130.245.128.220

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): State University of New York at Stony Brook

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	RDP Bruteforce	2019-11-24 05:53:38

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 130.245.128.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26406
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;130.245.128.220.		IN	A

;; AUTHORITY SECTION:
.			593	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112301 1800 900 604800 86400

;; Query time: 973 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 24 05:53:35 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

220.128.245.130.in-addr.arpa domain name pointer win7vai.cs.sunysb.edu.
220.128.245.130.in-addr.arpa domain name pointer win7vai.cs.stonybrook.edu.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
220.128.245.130.in-addr.arpa	name = win7vai.cs.stonybrook.edu.
220.128.245.130.in-addr.arpa	name = win7vai.cs.sunysb.edu.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
82.159.138.57	attackbots	Oct 12 23:02:17 pkdns2 sshd\[46884\]: Invalid user Colt123 from 82.159.138.57Oct 12 23:02:20 pkdns2 sshd\[46884\]: Failed password for invalid user Colt123 from 82.159.138.57 port 15854 ssh2Oct 12 23:06:12 pkdns2 sshd\[47057\]: Invalid user Star2017 from 82.159.138.57Oct 12 23:06:14 pkdns2 sshd\[47057\]: Failed password for invalid user Star2017 from 82.159.138.57 port 33856 ssh2Oct 12 23:10:10 pkdns2 sshd\[47254\]: Invalid user P4ssw0rd111 from 82.159.138.57Oct 12 23:10:12 pkdns2 sshd\[47254\]: Failed password for invalid user P4ssw0rd111 from 82.159.138.57 port 21246 ssh2 ...	2019-10-13 04:11:10
45.55.38.39	attack	Invalid user 123 from 45.55.38.39 port 48661	2019-10-13 04:28:31
189.41.226.181	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/189.41.226.181/ BR - 1H : (213) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN53006 IP : 189.41.226.181 CIDR : 189.41.0.0/16 PREFIX COUNT : 15 UNIQUE IP COUNT : 599808 WYKRYTE ATAKI Z ASN53006 : 1H - 1 3H - 1 6H - 5 12H - 6 24H - 10 DateTime : 2019-10-12 16:08:32 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-13 04:22:36
192.241.220.227	attackspam	fail2ban honeypot	2019-10-13 04:28:53
94.193.34.12	attack	Automatic report - Port Scan Attack	2019-10-13 04:33:12
42.112.27.171	attackspam	Oct 12 21:50:07 legacy sshd[24630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.27.171 Oct 12 21:50:09 legacy sshd[24630]: Failed password for invalid user 123Black from 42.112.27.171 port 49134 ssh2 Oct 12 21:55:17 legacy sshd[24781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.27.171 ...	2019-10-13 04:24:50
51.83.69.78	attackbotsspam	Oct 12 16:51:51 SilenceServices sshd[23251]: Failed password for root from 51.83.69.78 port 42348 ssh2 Oct 12 16:56:08 SilenceServices sshd[24358]: Failed password for root from 51.83.69.78 port 54630 ssh2	2019-10-13 03:58:01
36.57.176.233	attackbots	2019-10-12 14:09:37 UTC \| Cheap NHL Jerseys Fr \| dsafdsfeg23@gmail.co \| http://www.cheapnhljerseys.ru/ \| 36.57.176.233 \| Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| "Even relatively minor domestic violence incidents can be the first steps on a path that ends in tragedy," he said. "That's why we take all domestic violence cases seriously." Cheap NHL Jerseys From China http://www.cheapnhljerseys.ru/ \|	2019-10-13 03:58:51
51.254.123.127	attackbotsspam	Oct 12 16:33:22 firewall sshd[30516]: Invalid user Darkness2017 from 51.254.123.127 Oct 12 16:33:23 firewall sshd[30516]: Failed password for invalid user Darkness2017 from 51.254.123.127 port 39307 ssh2 Oct 12 16:37:33 firewall sshd[30622]: Invalid user Qwerty@12 from 51.254.123.127 ...	2019-10-13 04:13:42
106.115.39.239	attackbotsspam	Unsolicited bulk porn & phishing - varying ISPs (primarily Chinanet); spam volume up to 15/day. Spam series change: shift from repetitive redirects from blacklisted IP 92.63.192.124 & .151 to malicious attachments. Unsolicited bulk spam - panotetsu.com, CHINANET hebei province network - 106.115.39.239 Permitted sender domain jmramosmejia.com.ar = 67.222.7.109 PrivateSystems Networks Repetitive reply to: Reply-To: nanikarige@yahoo.com = 72.30.35.9 Oath Holdings Inc. Repetitive Apple mail: - boundary=" Apple-Mail-B7687EC7-712A-D2F6-E174-B1707B9FFC68" - X-Mailer: iPad Mail (13E238) Spam series change: no phishing redirect spam link. Malicious attachment - Outlook blocked access to unsafe attachment: 22.jpg	2019-10-13 04:17:05
157.245.111.175	attack	Oct 13 01:34:36 webhost01 sshd[27098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.111.175 Oct 13 01:34:38 webhost01 sshd[27098]: Failed password for invalid user 123 from 157.245.111.175 port 53116 ssh2 ...	2019-10-13 04:19:07
95.213.199.202	attackspam	Oct 12 09:59:29 tdfoods sshd\[23487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.213.199.202 user=root Oct 12 09:59:30 tdfoods sshd\[23487\]: Failed password for root from 95.213.199.202 port 55466 ssh2 Oct 12 10:03:36 tdfoods sshd\[23870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.213.199.202 user=root Oct 12 10:03:38 tdfoods sshd\[23870\]: Failed password for root from 95.213.199.202 port 38242 ssh2 Oct 12 10:07:41 tdfoods sshd\[24211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.213.199.202 user=root	2019-10-13 04:10:20
23.129.64.190	attack	Oct 12 21:49:59 vpn01 sshd[3917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.190 Oct 12 21:50:02 vpn01 sshd[3917]: Failed password for invalid user bdm from 23.129.64.190 port 29901 ssh2 ...	2019-10-13 03:59:29
176.111.215.88	attackspam	slow and persistent scanner	2019-10-13 04:22:17
211.159.175.1	attackspambots	Oct 12 10:26:44 hanapaa sshd\[12713\]: Invalid user Test@1234 from 211.159.175.1 Oct 12 10:26:44 hanapaa sshd\[12713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.175.1 Oct 12 10:26:47 hanapaa sshd\[12713\]: Failed password for invalid user Test@1234 from 211.159.175.1 port 49752 ssh2 Oct 12 10:31:15 hanapaa sshd\[13120\]: Invalid user Contrasena@12345 from 211.159.175.1 Oct 12 10:31:15 hanapaa sshd\[13120\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.175.1	2019-10-13 04:32:09

最近上报的IP列表

193.140.39.39	88.116.5.26	117.136.31.226	186.249.213.59
61.138.222.55	116.29.140.31	65.50.209.87	49.79.195.0
175.172.238.249	81.28.100.121	211.138.12.232	121.205.98.173
211.138.12.231	49.87.247.22	34.94.99.121	209.95.48.117
107.151.222.202	114.67.82.158	178.207.160.6	121.233.57.105