1.194.50.91 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telecom Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Mar 25 22:34:08 DAAP sshd[12317]: Invalid user sftpuser04 from 1.194.50.91 port 44446 Mar 25 22:34:08 DAAP sshd[12317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.194.50.91 Mar 25 22:34:08 DAAP sshd[12317]: Invalid user sftpuser04 from 1.194.50.91 port 44446 Mar 25 22:34:09 DAAP sshd[12317]: Failed password for invalid user sftpuser04 from 1.194.50.91 port 44446 ssh2 Mar 25 22:41:34 DAAP sshd[12559]: Invalid user sato from 1.194.50.91 port 41340 ...	2020-03-26 08:34:06

类型

评论内容

时间

attack

Mar 25 22:34:08 DAAP sshd[12317]: Invalid user sftpuser04 from 1.194.50.91 port 44446
Mar 25 22:34:08 DAAP sshd[12317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.194.50.91
Mar 25 22:34:08 DAAP sshd[12317]: Invalid user sftpuser04 from 1.194.50.91 port 44446
Mar 25 22:34:09 DAAP sshd[12317]: Failed password for invalid user sftpuser04 from 1.194.50.91 port 44446 ssh2
Mar 25 22:41:34 DAAP sshd[12559]: Invalid user sato from 1.194.50.91 port 41340
...

2020-03-26 08:34:06

相同子网IP讨论:

IP	类型	评论内容	时间
1.194.50.194	attack	$f2bV_matches	2020-07-26 12:33:06
1.194.50.129	attackspambots	21 attempts against mh-ssh on pole	2020-06-25 00:31:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.194.50.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16390
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.194.50.91.			IN	A

;; AUTHORITY SECTION:
.			469	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032503 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 26 08:34:00 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

;; connection timed out; no servers could be reached

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 91.50.194.1.in-addr.arpa.: No answer

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
114.112.81.182	attackbots	Jul 13 17:52:40 meumeu sshd[30436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.112.81.182 Jul 13 17:52:41 meumeu sshd[30436]: Failed password for invalid user admins from 114.112.81.182 port 44956 ssh2 Jul 13 17:59:52 meumeu sshd[31866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.112.81.182 ...	2019-07-14 00:00:34
113.134.211.228	attackbotsspam	Jul 13 17:11:41 minden010 sshd[18429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.134.211.228 Jul 13 17:11:42 minden010 sshd[18429]: Failed password for invalid user teamspeak@123 from 113.134.211.228 port 43682 ssh2 Jul 13 17:16:37 minden010 sshd[20235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.134.211.228 ...	2019-07-13 23:46:01
94.180.121.10	attack	Automatic report - Port Scan Attack	2019-07-14 00:06:57
61.216.15.225	attackbotsspam	Jul 13 16:51:30 debian sshd\[22787\]: Invalid user user from 61.216.15.225 port 48650 Jul 13 16:51:30 debian sshd\[22787\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.216.15.225 ...	2019-07-14 00:09:02
120.4.45.50	attackbotsspam	Automatic report - Port Scan Attack	2019-07-14 00:20:00
168.228.148.152	attackbotsspam	failed_logins	2019-07-14 00:41:14
91.92.183.103	attackbotsspam	proto=tcp . spt=60490 . dpt=25 . (listed on 91.92.180.0/22 Iranian ip dnsbl-sorbs abuseat-org barracuda) (447)	2019-07-14 00:44:10
80.23.248.243	attackbotsspam	Automatic report - Port Scan Attack	2019-07-14 00:10:26
45.55.182.232	attack	2019-07-13T16:20:53.534914abusebot-8.cloudsearch.cf sshd\[2983\]: Invalid user guest from 45.55.182.232 port 49180	2019-07-14 00:32:03
137.25.57.18	attack	Jul 13 16:36:40 mail sshd\[582\]: Failed password for invalid user joomla from 137.25.57.18 port 10118 ssh2 Jul 13 16:56:54 mail sshd\[680\]: Invalid user vinay from 137.25.57.18 port 41937 Jul 13 16:56:54 mail sshd\[680\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.25.57.18 ...	2019-07-14 00:03:35
125.209.123.181	attackspam	Jul 13 19:20:55 srv-4 sshd\[20060\]: Invalid user mike from 125.209.123.181 Jul 13 19:20:55 srv-4 sshd\[20060\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.209.123.181 Jul 13 19:20:57 srv-4 sshd\[20060\]: Failed password for invalid user mike from 125.209.123.181 port 49328 ssh2 ...	2019-07-14 00:48:58
206.81.11.216	attackbots	Jul 13 16:10:40 animalibera sshd[10458]: Invalid user dai from 206.81.11.216 port 55010 ...	2019-07-14 00:27:30
103.126.100.67	attackspam	Jul 13 18:22:14 bouncer sshd\[18217\]: Invalid user wizard from 103.126.100.67 port 36970 Jul 13 18:22:14 bouncer sshd\[18217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.126.100.67 Jul 13 18:22:16 bouncer sshd\[18217\]: Failed password for invalid user wizard from 103.126.100.67 port 36970 ssh2 ...	2019-07-14 00:48:29
118.63.20.103	attackbots	Jul 13 10:15:34 mailman dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=, method=PLAIN, rip=118.63.20.103, lip=[munged], TLS	2019-07-14 00:45:50
46.3.96.67	attackbots	13.07.2019 15:16:34 Connection to port 2979 blocked by firewall	2019-07-14 00:04:21

最近上报的IP列表

245.107.122.54	129.28.167.206	89.86.185.157	8.60.204.97
107.234.217.186	133.190.52.247	106.197.7.154	180.242.32.169
189.234.211.0	203.156.197.125	98.128.144.159	185.112.108.240
185.128.26.22	84.204.168.242	204.134.197.77	152.242.29.30
120.36.212.242	117.102.73.102	194.152.12.121	175.214.73.191