104.206.128.22

基本信息:

城市(city): Las Vegas

省份(region): Nevada

国家(country): United States

运营商(isp): GDNP LLC

主机名(hostname): unknown

机构(organization): Eonix Corporation

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - Banned IP Access	2020-09-13 23:26:07
attack	TCP (SYN) 104.206.128.22:50290 -> port 21, len 44	2020-09-13 15:19:42
attackspam	TCP (SYN) 104.206.128.22:50290 -> port 21, len 44	2020-09-13 07:03:04
attack	TCP (SYN) 104.206.128.22:50290 -> port 21, len 44	2020-09-13 03:14:58
attackbots	TCP (SYN) 104.206.128.22:51357 -> port 3389, len 44	2020-09-12 19:21:44
attackspam	Icarus honeypot on github	2020-09-08 03:18:37
attackspambots	TCP (SYN) 104.206.128.22:61067 -> port 3389, len 44	2020-09-07 18:49:45
attackspambots	TCP (SYN) 104.206.128.22:60710 -> port 23, len 44	2020-07-26 04:58:33
attack	This IP is associated with RDP abuse. It was found in a paste by https://twitter.com/RdpSnitch - https://pastebin.com/4Ddmuksx For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-04-26 21:21:26
attackspambots	Unauthorized connection attempt detected from IP address 104.206.128.22 to port 3306 [J]	2020-01-30 01:02:37
attackspambots	Unauthorized connection attempt detected from IP address 104.206.128.22 to port 3389 [J]	2020-01-07 09:16:43
attackspam	UTC: 2019-12-25 port: 23/tcp	2019-12-26 14:08:41
attackbots	12/24/2019-11:07:14.889322 104.206.128.22 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-25 03:11:22
attackspam	firewall-block, port(s): 5060/tcp	2019-12-10 05:20:13
attackspam	port scan and connect, tcp 3306 (mysql)	2019-11-16 02:12:37
attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-10-26 07:52:22
attackspam	" "	2019-08-14 08:36:31
attackbots	firewall-block, port(s): 21/tcp	2019-08-12 09:52:01
attack	firewall-block, port(s): 21/tcp	2019-08-08 05:18:54
attackbotsspam	20.07.2019 00:33:06 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2019-07-20 07:25:55
attack	Unauthorized connection attempt from IP address 104.206.128.22 on Port 3306(MYSQL)	2019-07-18 02:55:48

相同子网IP讨论:

IP	类型	评论内容	时间
104.206.128.6	attackspambots	Automatic report - Banned IP Access	2020-10-09 02:32:26
104.206.128.6	attackbots	bruteforce, ssh, scan port	2020-10-08 18:31:18
104.206.128.34	attackbots	TCP (SYN) 104.206.128.34:62942 -> port 3389, len 44	2020-10-06 04:52:48
104.206.128.74	attackspambots	UDP 104.206.128.74:57326 -> port 161, len 71	2020-10-06 04:12:44
104.206.128.2	attackspambots	TCP (SYN) 104.206.128.2:60162 -> port 1433, len 44	2020-10-06 04:10:28
104.206.128.42	attackbots	TCP (SYN) 104.206.128.42:50739 -> port 23, len 44	2020-10-06 02:55:43
104.206.128.66	attackbotsspam	TCP (SYN) 104.206.128.66:63773 -> port 3306, len 44	2020-10-06 00:59:51
104.206.128.34	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 20:55:21
104.206.128.74	attackspambots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 20:11:31
104.206.128.2	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 20:09:04
104.206.128.42	attackbots	Icarus honeypot on github	2020-10-05 18:46:02
104.206.128.34	attackbotsspam	Found on Alienvault / proto=6 . srcport=64630 . dstport=5900 . (3726)	2020-10-05 12:44:44
104.206.128.74	attackbots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 12:03:44
104.206.128.2	attackspambots	Found on Binary Defense / proto=6 . srcport=52605 . dstport=21 FTP . (3566)	2020-10-05 12:01:30
104.206.128.6	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-03 04:43:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.206.128.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42889
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.206.128.22.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 18 02:55:42 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

22.128.206.104.in-addr.arpa domain name pointer 22-128.206.104.serverhubrdns.in-addr.arpa.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
22.128.206.104.in-addr.arpa	name = 22-128.206.104.serverhubrdns.in-addr.arpa.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
148.70.58.92	attackbots	...	2020-02-01 22:56:12
58.225.2.61	attack	(sshd) Failed SSH login from 58.225.2.61 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 1 15:28:13 amsweb01 sshd[5091]: Invalid user webadmin from 58.225.2.61 port 38030 Feb 1 15:28:15 amsweb01 sshd[5091]: Failed password for invalid user webadmin from 58.225.2.61 port 38030 ssh2 Feb 1 16:00:08 amsweb01 sshd[18959]: Invalid user bot1 from 58.225.2.61 port 52038 Feb 1 16:00:09 amsweb01 sshd[18959]: Failed password for invalid user bot1 from 58.225.2.61 port 52038 ssh2 Feb 1 16:24:43 amsweb01 sshd[29764]: Invalid user jenkins from 58.225.2.61 port 33986	2020-02-01 23:26:48
187.11.140.235	attackspambots	Unauthorized connection attempt detected from IP address 187.11.140.235 to port 2220 [J]	2020-02-01 23:30:45
89.248.171.170	attackbotsspam	176/tcp 164/tcp 32/tcp... [2020-01-11/02-01]143pkt,143pt.(tcp)	2020-02-01 23:22:15
189.249.176.232	attackspam	Honeypot attack, port: 445, PTR: dsl-189-249-176-232-dyn.prod-infinitum.com.mx.	2020-02-01 23:22:55
80.82.77.214	attackspam	724/tcp 856/tcp 67/tcp... [2019-12-24/2020-02-01]204pkt,184pt.(tcp)	2020-02-01 23:24:40
194.243.3.16	attackbotsspam	Feb 1 14:36:52 163-172-32-151 sshd[32357]: Invalid user ts3server from 194.243.3.16 port 35282 ...	2020-02-01 22:54:51
148.70.212.162	attackbots	...	2020-02-01 23:23:19
177.73.6.30	attack	DATE:2020-02-01 14:35:57, IP:177.73.6.30, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-01 23:10:26
148.70.195.54	attackbotsspam	...	2020-02-01 23:25:17
213.184.254.128	attack	445/tcp 1433/tcp... [2020-01-06/02-01]6pkt,2pt.(tcp)	2020-02-01 23:05:23
139.59.249.255	attackspambots	Feb 1 05:15:41 web9 sshd\[20358\]: Invalid user webadmin from 139.59.249.255 Feb 1 05:15:41 web9 sshd\[20358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.249.255 Feb 1 05:15:42 web9 sshd\[20358\]: Failed password for invalid user webadmin from 139.59.249.255 port 24284 ssh2 Feb 1 05:18:40 web9 sshd\[20548\]: Invalid user ftptest from 139.59.249.255 Feb 1 05:18:40 web9 sshd\[20548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.249.255	2020-02-01 23:36:06
185.216.140.36	attackbots	713/tcp 655/tcp 653/tcp... [2020-01-11/02-01]207pkt,187pt.(tcp)	2020-02-01 23:27:56
181.49.157.10	attack	Feb 1 14:59:20 sd-53420 sshd\[7355\]: Invalid user sinusbot from 181.49.157.10 Feb 1 14:59:20 sd-53420 sshd\[7355\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.157.10 Feb 1 14:59:22 sd-53420 sshd\[7355\]: Failed password for invalid user sinusbot from 181.49.157.10 port 37488 ssh2 Feb 1 15:01:09 sd-53420 sshd\[7536\]: Invalid user admin from 181.49.157.10 Feb 1 15:01:09 sd-53420 sshd\[7536\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.157.10 ...	2020-02-01 23:03:38
91.121.101.159	attack	2020-02-01T15:34:50.677738 sshd[13918]: Invalid user vbox from 91.121.101.159 port 43746 2020-02-01T15:34:50.692870 sshd[13918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.101.159 2020-02-01T15:34:50.677738 sshd[13918]: Invalid user vbox from 91.121.101.159 port 43746 2020-02-01T15:34:52.637492 sshd[13918]: Failed password for invalid user vbox from 91.121.101.159 port 43746 ssh2 2020-02-01T15:37:57.573197 sshd[13984]: Invalid user proxyuser from 91.121.101.159 port 46126 ...	2020-02-01 23:25:55

最近上报的IP列表

185.140.243.156	163.143.95.200	54.214.111.233	192.83.130.175
147.144.226.63	75.182.143.22	168.68.196.11	155.138.136.219
81.213.65.72	23.250.30.215	213.122.197.3	3.150.149.71
113.141.189.247	1.225.248.112	234.143.239.55	186.43.139.36
154.244.144.99	83.193.220.169	62.245.145.234	5.56.213.67