196.207.148.19

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Kenya

运营商(isp): Wananchi Group Kenya

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Port probing on unauthorized port 1433	2020-06-23 01:59:34

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.207.148.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20543
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.207.148.19.			IN	A

;; AUTHORITY SECTION:
.			212	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062201 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 23 01:59:29 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

;; connection timed out; no servers could be reached

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 19.148.207.196.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
96.78.175.36	attackbotsspam	May 24 22:54:53 l02a sshd[26065]: Invalid user pacs from 96.78.175.36 May 24 22:54:53 l02a sshd[26065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.78.175.36 May 24 22:54:53 l02a sshd[26065]: Invalid user pacs from 96.78.175.36 May 24 22:54:55 l02a sshd[26065]: Failed password for invalid user pacs from 96.78.175.36 port 41106 ssh2	2020-05-25 08:02:20
118.25.144.133	attack	2020-05-24T23:08:04.067602abusebot-6.cloudsearch.cf sshd[3981]: Invalid user centos from 118.25.144.133 port 39558 2020-05-24T23:08:04.075577abusebot-6.cloudsearch.cf sshd[3981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.144.133 2020-05-24T23:08:04.067602abusebot-6.cloudsearch.cf sshd[3981]: Invalid user centos from 118.25.144.133 port 39558 2020-05-24T23:08:05.813786abusebot-6.cloudsearch.cf sshd[3981]: Failed password for invalid user centos from 118.25.144.133 port 39558 ssh2 2020-05-24T23:12:08.585552abusebot-6.cloudsearch.cf sshd[4186]: Invalid user ts from 118.25.144.133 port 33584 2020-05-24T23:12:08.591775abusebot-6.cloudsearch.cf sshd[4186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.144.133 2020-05-24T23:12:08.585552abusebot-6.cloudsearch.cf sshd[4186]: Invalid user ts from 118.25.144.133 port 33584 2020-05-24T23:12:11.162591abusebot-6.cloudsearch.cf sshd[4186]: Failed pas ...	2020-05-25 08:13:55
117.48.203.169	attackbotsspam	W 5701,/var/log/auth.log,-,-	2020-05-25 08:07:37
106.12.49.118	attackspam	$f2bV_matches	2020-05-25 07:58:27
212.129.60.155	attackbots	[2020-05-24 20:07:41] NOTICE[1157][C-00009061] chan_sip.c: Call from '' (212.129.60.155:62630) to extension '.+011972592277524' rejected because extension not found in context 'public'. [2020-05-24 20:07:41] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-24T20:07:41.761-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID=".+011972592277524",SessionID="0x7f5f10787a08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.129.60.155/62630",ACLName="no_extension_match" [2020-05-24 20:10:33] NOTICE[1157][C-00009064] chan_sip.c: Call from '' (212.129.60.155:53427) to extension '111111011972592277524' rejected because extension not found in context 'public'. [2020-05-24 20:10:33] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-24T20:10:33.185-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="111111011972592277524",SessionID="0x7f5f10787a08",LocalAddress="IPV4/UDP/192.168.244.6/5060",Remot ...	2020-05-25 08:23:17
103.251.66.226	attack	Brute forcing RDP port 3389	2020-05-25 07:51:27
45.141.84.44	attackspambots	May 25 02:20:57 debian-2gb-nbg1-2 kernel: \[12624862.886327\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.141.84.44 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=28811 PROTO=TCP SPT=44525 DPT=9082 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-25 08:25:51
113.59.224.45	attackspambots	DATE:2020-05-24 22:29:12, IP:113.59.224.45, PORT:ssh SSH brute force auth (docker-dc)	2020-05-25 07:54:55
107.172.61.124	attackbots	(From virginiarees64@gmail.com) Greetings! Is there a particular feature that you're interested in adding onto your website to make some of your business processes easier? Have you thought about updating your website's design to something that fits modern trends? I wanted to know if you'd like to give you some expert advice on how you can get a more improved website that can be more profitable for your business. I'm a freelance web designer that is dedicated to helping businesses grow. I do this by making sure that your website is the best that it can be in terms of aesthetics, functionality, and reliability in handling your business online. If you're interested, I'll also give you more info about the trends on web design that I apply on my work and examples of what I've done for other clients and what the results have been. Please let me know if you're interested, and I'll get in touch with you as quick as I can. Talk to you soon! Sincerely, Virginia Rees Rees Web Development	2020-05-25 08:08:05
122.152.208.242	attackspam	May 24 20:29:00 IngegnereFirenze sshd[3661]: Failed password for invalid user zabbix from 122.152.208.242 port 50128 ssh2 ...	2020-05-25 08:04:21
49.88.112.111	attackbotsspam	May 24 20:09:24 plusreed sshd[21855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.111 user=root May 24 20:09:26 plusreed sshd[21855]: Failed password for root from 49.88.112.111 port 62179 ssh2 ...	2020-05-25 08:19:52
193.137.55.51	attackspam	Greetings To You, Dear Sir / Madam, This is a personal email directed to you. My wife and I won a PowerBall of $150,000.000.00 jackpot on December 16, 2019 and we have voluntarily decided to donate the sum of 5 MILLION Dollar to you as part of our own charity project to improve the life of 8-10 lucky individuals all over the world plus 10 close friends and family. We believe that this wonderful opportunity came to us from God and we cannot keep it to ourselves all alone, Your email was submitted to us by Google Management Team and you received this message because we have shortlisted you as one of the lucky recipients, If you have received this email then you are one of the lucky winners and all you have to do is get back to us this email ( zambranelawyer@gmail.com ) with your particulars so that we can send your details to the pay-out bank. You can verify this by visiting the web pages below and send your response back to us. https://www.powerball.com/winner-story/150-million-powerball-ticket-claimed	2020-05-25 08:13:12
182.253.98.166	attackbotsspam	2020-05-2422:27:241jcxDP-0002xq-I4\<=info@whatsup2013.chH=$localhost$[183.89.212.96]:48251P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2022id=7B7EC89B90446B28F4F1B800C4143E38@whatsup2013.chT="Iwouldliketocomeacrossaguyforaseriouspartnership"forofficialgarnigan1@gmail.com2020-05-2422:26:421jcxCj-0002te-Rc\<=info@whatsup2013.chH=$localhost$[170.254.87.18]:44840P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2050id=4045F3A0AB7F5013CFCA833BFFE4B61D@whatsup2013.chT="I'mactuallyinsearchofsomeonewithawonderfulheart"fortonychan.houston@gmail.com2020-05-2422:27:091jcxDB-0002x1-DY\<=info@whatsup2013.chH=$localhost$[85.15.188.119]:56036P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=1979id=5154E2B1BA6E4102DEDB922AEED9EABA@whatsup2013.chT="Icanallowyoutobepleased"forraymondmccullough249@gmail.com2020-05-2422:28:311jcxEU-00034r-CL\<=info@whatsup2013.chH=$localhost$[123.20.171.8	2020-05-25 08:18:23
222.186.190.17	attackspam	May 25 05:01:13 gw1 sshd[8220]: Failed password for root from 222.186.190.17 port 61255 ssh2 ...	2020-05-25 08:08:47
178.128.82.148	attackbots	178.128.82.148 - - \[25/May/2020:01:08:26 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 178.128.82.148 - - \[25/May/2020:01:08:33 +0200\] "POST /wp-login.php HTTP/1.0" 200 6267 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 178.128.82.148 - - \[25/May/2020:01:08:36 +0200\] "POST /wp-login.php HTTP/1.0" 200 6263 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-25 08:03:54

最近上报的IP列表

128.225.141.40	198.89.108.140	69.39.167.131	194.125.201.149
124.123.177.101	103.51.20.110	77.222.117.205	123.194.18.151
92.242.45.107	179.85.161.39	113.184.127.6	155.227.112.112
153.234.235.141	5.239.115.117	82.66.153.8	150.136.208.168
79.134.4.179	223.215.35.84	220.162.164.239	203.148.84.6