1.20.89.132 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.20.89.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64254
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.20.89.132.			IN	A

;; AUTHORITY SECTION:
.			375	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022400 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 21:19:52 CST 2022
;; MSG SIZE  rcvd: 104

HOST信息:

Host 132.89.20.1.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 132.89.20.1.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
137.135.8.32	attackbotsspam	(sshd) Failed SSH login from 137.135.8.32 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 9 01:29:39 amsweb01 sshd[19072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.135.8.32 user=root May 9 01:29:41 amsweb01 sshd[19072]: Failed password for root from 137.135.8.32 port 61965 ssh2 May 9 01:29:43 amsweb01 sshd[19072]: Failed password for root from 137.135.8.32 port 61965 ssh2 May 9 01:29:44 amsweb01 sshd[19072]: Failed password for root from 137.135.8.32 port 61965 ssh2 May 9 01:48:38 amsweb01 sshd[32586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.135.8.32 user=root	2020-05-09 08:48:55
178.154.200.184	attack	[Sat May 09 06:19:41.071144 2020] [:error] [pid 4458:tid 140043267847936] [client 178.154.200.184:36894] [client 178.154.200.184] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XrXpDfLJ5e1yJs3dmgPACgAAALU"] ...	2020-05-09 08:42:56
106.13.4.86	attackbotsspam	May 8 22:54:27 mail1 sshd\[2288\]: Invalid user elliott from 106.13.4.86 port 35304 May 8 22:54:27 mail1 sshd\[2288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.86 May 8 22:54:29 mail1 sshd\[2288\]: Failed password for invalid user elliott from 106.13.4.86 port 35304 ssh2 May 8 23:04:57 mail1 sshd\[2383\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.86 user=root May 8 23:04:59 mail1 sshd\[2383\]: Failed password for root from 106.13.4.86 port 58516 ssh2 ...	2020-05-09 08:58:25
128.0.129.192	attackbots	May 9 04:48:49 vps639187 sshd\[23815\]: Invalid user tv from 128.0.129.192 port 51202 May 9 04:48:49 vps639187 sshd\[23815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.0.129.192 May 9 04:48:50 vps639187 sshd\[23815\]: Failed password for invalid user tv from 128.0.129.192 port 51202 ssh2 ...	2020-05-09 12:03:25
218.92.0.175	attackbotsspam	2020-05-06T22:33:13.140649finland sshd[54888]: Unable to negotiate with 218.92.0.175 port 48685: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] 2020-05-07T09:41:49.212494finland sshd[57560]: Connection from 218.92.0.175 port 2296 on 95.217.116.180 port 22 rdomain "" 2020-05-07T09:41:50.434222finland sshd[57560]: Unable to negotiate with 218.92.0.175 port 2296: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] 2020-05-07T14:22:16.770229finland sshd[57934]: Connection from 218.92.0.175 port 47947 on 95.217.116.180 port 22 rdomain "" 2020-05-07T14:22:18.181658finland sshd[57934]: Connection reset by 218.92.0.175 port 47947 [preauth] 2020-05-08T05:17:01.548050finland sshd[59926]: Connection from 218.92.0.175 port 45959 on 95.217.116.180 port 22 rdomain "" 2020-05-08T05:17:01.837128finla ...	2020-05-09 12:05:30
118.45.130.170	attackspambots	May 9 01:55:13 sso sshd[4029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.45.130.170 May 9 01:55:15 sso sshd[4029]: Failed password for invalid user opt from 118.45.130.170 port 53619 ssh2 ...	2020-05-09 12:03:06
185.50.149.9	attackspambots	May 9 04:50:05 web01.agentur-b-2.de postfix/smtpd[76098]: warning: unknown[185.50.149.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:50:05 web01.agentur-b-2.de postfix/smtpd[76098]: lost connection after AUTH from unknown[185.50.149.9] May 9 04:50:11 web01.agentur-b-2.de postfix/smtpd[71181]: lost connection after AUTH from unknown[185.50.149.9] May 9 04:50:17 web01.agentur-b-2.de postfix/smtpd[76098]: lost connection after AUTH from unknown[185.50.149.9] May 9 04:50:23 web01.agentur-b-2.de postfix/smtpd[71181]: warning: unknown[185.50.149.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-05-09 12:15:55
187.112.20.149	attackbotsspam	Attempted connection to port 445.	2020-05-09 09:04:55
78.128.113.76	attackbotsspam	May 9 04:40:25 web01.agentur-b-2.de postfix/smtps/smtpd[75219]: warning: unknown[78.128.113.76]: SASL PLAIN authentication failed: May 9 04:40:25 web01.agentur-b-2.de postfix/smtps/smtpd[75219]: lost connection after AUTH from unknown[78.128.113.76] May 9 04:40:30 web01.agentur-b-2.de postfix/smtps/smtpd[75219]: lost connection after CONNECT from unknown[78.128.113.76] May 9 04:40:36 web01.agentur-b-2.de postfix/smtps/smtpd[75255]: lost connection after AUTH from unknown[78.128.113.76] May 9 04:40:40 web01.agentur-b-2.de postfix/smtps/smtpd[75219]: warning: unknown[78.128.113.76]: SASL PLAIN authentication failed:	2020-05-09 12:18:19
82.254.198.176	attackbotsspam	May 9 04:43:55 mail.srvfarm.net webmin[1980439]: Non-existent login as ftp from 82.254.198.176 May 9 04:43:56 mail.srvfarm.net webmin[1980442]: Non-existent login as ftp from 82.254.198.176 May 9 04:43:59 mail.srvfarm.net webmin[1980445]: Non-existent login as ftp from 82.254.198.176 May 9 04:44:02 mail.srvfarm.net webmin[1980453]: Non-existent login as ftp from 82.254.198.176 May 9 04:44:06 mail.srvfarm.net webmin[1980485]: Non-existent login as ftp from 82.254.198.176	2020-05-09 12:17:51
222.186.42.136	attackspambots	05/08/2020-22:58:00.209700 222.186.42.136 Protocol: 6 ET SCAN Potential SSH Scan	2020-05-09 12:01:50
61.78.28.54	attack	Brute Forcer	2020-05-09 09:02:56
80.211.116.102	attackspambots	May 9 02:49:21 vps sshd[11745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.116.102 May 9 02:49:23 vps sshd[11745]: Failed password for invalid user ys from 80.211.116.102 port 44686 ssh2 May 9 02:56:59 vps sshd[12158]: Failed password for root from 80.211.116.102 port 43260 ssh2 ...	2020-05-09 12:06:31
195.88.208.203	attackspambots	Attempted connection to port 1972.	2020-05-09 09:04:40
37.17.250.101	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 17 - port: 1024 proto: TCP cat: Misc Attack	2020-05-09 12:00:57

最近上报的IP列表

1.20.89.129	1.20.89.153	106.55.228.210	1.20.89.193
1.20.89.211	1.20.89.250	1.20.89.6	1.20.89.64
1.20.89.81	1.20.90.12	1.20.90.14	1.20.90.161
1.20.90.178	1.20.90.187	48.63.253.40	1.20.90.251
1.20.90.69	1.20.91.10	1.20.91.104	1.20.91.106