13.110.234.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.110.234.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34632
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;13.110.234.20.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020602 1800 900 604800 86400

;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 08:41:37 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

20.234.110.13.in-addr.arpa domain name pointer ago20.mta.exacttarget.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.234.110.13.in-addr.arpa	name = ago20.mta.exacttarget.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
218.92.0.249	attackspam	2020-09-11T09:49:46+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-09-11 15:50:35
119.28.32.60	attack	$f2bV_matches	2020-09-11 15:52:17
167.99.88.37	attackspam	(sshd) Failed SSH login from 167.99.88.37 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 10 20:08:10 server5 sshd[28124]: Invalid user supervisor from 167.99.88.37 Sep 10 20:08:10 server5 sshd[28124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.88.37 Sep 10 20:08:11 server5 sshd[28124]: Failed password for invalid user supervisor from 167.99.88.37 port 58388 ssh2 Sep 10 20:12:44 server5 sshd[30335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.88.37 user=root Sep 10 20:12:47 server5 sshd[30335]: Failed password for root from 167.99.88.37 port 42316 ssh2	2020-09-11 15:31:07
142.93.151.3	attackspam	[ssh] SSH attack	2020-09-11 15:45:05
94.102.49.159	attack	Sep 11 08:57:32 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.49.159 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=10669 PROTO=TCP SPT=47087 DPT=45524 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 08:59:11 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.49.159 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=11888 PROTO=TCP SPT=47087 DPT=43093 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 09:01:42 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.49.159 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54909 PROTO=TCP SPT=47087 DPT=44686 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 09:19:07 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.49.159 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=16272 PROTO=TCP SPT=47087 DPT=42148 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 09:22:07 ...	2020-09-11 15:52:51
85.99.211.209	attackbots	Icarus honeypot on github	2020-09-11 16:04:24
37.57.82.137	attack	Lines containing failures of 37.57.82.137 (max 1000) Sep 10 15:54:16 UTC__SANYALnet-Labs__cac1 sshd[27968]: Connection from 37.57.82.137 port 44422 on 64.137.179.160 port 22 Sep 10 15:54:16 UTC__SANYALnet-Labs__cac1 sshd[27970]: Connection from 37.57.82.137 port 44616 on 64.137.179.160 port 22 Sep 10 15:54:19 UTC__SANYALnet-Labs__cac1 sshd[27970]: Address 37.57.82.137 maps to 137.82.57.37.triolan.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 10 15:54:19 UTC__SANYALnet-Labs__cac1 sshd[27970]: User r.r from 37.57.82.137 not allowed because not listed in AllowUsers Sep 10 15:54:19 UTC__SANYALnet-Labs__cac1 sshd[27970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.57.82.137 user=r.r Sep 10 15:54:21 UTC__SANYALnet-Labs__cac1 sshd[27970]: Failed password for invalid user r.r from 37.57.82.137 port 44616 ssh2 Sep 10 15:54:21 UTC__SANYALnet-Labs__cac1 sshd[27970]: Connection closed by 37.57.82.137 p........ ------------------------------	2020-09-11 15:41:11
24.212.13.95	attack	Lines containing failures of 24.212.13.95 Sep 10 19:23:22 mellenthin sshd[12496]: User r.r from 24.212.13.95 not allowed because not listed in AllowUsers Sep 10 19:23:23 mellenthin sshd[12496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.212.13.95 user=r.r Sep 10 19:23:25 mellenthin sshd[12496]: Failed password for invalid user r.r from 24.212.13.95 port 59812 ssh2 Sep 10 19:23:25 mellenthin sshd[12496]: Connection closed by invalid user r.r 24.212.13.95 port 59812 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=24.212.13.95	2020-09-11 15:43:06
91.126.181.199	attackbots	Sep 10 18:55:15 db sshd[26613]: User root from 91.126.181.199 not allowed because none of user's groups are listed in AllowGroups ...	2020-09-11 15:45:24
5.62.62.54	attackbotsspam	Brute force attack stopped by firewall	2020-09-11 15:34:39
42.200.78.78	attackspam	Sep 11 08:57:30 h2865660 sshd[1367]: Invalid user eevyaj from 42.200.78.78 port 58186 Sep 11 08:57:30 h2865660 sshd[1367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.78.78 Sep 11 08:57:30 h2865660 sshd[1367]: Invalid user eevyaj from 42.200.78.78 port 58186 Sep 11 08:57:32 h2865660 sshd[1367]: Failed password for invalid user eevyaj from 42.200.78.78 port 58186 ssh2 Sep 11 09:02:08 h2865660 sshd[1563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.78.78 user=root Sep 11 09:02:10 h2865660 sshd[1563]: Failed password for root from 42.200.78.78 port 41802 ssh2 ...	2020-09-11 15:50:05
165.22.27.210	attackbotsspam	165.22.27.210 - - \[10/Sep/2020:18:54:59 +0200\] "GET /index.php\?id=ausland%5D-%28SELECT%2F%2A\&id=%2A%2F0%2F%2A\&id=%2A%2FWHERE%2F%2A\&id=%2A%2F9047%3D9047%2F%2A\&id=%2A%2FAND%2F%2A\&id=%2A%2F6877%3D%28SELECT%2F%2A\&id=%2A%2F%28CASE%2F%2A\&id=%2A%2FWHEN%2F%2A\&id=%2A%2F%286877%3D5003%29%2F%2A\&id=%2A%2FTHEN%2F%2A\&id=%2A%2F6877%2F%2A\&id=%2A%2FELSE%2F%2A\&id=%2A%2F%28SELECT%2F%2A\&id=%2A%2F5003%2F%2A\&id=%2A%2FUNION%2F%2A\&id=%2A%2FSELECT%2F%2A\&id=%2A%2F5391%29%2F%2A\&id=%2A%2FEND%29%29--%2F%2A\&id=%2A%2FaZBH HTTP/1.1" 200 12305 "http://www.firma-lsf.eu:80/index.php" "Googlebot $compatible Googlebot/2.1 http://www.google.com/bot.html$" ...	2020-09-11 15:58:53
193.70.81.132	attackbotsspam	193.70.81.132 - - [10/Sep/2020:19:46:02 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.70.81.132 - - [10/Sep/2020:19:46:02 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.70.81.132 - - [10/Sep/2020:19:46:02 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.70.81.132 - - [10/Sep/2020:19:46:02 +0200] "POST /wp-login.php HTTP/1.1" 200 2672 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.70.81.132 - - [10/Sep/2020:19:46:02 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.70.81.132 - - [10/Sep/2020:19:46:02 +0200] "POST /wp-login.php HTTP/1.1" 200 2673 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-09-11 16:00:16
104.168.44.234	attackspam	Sep 9 14:06:52 rudra sshd[463388]: reveeclipse mapping checking getaddrinfo for 104-168-44-234-host.colocrossing.com [104.168.44.234] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 9 14:06:52 rudra sshd[463388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.234 user=r.r Sep 9 14:06:54 rudra sshd[463388]: Failed password for r.r from 104.168.44.234 port 50812 ssh2 Sep 9 14:06:54 rudra sshd[463388]: Received disconnect from 104.168.44.234: 11: Bye Bye [preauth] Sep 9 14:12:34 rudra sshd[464223]: reveeclipse mapping checking getaddrinfo for 104-168-44-234-host.colocrossing.com [104.168.44.234] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 9 14:12:34 rudra sshd[464223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.234 user=r.r Sep 9 14:12:37 rudra sshd[464223]: Failed password for r.r from 104.168.44.234 port 35947 ssh2 Sep 9 14:12:37 rudra sshd[464223]: Received disconne........ -------------------------------	2020-09-11 16:00:51
176.148.130.19	attackbots	Sep 10 22:01:06 ssh2 sshd[18387]: User root from rqp06-h01-176-148-130-19.dsl.sta.abo.bbox.fr not allowed because not listed in AllowUsers Sep 10 22:01:06 ssh2 sshd[18387]: Failed password for invalid user root from 176.148.130.19 port 47558 ssh2 Sep 10 22:01:07 ssh2 sshd[18387]: Connection closed by invalid user root 176.148.130.19 port 47558 [preauth] ...	2020-09-11 15:38:11

最近上报的IP列表

247.195.121.182	101.88.13.211	252.120.25.243	61.70.72.163
77.2.166.162	7.204.169.238	141.83.107.145	128.17.218.219
195.180.92.154	239.212.178.14	126.19.99.72	230.196.24.29
172.137.136.72	104.158.113.121	106.195.150.242	3.176.178.57
194.140.107.191	97.185.26.69	95.49.166.7	212.139.35.139