219.154.112.52

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 219.154.112.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28509
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;219.154.112.52.			IN	A

;; AUTHORITY SECTION:
.			276	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021102 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 12 11:51:35 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

52.112.154.219.in-addr.arpa domain name pointer hn.kd.jz.adsl.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.112.154.219.in-addr.arpa	name = hn.kd.jz.adsl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
168.128.69.80	attackbots	Jun 23 07:53:54 plex sshd[11707]: Invalid user mj from 168.128.69.80 port 35124	2020-06-23 19:50:27
27.128.187.131	attackspam	Jun 23 03:48:28 *** sshd[22949]: Invalid user marek from 27.128.187.131	2020-06-23 20:05:03
170.233.36.178	attack	Jun 23 10:53:55 minden010 sshd[3893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.233.36.178 Jun 23 10:53:56 minden010 sshd[3893]: Failed password for invalid user vps from 170.233.36.178 port 33104 ssh2 Jun 23 10:57:37 minden010 sshd[5855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.233.36.178 ...	2020-06-23 20:00:36
114.119.166.115	attackbotsspam	[Tue Jun 23 19:09:19.034084 2020] [:error] [pid 5996:tid 140192818956032] [client 114.119.166.115:38666] [client 114.119.166.115] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/robots.txt"] [unique_id "XvHw76umFxd0Crm1ySno3AAAAe8"] ...	2020-06-23 20:33:34
35.200.180.182	attackspambots	35.200.180.182 - - [23/Jun/2020:11:31:41 +0100] "POST /wp-login.php HTTP/1.1" 200 2108 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.200.180.182 - - [23/Jun/2020:11:31:45 +0100] "POST /wp-login.php HTTP/1.1" 200 2103 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.200.180.182 - - [23/Jun/2020:11:31:47 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-23 19:57:08
106.13.126.15	attackbots	Jun 23 08:06:07 ny01 sshd[1450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 Jun 23 08:06:09 ny01 sshd[1450]: Failed password for invalid user cjp from 106.13.126.15 port 47322 ssh2 Jun 23 08:09:22 ny01 sshd[1898]: Failed password for root from 106.13.126.15 port 37294 ssh2	2020-06-23 20:29:57
77.65.79.150	attackspam	$f2bV_matches	2020-06-23 20:04:36
68.183.197.202	attackbotsspam	port scan and connect, tcp 443 (https)	2020-06-23 20:15:26
64.27.14.211	attackbotsspam	TCP (SYN) 64.27.14.211:57899 -> port 1224, len 44	2020-06-23 19:56:04
117.69.191.150	attackspambots	Jun 23 06:09:49 srv01 postfix/smtpd\[31606\]: warning: unknown\[117.69.191.150\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 23 06:14:27 srv01 postfix/smtpd\[9999\]: warning: unknown\[117.69.191.150\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 23 06:14:38 srv01 postfix/smtpd\[9999\]: warning: unknown\[117.69.191.150\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 23 06:14:54 srv01 postfix/smtpd\[9999\]: warning: unknown\[117.69.191.150\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 23 06:15:13 srv01 postfix/smtpd\[9999\]: warning: unknown\[117.69.191.150\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-23 20:01:09
51.75.18.212	attack	2020-06-23T14:06:34.112309vps773228.ovh.net sshd[28430]: Failed password for root from 51.75.18.212 port 57060 ssh2 2020-06-23T14:09:40.001645vps773228.ovh.net sshd[28454]: Invalid user website from 51.75.18.212 port 58068 2020-06-23T14:09:40.017809vps773228.ovh.net sshd[28454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.ip-51-75-18.eu 2020-06-23T14:09:40.001645vps773228.ovh.net sshd[28454]: Invalid user website from 51.75.18.212 port 58068 2020-06-23T14:09:42.010991vps773228.ovh.net sshd[28454]: Failed password for invalid user website from 51.75.18.212 port 58068 ssh2 ...	2020-06-23 20:18:12
45.95.168.164	attack	[2020-06-2305:47:45 0200]info[cpaneld]45.95.168.164-igonos"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpaneluserigonos$has_cpuser_filefailed$[2020-06-2305:48:01 0200]info[cpaneld]45.95.168.164-archivio"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpaneluserarchivio$has_cpuser_filefailed$[2020-06-2305:48:18 0200]info[cpaneld]45.95.168.164-artist"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpaneluserartist$has_cpuser_filefailed$[2020-06-2305:48:18 0200]info[cpaneld]45.95.168.164-spicydes"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:accessdeniedforroot\,reseller\,anduserpassword[2020-06-2305:48:18 0200]info[cpaneld]45.95.168.164-archivi"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpaneluserarchivi$has_cpuser_filefailed$	2020-06-23 20:06:09
138.197.69.184	attack	Jun 23 12:40:38 gestao sshd[29055]: Failed password for root from 138.197.69.184 port 43448 ssh2 Jun 23 12:44:11 gestao sshd[29153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 Jun 23 12:44:13 gestao sshd[29153]: Failed password for invalid user drive from 138.197.69.184 port 45436 ssh2 ...	2020-06-23 19:50:46
111.68.98.152	attackspam	Jun 23 18:10:02 itv-usvr-02 sshd[20586]: Invalid user lzj from 111.68.98.152 port 39696 Jun 23 18:10:02 itv-usvr-02 sshd[20586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.98.152 Jun 23 18:10:02 itv-usvr-02 sshd[20586]: Invalid user lzj from 111.68.98.152 port 39696 Jun 23 18:10:04 itv-usvr-02 sshd[20586]: Failed password for invalid user lzj from 111.68.98.152 port 39696 ssh2 Jun 23 18:19:49 itv-usvr-02 sshd[20844]: Invalid user kobis from 111.68.98.152 port 36226	2020-06-23 19:59:54
185.81.157.60	attackbots	WordPress attack, requested /wp-content/plugins/apikey/apikey.php?test=hello	2020-06-23 20:31:42

最近上报的IP列表

219.131.213.148	219.135.206.130	219.140.93.144	219.115.65.138
219.154.191.89	219.155.15.36	219.155.173.208	219.155.168.206
219.155.201.57	219.155.74.133	219.155.143.186	219.155.9.57
219.155.220.76	219.157.134.91	219.156.152.133	219.157.14.217
219.157.217.228	219.157.24.136	219.157.53.72	219.157.63.48