104.223.130.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): CrNode

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 23 00:08:25 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:5a:1a:41:08:00 SRC=104.223.130.2 DST=109.74.200.221 LEN=36 TOS=0x00 PREC=0x00 TTL=51 ID=10800 DF PROTO=UDP SPT=58906 DPT=123 LEN=16 ...	2020-03-04 02:15:22
attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-10-23 13:15:12

类型

评论内容

时间

attackbotsspam

Oct 23 00:08:25 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:5a:1a:41:08:00 SRC=104.223.130.2 DST=109.74.200.221 LEN=36 TOS=0x00 PREC=0x00 TTL=51 ID=10800 DF PROTO=UDP SPT=58906 DPT=123 LEN=16 
...

2020-03-04 02:15:22

attack

CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found

2019-10-23 13:15:12

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.223.130.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50493
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.223.130.2.			IN	A

;; AUTHORITY SECTION:
.			230	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102201 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 23 13:15:01 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 2.130.223.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.130.223.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
108.235.160.215	attackspambots	[Aegis] @ 2019-12-14 15:41:45 0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-12-15 03:38:45
109.244.96.201	attack	2019-12-14T15:14:13.041403ns386461 sshd\[1576\]: Invalid user PlcmSpIp from 109.244.96.201 port 52720 2019-12-14T15:14:13.045906ns386461 sshd\[1576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.96.201 2019-12-14T15:14:14.625131ns386461 sshd\[1576\]: Failed password for invalid user PlcmSpIp from 109.244.96.201 port 52720 ssh2 2019-12-14T15:41:30.399983ns386461 sshd\[25668\]: Invalid user alsen from 109.244.96.201 port 44160 2019-12-14T15:41:30.404313ns386461 sshd\[25668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.96.201 ...	2019-12-15 04:13:46
164.177.42.33	attack	Dec 14 22:14:51 microserver sshd[27522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.177.42.33 user=root Dec 14 22:14:53 microserver sshd[27522]: Failed password for root from 164.177.42.33 port 35795 ssh2 Dec 14 22:22:00 microserver sshd[28874]: Invalid user granicus from 164.177.42.33 port 39232 Dec 14 22:22:00 microserver sshd[28874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.177.42.33 Dec 14 22:22:02 microserver sshd[28874]: Failed password for invalid user granicus from 164.177.42.33 port 39232 ssh2 Dec 14 22:36:25 microserver sshd[31265]: Invalid user carmel from 164.177.42.33 port 48156 Dec 14 22:36:25 microserver sshd[31265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.177.42.33 Dec 14 22:36:28 microserver sshd[31265]: Failed password for invalid user carmel from 164.177.42.33 port 48156 ssh2 Dec 14 22:43:22 microserver sshd[32179]: pam_unix(sshd:auth): aut	2019-12-15 04:14:32
221.181.24.246	attackspambots	SSHD brute force attack detected by fail2ban	2019-12-15 04:10:01
113.172.240.12	attack	Dec 14 15:36:08 sinope sshd[19688]: Address 113.172.240.12 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 14 15:36:08 sinope sshd[19688]: Invalid user admin from 113.172.240.12 Dec 14 15:36:08 sinope sshd[19688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.172.240.12 Dec 14 15:36:10 sinope sshd[19688]: Failed password for invalid user admin from 113.172.240.12 port 43368 ssh2 Dec 14 15:36:11 sinope sshd[19688]: Connection closed by 113.172.240.12 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.172.240.12	2019-12-15 04:04:09
212.94.16.25	attackspam	Unauthorized connection attempt detected from IP address 212.94.16.25 to port 445	2019-12-15 03:40:25
123.207.5.190	attack	Invalid user siti from 123.207.5.190 port 39842	2019-12-15 03:41:02
92.246.76.201	attackbotsspam	Dec 14 22:32:44 debian-2gb-vpn-nbg1-1 kernel: [730338.485203] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=92.246.76.201 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=27404 PROTO=TCP SPT=43991 DPT=15284 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-15 03:39:12
84.201.157.119	attack	2019-12-14T12:41:59.006090-07:00 suse-nuc sshd[31543]: Invalid user amavis from 84.201.157.119 port 52864 ...	2019-12-15 04:00:20
180.76.98.25	attackspam	Invalid user rpc from 180.76.98.25 port 37934	2019-12-15 04:11:19
49.234.30.33	attackspambots	Dec 12 18:36:15 ns382633 sshd\[20553\]: Invalid user mauchline from 49.234.30.33 port 49206 Dec 12 18:36:15 ns382633 sshd\[20553\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.30.33 Dec 12 18:36:17 ns382633 sshd\[20553\]: Failed password for invalid user mauchline from 49.234.30.33 port 49206 ssh2 Dec 12 18:52:41 ns382633 sshd\[23371\]: Invalid user jenkins from 49.234.30.33 port 37138 Dec 12 18:52:41 ns382633 sshd\[23371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.30.33	2019-12-15 03:51:05
188.166.251.156	attack	Dec 14 20:26:33 Ubuntu-1404-trusty-64-minimal sshd\[8211\]: Invalid user www from 188.166.251.156 Dec 14 20:26:33 Ubuntu-1404-trusty-64-minimal sshd\[8211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.251.156 Dec 14 20:26:35 Ubuntu-1404-trusty-64-minimal sshd\[8211\]: Failed password for invalid user www from 188.166.251.156 port 50622 ssh2 Dec 14 20:35:51 Ubuntu-1404-trusty-64-minimal sshd\[18054\]: Invalid user yangj from 188.166.251.156 Dec 14 20:35:51 Ubuntu-1404-trusty-64-minimal sshd\[18054\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.251.156	2019-12-15 03:42:46
37.187.17.58	attack	Dec 14 20:00:31 cvbnet sshd[31645]: Failed password for root from 37.187.17.58 port 36998 ssh2 ...	2019-12-15 03:51:58
113.173.100.161	attackspambots	Dec 15 00:58:33 our-server-hostname postfix/smtpd[14264]: connect from unknown[113.173.100.161] Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.173.100.161	2019-12-15 04:08:42
200.60.91.42	attackbots	Dec 14 20:51:30 mail sshd[25842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.60.91.42 Dec 14 20:51:32 mail sshd[25842]: Failed password for invalid user raukko from 200.60.91.42 port 40188 ssh2 Dec 14 20:57:12 mail sshd[28010]: Failed password for root from 200.60.91.42 port 45430 ssh2	2019-12-15 04:01:56

最近上报的IP列表

45.155.40.20	89.39.82.184	222.92.255.178	164.60.172.134
80.227.68.4	120.224.214.34	134.209.254.81	116.255.198.57
218.150.83.15	35.221.144.241	72.10.8.66	23.179.220.38
176.31.115.162	189.225.205.151	131.255.4.188	157.245.109.202
202.51.182.46	144.91.88.166	37.41.205.105	119.123.58.194