104.22.43.72 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.22.43.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13836
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.22.43.72.			IN	A

;; AUTHORITY SECTION:
.			371	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030302 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 11:51:41 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

Host 72.43.22.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.43.22.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
142.93.99.56	attack	142.93.99.56 - - [25/Sep/2020:03:17:12 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [25/Sep/2020:03:17:13 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [25/Sep/2020:03:17:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-25 10:08:11
118.24.7.98	attack	Sep 24 22:24:15 [host] sshd[7635]: Invalid user ss Sep 24 22:24:16 [host] sshd[7635]: pam_unix(sshd:a Sep 24 22:24:17 [host] sshd[7635]: Failed password	2020-09-25 09:31:13
114.67.72.164	attackspam	Sep 24 21:51:37 haigwepa sshd[2430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.72.164 Sep 24 21:51:39 haigwepa sshd[2430]: Failed password for invalid user jira from 114.67.72.164 port 50778 ssh2 ...	2020-09-25 09:59:11
67.205.137.155	attackbotsspam	2020-09-24T20:33:36.076637shield sshd\[16428\]: Invalid user minecraft from 67.205.137.155 port 38208 2020-09-24T20:33:36.086873shield sshd\[16428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.137.155 2020-09-24T20:33:38.295121shield sshd\[16428\]: Failed password for invalid user minecraft from 67.205.137.155 port 38208 ssh2 2020-09-24T20:37:22.162174shield sshd\[17691\]: Invalid user john from 67.205.137.155 port 46762 2020-09-24T20:37:22.175765shield sshd\[17691\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.137.155	2020-09-25 10:02:29
167.99.84.254	attackbotsspam	Multiple web server 500 error code (Internal Error).	2020-09-25 10:06:41
222.186.31.83	attack	Sep 25 03:21:58 abendstille sshd\[28731\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root Sep 25 03:22:00 abendstille sshd\[28731\]: Failed password for root from 222.186.31.83 port 53303 ssh2 Sep 25 03:22:02 abendstille sshd\[28731\]: Failed password for root from 222.186.31.83 port 53303 ssh2 Sep 25 03:22:06 abendstille sshd\[28731\]: Failed password for root from 222.186.31.83 port 53303 ssh2 Sep 25 03:22:08 abendstille sshd\[29030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root ...	2020-09-25 09:36:01
189.68.159.152	attackbots	20/9/24@15:51:46: FAIL: IoT-Telnet address from=189.68.159.152 ...	2020-09-25 09:55:10
104.41.137.152	attackbotsspam	2020-09-24 20:45:17.927999-0500 localhost sshd[57175]: Failed password for invalid user qpcrm from 104.41.137.152 port 10975 ssh2	2020-09-25 10:04:42
5.255.253.175	attack	[Fri Sep 25 02:51:48.422282 2020] [:error] [pid 16463:tid 140589363676928] [client 5.255.253.175:42582] [client 5.255.253.175] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "X2z41HZgw1gzcFSlmDjlNgAAAIg"] ...	2020-09-25 09:54:14
196.27.127.61	attackspambots	Sep 25 02:44:56 s2 sshd[31480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.27.127.61 Sep 25 02:44:58 s2 sshd[31480]: Failed password for invalid user admin from 196.27.127.61 port 50162 ssh2 Sep 25 02:52:18 s2 sshd[31778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.27.127.61	2020-09-25 09:37:35
51.141.47.159	attackbots	Lines containing failures of 51.141.47.159 (max 1000) Sep 23 05:00:42 Tosca sshd[3501061]: User r.r from 51.141.47.159 not allowed because none of user's groups are listed in AllowGroups Sep 23 05:00:42 Tosca sshd[3501061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.141.47.159 user=r.r Sep 23 05:00:44 Tosca sshd[3501061]: Failed password for invalid user r.r from 51.141.47.159 port 9409 ssh2 Sep 23 05:00:45 Tosca sshd[3501061]: Received disconnect from 51.141.47.159 port 9409:11: Client disconnecting normally [preauth] Sep 23 05:00:45 Tosca sshd[3501061]: Disconnected from invalid user r.r 51.141.47.159 port 9409 [preauth] Sep 23 05:03:30 Tosca sshd[3503476]: User r.r from 51.141.47.159 not allowed because none of user's groups are listed in AllowGroups Sep 23 05:03:30 Tosca sshd[3503476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.141.47.159 user=r.r ........ ----------------------------------------------- htt	2020-09-25 09:41:51
60.220.185.22	attackspam	(sshd) Failed SSH login from 60.220.185.22 (CN/China/22.185.220.60.adsl-pool.sx.cn): 5 in the last 3600 secs	2020-09-25 09:39:26
54.38.65.215	attackspambots	Brute%20Force%20SSH	2020-09-25 09:39:13
41.58.95.133	attackbots	Brute forcing email accounts	2020-09-25 09:59:30
23.96.83.143	attackspambots	2020-09-25T00:04:01.659781ks3355764 sshd[3375]: Failed password for root from 23.96.83.143 port 30200 ssh2 2020-09-25T04:00:07.825100ks3355764 sshd[7093]: Invalid user gitea from 23.96.83.143 port 24475 ...	2020-09-25 10:05:01

最近上报的IP列表

104.22.44.130	104.22.44.159	104.22.44.89	104.22.42.72
104.22.45.49	104.22.46.155	104.22.45.89	104.22.47.155
104.22.47.80	104.22.46.80	112.78.14.93	104.22.48.155
104.22.46.161	104.22.48.114	104.22.47.161	104.22.45.159
112.78.140.117	104.22.48.76	104.22.49.114	104.22.48.82