1.1.145.3 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): TOT Public Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorized connection attempt detected from IP address 1.1.145.3 to port 82 [T]	2020-01-07 02:55:42

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.1.145.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23438
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.1.145.3.			IN	A

;; AUTHORITY SECTION:
.			509	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010601 1800 900 604800 86400

;; Query time: 182 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 07 02:55:39 CST 2020
;; MSG SIZE  rcvd: 113

HOST信息:

3.145.1.1.in-addr.arpa domain name pointer node-3cz.pool-1-1.dynamic.totinternet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.145.1.1.in-addr.arpa	name = node-3cz.pool-1-1.dynamic.totinternet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
90.159.230.120	attackspambots	[portscan] tcp/1433 [MsSQL] [scan/connect: 6 time(s)] *(RWIN=11392)(12201009)	2019-12-20 15:58:30
128.199.75.69	attack	2019-12-20T07:31:20.311610shield sshd\[23347\]: Invalid user cosburn from 128.199.75.69 port 39129 2019-12-20T07:31:20.316035shield sshd\[23347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.75.69 2019-12-20T07:31:22.322015shield sshd\[23347\]: Failed password for invalid user cosburn from 128.199.75.69 port 39129 ssh2 2019-12-20T07:39:21.454362shield sshd\[25900\]: Invalid user rutger from 128.199.75.69 port 42470 2019-12-20T07:39:21.463037shield sshd\[25900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.75.69	2019-12-20 15:41:25
88.132.237.187	attackspam	web-1 [ssh_2] SSH Attack	2019-12-20 16:06:32
106.13.25.242	attackspambots	Dec 20 08:34:15 loxhost sshd\[25361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.25.242 user=root Dec 20 08:34:16 loxhost sshd\[25361\]: Failed password for root from 106.13.25.242 port 52098 ssh2 Dec 20 08:38:48 loxhost sshd\[25504\]: Invalid user rpm from 106.13.25.242 port 38382 Dec 20 08:38:48 loxhost sshd\[25504\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.25.242 Dec 20 08:38:50 loxhost sshd\[25504\]: Failed password for invalid user rpm from 106.13.25.242 port 38382 ssh2 ...	2019-12-20 15:57:57
117.3.174.232	attack	Host Scan	2019-12-20 16:06:14
200.66.54.132	attackspambots	TCP Port Scanning	2019-12-20 15:53:39
106.13.142.115	attack	$f2bV_matches	2019-12-20 15:59:48
220.76.107.50	attack	Invalid user admin from 220.76.107.50 port 37714	2019-12-20 16:18:16
51.15.79.194	attackspam	Lines containing failures of 51.15.79.194 Dec 17 06:01:27 shared10 sshd[17993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.79.194 user=r.r Dec 17 06:01:29 shared10 sshd[17993]: Failed password for r.r from 51.15.79.194 port 38090 ssh2 Dec 17 06:01:29 shared10 sshd[17993]: Received disconnect from 51.15.79.194 port 38090:11: Bye Bye [preauth] Dec 17 06:01:29 shared10 sshd[17993]: Disconnected from authenticating user r.r 51.15.79.194 port 38090 [preauth] Dec 17 06:12:41 shared10 sshd[22321]: Invalid user rehak from 51.15.79.194 port 52420 Dec 17 06:12:41 shared10 sshd[22321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.79.194 Dec 17 06:12:43 shared10 sshd[22321]: Failed password for invalid user rehak from 51.15.79.194 port 52420 ssh2 Dec 17 06:12:43 shared10 sshd[22321]: Received disconnect from 51.15.79.194 port 52420:11: Bye Bye [preauth] Dec 17 06:12:43 shared10 sshd[........ ------------------------------	2019-12-20 16:09:03
218.92.0.165	attackbots	Dec 19 22:10:20 wbs sshd\[3466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.165 user=root Dec 19 22:10:22 wbs sshd\[3466\]: Failed password for root from 218.92.0.165 port 19082 ssh2 Dec 19 22:10:40 wbs sshd\[3472\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.165 user=root Dec 19 22:10:41 wbs sshd\[3472\]: Failed password for root from 218.92.0.165 port 41799 ssh2 Dec 19 22:10:55 wbs sshd\[3472\]: Failed password for root from 218.92.0.165 port 41799 ssh2	2019-12-20 16:12:22
104.236.71.107	attack	Automatic report - XMLRPC Attack	2019-12-20 15:42:54
51.68.198.113	attackbots	Dec 20 06:29:30 IngegnereFirenze sshd[28057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.198.113 user=root ...	2019-12-20 15:44:34
145.239.198.218	attackbotsspam	Dec 20 09:11:29 vps58358 sshd\[10690\]: Invalid user tantinews from 145.239.198.218Dec 20 09:11:30 vps58358 sshd\[10690\]: Failed password for invalid user tantinews from 145.239.198.218 port 41298 ssh2Dec 20 09:16:07 vps58358 sshd\[10724\]: Invalid user holaday from 145.239.198.218Dec 20 09:16:09 vps58358 sshd\[10724\]: Failed password for invalid user holaday from 145.239.198.218 port 59254 ssh2Dec 20 09:20:53 vps58358 sshd\[10754\]: Invalid user wwwrun from 145.239.198.218Dec 20 09:20:54 vps58358 sshd\[10754\]: Failed password for invalid user wwwrun from 145.239.198.218 port 48544 ssh2 ...	2019-12-20 16:22:28
159.203.198.34	attack	2019-12-20T08:29:48.155992 sshd[3102]: Invalid user mcoscona from 159.203.198.34 port 40282 2019-12-20T08:29:48.170194 sshd[3102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.198.34 2019-12-20T08:29:48.155992 sshd[3102]: Invalid user mcoscona from 159.203.198.34 port 40282 2019-12-20T08:29:50.548097 sshd[3102]: Failed password for invalid user mcoscona from 159.203.198.34 port 40282 ssh2 2019-12-20T08:34:57.716545 sshd[3268]: Invalid user kilcollins from 159.203.198.34 port 42816 ...	2019-12-20 16:15:03
124.207.98.213	attackspam	Lines containing failures of 124.207.98.213 Dec 17 21:23:53 shared09 sshd[9569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.207.98.213 user=nagios Dec 17 21:23:55 shared09 sshd[9569]: Failed password for nagios from 124.207.98.213 port 14440 ssh2 Dec 17 21:23:55 shared09 sshd[9569]: Received disconnect from 124.207.98.213 port 14440:11: Bye Bye [preauth] Dec 17 21:23:55 shared09 sshd[9569]: Disconnected from authenticating user nagios 124.207.98.213 port 14440 [preauth] Dec 17 21:37:00 shared09 sshd[13805]: Invalid user user from 124.207.98.213 port 15547 Dec 17 21:37:00 shared09 sshd[13805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.207.98.213 Dec 17 21:37:03 shared09 sshd[13805]: Failed password for invalid user user from 124.207.98.213 port 15547 ssh2 Dec 17 21:37:03 shared09 sshd[13805]: Received disconnect from 124.207.98.213 port 15547:11: Bye Bye [preauth] Dec 17 21........ ------------------------------	2019-12-20 16:19:13

最近上报的IP列表

124.152.158.41	124.6.140.110	123.232.36.221	123.189.3.36
123.166.135.210	121.122.88.137	120.193.76.180	119.98.249.49
10.111.62.40	118.173.221.232	113.110.226.5	113.64.63.184
113.53.16.114	112.197.81.54	112.138.4.99	112.87.191.148
67.211.209.47	111.224.6.7	105.112.104.56	60.183.2.202