1.53.207.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Broadband Service

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
1.53.207.225	attackbotsspam	firewall-block, port(s): 445/tcp	2020-06-24 20:18:14
1.53.207.12	attackbots	Jan 31 09:27:58 mxgate1 postfix/postscreen[11466]: CONNECT from [1.53.207.12]:38875 to [176.31.12.44]:25 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11471]: addr 1.53.207.12 listed by domain zen.spamhaus.org as 127.0.0.10 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11471]: addr 1.53.207.12 listed by domain zen.spamhaus.org as 127.0.0.3 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11471]: addr 1.53.207.12 listed by domain zen.spamhaus.org as 127.0.0.4 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11468]: addr 1.53.207.12 listed by domain cbl.abuseat.org as 127.0.0.2 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11467]: addr 1.53.207.12 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11469]: addr 1.53.207.12 listed by domain bl.spamcop.net as 127.0.0.2 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11470]: addr 1.53.207.12 listed by domain b.barracudacentral.org as 127.0.0.2 Jan 31 09:28:04 mxgate1 postfix/postscreen[11466]: DNSBL rank 6 for [1.53.207.12]:38875 ........ -------------------------------	2020-01-31 23:22:10
1.53.207.67	attackbotsspam	Unauthorised access (Sep 23) SRC=1.53.207.67 LEN=40 TTL=47 ID=2461 TCP DPT=8080 WINDOW=20850 SYN	2019-09-23 06:43:16

类型

评论内容

时间

1.53.207.225

attackbotsspam

firewall-block, port(s): 445/tcp

2020-06-24 20:18:14

1.53.207.12

attackbots

Jan 31 09:27:58 mxgate1 postfix/postscreen[11466]: CONNECT from [1.53.207.12]:38875 to [176.31.12.44]:25
Jan 31 09:27:58 mxgate1 postfix/dnsblog[11471]: addr 1.53.207.12 listed by domain zen.spamhaus.org as 127.0.0.10
Jan 31 09:27:58 mxgate1 postfix/dnsblog[11471]: addr 1.53.207.12 listed by domain zen.spamhaus.org as 127.0.0.3
Jan 31 09:27:58 mxgate1 postfix/dnsblog[11471]: addr 1.53.207.12 listed by domain zen.spamhaus.org as 127.0.0.4
Jan 31 09:27:58 mxgate1 postfix/dnsblog[11468]: addr 1.53.207.12 listed by domain cbl.abuseat.org as 127.0.0.2
Jan 31 09:27:58 mxgate1 postfix/dnsblog[11467]: addr 1.53.207.12 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Jan 31 09:27:58 mxgate1 postfix/dnsblog[11469]: addr 1.53.207.12 listed by domain bl.spamcop.net as 127.0.0.2
Jan 31 09:27:58 mxgate1 postfix/dnsblog[11470]: addr 1.53.207.12 listed by domain b.barracudacentral.org as 127.0.0.2
Jan 31 09:28:04 mxgate1 postfix/postscreen[11466]: DNSBL rank 6 for [1.53.207.12]:38875
........
-------------------------------

2020-01-31 23:22:10

1.53.207.67

attackbotsspam

Unauthorised access (Sep 23) SRC=1.53.207.67 LEN=40 TTL=47 ID=2461 TCP DPT=8080 WINDOW=20850 SYN

2019-09-23 06:43:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.53.207.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51889
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.53.207.139.			IN	A

;; AUTHORITY SECTION:
.			547	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070101 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 01 13:44:34 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 139.207.53.1.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 139.207.53.1.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
5.135.182.84	attackspam	Sep 9 16:12:25 hanapaa sshd\[5766\]: Invalid user ts3server from 5.135.182.84 Sep 9 16:12:25 hanapaa sshd\[5766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns342662.ip-5-135-182.eu Sep 9 16:12:27 hanapaa sshd\[5766\]: Failed password for invalid user ts3server from 5.135.182.84 port 40198 ssh2 Sep 9 16:20:43 hanapaa sshd\[6445\]: Invalid user its from 5.135.182.84 Sep 9 16:20:43 hanapaa sshd\[6445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns342662.ip-5-135-182.eu	2019-09-10 10:21:31
103.254.120.222	attackspam	Sep 9 15:57:56 aiointranet sshd\[25907\]: Invalid user jenkins from 103.254.120.222 Sep 9 15:57:56 aiointranet sshd\[25907\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.254.120.222 Sep 9 15:57:57 aiointranet sshd\[25907\]: Failed password for invalid user jenkins from 103.254.120.222 port 44832 ssh2 Sep 9 16:04:48 aiointranet sshd\[26505\]: Invalid user vbox from 103.254.120.222 Sep 9 16:04:48 aiointranet sshd\[26505\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.254.120.222	2019-09-10 10:05:32
93.43.39.56	attack	Sep 9 16:27:33 sachi sshd\[19873\]: Invalid user debian from 93.43.39.56 Sep 9 16:27:33 sachi sshd\[19873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=posta.teamleadersrl.it Sep 9 16:27:35 sachi sshd\[19873\]: Failed password for invalid user debian from 93.43.39.56 port 57826 ssh2 Sep 9 16:35:42 sachi sshd\[20597\]: Invalid user git from 93.43.39.56 Sep 9 16:35:42 sachi sshd\[20597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=posta.teamleadersrl.it	2019-09-10 10:45:24
37.6.89.18	attackbotsspam	DATE:2019-09-10 03:23:16, IP:37.6.89.18, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-09-10 10:14:30
183.157.173.137	attackbotsspam	Sep 10 03:22:45 vps691689 sshd[8834]: Failed password for root from 183.157.173.137 port 14539 ssh2 Sep 10 03:22:47 vps691689 sshd[8834]: Failed password for root from 183.157.173.137 port 14539 ssh2 Sep 10 03:22:50 vps691689 sshd[8834]: Failed password for root from 183.157.173.137 port 14539 ssh2 ...	2019-09-10 10:32:03
185.8.176.2	attack	Sep 10 03:22:47 smtp postfix/smtpd[11485]: NOQUEUE: reject: RCPT from unknown[185.8.176.2]: 554 5.7.1 Service unavailable; Client host [185.8.176.2] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?185.8.176.2; from= to= proto=ESMTP helo= ...	2019-09-10 10:35:57
221.213.75.130	attack	221.213.75.155 - - [09/Sep/2019:14:23:03 +0000] "GET / HTTP/1.1" 200 530 "-" "-" 221.213.75.155 - - [09/Sep/2019:14:23:03 +0000] "GET / HTTP/1.1" 200 496 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" 221.213.75.155 - - [09/Sep/2019:14:23:04 +0000] "GET / HTTP/1.1" 200 496 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" 221.213.75.155 - - [09/Sep/2019:14:23:05 +0000] "GET / HTTP/1.1" 200 496 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" 221.213.75.155 - - [09/Sep/2019:14:23:05 +0000] "GET /currentsetting.htm HTTP/1.1" 404 437 "-" "-" 221.213.75.155 - - [09/Sep/2019:14:23:06 +0000] "GET / HTTP/1.1" 200 530 "-" "-" 221.213.75.155 - - [09/Sep/2019:14:23:07 +0000] "GET /winbox.png HTTP/1.1" 404 437 "-" "-" 221.213.75.155 - - [09/Sep/2019:14:23:07 +0000] "GET /cgi-bin/nobody/Machine.cgi?action=get_capability HTTP/1.1" 404 437 "-" "-" 221.213.75.155 - - [09/Sep/2019:14:23:08 +0000] "GET /cgi-bin/user/Config.cgi?.cab&action=get&category=Account.* HTTP/1.1" 404 437 "-" "-" 221.213.75.155 - - [09/Sep/2019:14:23:09 +0000] "GET /device_description.xml HTTP/1.1" 404 437 "-" "-" 221.213.75.155 - - [09/Sep/2019:14:23:09 +0000] "GET /current_config/passwd HTTP/1.1" 404 437 "-" "-" 221.213.75.155 - - [09/Sep/2019:14:23:10 +0000] "GET /login/login.html HTTP/1.1" 404 437 "-" "-"	2019-09-10 10:28:40
187.167.73.242	attackspam	Automatic report - Port Scan Attack	2019-09-10 10:50:24
218.98.26.170	attackbots	SSH Brute-Force attacks	2019-09-10 10:20:22
43.248.189.33	attackbots	09/09/2019-21:23:05.062943 43.248.189.33 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-09-10 10:19:23
49.234.109.61	attack	Sep 9 22:23:01 plusreed sshd[15027]: Invalid user sinusbot from 49.234.109.61 ...	2019-09-10 10:45:58
106.75.55.123	attackspambots	Sep 9 15:52:21 php1 sshd\[25112\]: Invalid user guest from 106.75.55.123 Sep 9 15:52:21 php1 sshd\[25112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.123 Sep 9 15:52:23 php1 sshd\[25112\]: Failed password for invalid user guest from 106.75.55.123 port 60030 ssh2 Sep 9 15:56:47 php1 sshd\[25540\]: Invalid user update from 106.75.55.123 Sep 9 15:56:47 php1 sshd\[25540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.123	2019-09-10 10:05:01
198.245.63.151	attackspam	Sep 10 03:17:38 tux-35-217 sshd\[4363\]: Invalid user jenkins from 198.245.63.151 port 40636 Sep 10 03:17:38 tux-35-217 sshd\[4363\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.63.151 Sep 10 03:17:39 tux-35-217 sshd\[4363\]: Failed password for invalid user jenkins from 198.245.63.151 port 40636 ssh2 Sep 10 03:23:27 tux-35-217 sshd\[4393\]: Invalid user nagios from 198.245.63.151 port 47138 Sep 10 03:23:27 tux-35-217 sshd\[4393\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.63.151 ...	2019-09-10 09:57:28
51.68.192.106	attack	Sep 10 04:52:25 taivassalofi sshd[113006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.192.106 Sep 10 04:52:27 taivassalofi sshd[113006]: Failed password for invalid user webuser from 51.68.192.106 port 42080 ssh2 ...	2019-09-10 09:56:45
107.173.26.170	attack	Sep 10 03:22:55 nextcloud sshd\[29432\]: Invalid user test2 from 107.173.26.170 Sep 10 03:22:55 nextcloud sshd\[29432\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.26.170 Sep 10 03:22:57 nextcloud sshd\[29432\]: Failed password for invalid user test2 from 107.173.26.170 port 58701 ssh2 ...	2019-09-10 10:24:42

最近上报的IP列表

142.63.129.51	59.115.231.183	205.49.68.145	47.110.237.202
113.179.83.114	160.236.252.151	121.104.40.32	77.159.223.249
103.109.2.18	58.252.187.50	14.102.246.124	172.212.197.52
44.166.20.245	1.34.180.216	101.67.245.6	148.146.198.93
144.87.170.250	187.112.13.43	168.141.186.226	220.134.85.192