182.30.130.112

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. Indosat Mega Media

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	1585490869 - 03/29/2020 16:07:49 Host: 182.30.130.112/182.30.130.112 Port: 445 TCP Blocked	2020-03-30 00:34:46

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 182.30.130.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8951
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;182.30.130.112.			IN	A

;; AUTHORITY SECTION:
.			310	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032900 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 30 00:34:40 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

112.130.30.182.in-addr.arpa has no PTR record

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 112.130.30.182.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
222.186.15.115	attackspam	(sshd) Failed SSH login from 222.186.15.115 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 27 15:51:59 amsweb01 sshd[10633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root Apr 27 15:52:02 amsweb01 sshd[10633]: Failed password for root from 222.186.15.115 port 18183 ssh2 Apr 27 15:52:03 amsweb01 sshd[10633]: Failed password for root from 222.186.15.115 port 18183 ssh2 Apr 27 15:52:06 amsweb01 sshd[10633]: Failed password for root from 222.186.15.115 port 18183 ssh2 Apr 27 15:52:08 amsweb01 sshd[10655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root	2020-04-27 21:59:30
81.4.106.155	attackbotsspam	Fail2Ban Ban Triggered (2)	2020-04-27 21:56:15
182.160.110.156	attack	Invalid user john from 182.160.110.156 port 48756	2020-04-27 22:01:51
80.82.77.234	attack	Apr 27 15:08:44 debian-2gb-nbg1-2 kernel: \[10251855.021562\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.234 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=4907 PROTO=TCP SPT=46599 DPT=55430 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-27 21:49:44
142.93.172.64	attack	Apr 27 15:14:26 sshd\[26325\]: User root from 142.93.172.64 not allowed because not listed in AllowUsersApr 27 15:14:28 sshd\[26325\]: Failed password for invalid user root from 142.93.172.64 port 56206 ssh2 ...	2020-04-27 21:31:04
182.1.28.78	attackspam	[Mon Apr 27 18:57:15.406646 2020] [:error] [pid 5829:tid 140575048124160] [client 182.1.28.78:47219] [client 182.1.28.78] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/image-loader-worker-v1.js"] [unique_id "XqbImzsqLtpMvmFBdz70@gACHAI"] ...	2020-04-27 21:22:50
179.40.43.1	attackbotsspam	2020-04-27T13:56:59.607475centos sshd[31979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.40.43.1 2020-04-27T13:56:59.597709centos sshd[31979]: Invalid user marie from 179.40.43.1 port 44466 2020-04-27T13:57:01.858035centos sshd[31979]: Failed password for invalid user marie from 179.40.43.1 port 44466 ssh2 ...	2020-04-27 21:38:46
213.195.120.166	attackbotsspam	web-1 [ssh] SSH Attack	2020-04-27 22:00:04
51.254.38.106	attackspambots	(sshd) Failed SSH login from 51.254.38.106 (FR/France/106.ip-51-254-38.eu): 5 in the last 3600 secs	2020-04-27 21:57:15
95.85.60.251	attackbotsspam	Apr 27 14:58:39 mail sshd[25263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.60.251 Apr 27 14:58:41 mail sshd[25263]: Failed password for invalid user testdb from 95.85.60.251 port 55846 ssh2 Apr 27 15:06:27 mail sshd[26931]: Failed password for root from 95.85.60.251 port 41332 ssh2	2020-04-27 21:33:52
180.76.119.34	attack	Apr 27 15:39:52 server sshd[1907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.119.34 Apr 27 15:39:54 server sshd[1907]: Failed password for invalid user brecht from 180.76.119.34 port 44374 ssh2 Apr 27 15:45:40 server sshd[2684]: Failed password for root from 180.76.119.34 port 48216 ssh2 ...	2020-04-27 21:50:44
13.70.1.39	attack	Apr 27 11:49:23 ws26vmsma01 sshd[61626]: Failed password for root from 13.70.1.39 port 45312 ssh2 ...	2020-04-27 21:53:03
222.76.48.73	attackspambots	Automatic report - Banned IP Access	2020-04-27 21:59:49
162.243.133.232	attackbotsspam	srv02 Mass scanning activity detected Target: 5984 ..	2020-04-27 21:37:55
152.136.207.121	attack	Tried sshing with brute force.	2020-04-27 21:42:19

最近上报的IP列表

40.94.112.40	33.94.196.228	148.255.80.245	51.38.115.161
75.143.115.103	91.1.189.14	41.220.193.1	36.78.99.149
104.131.219.209	164.68.127.200	87.117.9.12	82.213.13.46
93.103.96.56	86.155.90.25	187.8.123.158	182.161.3.179
180.93.149.35	125.227.130.126	118.44.102.24	115.43.177.132