164.138.19.1 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Iran, Islamic Republic of

运营商(isp): Ravand Tazeh Co .Pjs.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2019-07-01 05:23:28 H=linux20.sgnetway.net [164.138.19.1]:55688 I=[10.100.18.25]:25 sender verify fail for : Unrouteable address 2019-07-01 x@x 2019-07-01 05:23:28 unexpected disconnection while reading SMTP command from linux20.sgnetway.net [164.138.19.1]:55688 I=[10.100.18.25]:25 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=164.138.19.1	2019-07-01 19:49:59

类型

评论内容

时间

attack

2019-07-01 05:23:28 H=linux20.sgnetway.net [164.138.19.1]:55688 I=[10.100.18.25]:25 sender verify fail for : Unrouteable address
2019-07-01 x@x
2019-07-01 05:23:28 unexpected disconnection while reading SMTP command from linux20.sgnetway.net [164.138.19.1]:55688 I=[10.100.18.25]:25


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=164.138.19.1

2019-07-01 19:49:59

相同子网IP讨论:

IP	类型	评论内容	时间
164.138.192.59	attackspam	Apr 19 08:09:32 server sshd[59312]: Failed password for root from 164.138.192.59 port 59914 ssh2 Apr 19 08:20:36 server sshd[62279]: Failed password for invalid user dk from 164.138.192.59 port 35838 ssh2 Apr 19 08:25:19 server sshd[63720]: Failed password for root from 164.138.192.59 port 55298 ssh2	2020-04-19 19:42:25

类型

评论内容

时间

164.138.192.59

attackspam

Apr 19 08:09:32 server sshd[59312]: Failed password for root from 164.138.192.59 port 59914 ssh2
Apr 19 08:20:36 server sshd[62279]: Failed password for invalid user dk from 164.138.192.59 port 35838 ssh2
Apr 19 08:25:19 server sshd[63720]: Failed password for root from 164.138.192.59 port 55298 ssh2

2020-04-19 19:42:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 164.138.19.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 899
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;164.138.19.1.			IN	A

;; AUTHORITY SECTION:
.			3251	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019063001 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 01 19:49:53 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

1.19.138.164.in-addr.arpa domain name pointer linux20.sgnetway.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
1.19.138.164.in-addr.arpa	name = linux20.sgnetway.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
139.59.13.55	attack	fail2ban -- 139.59.13.55 ...	2020-06-04 06:43:59
106.12.22.202	attackspambots	Jun 3 22:05:40 ns382633 sshd\[19869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.22.202 user=root Jun 3 22:05:42 ns382633 sshd\[19869\]: Failed password for root from 106.12.22.202 port 58164 ssh2 Jun 3 22:09:46 ns382633 sshd\[20260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.22.202 user=root Jun 3 22:09:48 ns382633 sshd\[20260\]: Failed password for root from 106.12.22.202 port 58704 ssh2 Jun 3 22:13:39 ns382633 sshd\[21135\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.22.202 user=root	2020-06-04 06:53:53
222.186.180.147	attackbots	Jun 4 00:46:55 MainVPS sshd[24564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root Jun 4 00:46:57 MainVPS sshd[24564]: Failed password for root from 222.186.180.147 port 16712 ssh2 Jun 4 00:47:09 MainVPS sshd[24564]: error: maximum authentication attempts exceeded for root from 222.186.180.147 port 16712 ssh2 [preauth] Jun 4 00:46:55 MainVPS sshd[24564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root Jun 4 00:46:57 MainVPS sshd[24564]: Failed password for root from 222.186.180.147 port 16712 ssh2 Jun 4 00:47:09 MainVPS sshd[24564]: error: maximum authentication attempts exceeded for root from 222.186.180.147 port 16712 ssh2 [preauth] Jun 4 00:47:13 MainVPS sshd[24922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root Jun 4 00:47:15 MainVPS sshd[24922]: Failed password for root from 222.186.180.147 port	2020-06-04 06:49:35
106.13.232.67	attackspam	Jun 3 22:12:30 ns381471 sshd[15722]: Failed password for root from 106.13.232.67 port 48024 ssh2	2020-06-04 06:46:53
36.107.231.56	attackspam	$f2bV_matches	2020-06-04 06:31:25
144.217.7.75	attack	$f2bV_matches	2020-06-04 07:05:30
104.33.52.85	attackspam	Honeypot attack, port: 81, PTR: cpe-104-33-52-85.socal.res.rr.com.	2020-06-04 06:52:40
78.46.61.245	attackspam	20 attempts against mh-misbehave-ban on plane	2020-06-04 06:58:09
14.141.144.50	attackbots	Honeypot attack, port: 445, PTR: ws.rakshatpa.com.	2020-06-04 06:44:25
45.71.134.187	attack	Jun 4 03:13:22 itv-usvr-01 sshd[23707]: Invalid user Administrator from 45.71.134.187 Jun 4 03:13:23 itv-usvr-01 sshd[23707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.71.134.187 Jun 4 03:13:22 itv-usvr-01 sshd[23707]: Invalid user Administrator from 45.71.134.187 Jun 4 03:13:25 itv-usvr-01 sshd[23707]: Failed password for invalid user Administrator from 45.71.134.187 port 27272 ssh2 Jun 4 03:13:35 itv-usvr-01 sshd[23713]: Invalid user Administrator from 45.71.134.187	2020-06-04 06:57:39
220.250.0.252	attackspambots	Jun 3 22:06:37 melroy-server sshd[18824]: Failed password for root from 220.250.0.252 port 46075 ssh2 ...	2020-06-04 07:02:08
5.182.39.62	attackspam	SSH Bruteforce on Honeypot	2020-06-04 06:40:01
192.99.36.177	attack	GET /wp-login.php HTTP/1.1	2020-06-04 06:38:21
192.210.192.165	attack	20 attempts against mh-ssh on echoip	2020-06-04 06:45:15
85.57.145.133	attackspambots	Jun 3 22:04:07 WHD8 dovecot: pop3-login: Disconnected: Inactivity $auth failed, 1 attempts in 179 secs$: user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Jun 3 22:04:10 WHD8 dovecot: pop3-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Jun 3 22:13:53 WHD8 dovecot: pop3-login: Disconnected $auth failed, 1 attempts in 156 secs$: user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Jun 3 22:13:53 WHD8 dovecot: pop3-login: Disconnected $auth failed, 1 attempts in 160 secs$: user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ ...	2020-06-04 06:41:03

最近上报的IP列表

79.23.133.172	188.165.219.26	190.96.172.101	216.170.114.14
103.194.184.74	115.216.58.183	168.228.151.4	8.208.9.38
92.255.195.228	84.201.170.135	116.68.160.114	191.234.162.22
112.238.141.40	5.160.91.146	121.21.93.146	103.219.112.43
77.233.21.244	122.102.27.33	103.232.154.169	178.128.19.237