9543\]: warning: unknown\[193.56.28.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 05:57:04 relay postfix/smtpd\[7474\]: warning: unknown\[193.56.28.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 05:57:10 relay postfix/smtpd\[9584\]: warning: unknown\[193.56.28.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-25 12:16:27
191.232.214.74	attackspambots	1,11-01/31 [bc01/m47] PostRequest-Spammer scoring: zurich	2020-06-25 12:21:53
157.245.105.149	attackbotsspam	k+ssh-bruteforce	2020-06-25 12:22:11
95.217.108.84	attackbotsspam	RDP Brute-Force (honeypot 7)	2020-06-25 12:02:26
185.176.27.254	attackbotsspam	06/24/2020-23:57:18.798560 185.176.27.254 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-06-25 12:12:15
217.182.73.36	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-06-25 08:34:10
185.204.3.36	attackspambots	Jun 25 05:57:23 vmd48417 sshd[30525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.204.3.36	2020-06-25 12:04:42
122.225.230.10	attack	$f2bV_matches	2020-06-25 08:34:37
118.89.236.249	attackspam	Jun 25 05:57:01 ns381471 sshd[14775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.236.249 Jun 25 05:57:03 ns381471 sshd[14775]: Failed password for invalid user db2inst1 from 118.89.236.249 port 52414 ssh2	2020-06-25 12:24:55
128.199.128.215	attackbots	2020-06-25T05:52:48.876319galaxy.wi.uni-potsdam.de sshd[20985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.128.215 user=root 2020-06-25T05:52:50.624368galaxy.wi.uni-potsdam.de sshd[20985]: Failed password for root from 128.199.128.215 port 37422 ssh2 2020-06-25T05:54:58.238517galaxy.wi.uni-potsdam.de sshd[21243]: Invalid user dxc from 128.199.128.215 port 56928 2020-06-25T05:54:58.240414galaxy.wi.uni-potsdam.de sshd[21243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.128.215 2020-06-25T05:54:58.238517galaxy.wi.uni-potsdam.de sshd[21243]: Invalid user dxc from 128.199.128.215 port 56928 2020-06-25T05:55:00.836646galaxy.wi.uni-potsdam.de sshd[21243]: Failed password for invalid user dxc from 128.199.128.215 port 56928 ssh2 2020-06-25T05:57:07.015725galaxy.wi.uni-potsdam.de sshd[21447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.128 ...	2020-06-25 12:19:32
45.162.216.10	attackspam	Jun 25 02:30:45 mout sshd[21586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.162.216.10 user=root Jun 25 02:30:48 mout sshd[21586]: Failed password for root from 45.162.216.10 port 47444 ssh2	2020-06-25 08:38:14
139.59.146.28	attack	139.59.146.28 - - \[25/Jun/2020:01:06:19 +0200\] "POST /wp-login.php HTTP/1.0" 200 2507 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.146.28 - - \[25/Jun/2020:01:06:20 +0200\] "POST /wp-login.php HTTP/1.0" 200 2473 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.146.28 - - \[25/Jun/2020:01:06:21 +0200\] "POST /wp-login.php HTTP/1.0" 200 2470 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-06-25 08:42:15
165.22.253.190	attackspambots	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-06-25 12:17:05
130.162.71.237	attackspambots	$f2bV_matches	2020-06-25 12:08:10
112.85.42.89	attackspam	Jun 25 02:33:44 ns381471 sshd[5741]: Failed password for root from 112.85.42.89 port 43462 ssh2	2020-06-25 08:42:29

最近上报的IP列表

243.110.223.104	59.94.245.252	45.128.152.74	107.174.61.168
68.187.208.236	203.96.190.10	49.49.183.7	139.199.5.50
191.101.200.106	42.225.220.178	94.177.214.123	192.35.168.232
46.191.143.62	208.70.94.216	188.86.28.146	66.11.115.234
222.73.180.219	56.248.84.106	106.13.11.180	66.137.185.59