220.80.194.190

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea, Republic of

运营商(isp): KT Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	[portscan] tcp/1433 [MsSQL] [scan/connect: 3 time(s)] *(RWIN=8192)(09161116)	2019-09-17 02:44:44

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.80.194.190
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15165
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.80.194.190.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 17 02:44:39 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 190.194.80.220.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 190.194.80.220.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
159.89.47.131	attack	159.89.47.131 - - \[10/May/2020:05:52:40 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 159.89.47.131 - - \[10/May/2020:05:52:42 +0200\] "POST /wp-login.php HTTP/1.0" 200 6267 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 159.89.47.131 - - \[10/May/2020:05:52:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 6263 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-10 15:14:13
185.50.149.10	attackbotsspam	May 10 08:10:11 mail postfix/smtpd\[24522\]: warning: unknown\[185.50.149.10\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 10 08:10:33 mail postfix/smtpd\[24838\]: warning: unknown\[185.50.149.10\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 10 08:43:14 mail postfix/smtpd\[25499\]: warning: unknown\[185.50.149.10\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 10 09:15:09 mail postfix/smtpd\[26178\]: warning: unknown\[185.50.149.10\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-05-10 15:26:09
51.141.124.122	attackbots	$f2bV_matches	2020-05-10 15:55:10
106.12.207.236	attackspam	SSH brutforce	2020-05-10 15:44:35
187.111.29.122	attack	Port probing on unauthorized port 445	2020-05-10 15:53:52
46.20.12.233	attackspam	46.20.12.233 has been banned for [WebApp Attack] ...	2020-05-10 15:54:25
185.220.101.8	attackbotsspam	[Sun May 10 10:51:50.315643 2020] [:error] [pid 27913:tid 140543073974016] [client 185.220.101.8:7658] [client 185.220.101.8] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1224"] [id "920320"] [msg "Missing User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/depan/kunjungan/1.jpg"] [unique_id "Xrd6VjafVEB75Fl-reoByQAAAC0"] ...	2020-05-10 15:51:52
5.248.107.181	attack	Chat Spam	2020-05-10 15:22:00
35.224.211.182	attackspam	35.224.211.182 - - \[10/May/2020:05:52:28 +0200\] "POST /wp-login.php HTTP/1.0" 200 7318 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 35.224.211.182 - - \[10/May/2020:05:52:31 +0200\] "POST /wp-login.php HTTP/1.0" 200 7318 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 35.224.211.182 - - \[10/May/2020:05:52:33 +0200\] "POST /wp-login.php HTTP/1.0" 200 7318 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-10 15:21:37
129.204.19.9	attackbots	May 10 07:05:11 meumeu sshd[31045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.9 May 10 07:05:13 meumeu sshd[31045]: Failed password for invalid user user0 from 129.204.19.9 port 58714 ssh2 May 10 07:06:37 meumeu sshd[31210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.19.9 ...	2020-05-10 15:52:50
109.232.109.58	attack	Port scan(s) denied	2020-05-10 15:17:10
180.248.141.68	attack	1589082746 - 05/10/2020 05:52:26 Host: 180.248.141.68/180.248.141.68 Port: 445 TCP Blocked	2020-05-10 15:27:09
128.199.220.197	attackbots	2020-05-10T06:06:50.523635shield sshd\[9319\]: Invalid user test from 128.199.220.197 port 47448 2020-05-10T06:06:50.530654shield sshd\[9319\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.220.197 2020-05-10T06:06:52.411875shield sshd\[9319\]: Failed password for invalid user test from 128.199.220.197 port 47448 ssh2 2020-05-10T06:11:15.229656shield sshd\[11007\]: Invalid user deploy from 128.199.220.197 port 56336 2020-05-10T06:11:15.233108shield sshd\[11007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.220.197	2020-05-10 15:25:04
148.72.31.119	attack	WordPress login Brute force / Web App Attack on client site.	2020-05-10 15:11:39
189.240.62.227	attack	<6 unauthorized SSH connections	2020-05-10 15:42:00

最近上报的IP列表

91.93.48.212	85.209.40.31	79.18.147.245	77.82.120.220
61.219.82.220	61.52.193.126	58.59.46.62	49.67.57.106
18.132.197.186	110.134.54.78	36.233.73.112	116.98.166.132
185.53.170.128	131.1.254.142	47.191.48.128	115.236.81.154
105.147.160.204	34.72.35.224	164.129.63.8	54.182.244.103