1.1.139.54 - IPInfo

基本信息:

城市(city): Loei

省份(region): Loei

国家(country): Thailand

运营商(isp): TOT Public Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	TCP (SYN) 1.1.139.54:58126 -> port 22, len 52	2020-05-20 07:41:38

相同子网IP讨论:

IP	类型	评论内容	时间
1.1.139.223	attackspambots	Unauthorized connection attempt from IP address 1.1.139.223 on Port 445(SMB)	2020-04-30 20:17:07
1.1.139.112	attackbots	" "	2020-04-18 12:18:44
1.1.139.37	attack	Honeypot attack, port: 81, PTR: node-279.pool-1-1.dynamic.totinternet.net.	2020-02-11 08:08:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.1.139.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34531
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.1.139.54.			IN	A

;; AUTHORITY SECTION:
.			146	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051901 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 20 07:41:35 CST 2020
;; MSG SIZE  rcvd: 114

HOST信息:

54.139.1.1.in-addr.arpa domain name pointer node-27q.pool-1-1.dynamic.totinternet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.139.1.1.in-addr.arpa	name = node-27q.pool-1-1.dynamic.totinternet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
177.91.117.31	attackbots	Jul 23 16:11:11 web1 postfix/smtpd[27660]: warning: 31.117.91.177.waveup.com.br[177.91.117.31]: SASL PLAIN authentication failed: authentication failure ...	2019-07-24 10:58:54
37.114.173.103	attackbots	Jul 23 23:11:32 srv-4 sshd\[12078\]: Invalid user admin from 37.114.173.103 Jul 23 23:11:32 srv-4 sshd\[12078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.114.173.103 Jul 23 23:11:34 srv-4 sshd\[12078\]: Failed password for invalid user admin from 37.114.173.103 port 51791 ssh2 ...	2019-07-24 10:48:53
213.152.161.30	attackbots	Jul 24 00:23:23 nginx sshd[95699]: Connection from 213.152.161.30 port 38206 on 10.23.102.80 port 22 Jul 24 00:23:23 nginx sshd[95699]: Received disconnect from 213.152.161.30 port 38206:11: Bye Bye [preauth]	2019-07-24 10:11:57
128.199.52.45	attackbots	Jul 23 22:31:54 xtremcommunity sshd\[5814\]: Invalid user shashank from 128.199.52.45 port 35914 Jul 23 22:31:54 xtremcommunity sshd\[5814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Jul 23 22:31:55 xtremcommunity sshd\[5814\]: Failed password for invalid user shashank from 128.199.52.45 port 35914 ssh2 Jul 23 22:37:17 xtremcommunity sshd\[5894\]: Invalid user jaqueline from 128.199.52.45 port 58686 Jul 23 22:37:17 xtremcommunity sshd\[5894\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 ...	2019-07-24 10:38:48
78.189.222.247	attack	port scan and connect, tcp 23 (telnet)	2019-07-24 10:36:53
149.56.15.98	attackspambots	Jul 23 22:16:12 TORMINT sshd\[24018\]: Invalid user jdavila from 149.56.15.98 Jul 23 22:16:12 TORMINT sshd\[24018\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.15.98 Jul 23 22:16:14 TORMINT sshd\[24018\]: Failed password for invalid user jdavila from 149.56.15.98 port 41705 ssh2 ...	2019-07-24 10:32:01
103.94.130.4	attack	2019-07-23T22:54:17.847222abusebot-4.cloudsearch.cf sshd\[1304\]: Invalid user test from 103.94.130.4 port 57256	2019-07-24 10:25:37
41.82.254.90	attack	Jul 23 21:37:44 aat-srv002 sshd[3685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.82.254.90 Jul 23 21:37:46 aat-srv002 sshd[3685]: Failed password for invalid user manoj from 41.82.254.90 port 37163 ssh2 Jul 23 21:43:16 aat-srv002 sshd[3855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.82.254.90 Jul 23 21:43:18 aat-srv002 sshd[3855]: Failed password for invalid user splash from 41.82.254.90 port 36086 ssh2 ...	2019-07-24 10:46:57
180.151.16.226	attack	Automatic report - Port Scan Attack	2019-07-24 10:15:44
2001:41d0:52:a00::e3d	attackbots	xmlrpc attack	2019-07-24 10:13:28
66.70.130.155	attackbots	Jul 23 21:18:30 aat-srv002 sshd[3169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.155 Jul 23 21:18:33 aat-srv002 sshd[3169]: Failed password for invalid user vnc from 66.70.130.155 port 60738 ssh2 Jul 23 21:26:13 aat-srv002 sshd[3396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.155 Jul 23 21:26:14 aat-srv002 sshd[3396]: Failed password for invalid user Joshua from 66.70.130.155 port 55254 ssh2 ...	2019-07-24 10:48:33
93.42.117.137	attackbotsspam	Jul 24 04:23:49 v22018076622670303 sshd\[8281\]: Invalid user sysadmin from 93.42.117.137 port 33634 Jul 24 04:23:49 v22018076622670303 sshd\[8281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.42.117.137 Jul 24 04:23:51 v22018076622670303 sshd\[8281\]: Failed password for invalid user sysadmin from 93.42.117.137 port 33634 ssh2 ...	2019-07-24 10:30:18
148.251.88.26	attack	WordPress brute force	2019-07-24 10:18:50
201.174.19.50	attack	Jul 23 21:58:36 mxgate1 postfix/postscreen[8780]: CONNECT from [201.174.19.50]:46308 to [176.31.12.44]:25 Jul 23 21:58:36 mxgate1 postfix/dnsblog[8868]: addr 201.174.19.50 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 23 21:58:36 mxgate1 postfix/dnsblog[8867]: addr 201.174.19.50 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 23 21:58:36 mxgate1 postfix/dnsblog[8871]: addr 201.174.19.50 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jul 23 21:58:37 mxgate1 postfix/dnsblog[8869]: addr 201.174.19.50 listed by domain b.barracudacentral.org as 127.0.0.2 Jul 23 21:58:42 mxgate1 postfix/postscreen[8780]: DNSBL rank 5 for [201.174.19.50]:46308 Jul x@x Jul 23 21:58:42 mxgate1 postfix/postscreen[8780]: HANGUP after 0.59 from [201.174.19.50]:46308 in tests after SMTP handshake Jul 23 21:58:42 mxgate1 postfix/postscreen[8780]: DISCONNECT [201.174.19.50]:46308 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=201.174.19.50	2019-07-24 10:18:29
191.240.28.3	attackspambots	TCP src-port=27271 dst-port=25 abuseat-org barracuda zen-spamhaus (Project Honey Pot rated Suspicious) (1007)	2019-07-24 10:52:55

最近上报的IP列表

61.39.140.71	201.217.192.104	82.254.15.104	73.111.160.115
119.25.211.201	45.41.65.42	177.240.146.111	183.197.254.4
93.120.206.255	109.5.12.54	92.248.108.50	92.191.34.179
51.174.201.169	162.160.92.105	200.68.177.13	82.237.177.46
187.155.30.221	122.142.5.218	151.66.254.108	69.225.55.200

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表