204.93.180.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Rethem Hosting LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	port scanning	2019-11-30 15:51:43

相同子网IP讨论:

IP	类型	评论内容	时间
204.93.180.12	attackbots	Unauthorized SMTP/IMAP/POP3 connection attempt	2020-02-13 03:17:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 204.93.180.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42001
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;204.93.180.6.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 06 20:08:38 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

6.180.93.204.in-addr.arpa domain name pointer unknown.scnet.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
6.180.93.204.in-addr.arpa	name = unknown.scnet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
54.38.75.42	attackbots	Jul 29 16:48:27 prod4 sshd\[1687\]: Failed password for sshd from 54.38.75.42 port 40234 ssh2 Jul 29 16:48:27 prod4 sshd\[1687\]: Failed password for sshd from 54.38.75.42 port 40234 ssh2 Jul 29 16:48:29 prod4 sshd\[1687\]: Failed password for sshd from 54.38.75.42 port 40234 ssh2 ...	2020-07-29 23:03:35
54.38.54.248	attack	C1,WP GET /suche/wp-login.php	2020-07-29 23:10:26
210.30.64.181	attack	Jul 29 14:26:43 rocket sshd[25021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.30.64.181 Jul 29 14:26:45 rocket sshd[25021]: Failed password for invalid user cbah from 210.30.64.181 port 47099 ssh2 ...	2020-07-29 23:33:55
88.150.241.123	attack	88.150.241.123 - - \[29/Jul/2020:05:10:28 -0700\] "HEAD /1596024628650557057 HTTP/1.1" 404 -88.150.241.123 - - \[29/Jul/2020:05:10:32 -0700\] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 2049588.150.241.123 - - \[29/Jul/2020:05:10:33 -0700\] "GET /wp-admin HTTP/1.1" 404 20419 ...	2020-07-29 23:47:21
60.217.72.12	attack	SMTP Brute-Force	2020-07-29 23:26:31
139.99.98.248	attackspambots	SSH Brute Force	2020-07-29 23:12:21
75.112.68.166	attackbotsspam	2020-07-29T12:11:27+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-07-29 23:08:35
122.51.27.69	attack	Jul 29 08:21:44 ny01 sshd[21911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.27.69 Jul 29 08:21:47 ny01 sshd[21911]: Failed password for invalid user lby from 122.51.27.69 port 53044 ssh2 Jul 29 08:26:59 ny01 sshd[22915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.27.69	2020-07-29 23:20:30
167.114.152.170	attackspambots	masters-of-media.de 167.114.152.170 [29/Jul/2020:17:20:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6163 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" masters-of-media.de 167.114.152.170 [29/Jul/2020:17:20:01 +0200] "POST /wp-login.php HTTP/1.1" 200 6120 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-29 23:34:41
103.145.12.209	attackbots	[2020-07-29 10:05:48] NOTICE[1248] chan_sip.c: Registration from '"60000" ' failed for '103.145.12.209:5428' - Wrong password [2020-07-29 10:05:48] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-07-29T10:05:48.328-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="60000",SessionID="0x7f2720048e48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.209/5428",Challenge="378440da",ReceivedChallenge="378440da",ReceivedHash="d9690370aff079cb6b2cfdd4163bfc36" [2020-07-29 10:05:48] NOTICE[1248] chan_sip.c: Registration from '"60000" ' failed for '103.145.12.209:5428' - Wrong password [2020-07-29 10:05:48] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-07-29T10:05:48.446-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="60000",SessionID="0x7f2720061a18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IP ...	2020-07-29 23:17:44
221.150.22.201	attackbotsspam	Jul 29 16:56:15 vps1 sshd[25408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.150.22.201 Jul 29 16:56:17 vps1 sshd[25408]: Failed password for invalid user chengxiaobang from 221.150.22.201 port 32850 ssh2 Jul 29 16:59:32 vps1 sshd[25453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.150.22.201 Jul 29 16:59:34 vps1 sshd[25453]: Failed password for invalid user qdyh from 221.150.22.201 port 59502 ssh2 Jul 29 17:02:51 vps1 sshd[25506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.150.22.201 Jul 29 17:02:53 vps1 sshd[25506]: Failed password for invalid user mouzj from 221.150.22.201 port 59432 ssh2 Jul 29 17:06:05 vps1 sshd[25549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.150.22.201 ...	2020-07-29 23:15:30
192.241.219.24	attackbotsspam	[Wed Jul 29 19:11:14.042698 2020] [:error] [pid 19652:tid 139696495654656] [client 192.241.219.24:56880] [client 192.241.219.24] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "zgrab" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "55"] [id "913100"] [msg "Found User-Agent associated with security scanner"] [data "Matched Data: zgrab found within REQUEST_HEADERS:User-Agent: mozilla/5.0 zgrab/0.x"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-scanner"] [tag "OWASP_CRS"] [tag "OWASP_CRS/AUTOMATION/SECURITY_SCANNER"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/hudson"] [unique_id "XyFnYi94dEcZYJlQoguMFQAAAe8"] ...	2020-07-29 23:12:42
139.59.13.55	attackspambots	Jul 29 17:16:42 inter-technics sshd[8368]: Invalid user pbsadmin from 139.59.13.55 port 40173 Jul 29 17:16:42 inter-technics sshd[8368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.13.55 Jul 29 17:16:42 inter-technics sshd[8368]: Invalid user pbsadmin from 139.59.13.55 port 40173 Jul 29 17:16:44 inter-technics sshd[8368]: Failed password for invalid user pbsadmin from 139.59.13.55 port 40173 ssh2 Jul 29 17:21:19 inter-technics sshd[8824]: Invalid user shenweifeng from 139.59.13.55 port 45901 ...	2020-07-29 23:25:43
123.206.64.111	attackspam	Jul 29 14:02:45 Ubuntu-1404-trusty-64-minimal sshd\[2804\]: Invalid user wangjiamin from 123.206.64.111 Jul 29 14:02:45 Ubuntu-1404-trusty-64-minimal sshd\[2804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.64.111 Jul 29 14:02:47 Ubuntu-1404-trusty-64-minimal sshd\[2804\]: Failed password for invalid user wangjiamin from 123.206.64.111 port 32858 ssh2 Jul 29 14:10:52 Ubuntu-1404-trusty-64-minimal sshd\[7642\]: Invalid user csy from 123.206.64.111 Jul 29 14:10:52 Ubuntu-1404-trusty-64-minimal sshd\[7642\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.64.111	2020-07-29 23:37:52
95.142.89.125	attack	Email rejected due to spam filtering	2020-07-29 23:33:15

最近上报的IP列表

218.89.98.228	2001:2d8:e877:51fa::9e1:b0a4	111.6.78.158	49.69.175.116
114.25.112.225	3.19.51.34	185.74.189.184	211.134.214.51
159.65.150.85	109.254.173.9	77.42.114.61	47.188.124.243
42.176.134.38	192.241.152.168	180.126.59.45	37.202.112.140
155.138.206.153	90.206.98.74	148.70.97.250	96.61.152.44