必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
暂无关于此IP的讨论, 沙发请点上方按钮
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.22.71.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5515
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.22.71.139.			IN	A

;; AUTHORITY SECTION:
.			368	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021701 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 03:44:33 CST 2022
;; MSG SIZE  rcvd: 106
HOST信息:
Host 139.71.22.104.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.71.22.104.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
35.178.204.187 attackbotsspam
35.178.204.187 - - [21/Sep/2020:08:12:19 +0100] "POST /wp-login.php HTTP/1.1" 200 1908 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
35.178.204.187 - - [21/Sep/2020:08:12:19 +0100] "POST /wp-login.php HTTP/1.1" 200 1880 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
35.178.204.187 - - [21/Sep/2020:08:12:19 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-09-22 01:32:43
80.24.149.228 attack
$f2bV_matches
2020-09-22 01:20:12
95.156.252.94 attackspambots
RDP Bruteforce
2020-09-22 01:12:45
132.232.108.149 attackbotsspam
132.232.108.149 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 21 13:21:14 jbs1 sshd[774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.108.149  user=root
Sep 21 13:21:16 jbs1 sshd[774]: Failed password for root from 132.232.108.149 port 54958 ssh2
Sep 21 13:20:10 jbs1 sshd[31888]: Failed password for root from 36.22.179.54 port 9851 ssh2
Sep 21 13:20:25 jbs1 sshd[32230]: Failed password for root from 106.12.154.24 port 44336 ssh2
Sep 21 13:20:23 jbs1 sshd[32230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.154.24  user=root
Sep 21 13:21:47 jbs1 sshd[1386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.209.240  user=root

IP Addresses Blocked:
2020-09-22 01:23:22
61.219.11.153 attack
 TCP (SYN) 61.219.11.153:61513 -> port 80, len 44
2020-09-22 01:14:04
61.7.240.185 attack
Time:     Mon Sep 21 19:31:17 2020 +0200
IP:       61.7.240.185 (TH/Thailand/-)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked:  Permanent Block [LF_SSHD]

Log entries:

Sep 21 19:21:28 3-1 sshd[55148]: Invalid user ftpadmin from 61.7.240.185 port 57446
Sep 21 19:21:30 3-1 sshd[55148]: Failed password for invalid user ftpadmin from 61.7.240.185 port 57446 ssh2
Sep 21 19:26:48 3-1 sshd[55407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.7.240.185  user=root
Sep 21 19:26:50 3-1 sshd[55407]: Failed password for root from 61.7.240.185 port 49486 ssh2
Sep 21 19:31:14 3-1 sshd[55707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.7.240.185  user=root
2020-09-22 01:38:00
119.45.54.166 attackbots
Automatic report - Banned IP Access
2020-09-22 01:18:19
114.119.166.88 attack
[Sun Sep 20 23:59:58.592498 2020] [:error] [pid 23424:tid 140117914142464] [client 114.119.166.88:55004] [client 114.119.166.88] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/3394-kalender-tanam-katam-terpadu-papua/kalender-tanam-katam-terpadu-provinsi-papua/kalender-tanam-katam-terpadu-kabupaten-boven-digoel-provinsi-papua"] [unique_id "X2eKjohylJRSFCTJL2z-LwAAAGM"]
...
2020-09-22 01:29:55
139.198.15.41 attackbotsspam
139.198.15.41 (CN/China/-), 3 distributed sshd attacks on account [postgres] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 21 12:58:17 internal2 sshd[16947]: Invalid user postgres from 179.131.11.234 port 32790
Sep 21 13:05:41 internal2 sshd[23626]: Invalid user postgres from 139.198.15.41 port 34116
Sep 21 12:57:16 internal2 sshd[15987]: Invalid user postgres from 190.181.60.2 port 58228

IP Addresses Blocked:

179.131.11.234 (BR/Brazil/-)
2020-09-22 01:42:38
192.168.3.124 attackbots
4 SSH login attempts.
2020-09-22 01:45:27
200.216.31.20 attack
2020-09-21 01:55:06.020505-0500  localhost screensharingd[26728]: Authentication: FAILED :: User Name: N/A :: Viewer Address: 200.216.31.20 :: Type: VNC DES
2020-09-22 01:16:28
45.145.67.175 attack
RDP Bruteforce
2020-09-22 01:14:51
82.200.65.218 attackbots
Sep 21 14:33:00 nextcloud sshd\[7737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.200.65.218  user=root
Sep 21 14:33:01 nextcloud sshd\[7737\]: Failed password for root from 82.200.65.218 port 56356 ssh2
Sep 21 14:40:42 nextcloud sshd\[16831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.200.65.218  user=root
2020-09-22 01:30:20
128.199.223.233 attackspambots
Invalid user test3 from 128.199.223.233 port 55734
2020-09-22 01:39:39
132.157.128.215 attack
Sep 20 18:59:41 mellenthin postfix/smtpd[11972]: NOQUEUE: reject: RCPT from unknown[132.157.128.215]: 554 5.7.1 Service unavailable; Client host [132.157.128.215] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/132.157.128.215; from= to= proto=ESMTP helo=<[132.157.128.215]>
2020-09-22 01:41:58

最近上报的IP列表

104.22.71.135 104.22.71.137 104.22.71.144 104.22.71.122
104.22.71.138 104.22.71.145 104.22.71.148 104.22.71.121
104.22.71.159 104.22.71.154 104.22.71.160 104.22.71.166
104.22.71.176 104.22.71.180 104.22.71.192 104.22.71.197
104.22.71.194 104.22.71.200 104.22.71.203 104.22.71.207