146.164.51.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Universidade Federal do Rio de Janeiro

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH brute force attempt	2020-06-15 09:43:29

相同子网IP讨论:

IP	类型	评论内容	时间
146.164.51.61	attackspambots	$f2bV_matches	2020-06-20 02:44:20
146.164.51.62	attackbotsspam	Jun 17 05:48:52 mail sshd[18393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.62 Jun 17 05:48:53 mail sshd[18393]: Failed password for invalid user test from 146.164.51.62 port 46560 ssh2 ...	2020-06-17 18:53:30
146.164.51.61	attack	Jun 14 15:43:33 lukav-desktop sshd\[1441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.61 user=root Jun 14 15:43:35 lukav-desktop sshd\[1441\]: Failed password for root from 146.164.51.61 port 47358 ssh2 Jun 14 15:47:14 lukav-desktop sshd\[1507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.61 user=root Jun 14 15:47:15 lukav-desktop sshd\[1507\]: Failed password for root from 146.164.51.61 port 34442 ssh2 Jun 14 15:50:47 lukav-desktop sshd\[1566\]: Invalid user userftp from 146.164.51.61	2020-06-14 21:15:15
146.164.51.50	attack	Jun 9 12:03:25 localhost sshd\[5460\]: Invalid user mattes from 146.164.51.50 port 57654 Jun 9 12:03:25 localhost sshd\[5460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.50 Jun 9 12:03:27 localhost sshd\[5460\]: Failed password for invalid user mattes from 146.164.51.50 port 57654 ssh2 ...	2020-06-10 01:58:17
146.164.51.50	attack	146.164.51.50 (BR/Brazil/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-06-04 22:24:49
146.164.51.60	attack	146.164.51.60 (BR/Brazil/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-06-04 22:22:13
146.164.51.59	attackbots	146.164.51.59 (BR/Brazil/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-06-04 22:21:51
146.164.51.53	attack	Jun 1 11:35:29 ns sshd[22111]: Connection from 146.164.51.53 port 36812 on 134.119.39.98 port 22 Jun 1 11:35:31 ns sshd[22111]: User r.r from 146.164.51.53 not allowed because not listed in AllowUsers Jun 1 11:35:31 ns sshd[22111]: Failed password for invalid user r.r from 146.164.51.53 port 36812 ssh2 Jun 1 11:35:31 ns sshd[22111]: Received disconnect from 146.164.51.53 port 36812:11: Bye Bye [preauth] Jun 1 11:35:31 ns sshd[22111]: Disconnected from 146.164.51.53 port 36812 [preauth] Jun 1 11:39:41 ns sshd[8413]: Connection from 146.164.51.53 port 37166 on 134.119.39.98 port 22 Jun 1 11:39:43 ns sshd[8413]: User r.r from 146.164.51.53 not allowed because not listed in AllowUsers Jun 1 11:39:43 ns sshd[8413]: Failed password for invalid user r.r from 146.164.51.53 port 37166 ssh2 Jun 1 11:39:43 ns sshd[8413]: Received disconnect from 146.164.51.53 port 37166:11: Bye Bye [preauth] Jun 1 11:39:43 ns sshd[8413]: Disconnected from 146.164.51.53 port 37166 [preaut........ -------------------------------	2020-06-01 23:11:26
146.164.51.50	attackspambots	Jun 1 07:55:36 pornomens sshd\[13182\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.50 user=root Jun 1 07:55:39 pornomens sshd\[13182\]: Failed password for root from 146.164.51.50 port 47392 ssh2 Jun 1 07:59:46 pornomens sshd\[13247\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.50 user=root ...	2020-06-01 14:28:25
146.164.51.58	attackbotsspam	$f2bV_matches	2020-05-30 22:44:06
146.164.51.49	attackspambots	May 30 07:13:05 askasleikir sshd[25918]: Failed password for git from 146.164.51.49 port 38694 ssh2 May 30 07:05:09 askasleikir sshd[25902]: Failed password for ftp from 146.164.51.49 port 39408 ssh2 May 30 07:01:14 askasleikir sshd[25896]: Failed password for root from 146.164.51.49 port 39786 ssh2	2020-05-30 20:56:48
146.164.51.50	attack	May 30 06:53:21 askasleikir sshd[25872]: Failed password for root from 146.164.51.50 port 40550 ssh2	2020-05-30 20:56:10
146.164.51.60	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-30 20:55:50
146.164.51.62	attackbots	May 30 07:09:07 askasleikir sshd[25910]: Failed password for invalid user zabbix from 146.164.51.62 port 39052 ssh2	2020-05-30 20:53:50
146.164.51.52	attackspam	May 30 05:50:20 pve1 sshd[25943]: Failed password for root from 146.164.51.52 port 41272 ssh2 ...	2020-05-30 12:31:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 146.164.51.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;146.164.51.55.			IN	A

;; AUTHORITY SECTION:
.			348	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061401 1800 900 604800 86400

;; Query time: 32 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 15 09:43:23 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 55.51.164.146.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.51.164.146.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
197.234.132.115	attack	Brute force SMTP login attempted. ...	2019-08-08 04:50:11
165.227.69.188	attack	Aug 7 22:39:58 OPSO sshd\[30446\]: Invalid user dagna from 165.227.69.188 port 47916 Aug 7 22:39:58 OPSO sshd\[30446\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.69.188 Aug 7 22:40:00 OPSO sshd\[30446\]: Failed password for invalid user dagna from 165.227.69.188 port 47916 ssh2 Aug 7 22:44:13 OPSO sshd\[30999\]: Invalid user adhi from 165.227.69.188 port 45206 Aug 7 22:44:13 OPSO sshd\[30999\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.69.188	2019-08-08 04:47:54
178.128.96.131	attackspambots	2019-08-07T19:41:58.671251vfs-server-01 sshd\[3900\]: Invalid user hundsun from 178.128.96.131 port 38274 2019-08-07T19:42:00.181699vfs-server-01 sshd\[3903\]: Invalid user images from 178.128.96.131 port 39934 2019-08-07T19:42:01.735220vfs-server-01 sshd\[3906\]: Invalid user ircd from 178.128.96.131 port 41442	2019-08-08 04:12:13
123.207.8.86	attackbots	Aug 7 17:40:39 MK-Soft-VM7 sshd\[8160\]: Invalid user iq from 123.207.8.86 port 50602 Aug 7 17:40:39 MK-Soft-VM7 sshd\[8160\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.8.86 Aug 7 17:40:41 MK-Soft-VM7 sshd\[8160\]: Failed password for invalid user iq from 123.207.8.86 port 50602 ssh2 ...	2019-08-08 04:47:14
162.247.74.200	attackbots	Aug 7 05:27:12 * sshd[11445]: Failed password for invalid user sansforensics from 162.247.74.200 port 32972 ssh2 Aug 7 05:27:18 * sshd[11450]: Failed password for invalid user elk_user from 162.247.74.200 port 35588 ssh2	2019-08-08 04:45:43
222.122.31.133	attackspambots	2019-08-07T20:27:02.893354abusebot-7.cloudsearch.cf sshd\[6903\]: Invalid user joshua from 222.122.31.133 port 43650	2019-08-08 04:51:10
111.118.68.183	attackspam	DATE:2019-08-07 19:42:07, IP:111.118.68.183, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-08-08 04:07:26
134.73.7.114	attack	File manager access: 134.73.7.114 - - [05/Aug/2019:09:56:28 +0100] "POST /FCKeditor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F HTTP/1.1" 404 777 "http://[domain]/FCKeditor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)"	2019-08-08 04:39:41
128.199.154.172	attack	Aug 7 23:01:20 srv-4 sshd\[23054\]: Invalid user abc1 from 128.199.154.172 Aug 7 23:01:20 srv-4 sshd\[23054\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.154.172 Aug 7 23:01:21 srv-4 sshd\[23054\]: Failed password for invalid user abc1 from 128.199.154.172 port 54656 ssh2 ...	2019-08-08 04:18:13
136.244.109.99	attackbotsspam	Aug 7 21:53:26 debian sshd\[12902\]: Invalid user amir from 136.244.109.99 port 32814 Aug 7 21:53:26 debian sshd\[12902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.244.109.99 ...	2019-08-08 04:54:32
14.98.22.30	attackbotsspam	2019-08-07T19:40:50.931792centos sshd\[19889\]: Invalid user gabby from 14.98.22.30 port 56185 2019-08-07T19:40:50.936768centos sshd\[19889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.98.22.30 2019-08-07T19:40:52.984765centos sshd\[19889\]: Failed password for invalid user gabby from 14.98.22.30 port 56185 ssh2	2019-08-08 04:37:57
14.225.3.37	attackspam	firewall-block, port(s): 23/tcp	2019-08-08 04:37:10
139.59.92.117	attackspam	ssh failed login	2019-08-08 04:07:06
40.113.104.81	attackbotsspam	Aug 7 21:17:14 microserver sshd[16750]: Invalid user corlene from 40.113.104.81 port 6336 Aug 7 21:17:14 microserver sshd[16750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.113.104.81 Aug 7 21:17:16 microserver sshd[16750]: Failed password for invalid user corlene from 40.113.104.81 port 6336 ssh2 Aug 7 21:22:05 microserver sshd[17457]: Invalid user barman from 40.113.104.81 port 6336 Aug 7 21:22:05 microserver sshd[17457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.113.104.81 Aug 7 21:36:42 microserver sshd[19958]: Invalid user servercsgo from 40.113.104.81 port 7040 Aug 7 21:36:42 microserver sshd[19958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.113.104.81 Aug 7 21:36:44 microserver sshd[19958]: Failed password for invalid user servercsgo from 40.113.104.81 port 7040 ssh2 Aug 7 21:41:40 microserver sshd[20666]: Invalid user polycom from 40.113.104.81 port	2019-08-08 04:22:48
164.132.110.223	attackbots	Aug 7 20:44:28 mail sshd\[25819\]: Invalid user ftptest from 164.132.110.223 Aug 7 20:44:28 mail sshd\[25819\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.110.223 Aug 7 20:44:30 mail sshd\[25819\]: Failed password for invalid user ftptest from 164.132.110.223 port 33010 ssh2 ...	2019-08-08 04:13:55

最近上报的IP列表

243.110.223.104	59.94.245.252	45.128.152.74	107.174.61.168
68.187.208.236	203.96.190.10	49.49.183.7	139.199.5.50
191.101.200.106	42.225.220.178	94.177.214.123	192.35.168.232
46.191.143.62	208.70.94.216	188.86.28.146	66.11.115.234
222.73.180.219	56.248.84.106	106.13.11.180	66.137.185.59