1.1.132.140 - IPInfo

基本信息:

城市(city): Udon Thani

省份(region): Udon Thani

国家(country): Thailand

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
1.1.132.69	attackspam	2019-11-27T01:38:44.085801suse-nuc sshd[24675]: Invalid user admin from 1.1.132.69 port 56311 ...	2020-09-27 06:00:08
1.1.132.69	attackbots	2019-11-27T01:38:44.085801suse-nuc sshd[24675]: Invalid user admin from 1.1.132.69 port 56311 ...	2020-09-26 22:20:29
1.1.132.69	attack	2019-11-27T01:38:44.085801suse-nuc sshd[24675]: Invalid user admin from 1.1.132.69 port 56311 ...	2020-09-26 14:04:55
1.1.132.115	attack	1598851277 - 08/31/2020 07:21:17 Host: 1.1.132.115/1.1.132.115 Port: 445 TCP Blocked	2020-08-31 20:16:25
1.1.132.41	attackbots	Unauthorised access (Oct 12) SRC=1.1.132.41 LEN=52 TTL=114 ID=91 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-12 21:46:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.1.132.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57328
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.1.132.140.			IN	A

;; AUTHORITY SECTION:
.			501	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022302 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 08:36:52 CST 2022
;; MSG SIZE  rcvd: 104

HOST信息:

140.132.1.1.in-addr.arpa domain name pointer node-wc.pool-1-1.dynamic.totinternet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.132.1.1.in-addr.arpa	name = node-wc.pool-1-1.dynamic.totinternet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
104.206.128.30	attackbotsspam	23/tcp 5060/tcp 5432/tcp... [2020-07-11/09-04]43pkt,10pt.(tcp),1pt.(udp)	2020-09-05 03:43:42
113.140.80.174	attack	Invalid user ali from 113.140.80.174 port 40853	2020-09-05 03:42:37
116.212.131.90	attackspam	srvr3: (mod_security) mod_security (id:920350) triggered by 116.212.131.90 (AU/Australia/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/03 18:43:28 [error] 365944#0: 1946 [client 116.212.131.90] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159915140894.207379"] [ref "o0,14v21,14"], client: 116.212.131.90, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-05 03:39:55
222.98.173.216	attack	2020-09-03 14:04:23 server sshd[65913]: Failed password for invalid user tts from 222.98.173.216 port 47156 ssh2	2020-09-05 03:54:50
186.145.239.222	attackspam	Dovecot Invalid User Login Attempt.	2020-09-05 03:58:42
165.90.239.203	attackspam	Automatic report - Port Scan Attack	2020-09-05 03:27:00
121.23.141.26	attackspam	TCP (SYN) 121.23.141.26:47282 -> port 8080, len 40	2020-09-05 03:42:13
188.146.171.252	attackbots	Sep 3 18:43:39 mellenthin postfix/smtpd[20267]: NOQUEUE: reject: RCPT from 188.146.171.252.nat.umts.dynamic.t-mobile.pl[188.146.171.252]: 554 5.7.1 Service unavailable; Client host [188.146.171.252] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/188.146.171.252; from= to= proto=ESMTP helo=<188.146.171.252.nat.umts.dynamic.t-mobile.pl>	2020-09-05 03:35:46
124.205.119.183	attackbotsspam	$f2bV_matches	2020-09-05 03:49:55
64.225.1.34	attack	64.225.1.34 - - \[03/Sep/2020:18:43:15 +0200\] "GET / HTTP/1.0" 301 178 "-" "Mozilla/5.0 $compatible\; NetcraftSurveyAgent/1.0\; +info@netcraft.com$" ...	2020-09-05 03:50:08
80.90.80.117	attack	TCP ports : 7770 / 7777	2020-09-05 03:35:20
185.165.168.229	attackbotsspam	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-05 03:32:50
43.224.130.146	attack	Invalid user barry from 43.224.130.146 port 40584	2020-09-05 03:32:35
134.175.231.167	attackbotsspam	Sep 4 19:23:48 OPSO sshd\[19669\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.231.167 user=root Sep 4 19:23:49 OPSO sshd\[19669\]: Failed password for root from 134.175.231.167 port 45798 ssh2 Sep 4 19:27:19 OPSO sshd\[20133\]: Invalid user debian from 134.175.231.167 port 53780 Sep 4 19:27:19 OPSO sshd\[20133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.231.167 Sep 4 19:27:21 OPSO sshd\[20133\]: Failed password for invalid user debian from 134.175.231.167 port 53780 ssh2	2020-09-05 03:30:41
190.139.67.171	attack	TCP (SYN) 190.139.67.171:56944 -> port 445, len 44	2020-09-05 03:36:15

最近上报的IP列表

1.1.132.137	1.1.132.160	1.1.132.171	1.1.132.177
1.1.132.18	1.1.132.194	1.1.132.208	1.1.132.210
1.1.132.213	1.1.132.231	1.1.132.253	1.1.132.30
1.1.132.49	1.1.132.60	1.1.132.74	1.1.133.119
1.1.133.137	1.1.133.15	1.1.133.152	1.1.133.162