104.130.127.52

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.130.127.58	attackspam	104.130.127.58 - - [07/Aug/2020:05:42:07 +0100] "POST /wp-login.php HTTP/1.1" 200 1960 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.130.127.58 - - [07/Aug/2020:05:42:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1927 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.130.127.58 - - [07/Aug/2020:05:42:09 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-07 13:05:29

类型

评论内容

时间

104.130.127.58

attackspam

104.130.127.58 - - [07/Aug/2020:05:42:07 +0100] "POST /wp-login.php HTTP/1.1" 200 1960 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.130.127.58 - - [07/Aug/2020:05:42:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1927 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.130.127.58 - - [07/Aug/2020:05:42:09 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-08-07 13:05:29

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.130.127.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21328
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.130.127.52.			IN	A

;; AUTHORITY SECTION:
.			280	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031400 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 14 17:45:21 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 52.127.130.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.127.130.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
218.92.0.171	attackspambots	Nov 28 03:26:25 server sshd\[17148\]: User root from 218.92.0.171 not allowed because listed in DenyUsers Nov 28 03:26:25 server sshd\[17148\]: Failed none for invalid user root from 218.92.0.171 port 47988 ssh2 Nov 28 03:26:25 server sshd\[17148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root Nov 28 03:26:27 server sshd\[17148\]: Failed password for invalid user root from 218.92.0.171 port 47988 ssh2 Nov 28 03:26:30 server sshd\[17148\]: Failed password for invalid user root from 218.92.0.171 port 47988 ssh2	2019-11-28 09:27:40
159.65.24.7	attack	Nov 28 06:10:08 sd-53420 sshd\[27582\]: Invalid user htpass from 159.65.24.7 Nov 28 06:10:08 sd-53420 sshd\[27582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.24.7 Nov 28 06:10:10 sd-53420 sshd\[27582\]: Failed password for invalid user htpass from 159.65.24.7 port 44154 ssh2 Nov 28 06:16:04 sd-53420 sshd\[28608\]: Invalid user 0r4cl3 from 159.65.24.7 Nov 28 06:16:04 sd-53420 sshd\[28608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.24.7 ...	2019-11-28 13:16:23
59.25.197.158	attack	2019-11-27T23:29:38.994292tmaserv sshd\[25393\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.25.197.158 user=root 2019-11-27T23:29:41.421738tmaserv sshd\[25393\]: Failed password for root from 59.25.197.158 port 42272 ssh2 2019-11-28T00:15:44.559539tmaserv sshd\[30061\]: Invalid user cha from 59.25.197.158 port 40548 2019-11-28T00:15:44.565386tmaserv sshd\[30061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.25.197.158 2019-11-28T00:15:46.717756tmaserv sshd\[30061\]: Failed password for invalid user cha from 59.25.197.158 port 40548 ssh2 2019-11-28T00:53:08.312557tmaserv sshd\[31730\]: Invalid user contabil from 59.25.197.158 port 40674 ...	2019-11-28 09:35:48
128.14.134.170	attackspambots	port scan and connect, tcp 8443 (https-alt)	2019-11-28 09:22:41
112.85.42.182	attackbots	Nov 28 06:18:48 dev0-dcde-rnet sshd[31276]: Failed password for root from 112.85.42.182 port 12060 ssh2 Nov 28 06:19:02 dev0-dcde-rnet sshd[31276]: Failed password for root from 112.85.42.182 port 12060 ssh2 Nov 28 06:19:02 dev0-dcde-rnet sshd[31276]: error: maximum authentication attempts exceeded for root from 112.85.42.182 port 12060 ssh2 [preauth]	2019-11-28 13:19:31
150.95.52.70	attackspam	Automatic report - XMLRPC Attack	2019-11-28 13:13:11
49.88.112.54	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.54 user=root Failed password for root from 49.88.112.54 port 45249 ssh2 Failed password for root from 49.88.112.54 port 45249 ssh2 Failed password for root from 49.88.112.54 port 45249 ssh2 Failed password for root from 49.88.112.54 port 45249 ssh2	2019-11-28 09:37:10
162.214.21.81	attackspam	Automatic report - XMLRPC Attack	2019-11-28 13:01:28
190.146.40.67	attackspambots	Nov 28 06:12:08 vibhu-HP-Z238-Microtower-Workstation sshd\[12836\]: Invalid user montelli from 190.146.40.67 Nov 28 06:12:08 vibhu-HP-Z238-Microtower-Workstation sshd\[12836\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.146.40.67 Nov 28 06:12:10 vibhu-HP-Z238-Microtower-Workstation sshd\[12836\]: Failed password for invalid user montelli from 190.146.40.67 port 40590 ssh2 Nov 28 06:19:25 vibhu-HP-Z238-Microtower-Workstation sshd\[16727\]: Invalid user webmaster from 190.146.40.67 Nov 28 06:19:25 vibhu-HP-Z238-Microtower-Workstation sshd\[16727\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.146.40.67 ...	2019-11-28 09:39:57
104.248.126.170	attack	Nov 27 07:04:04 XXX sshd[32694]: Invalid user guest from 104.248.126.170 port 44254	2019-11-28 09:30:57
218.92.0.193	attack	SSH Bruteforce attack	2019-11-28 13:20:24
104.131.81.54	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-11-28 13:16:52
120.132.124.237	attack	Nov 28 02:04:29 MK-Soft-Root1 sshd[26341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.124.237 Nov 28 02:04:31 MK-Soft-Root1 sshd[26341]: Failed password for invalid user sybase from 120.132.124.237 port 59222 ssh2 ...	2019-11-28 09:38:38
153.35.126.31	attackbots	Netgear DGN Device Remote Command Execution Vulnerability, PTR: PTR record not found	2019-11-28 13:14:50
129.158.122.65	attackbots	ThinkPHP Remote Code Execution Vulnerability, PTR: oc-129-158-122-65.compute.oraclecloud.com.	2019-11-28 13:17:36

最近上报的IP列表

230.190.171.11	104.130.136.13	104.130.136.151	104.130.136.94
104.130.138.97	104.130.14.250	104.130.141.56	104.130.145.210
104.130.150.198	104.130.158.197	104.130.169.208	104.130.172.33
104.130.195.49	104.130.201.140	104.130.201.204	104.130.201.242
104.130.207.85	104.130.209.86	104.130.210.125	104.130.210.203