217.196.16.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Kazakhstan

运营商(isp): KazTransCom JSC

主机名(hostname): unknown

机构(organization): JSC Kaztranscom

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SMB Server BruteForce Attack	2019-10-04 21:14:56
attack	445/tcp 445/tcp 445/tcp... [2019-06-01/07-24]11pkt,1pt.(tcp)	2019-07-25 02:28:38

相同子网IP讨论:

IP	类型	评论内容	时间
217.196.161.176	attackspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 06:41:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 217.196.16.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63621
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;217.196.16.148.			IN	A

;; AUTHORITY SECTION:
.			992	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072400 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 02:28:23 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 148.16.196.217.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 148.16.196.217.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.255.4.4	attackspambots	1576592422 - 12/17/2019 15:20:22 Host: 103.255.4.4/103.255.4.4 Port: 445 TCP Blocked	2019-12-18 05:01:33
94.231.188.97	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 17-12-2019 14:20:16.	2019-12-18 05:04:56
149.129.242.80	attackbots	Dec 17 19:14:10 markkoudstaal sshd[30669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80 Dec 17 19:14:11 markkoudstaal sshd[30669]: Failed password for invalid user \|\|\|\|\|\| from 149.129.242.80 port 52778 ssh2 Dec 17 19:20:36 markkoudstaal sshd[31625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80	2019-12-18 04:36:21
139.59.247.114	attack	Dec 17 21:38:20 OPSO sshd\[24473\]: Invalid user lisa3333 from 139.59.247.114 port 4093 Dec 17 21:38:20 OPSO sshd\[24473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.247.114 Dec 17 21:38:22 OPSO sshd\[24473\]: Failed password for invalid user lisa3333 from 139.59.247.114 port 4093 ssh2 Dec 17 21:43:49 OPSO sshd\[25766\]: Invalid user kozakiewicz from 139.59.247.114 port 64687 Dec 17 21:43:49 OPSO sshd\[25766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.247.114	2019-12-18 04:54:41
104.236.244.98	attack	2019-12-17T13:10:19.442472ns547587 sshd\[9867\]: Invalid user haki from 104.236.244.98 port 33950 2019-12-17T13:10:19.448558ns547587 sshd\[9867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.244.98 2019-12-17T13:10:21.085860ns547587 sshd\[9867\]: Failed password for invalid user haki from 104.236.244.98 port 33950 ssh2 2019-12-17T13:16:12.765563ns547587 sshd\[19025\]: Invalid user squid from 104.236.244.98 port 50020 ...	2019-12-18 04:52:48
223.171.33.253	attackspambots	Invalid user uyeki from 223.171.33.253 port 51173	2019-12-18 04:37:56
190.5.199.83	attackbotsspam	Dec 17 20:22:27 heissa sshd\[25725\]: Invalid user biray from 190.5.199.83 port 38178 Dec 17 20:22:27 heissa sshd\[25725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.5.199.83 Dec 17 20:22:29 heissa sshd\[25725\]: Failed password for invalid user biray from 190.5.199.83 port 38178 ssh2 Dec 17 20:27:58 heissa sshd\[26534\]: Invalid user webmaster from 190.5.199.83 port 47774 Dec 17 20:27:58 heissa sshd\[26534\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.5.199.83	2019-12-18 04:51:19
119.194.14.3	attackbotsspam	2019-12-17T14:20:21.208530abusebot-6.cloudsearch.cf sshd\[8007\]: Invalid user pi from 119.194.14.3 port 49982 2019-12-17T14:20:21.211458abusebot-6.cloudsearch.cf sshd\[8005\]: Invalid user pi from 119.194.14.3 port 49980 2019-12-17T14:20:21.421791abusebot-6.cloudsearch.cf sshd\[8005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.194.14.3 2019-12-17T14:20:21.427007abusebot-6.cloudsearch.cf sshd\[8007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.194.14.3	2019-12-18 05:03:32
170.247.3.34	attack	Unauthorized connection attempt detected from IP address 170.247.3.34 to port 445	2019-12-18 05:11:59
40.92.253.39	attackbotsspam	Dec 17 17:20:45 debian-2gb-vpn-nbg1-1 kernel: [970812.354790] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.253.39 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=111 ID=8789 DF PROTO=TCP SPT=44864 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-18 04:38:38
122.166.223.47	attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-12-18 04:53:24
113.62.176.97	attack	Dec 17 21:12:41 ns3042688 sshd\[27384\]: Invalid user home from 113.62.176.97 Dec 17 21:12:41 ns3042688 sshd\[27384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.62.176.97 Dec 17 21:12:42 ns3042688 sshd\[27384\]: Failed password for invalid user home from 113.62.176.97 port 53563 ssh2 Dec 17 21:18:00 ns3042688 sshd\[29817\]: Invalid user desbrousses from 113.62.176.97 Dec 17 21:18:00 ns3042688 sshd\[29817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.62.176.97 ...	2019-12-18 04:46:28
2.15.250.203	attackspam	Lines containing failures of 2.15.250.203 Dec 15 11:24:35 MAKserver06 sshd[26341]: Invalid user orson from 2.15.250.203 port 55335 Dec 15 11:24:35 MAKserver06 sshd[26341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.15.250.203 Dec 15 11:24:38 MAKserver06 sshd[26341]: Failed password for invalid user orson from 2.15.250.203 port 55335 ssh2 Dec 17 17:08:38 MAKserver06 sshd[13154]: Invalid user guest from 2.15.250.203 port 55959 Dec 17 17:08:38 MAKserver06 sshd[13154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.15.250.203 Dec 17 17:08:40 MAKserver06 sshd[13154]: Failed password for invalid user guest from 2.15.250.203 port 55959 ssh2 Dec 17 17:08:40 MAKserver06 sshd[13154]: Received disconnect from 2.15.250.203 port 55959:11: Bye Bye [preauth] Dec 17 17:08:40 MAKserver06 sshd[13154]: Disconnected from invalid user guest 2.15.250.203 port 55959 [preauth] ........ ----------------------------------------------- https:/	2019-12-18 04:59:44
112.133.213.74	attackspambots	1576592432 - 12/17/2019 15:20:32 Host: 112.133.213.74/112.133.213.74 Port: 445 TCP Blocked	2019-12-18 04:50:33
37.187.127.13	attackbotsspam	Dec 18 01:44:01 gw1 sshd[7777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.127.13 Dec 18 01:44:04 gw1 sshd[7777]: Failed password for invalid user matos from 37.187.127.13 port 35628 ssh2 ...	2019-12-18 04:59:20

最近上报的IP列表

31.237.66.243	123.93.240.39	216.157.38.119	32.149.83.156
2a01:598:a081:b4b0:ecb5:684f:3f1:712c	151.26.194.107	6.87.30.24	139.34.251.99
145.247.89.129	76.250.206.79	154.68.109.216	185.137.111.239
153.199.216.9	70.44.2.117	104.200.134.161	142.26.133.8
187.157.167.34	64.213.19.17	2a02:560:4163:1f00:dd1:4c85:ebbe:a323	124.54.97.144