1.196.140.54 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telecom Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 1.196.140.54 to port 139 [T]	2020-05-20 09:11:19

相同子网IP讨论:

IP	类型	评论内容	时间
1.196.140.43	attack	Unauthorized connection attempt detected from IP address 1.196.140.43 to port 139 [T]	2020-05-20 09:37:30
1.196.140.103	attackbotsspam	Unauthorized connection attempt detected from IP address 1.196.140.103 to port 139 [T]	2020-05-20 09:10:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.196.140.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23975
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.196.140.54.			IN	A

;; AUTHORITY SECTION:
.			187	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051901 1800 900 604800 86400

;; Query time: 319 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 20 09:11:14 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

;; connection timed out; no servers could be reached

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 54.140.196.1.in-addr.arpa.: No answer

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
177.37.127.221	attackbots	445/tcp [2020-10-02]1pkt	2020-10-04 00:39:27
5.180.79.203	attackbotsspam	Found on CINS badguys / proto=6 . srcport=34823 . dstport=11211 . (492)	2020-10-04 01:02:55
188.166.20.37	attack	2020-10-01 10:44:38 server sshd[91913]: Failed password for invalid user root from 188.166.20.37 port 45638 ssh2	2020-10-04 00:45:45
187.108.31.231	attack	(smtpauth) Failed SMTP AUTH login from 187.108.31.231 (BR/Brazil/187.108.31.231-rev.tcheturbo.net.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-10-02 16:54:59 dovecot_login authenticator failed for (Alan) [187.108.31.231]:4216: 535 Incorrect authentication data (set_id=alanalonso) 2020-10-02 17:05:01 dovecot_login authenticator failed for (Alan) [187.108.31.231]:3914: 535 Incorrect authentication data (set_id=alanalonso) 2020-10-02 17:15:03 dovecot_login authenticator failed for (Alan) [187.108.31.231]:3932: 535 Incorrect authentication data (set_id=alanalonso) 2020-10-02 17:25:06 dovecot_login authenticator failed for (Alan) [187.108.31.231]:1986: 535 Incorrect authentication data (set_id=alanalonso) 2020-10-02 17:37:54 dovecot_login authenticator failed for (Alan) [187.108.31.231]:4184: 535 Incorrect authentication data (set_id=alanalonso)	2020-10-04 00:38:55
119.15.80.203	attackspam	TCP (SYN) 119.15.80.203:53997 -> port 445, len 40	2020-10-04 00:49:46
43.247.161.225	attackspambots	Port Scan: TCP/23	2020-10-04 01:02:11
192.241.238.218	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-04 00:48:27
14.226.229.83	attack	Oct 2 17:37:39 firewall sshd[2658]: Invalid user admin from 14.226.229.83 Oct 2 17:37:41 firewall sshd[2658]: Failed password for invalid user admin from 14.226.229.83 port 43922 ssh2 Oct 2 17:37:48 firewall sshd[2660]: Invalid user admin from 14.226.229.83 ...	2020-10-04 00:50:43
31.132.179.235	attackspambots	TCP (SYN) 31.132.179.235:1665 -> port 23, len 44	2020-10-04 01:16:26
185.250.45.226	attack	(mod_security) mod_security (id:210730) triggered by 185.250.45.226 (RU/Russia/-): 5 in the last 300 secs	2020-10-04 01:07:03
106.75.152.83	attack	Invalid user webmaster from 106.75.152.83 port 35532	2020-10-04 00:41:50
139.99.219.208	attackbots	detected by Fail2Ban	2020-10-04 00:41:33
51.178.86.49	attackbotsspam	Oct 3 16:40:28 ip106 sshd[10971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.86.49 Oct 3 16:40:30 ip106 sshd[10971]: Failed password for invalid user 0 from 51.178.86.49 port 59384 ssh2 ...	2020-10-04 00:53:06
129.226.114.97	attackbots	Oct 3 08:23:29 icinga sshd[54735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.114.97 Oct 3 08:23:31 icinga sshd[54735]: Failed password for invalid user arkserver from 129.226.114.97 port 53654 ssh2 Oct 3 08:26:40 icinga sshd[60496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.114.97 ...	2020-10-04 00:56:14
162.243.50.8	attack	162.243.50.8 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 3 14:30:55 server2 sshd[22540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.31.19.206 user=root Oct 3 14:33:37 server2 sshd[22955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.50.8 user=root Oct 3 14:27:46 server2 sshd[21984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.186.178 user=root Oct 3 14:17:18 server2 sshd[20214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.123.192 user=root Oct 3 14:17:20 server2 sshd[20214]: Failed password for root from 51.68.123.192 port 47842 ssh2 Oct 3 14:30:57 server2 sshd[22540]: Failed password for root from 200.31.19.206 port 40902 ssh2 IP Addresses Blocked: 200.31.19.206 (AR/Argentina/-)	2020-10-04 01:11:46

最近上报的IP列表

162.243.144.19	136.244.64.173	124.205.137.90	161.163.102.226
123.192.165.200	123.160.198.62	123.160.197.212	123.160.197.200
123.160.197.104	123.160.196.19	121.231.49.37	226.151.226.79
119.163.214.153	200.98.13.135	113.122.145.66	254.169.227.130
113.105.206.112	106.245.191.206	126.184.9.166	111.64.143.243

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表