104.18.92.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.92.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63294
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.92.20.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021700 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 17 15:39:37 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

Host 20.92.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.92.18.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
190.239.233.206	attack	port scan and connect, tcp 22 (ssh)	2019-11-01 06:12:45
182.61.176.53	attackbots	2019-10-31T22:24:20.086484abusebot-7.cloudsearch.cf sshd\[23450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.176.53 user=root	2019-11-01 06:26:33
167.71.61.167	attackspambots	Automatic report - XMLRPC Attack	2019-11-01 05:48:36
220.166.47.4	attackbots	Unauthorised access (Oct 31) SRC=220.166.47.4 LEN=40 TOS=0x10 PREC=0x40 TTL=48 ID=42371 TCP DPT=8080 WINDOW=34986 SYN Unauthorised access (Oct 31) SRC=220.166.47.4 LEN=40 TOS=0x10 PREC=0x40 TTL=48 ID=58955 TCP DPT=8080 WINDOW=35265 SYN Unauthorised access (Oct 30) SRC=220.166.47.4 LEN=40 TOS=0x10 PREC=0x40 TTL=48 ID=41133 TCP DPT=8080 WINDOW=35265 SYN	2019-11-01 06:12:15
221.162.255.66	attackbots	2019-10-31T21:21:31.955597abusebot-5.cloudsearch.cf sshd\[4528\]: Invalid user bjorn from 221.162.255.66 port 42838	2019-11-01 05:59:51
101.230.238.32	attackspam	Lines containing failures of 101.230.238.32 Oct 28 08:38:15 shared10 sshd[11855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.230.238.32 user=r.r Oct 28 08:38:17 shared10 sshd[11855]: Failed password for r.r from 101.230.238.32 port 40722 ssh2 Oct 28 08:38:18 shared10 sshd[11855]: Received disconnect from 101.230.238.32 port 40722:11: Bye Bye [preauth] Oct 28 08:38:18 shared10 sshd[11855]: Disconnected from authenticating user r.r 101.230.238.32 port 40722 [preauth] Oct 28 09:02:20 shared10 sshd[19793]: Invalid user hattori from 101.230.238.32 port 51834 Oct 28 09:02:20 shared10 sshd[19793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.230.238.32 Oct 28 09:02:22 shared10 sshd[19793]: Failed password for invalid user hattori from 101.230.238.32 port 51834 ssh2 Oct 28 09:02:22 shared10 sshd[19793]: Received disconnect from 101.230.238.32 port 51834:11: Bye Bye [preauth] Oct 28 0........ ------------------------------	2019-11-01 06:01:02
157.245.251.97	attackspambots	Oct 29 20:15:35 h2022099 sshd[25368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.251.97 user=r.r Oct 29 20:15:37 h2022099 sshd[25368]: Failed password for r.r from 157.245.251.97 port 41508 ssh2 Oct 29 20:15:37 h2022099 sshd[25368]: Received disconnect from 157.245.251.97: 11: Bye Bye [preauth] Oct 29 20:25:34 h2022099 sshd[26576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.251.97 user=r.r Oct 29 20:25:37 h2022099 sshd[26576]: Failed password for r.r from 157.245.251.97 port 58620 ssh2 Oct 29 20:25:37 h2022099 sshd[26576]: Received disconnect from 157.245.251.97: 11: Bye Bye [preauth] Oct 29 20:29:06 h2022099 sshd[26816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.251.97 user=r.r Oct 29 20:29:08 h2022099 sshd[26816]: Failed password for r.r from 157.245.251.97 port 41014 ssh2 Oct 29 20:29:08 h2022099 sshd[26816........ -------------------------------	2019-11-01 05:53:53
185.150.234.65	attackspambots	proto=tcp . spt=48897 . dpt=25 . (Found on Dark List de Oct 31) (767)	2019-11-01 06:17:11
5.54.7.226	attackspam	Telnet Server BruteForce Attack	2019-11-01 05:51:44
222.186.180.9	attack	Nov 1 03:16:41 gw1 sshd[4365]: Failed password for root from 222.186.180.9 port 51418 ssh2 Nov 1 03:16:53 gw1 sshd[4365]: Failed password for root from 222.186.180.9 port 51418 ssh2 ...	2019-11-01 06:18:02
45.141.84.28	attack	Oct 31 22:24:26 h2177944 kernel: \[5432788.587562\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.141.84.28 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=20445 PROTO=TCP SPT=42848 DPT=24641 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 31 22:27:09 h2177944 kernel: \[5432951.960163\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.141.84.28 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54729 PROTO=TCP SPT=42848 DPT=24152 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 31 22:43:55 h2177944 kernel: \[5433957.777860\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.141.84.28 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=16878 PROTO=TCP SPT=42848 DPT=22028 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 31 22:44:01 h2177944 kernel: \[5433963.227914\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.141.84.28 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=27419 PROTO=TCP SPT=42848 DPT=25360 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 31 22:44:45 h2177944 kernel: \[5434007.140392\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.141.84.28 DST=85.214.117.9	2019-11-01 06:04:42
186.24.6.36	attackspambots	proto=tcp . spt=45174 . dpt=25 . (Found on Dark List de Oct 31) (768)	2019-11-01 06:14:19
14.191.148.249	attack	Automatic report - Port Scan Attack	2019-11-01 05:51:25
66.172.33.144	attack	[ThuOct3120:23:49.4213442019][:error][pid24117:tid47536176129792][client66.172.33.144:55874][client66.172.33.144]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"ebtechnology.ch"][uri"/.env"][unique_id"Xbs0xfhrfWPxwIhhpoIWKgAAAAM"][ThuOct3120:39:26.2815012019][:error][pid24310:tid47536190838528][client66.172.33.144:52822][client66.172.33.144]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\	2019-11-01 05:59:13
13.90.62.40	attackbots	2019-10-31 20:13:31,446 WARN \[ImapServer-660\] \[ip=127.0.0.1\;oip=13.90.62.40\;via=45.79.145.195$nginx/1.7.1$\;ua=Zimbra/8.6.0_GA_1182\;cid=5191\;\] security - cmd=Auth\; account=paul@lcolella.com\; protocol=imap\; error=authentication failed for \[paul@lcolella.com\], invalid password\;	2019-11-01 05:54:19

最近上报的IP列表

249.153.73.255	104.18.92.223	104.18.92.44	104.18.93.20
104.18.93.44	104.18.93.69	104.18.94.20	104.18.94.59
104.18.94.69	104.18.95.20	104.18.95.59	104.18.97.89
188.204.254.241	111.89.97.0	104.18.98.234	104.18.98.75
104.18.99.234	104.18.99.75	104.182.112.123	104.19.132.105