128.125.230.13

基本信息:

城市(city): Los Angeles

省份(region): California

国家(country): United States

运营商(isp): University of Southern California

主机名(hostname): unknown

机构(organization): University of Southern California

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force, server-1 sshd[20646]: Failed password for invalid user prom from 128.125.230.13 port 46901 ssh2	2019-08-17 03:03:02

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.125.230.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3401
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.125.230.13.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081600 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 17 03:02:56 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

13.230.125.128.in-addr.arpa domain name pointer csep-x.usc.edu.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
13.230.125.128.in-addr.arpa	name = csep-x.usc.edu.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
116.1.188.109	attackbotsspam	2019-09-01T00:01:00.046656abusebot-5.cloudsearch.cf sshd\[24818\]: Invalid user admin from 116.1.188.109 port 44316	2019-09-01 11:31:40
14.35.249.205	attack	Sep 1 03:33:06 localhost sshd\[9024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.35.249.205 user=root Sep 1 03:33:08 localhost sshd\[9024\]: Failed password for root from 14.35.249.205 port 60826 ssh2 Sep 1 03:38:56 localhost sshd\[9129\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.35.249.205 user=root ...	2019-09-01 11:46:56
190.7.128.74	attack	Aug 31 20:13:53 Tower sshd[22011]: Connection from 190.7.128.74 port 39324 on 192.168.10.220 port 22 Aug 31 20:13:53 Tower sshd[22011]: Invalid user bot from 190.7.128.74 port 39324 Aug 31 20:13:53 Tower sshd[22011]: error: Could not get shadow information for NOUSER Aug 31 20:13:53 Tower sshd[22011]: Failed password for invalid user bot from 190.7.128.74 port 39324 ssh2 Aug 31 20:13:53 Tower sshd[22011]: Received disconnect from 190.7.128.74 port 39324:11: Bye Bye [preauth] Aug 31 20:13:53 Tower sshd[22011]: Disconnected from invalid user bot 190.7.128.74 port 39324 [preauth]	2019-09-01 11:54:01
14.237.87.168	attack	Lines containing failures of 14.237.87.168 Aug 31 23:39:18 shared04 sshd[20057]: Invalid user admin from 14.237.87.168 port 59277 Aug 31 23:39:18 shared04 sshd[20057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.237.87.168 Aug 31 23:39:20 shared04 sshd[20057]: Failed password for invalid user admin from 14.237.87.168 port 59277 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.237.87.168	2019-09-01 11:45:29
157.65.245.2	attack	Chat Spam	2019-09-01 11:51:54
86.242.39.179	attackbotsspam	Aug 31 23:42:08 minden010 sshd[18910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.242.39.179 Aug 31 23:42:10 minden010 sshd[18910]: Failed password for invalid user huai from 86.242.39.179 port 36736 ssh2 Aug 31 23:46:01 minden010 sshd[20261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.242.39.179 ...	2019-09-01 12:03:24
106.12.216.70	attackspambots	Sep 1 02:58:25 server sshd\[23836\]: Invalid user alex from 106.12.216.70 port 59962 Sep 1 02:58:25 server sshd\[23836\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.216.70 Sep 1 02:58:27 server sshd\[23836\]: Failed password for invalid user alex from 106.12.216.70 port 59962 ssh2 Sep 1 03:01:02 server sshd\[12786\]: Invalid user amanda from 106.12.216.70 port 55972 Sep 1 03:01:02 server sshd\[12786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.216.70	2019-09-01 12:00:03
178.128.201.224	attackspam	Sep 1 06:27:18 pkdns2 sshd\[31808\]: Invalid user lv from 178.128.201.224Sep 1 06:27:21 pkdns2 sshd\[31808\]: Failed password for invalid user lv from 178.128.201.224 port 60904 ssh2Sep 1 06:32:11 pkdns2 sshd\[32007\]: Invalid user vpn from 178.128.201.224Sep 1 06:32:14 pkdns2 sshd\[32007\]: Failed password for invalid user vpn from 178.128.201.224 port 50112 ssh2Sep 1 06:37:00 pkdns2 sshd\[32259\]: Invalid user willie from 178.128.201.224Sep 1 06:37:01 pkdns2 sshd\[32259\]: Failed password for invalid user willie from 178.128.201.224 port 39318 ssh2 ...	2019-09-01 11:56:05
91.121.136.44	attackbots	Invalid user arthur from 91.121.136.44 port 37220	2019-09-01 11:36:45
89.252.145.81	attackspam	Unauthorised access (Sep 1) SRC=89.252.145.81 LEN=40 TTL=238 ID=31011 TCP DPT=445 WINDOW=1024 SYN	2019-09-01 11:31:15
51.158.101.121	attackspambots	Sep 1 04:16:34 vps647732 sshd[28785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.101.121 Sep 1 04:16:36 vps647732 sshd[28785]: Failed password for invalid user kinder from 51.158.101.121 port 42056 ssh2 ...	2019-09-01 12:15:30
190.85.234.215	attackspam	Sep 1 04:38:58 mail sshd\[6400\]: Invalid user ryan from 190.85.234.215 port 43906 Sep 1 04:38:58 mail sshd\[6400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.234.215 ...	2019-09-01 11:53:34
91.214.146.100	attackspam	[portscan] Port scan	2019-09-01 11:44:20
77.42.123.92	attack	Sat, 2019-08-31 05:50:06 - TCP Packet - Source:77.42.123.92,49177 Destination:xx.xxx.xxx.xxx,23 - [DOS]	2019-09-01 12:05:54
51.79.4.180	attack	[SatAug3123:46:00.1898982019][:error][pid19071:tid47550140815104][client51.79.4.180:51428][client51.79.4.180]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"=\(\?:ogg\\|tls\\|ssl\\|gopher\\|file\\|data\\|php\\|zlib\\|zip\\|glob\\|s3\\|phar\\|rar\\|s\(\?:sh2\?\\|cp\)\\|dict\\|expect\\|\(\?:ht\\|f\)tps\?\)://"atREQUEST_URI.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"517"][id"340165"][rev"291"][msg"Atomicorp.comWAFRules:UniencodedpossibleRemoteFileInjectionattemptinURI\(AE\)"][data"/https:/www.facebook.com/sharer/sharer.php\?u=http://grottolabaita.ch/it/"][severity"CRITICAL"][hostname"grottolabaita.ch"][uri"/https:/www.facebook.com/sharer/sharer.php"][unique_id"XWrqmOX0jfJGD@xreJlX3AAAANI"][SatAug3123:46:01.3027952019][:error][pid14589:tid47550035834624][client51.79.4.180:51450][client51.79.4.180]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"=\(\?:ogg\\|tls\\|ssl\\|gopher\\|file\\|data\\|php\\|zlib\\|zip\\|glob\\|s3\\|phar\\|rar\\|s\(\?:sh2\?\\|cp\)\\|dict\\|expect\\|\(\?:h	2019-09-01 12:09:35

最近上报的IP列表

73.115.15.88	174.49.153.190	52.211.109.212	137.248.209.168
159.153.38.58	5.80.252.152	54.154.2.166	54.154.227.226
185.74.240.187	192.210.189.100	185.153.198.196	187.7.182.81
100.43.164.34	184.149.34.179	178.26.119.41	27.194.89.81
1.183.241.20	144.208.76.205	123.208.11.50	114.222.185.116