197.221.132.2 - IPInfo

基本信息:

城市(city): Kampala

省份(region): Central Region

国家(country): Uganda

运营商(isp): Airtel

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

b'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 197.221.132.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48586
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;197.221.132.2.			IN	A

;; Query time: 1 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Jun 26 17:51:30 CST 2021
;; MSG SIZE  rcvd: 42

'

HOST信息:

Host 2.132.221.197.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.82.98, trying next server
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.132.221.197.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
120.70.100.88	attackspam	Feb 13 16:57:43 mout sshd[6316]: Invalid user otavio from 120.70.100.88 port 49416	2020-02-14 00:54:57
192.241.229.0	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-14 01:05:04
222.186.169.194	attackbots	Feb 13 18:00:10 srv-ubuntu-dev3 sshd[109414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.194 user=root Feb 13 18:00:12 srv-ubuntu-dev3 sshd[109414]: Failed password for root from 222.186.169.194 port 16580 ssh2 Feb 13 18:00:16 srv-ubuntu-dev3 sshd[109414]: Failed password for root from 222.186.169.194 port 16580 ssh2 Feb 13 18:00:10 srv-ubuntu-dev3 sshd[109414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.194 user=root Feb 13 18:00:12 srv-ubuntu-dev3 sshd[109414]: Failed password for root from 222.186.169.194 port 16580 ssh2 Feb 13 18:00:16 srv-ubuntu-dev3 sshd[109414]: Failed password for root from 222.186.169.194 port 16580 ssh2 Feb 13 18:00:10 srv-ubuntu-dev3 sshd[109414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.194 user=root Feb 13 18:00:12 srv-ubuntu-dev3 sshd[109414]: Failed password for root from 222.186.1 ...	2020-02-14 01:08:05
142.4.211.200	attackspam	WordPress wp-login brute force :: 142.4.211.200 0.088 - [13/Feb/2020:17:00:17 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-02-14 01:06:58
192.241.229.242	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-14 00:53:23
14.215.176.152	attack	ICMP MH Probe, Scan /Distributed -	2020-02-14 01:18:50
136.232.208.146	attackbots	Feb 13 03:04:48 linuxrulz sshd[9872]: Did not receive identification string from 136.232.208.146 port 57966 Feb 13 03:05:32 linuxrulz sshd[9874]: Invalid user user1 from 136.232.208.146 port 57966 Feb 13 03:05:47 linuxrulz sshd[9874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.232.208.146 Feb 13 03:05:49 linuxrulz sshd[9874]: Failed password for invalid user user1 from 136.232.208.146 port 57966 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=136.232.208.146	2020-02-14 00:54:24
14.215.176.153	attack	ICMP MH Probe, Scan /Distributed -	2020-02-14 01:14:51
186.90.134.2	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-14 01:20:14
1.231.5.253	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2020-02-14 01:06:05
61.216.131.207	attack	Telnet/23 MH Probe, BF, Hack -	2020-02-14 01:03:44
14.215.176.179	attackspam	ICMP MH Probe, Scan /Distributed -	2020-02-14 00:52:10
51.38.134.204	attackspam	Feb 13 04:10:11 web9 sshd\[11960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.134.204 user=root Feb 13 04:10:13 web9 sshd\[11960\]: Failed password for root from 51.38.134.204 port 55088 ssh2 Feb 13 04:11:06 web9 sshd\[12064\]: Invalid user postgres from 51.38.134.204 Feb 13 04:11:06 web9 sshd\[12064\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.134.204 Feb 13 04:11:08 web9 sshd\[12064\]: Failed password for invalid user postgres from 51.38.134.204 port 33566 ssh2	2020-02-14 01:23:18
141.8.132.9	attackspam	[Thu Feb 13 20:48:12.442472 2020] [:error] [pid 5260:tid 140369236838144] [client 141.8.132.9:42647] [client 141.8.132.9] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XkVTnDu2DnY6B6UC0cpgPQAAAU4"] ...	2020-02-14 00:51:14
14.215.176.154	attack	ICMP MH Probe, Scan /Distributed -	2020-02-14 01:11:33

最近上报的IP列表

8.21.11.91	149.129.217.155	84.78.249.123	219.139.115.27
99.72.34.180	164.163.36.77	185.62.253.209	115.56.132.111
121.237.225.91	156.253.15.40	195.205.161.5	20.52.135.168
42.224.43.190	47.146.38.247	94.154.22.64	94.182.235.154
89.187.163.131	41.139.248.190	113.120.12.107	125.162.214.213