154.72.193.254

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Uganda

运营商(isp): National Information Technology Authority Uganda

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Government

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-12 23:18:45
attack	firewall-block, port(s): 1433/tcp	2019-11-07 21:37:45
attackspam	Unauthorised access (Oct 14) SRC=154.72.193.254 LEN=40 TTL=239 ID=37336 TCP DPT=1433 WINDOW=1024 SYN	2019-10-14 19:51:51
attackspam	Unauthorized connection attempt from IP address 154.72.193.254 on Port 445(SMB)	2019-09-01 16:31:21

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.72.193.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9254
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.72.193.254.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050101 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 02:42:50 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

254.193.72.154.in-addr.arpa domain name pointer printer.soliton.co.ug.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
254.193.72.154.in-addr.arpa	name = printer.soliton.co.ug.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
61.219.107.208	attack	SMB Server BruteForce Attack	2019-06-29 10:25:40
175.197.148.6	attackbotsspam	Jun 29 02:16:03 toyboy sshd[25390]: Invalid user holdfast from 175.197.148.6 Jun 29 02:16:03 toyboy sshd[25390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.197.148.6 Jun 29 02:16:05 toyboy sshd[25390]: Failed password for invalid user holdfast from 175.197.148.6 port 34872 ssh2 Jun 29 02:16:05 toyboy sshd[25390]: Received disconnect from 175.197.148.6: 11: Bye Bye [preauth] Jun 29 02:19:42 toyboy sshd[25466]: Invalid user steam from 175.197.148.6 Jun 29 02:19:42 toyboy sshd[25466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.197.148.6 Jun 29 02:19:43 toyboy sshd[25466]: Failed password for invalid user steam from 175.197.148.6 port 53578 ssh2 Jun 29 02:19:44 toyboy sshd[25466]: Received disconnect from 175.197.148.6: 11: Bye Bye [preauth] Jun 29 02:21:32 toyboy sshd[25512]: Invalid user release from 175.197.148.6 Jun 29 02:21:32 toyboy sshd[25512]: pam_unix(sshd:auth): authe........ -------------------------------	2019-06-29 10:10:44
185.220.101.49	attackbotsspam	Jun 29 01:20:13 vps sshd[28549]: Failed password for root from 185.220.101.49 port 33179 ssh2 Jun 29 01:20:16 vps sshd[28549]: Failed password for root from 185.220.101.49 port 33179 ssh2 Jun 29 01:20:20 vps sshd[28549]: Failed password for root from 185.220.101.49 port 33179 ssh2 Jun 29 01:20:22 vps sshd[28549]: Failed password for root from 185.220.101.49 port 33179 ssh2 ...	2019-06-29 10:21:00
147.135.207.246	attack	[munged]::443 147.135.207.246 - - [29/Jun/2019:02:41:19 +0200] "POST /[munged]: HTTP/1.1" 200 6134 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-06-29 09:49:59
167.99.13.45	attackbots	Jun 28 23:21:41 sshgateway sshd\[3089\]: Invalid user guohui from 167.99.13.45 Jun 28 23:21:41 sshgateway sshd\[3089\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.13.45 Jun 28 23:21:42 sshgateway sshd\[3089\]: Failed password for invalid user guohui from 167.99.13.45 port 56868 ssh2	2019-06-29 09:46:51
68.183.50.149	attack	Jun 28 21:45:41 plusreed sshd[7444]: Invalid user lv from 68.183.50.149 ...	2019-06-29 10:05:54
213.150.207.97	attackspambots	Jun 29 01:20:31 [host] sshd[29683]: Invalid user postgres from 213.150.207.97 Jun 29 01:20:31 [host] sshd[29683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.150.207.97 Jun 29 01:20:33 [host] sshd[29683]: Failed password for invalid user postgres from 213.150.207.97 port 37495 ssh2	2019-06-29 10:14:31
176.227.219.6	attack	2019-06-28T13:53:17.865112stt-1.[munged] kernel: [5776022.519739] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=176.227.219.6 DST=[mungedIP1] LEN=44 TOS=0x08 PREC=0x20 TTL=54 ID=0 DF PROTO=TCP SPT=80 DPT=50601 WINDOW=29200 RES=0x00 ACK SYN URGP=0 2019-06-28T18:58:16.708787stt-1.[munged] kernel: [5794321.304876] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=176.227.219.6 DST=[mungedIP1] LEN=44 TOS=0x08 PREC=0x20 TTL=54 ID=0 DF PROTO=TCP SPT=80 DPT=48444 WINDOW=29200 RES=0x00 ACK SYN URGP=0 2019-06-28T19:20:54.704316stt-1.[munged] kernel: [5795679.295912] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=176.227.219.6 DST=[mungedIP1] LEN=44 TOS=0x08 PREC=0x20 TTL=54 ID=0 DF PROTO=TCP SPT=80 DPT=53659 WINDOW=29200 RES=0x00 ACK SYN URGP=0	2019-06-29 10:06:54
177.184.247.107	attackbotsspam	Distributed brute force attack	2019-06-29 09:58:21
94.176.76.56	attack	(Jun 29) LEN=40 TTL=244 ID=9734 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=56980 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=63600 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=19702 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=38561 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=26975 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=54171 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=12198 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=14001 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=49440 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=16335 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=9613 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=46130 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=14386 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=15176 DF TCP DPT=23 WINDOW=14600 SY...	2019-06-29 10:09:47
139.59.82.78	attack	Jun 29 03:48:01 core01 sshd\[28475\]: Invalid user debian from 139.59.82.78 port 42050 Jun 29 03:48:01 core01 sshd\[28475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.82.78 ...	2019-06-29 10:00:24
106.75.126.42	attackbotsspam	Repeated brute force against a port	2019-06-29 10:02:58
122.175.55.196	attackspam	detected by Fail2Ban	2019-06-29 10:17:37
46.24.108.16	attackbots	Jun 29 01:20:46 [host] sshd[29700]: Invalid user ftp from 46.24.108.16 Jun 29 01:20:46 [host] sshd[29700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.24.108.16 Jun 29 01:20:48 [host] sshd[29700]: Failed password for invalid user ftp from 46.24.108.16 port 56231 ssh2	2019-06-29 10:08:41
141.98.10.53	attack	Rude login attack (20 tries in 1d)	2019-06-29 10:11:04

最近上报的IP列表

190.216.99.164	181.48.36.60	117.4.243.16	94.102.51.98
85.237.53.179	83.143.246.30	218.156.38.130	212.224.65.254
190.13.128.146	123.201.158.194	34.234.54.252	222.187.41.10
81.130.146.18	219.80.248.32	104.236.131.54	212.224.88.146
77.247.109.232	238.97.200.60	84.57.204.225	196.218.110.31