必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Venezuela

运营商(isp): Fresh Techs C.A.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:
类型 评论内容 时间
attackspambots
Unauthorized connection attempt from IP address 45.169.141.130 on Port 445(SMB)
2019-10-06 02:58:24
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.169.141.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42315
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.169.141.130.			IN	A

;; AUTHORITY SECTION:
.			358	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100501 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 06 02:58:21 CST 2019
;; MSG SIZE  rcvd: 118
HOST信息:
Host 130.141.169.45.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.141.169.45.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
202.191.56.159 attackspambots
Apr 10 19:49:35 php1 sshd\[10705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.191.56.159  user=root
Apr 10 19:49:37 php1 sshd\[10705\]: Failed password for root from 202.191.56.159 port 39634 ssh2
Apr 10 19:53:25 php1 sshd\[11023\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.191.56.159  user=root
Apr 10 19:53:27 php1 sshd\[11023\]: Failed password for root from 202.191.56.159 port 39346 ssh2
Apr 10 19:57:10 php1 sshd\[11395\]: Invalid user debian from 202.191.56.159
Apr 10 19:57:10 php1 sshd\[11395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.191.56.159
2020-04-11 14:16:10
45.140.227.78 attackbots
DATE:2020-04-11 05:54:14, IP:45.140.227.78, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)
2020-04-11 14:04:51
122.14.228.229 attackbots
$f2bV_matches
2020-04-11 13:55:47
2a00:1098:84::4 attackspam
Apr 11 07:28:05 l03 sshd[25346]: Invalid user patrol from 2a00:1098:84::4 port 47032
...
2020-04-11 14:30:49
122.252.239.5 attackbotsspam
SSH login attempts.
2020-04-11 14:13:15
173.252.127.30 attackbots
[Sat Apr 11 10:54:06.117130 2020] [:error] [pid 12544:tid 140248685823744] [client 173.252.127.30:56606] [client 173.252.127.30] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/favicon-96-96.png"] [unique_id "XpE-Xh7qnPfM2sYQQe5eTAAAAAE"]
...
2020-04-11 14:08:32
173.252.127.37 attackspambots
[Sat Apr 11 10:53:47.487201 2020] [:error] [pid 12108:tid 140248694216448] [client 173.252.127.37:65144] [client 173.252.127.37] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/script-v23.js"] [unique_id "XpE-S4bVjhUoZMGEw9RkRAAAAAE"]
...
2020-04-11 14:23:28
180.76.101.244 attack
Apr 11 06:39:15 ewelt sshd[11786]: Invalid user idallas from 180.76.101.244 port 44874
Apr 11 06:39:15 ewelt sshd[11786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.101.244
Apr 11 06:39:15 ewelt sshd[11786]: Invalid user idallas from 180.76.101.244 port 44874
Apr 11 06:39:17 ewelt sshd[11786]: Failed password for invalid user idallas from 180.76.101.244 port 44874 ssh2
...
2020-04-11 14:01:05
218.92.0.138 attackspambots
Apr 11 07:55:25 server sshd[46117]: Failed none for root from 218.92.0.138 port 51529 ssh2
Apr 11 07:55:28 server sshd[46117]: Failed password for root from 218.92.0.138 port 51529 ssh2
Apr 11 07:55:31 server sshd[46117]: Failed password for root from 218.92.0.138 port 51529 ssh2
2020-04-11 14:02:08
119.189.152.10 attackspam
Probing for vulnerable services
2020-04-11 14:17:33
78.128.113.74 attack
2020-04-11T07:23:45.201953l03.customhost.org.uk postfix/smtps/smtpd[24318]: warning: unknown[78.128.113.74]: SASL PLAIN authentication failed: authentication failure
2020-04-11T07:23:56.622457l03.customhost.org.uk postfix/smtps/smtpd[24318]: warning: unknown[78.128.113.74]: SASL PLAIN authentication failed: authentication failure
2020-04-11T07:26:40.791175l03.customhost.org.uk postfix/smtps/smtpd[25197]: warning: unknown[78.128.113.74]: SASL PLAIN authentication failed: authentication failure
2020-04-11T07:26:51.519947l03.customhost.org.uk postfix/smtps/smtpd[25197]: warning: unknown[78.128.113.74]: SASL PLAIN authentication failed: authentication failure
...
2020-04-11 14:27:14
49.232.34.247 attack
Apr 11 06:24:39 Ubuntu-1404-trusty-64-minimal sshd\[16711\]: Invalid user fadmin from 49.232.34.247
Apr 11 06:24:39 Ubuntu-1404-trusty-64-minimal sshd\[16711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.34.247
Apr 11 06:24:41 Ubuntu-1404-trusty-64-minimal sshd\[16711\]: Failed password for invalid user fadmin from 49.232.34.247 port 51260 ssh2
Apr 11 06:38:44 Ubuntu-1404-trusty-64-minimal sshd\[29454\]: Invalid user abel from 49.232.34.247
Apr 11 06:38:45 Ubuntu-1404-trusty-64-minimal sshd\[29454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.34.247
2020-04-11 13:56:55
68.183.67.68 attackspambots
68.183.67.68 - - [11/Apr/2020:06:30:36 +0200] "GET /wp-login.php HTTP/1.1" 200 6136 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
68.183.67.68 - - [11/Apr/2020:06:30:38 +0200] "POST /wp-login.php HTTP/1.1" 200 7014 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
68.183.67.68 - - [11/Apr/2020:06:30:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-04-11 14:42:39
123.21.99.38 attackbots
Apr 11 05:53:49 mail sshd[19249]: Invalid user admin from 123.21.99.38
Apr 11 05:53:49 mail sshd[19249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.21.99.38
Apr 11 05:53:49 mail sshd[19249]: Invalid user admin from 123.21.99.38
Apr 11 05:53:50 mail sshd[19249]: Failed password for invalid user admin from 123.21.99.38 port 58956 ssh2
Apr 11 05:53:53 mail sshd[19256]: Invalid user admin from 123.21.99.38
...
2020-04-11 14:18:28
173.252.127.45 attack
[Sat Apr 11 10:53:41.930077 2020] [:error] [pid 12516:tid 140248685823744] [client 173.252.127.45:37916] [client 173.252.127.45] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/image-loader-worker-v1.js"] [unique_id "XpE-RSpVAdkA7GWDJ8Ns1wAAAAE"]
...
2020-04-11 14:26:45

最近上报的IP列表

171.106.131.252 173.173.34.140 119.80.178.238 124.188.88.16
142.197.76.65 78.123.221.130 14.155.136.247 109.201.152.20
64.32.77.246 113.172.29.227 85.85.36.52 73.82.63.189
126.33.81.76 78.106.35.172 222.136.56.171 116.8.153.174
139.18.100.10 198.17.195.165 107.70.7.145 81.254.10.170