146.164.51.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Universidade Federal do Rio de Janeiro

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH brute force attempt	2020-06-15 09:43:29

相同子网IP讨论:

IP	类型	评论内容	时间
146.164.51.61	attackspambots	$f2bV_matches	2020-06-20 02:44:20
146.164.51.62	attackbotsspam	Jun 17 05:48:52 mail sshd[18393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.62 Jun 17 05:48:53 mail sshd[18393]: Failed password for invalid user test from 146.164.51.62 port 46560 ssh2 ...	2020-06-17 18:53:30
146.164.51.61	attack	Jun 14 15:43:33 lukav-desktop sshd\[1441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.61 user=root Jun 14 15:43:35 lukav-desktop sshd\[1441\]: Failed password for root from 146.164.51.61 port 47358 ssh2 Jun 14 15:47:14 lukav-desktop sshd\[1507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.61 user=root Jun 14 15:47:15 lukav-desktop sshd\[1507\]: Failed password for root from 146.164.51.61 port 34442 ssh2 Jun 14 15:50:47 lukav-desktop sshd\[1566\]: Invalid user userftp from 146.164.51.61	2020-06-14 21:15:15
146.164.51.50	attack	Jun 9 12:03:25 localhost sshd\[5460\]: Invalid user mattes from 146.164.51.50 port 57654 Jun 9 12:03:25 localhost sshd\[5460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.50 Jun 9 12:03:27 localhost sshd\[5460\]: Failed password for invalid user mattes from 146.164.51.50 port 57654 ssh2 ...	2020-06-10 01:58:17
146.164.51.50	attack	146.164.51.50 (BR/Brazil/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-06-04 22:24:49
146.164.51.60	attack	146.164.51.60 (BR/Brazil/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-06-04 22:22:13
146.164.51.59	attackbots	146.164.51.59 (BR/Brazil/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-06-04 22:21:51
146.164.51.53	attack	Jun 1 11:35:29 ns sshd[22111]: Connection from 146.164.51.53 port 36812 on 134.119.39.98 port 22 Jun 1 11:35:31 ns sshd[22111]: User r.r from 146.164.51.53 not allowed because not listed in AllowUsers Jun 1 11:35:31 ns sshd[22111]: Failed password for invalid user r.r from 146.164.51.53 port 36812 ssh2 Jun 1 11:35:31 ns sshd[22111]: Received disconnect from 146.164.51.53 port 36812:11: Bye Bye [preauth] Jun 1 11:35:31 ns sshd[22111]: Disconnected from 146.164.51.53 port 36812 [preauth] Jun 1 11:39:41 ns sshd[8413]: Connection from 146.164.51.53 port 37166 on 134.119.39.98 port 22 Jun 1 11:39:43 ns sshd[8413]: User r.r from 146.164.51.53 not allowed because not listed in AllowUsers Jun 1 11:39:43 ns sshd[8413]: Failed password for invalid user r.r from 146.164.51.53 port 37166 ssh2 Jun 1 11:39:43 ns sshd[8413]: Received disconnect from 146.164.51.53 port 37166:11: Bye Bye [preauth] Jun 1 11:39:43 ns sshd[8413]: Disconnected from 146.164.51.53 port 37166 [preaut........ -------------------------------	2020-06-01 23:11:26
146.164.51.50	attackspambots	Jun 1 07:55:36 pornomens sshd\[13182\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.50 user=root Jun 1 07:55:39 pornomens sshd\[13182\]: Failed password for root from 146.164.51.50 port 47392 ssh2 Jun 1 07:59:46 pornomens sshd\[13247\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.164.51.50 user=root ...	2020-06-01 14:28:25
146.164.51.58	attackbotsspam	$f2bV_matches	2020-05-30 22:44:06
146.164.51.49	attackspambots	May 30 07:13:05 askasleikir sshd[25918]: Failed password for git from 146.164.51.49 port 38694 ssh2 May 30 07:05:09 askasleikir sshd[25902]: Failed password for ftp from 146.164.51.49 port 39408 ssh2 May 30 07:01:14 askasleikir sshd[25896]: Failed password for root from 146.164.51.49 port 39786 ssh2	2020-05-30 20:56:48
146.164.51.50	attack	May 30 06:53:21 askasleikir sshd[25872]: Failed password for root from 146.164.51.50 port 40550 ssh2	2020-05-30 20:56:10
146.164.51.60	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-30 20:55:50
146.164.51.62	attackbots	May 30 07:09:07 askasleikir sshd[25910]: Failed password for invalid user zabbix from 146.164.51.62 port 39052 ssh2	2020-05-30 20:53:50
146.164.51.52	attackspam	May 30 05:50:20 pve1 sshd[25943]: Failed password for root from 146.164.51.52 port 41272 ssh2 ...	2020-05-30 12:31:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 146.164.51.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;146.164.51.55.			IN	A

;; AUTHORITY SECTION:
.			348	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061401 1800 900 604800 86400

;; Query time: 32 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 15 09:43:23 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 55.51.164.146.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.51.164.146.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
5.253.86.213	attackspam	1598068486 - 08/22/2020 10:54:46 Host: 5.253.86.213/5.253.86.213 Port: 23 TCP Blocked ...	2020-08-22 13:15:10
198.27.69.130	attackbots	198.27.69.130 - - [22/Aug/2020:05:55:46 +0100] "POST /wp-login.php HTTP/1.1" 200 6688 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 198.27.69.130 - - [22/Aug/2020:05:56:49 +0100] "POST /wp-login.php HTTP/1.1" 200 6695 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 198.27.69.130 - - [22/Aug/2020:05:58:14 +0100] "POST /wp-login.php HTTP/1.1" 200 6688 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-08-22 13:12:04
104.243.25.75	attack	Invalid user hermes from 104.243.25.75 port 59326	2020-08-22 13:20:16
24.142.34.181	attack	Aug 22 04:36:18 vps-51d81928 sshd[10061]: Failed password for root from 24.142.34.181 port 52920 ssh2 Aug 22 04:40:54 vps-51d81928 sshd[10147]: Invalid user sagar from 24.142.34.181 port 60030 Aug 22 04:40:54 vps-51d81928 sshd[10147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.142.34.181 Aug 22 04:40:54 vps-51d81928 sshd[10147]: Invalid user sagar from 24.142.34.181 port 60030 Aug 22 04:40:55 vps-51d81928 sshd[10147]: Failed password for invalid user sagar from 24.142.34.181 port 60030 ssh2 ...	2020-08-22 12:59:18
106.13.36.10	attackspam	Invalid user test from 106.13.36.10 port 50702	2020-08-22 13:04:06
116.52.2.62	attackbots	20/8/21@23:54:50: FAIL: Alarm-SSH address from=116.52.2.62 ...	2020-08-22 13:11:30
46.101.181.170	attackbotsspam	Aug 22 04:45:03 django-0 sshd[27878]: Invalid user admin from 46.101.181.170 ...	2020-08-22 13:24:00
74.111.97.132	attackspam	From CCTV User Interface Log ...::ffff:74.111.97.132 - - [21/Aug/2020:23:54:26 +0000] "-" 400 0 ::ffff:74.111.97.132 - - [21/Aug/2020:23:54:26 +0000] "GET / HTTP/1.1" 200 960 ::ffff:74.111.97.132 - - [21/Aug/2020:23:54:26 +0000] "GET / HTTP/1.1" 200 960 ...	2020-08-22 13:29:40
222.239.124.19	attackbotsspam	Aug 22 05:15:25 vps-51d81928 sshd[10837]: Failed password for invalid user zimbra from 222.239.124.19 port 56638 ssh2 Aug 22 05:19:02 vps-51d81928 sshd[10934]: Invalid user admin from 222.239.124.19 port 59556 Aug 22 05:19:02 vps-51d81928 sshd[10934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.239.124.19 Aug 22 05:19:02 vps-51d81928 sshd[10934]: Invalid user admin from 222.239.124.19 port 59556 Aug 22 05:19:04 vps-51d81928 sshd[10934]: Failed password for invalid user admin from 222.239.124.19 port 59556 ssh2 ...	2020-08-22 13:20:44
124.251.110.147	attack	Aug 22 06:30:30 home sshd[3020427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.251.110.147 Aug 22 06:30:30 home sshd[3020427]: Invalid user mongo from 124.251.110.147 port 58646 Aug 22 06:30:33 home sshd[3020427]: Failed password for invalid user mongo from 124.251.110.147 port 58646 ssh2 Aug 22 06:34:34 home sshd[3021778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.251.110.147 user=root Aug 22 06:34:35 home sshd[3021778]: Failed password for root from 124.251.110.147 port 34602 ssh2 ...	2020-08-22 12:58:53
128.199.128.215	attackspam	$f2bV_matches	2020-08-22 13:12:21
118.89.153.180	attack	2020-08-22T04:26:03.624965shield sshd\[29415\]: Invalid user cid from 118.89.153.180 port 59500 2020-08-22T04:26:03.633741shield sshd\[29415\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.153.180 2020-08-22T04:26:06.077648shield sshd\[29415\]: Failed password for invalid user cid from 118.89.153.180 port 59500 ssh2 2020-08-22T04:30:32.498994shield sshd\[30966\]: Invalid user www from 118.89.153.180 port 59712 2020-08-22T04:30:32.510107shield sshd\[30966\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.153.180	2020-08-22 13:14:00
172.93.224.151	attackspam	Sending SPAM email	2020-08-22 13:16:13
118.163.91.125	attackspambots	Port Scan detected from 118.163.91.125 (TW/Taiwan/Taiwan/Taipei/118-163-91-125.HINET-IP.hinet.net). 4 hits in the last 170 seconds	2020-08-22 13:03:08
61.177.172.177	attackspambots	Aug 22 06:41:22 nextcloud sshd\[937\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.177 user=root Aug 22 06:41:24 nextcloud sshd\[937\]: Failed password for root from 61.177.172.177 port 41755 ssh2 Aug 22 06:41:38 nextcloud sshd\[937\]: Failed password for root from 61.177.172.177 port 41755 ssh2	2020-08-22 13:05:14

最近上报的IP列表

243.110.223.104	59.94.245.252	45.128.152.74	107.174.61.168
68.187.208.236	203.96.190.10	49.49.183.7	139.199.5.50
191.101.200.106	42.225.220.178	94.177.214.123	192.35.168.232
46.191.143.62	208.70.94.216	188.86.28.146	66.11.115.234
222.73.180.219	56.248.84.106	106.13.11.180	66.137.185.59