104.6.94.103 - IPInfo

基本信息:

城市(city): Crestwood

省份(region): Kentucky

国家(country): United States

运营商(isp): AT&T Corp.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Fail2Ban Ban Triggered	2019-11-30 04:42:05

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.6.94.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46993
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.6.94.103.			IN	A

;; AUTHORITY SECTION:
.			591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 04:42:02 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

103.94.6.104.in-addr.arpa domain name pointer 104-6-94-103.lightspeed.lsvlky.sbcglobal.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
103.94.6.104.in-addr.arpa	name = 104-6-94-103.lightspeed.lsvlky.sbcglobal.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
35.195.239.73	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-23 20:35:59
186.103.186.234	attackspambots	2019-07-23T11:57:32.995546abusebot-2.cloudsearch.cf sshd\[28269\]: Invalid user admin from 186.103.186.234 port 44684	2019-07-23 20:14:26
118.70.4.13	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 22:55:34,864 INFO [shellcode_manager] (118.70.4.13) no match, writing hexdump (0a0b7dfd4562305b9e54750672f8aaa7 :2351958) - MS17010 (EternalBlue)	2019-07-23 20:28:13
157.230.36.189	attackbots	Jul 23 14:19:49 tuxlinux sshd[24432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.36.189 user=root ...	2019-07-23 20:33:13
68.183.237.129	attack	68.183.237.129 - - \[23/Jul/2019:11:18:28 +0200\] "POST /wp-login.php HTTP/1.1" 200 2110 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 68.183.237.129 - - \[23/Jul/2019:11:18:35 +0200\] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-07-23 20:32:12
208.81.163.110	attackspambots	Jul 23 14:31:10 SilenceServices sshd[24402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.81.163.110 Jul 23 14:31:12 SilenceServices sshd[24402]: Failed password for invalid user silas from 208.81.163.110 port 60406 ssh2 Jul 23 14:36:08 SilenceServices sshd[28139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.81.163.110	2019-07-23 21:00:23
120.132.31.120	attackspam	SSH Bruteforce	2019-07-23 20:38:02
221.162.255.74	attackspam	Invalid user yash from 221.162.255.74 port 49694	2019-07-23 20:23:17
144.217.79.233	attackspambots	Jul 23 13:44:16 SilenceServices sshd[22806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.79.233 Jul 23 13:44:18 SilenceServices sshd[22806]: Failed password for invalid user eng from 144.217.79.233 port 41882 ssh2 Jul 23 13:48:32 SilenceServices sshd[25800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.79.233	2019-07-23 20:04:33
181.211.9.118	attack	Jul 22 12:23:42 cumulus sshd[28953]: Invalid user ghostnameadmin from 181.211.9.118 port 56396 Jul 22 12:23:42 cumulus sshd[28953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.211.9.118 Jul 22 12:23:44 cumulus sshd[28953]: Failed password for invalid user ghostnameadmin from 181.211.9.118 port 56396 ssh2 Jul 22 12:23:44 cumulus sshd[28953]: Received disconnect from 181.211.9.118 port 56396:11: Bye Bye [preauth] Jul 22 12:23:44 cumulus sshd[28953]: Disconnected from 181.211.9.118 port 56396 [preauth] Jul 22 12:37:48 cumulus sshd[29735]: Invalid user avorion from 181.211.9.118 port 45488 Jul 22 12:37:48 cumulus sshd[29735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.211.9.118 Jul 22 12:37:49 cumulus sshd[29735]: Failed password for invalid user avorion from 181.211.9.118 port 45488 ssh2 Jul 22 12:37:50 cumulus sshd[29735]: Received disconnect from 181.211.9.118 port 45488:11: ........ -------------------------------	2019-07-23 21:05:34
185.143.221.39	attackbots	Jul 23 14:55:16 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.221.39 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=59928 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0 ...	2019-07-23 20:55:58
159.65.148.241	attack	Jul 23 12:23:42 sshgateway sshd\[28460\]: Invalid user mysql from 159.65.148.241 Jul 23 12:23:42 sshgateway sshd\[28460\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.148.241 Jul 23 12:23:44 sshgateway sshd\[28460\]: Failed password for invalid user mysql from 159.65.148.241 port 46506 ssh2	2019-07-23 20:45:41
103.114.107.209	attackspam	Jul 23 16:19:08 webhost01 sshd[24786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.114.107.209 Jul 23 16:19:11 webhost01 sshd[24786]: Failed password for invalid user support from 103.114.107.209 port 51816 ssh2 Jul 23 16:19:11 webhost01 sshd[24786]: error: Received disconnect from 103.114.107.209 port 51816:3: com.jcraft.jsch.JSchException: Auth fail [preauth] Jul 23 16:19:11 webhost01 sshd[24788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.114.107.209 ...	2019-07-23 20:22:34
203.121.116.11	attackspambots	Jul 23 14:28:15 OPSO sshd\[22073\]: Invalid user user01 from 203.121.116.11 port 39201 Jul 23 14:28:15 OPSO sshd\[22073\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.121.116.11 Jul 23 14:28:17 OPSO sshd\[22073\]: Failed password for invalid user user01 from 203.121.116.11 port 39201 ssh2 Jul 23 14:33:55 OPSO sshd\[22809\]: Invalid user guo from 203.121.116.11 port 37237 Jul 23 14:33:55 OPSO sshd\[22809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.121.116.11	2019-07-23 20:36:40
51.254.123.127	attackspambots	Jul 23 12:03:54 localhost sshd\[4512\]: Invalid user appltest from 51.254.123.127 port 51118 Jul 23 12:03:54 localhost sshd\[4512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.123.127 Jul 23 12:03:56 localhost sshd\[4512\]: Failed password for invalid user appltest from 51.254.123.127 port 51118 ssh2 Jul 23 12:08:12 localhost sshd\[4614\]: Invalid user soporte from 51.254.123.127 port 48497 Jul 23 12:08:12 localhost sshd\[4614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.123.127 ...	2019-07-23 20:21:41

最近上报的IP列表

131.172.155.118	63.182.182.2	50.193.232.210	120.85.146.222
82.117.249.1	134.61.166.105	81.84.235.2	105.173.152.98
80.240.50.8	2.84.251.132	56.247.193.99	201.30.80.9
183.240.231.87	76.168.138.8	12.15.242.131	62.33.138.1
66.182.119.15	112.170.112.158	195.50.90.28	70.56.166.146