213.230.80.6 - IPInfo

基本信息:

城市(city): Tashkent

省份(region): Toshkent Shahri

国家(country): Uzbekistan

运营商(isp): Uzbektelekom Joint Stock Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Nov 7 07:17:36 mxgate1 postfix/postscreen[13848]: CONNECT from [213.230.80.6]:5720 to [176.31.12.44]:25 Nov 7 07:17:36 mxgate1 postfix/dnsblog[13850]: addr 213.230.80.6 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 7 07:17:36 mxgate1 postfix/dnsblog[13850]: addr 213.230.80.6 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 7 07:17:36 mxgate1 postfix/dnsblog[13853]: addr 213.230.80.6 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 7 07:17:36 mxgate1 postfix/postscreen[13848]: PREGREET 21 after 0.17 from [213.230.80.6]:5720: EHLO [213.230.80.6] Nov 7 07:17:37 mxgate1 postfix/dnsblog[13849]: addr 213.230.80.6 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 7 07:17:37 mxgate1 postfix/postscreen[13848]: DNSBL rank 4 for [213.230.80.6]:5720 Nov x@x Nov 7 07:17:37 mxgate1 postfix/postscreen[13848]: HANGUP after 0.46 from [213.230.80.6]:5720 in tests after SMTP handshake Nov 7 07:17:37 mxgate1 postfix/postscreen[13848]: DISCONNECT [213.230.80.6]:572........ -------------------------------	2019-11-07 19:52:28

类型

评论内容

时间

attackbotsspam

Nov  7 07:17:36 mxgate1 postfix/postscreen[13848]: CONNECT from [213.230.80.6]:5720 to [176.31.12.44]:25
Nov  7 07:17:36 mxgate1 postfix/dnsblog[13850]: addr 213.230.80.6 listed by domain zen.spamhaus.org as 127.0.0.11
Nov  7 07:17:36 mxgate1 postfix/dnsblog[13850]: addr 213.230.80.6 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 07:17:36 mxgate1 postfix/dnsblog[13853]: addr 213.230.80.6 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  7 07:17:36 mxgate1 postfix/postscreen[13848]: PREGREET 21 after 0.17 from [213.230.80.6]:5720: EHLO [213.230.80.6]

Nov  7 07:17:37 mxgate1 postfix/dnsblog[13849]: addr 213.230.80.6 listed by domain cbl.abuseat.org as 127.0.0.2
Nov  7 07:17:37 mxgate1 postfix/postscreen[13848]: DNSBL rank 4 for [213.230.80.6]:5720
Nov x@x
Nov  7 07:17:37 mxgate1 postfix/postscreen[13848]: HANGUP after 0.46 from [213.230.80.6]:5720 in tests after SMTP handshake
Nov  7 07:17:37 mxgate1 postfix/postscreen[13848]: DISCONNECT [213.230.80.6]:572........
-------------------------------

2019-11-07 19:52:28

相同子网IP讨论:

IP	类型	评论内容	时间
213.230.80.107	attackbots	port scan and connect, tcp 21 (ftp)	2020-07-18 00:44:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.230.80.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2041
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.230.80.6.			IN	A

;; AUTHORITY SECTION:
.			524	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110700 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 07 19:52:25 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

6.80.230.213.in-addr.arpa domain name pointer 6.64.uzpak.uz.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.80.230.213.in-addr.arpa	name = 6.64.uzpak.uz.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
51.105.25.88	attackspam	Oct 7 21:51:56 ws22vmsma01 sshd[244472]: Failed password for root from 51.105.25.88 port 50950 ssh2 ...	2020-10-09 05:20:56
159.65.133.13	attackbots	Oct 8 22:16:55 server sshd[30745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.133.13 user=root Oct 8 22:16:57 server sshd[30745]: Failed password for invalid user root from 159.65.133.13 port 49398 ssh2 Oct 8 22:19:42 server sshd[30824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.133.13 user=root Oct 8 22:19:45 server sshd[30824]: Failed password for invalid user root from 159.65.133.13 port 57706 ssh2	2020-10-09 05:17:29
189.39.121.97	attack	20/10/8@14:06:55: FAIL: Alarm-Network address from=189.39.121.97 ...	2020-10-09 05:29:33
80.210.27.28	attackbots	Unauthorized connection attempt from IP address 80.210.27.28 on Port 445(SMB)	2020-10-09 05:36:09
183.82.122.109	attackbotsspam	Unauthorized connection attempt from IP address 183.82.122.109 on Port 445(SMB)	2020-10-09 05:40:51
95.109.88.253	attackbotsspam	SSH invalid-user multiple login attempts	2020-10-09 05:12:41
122.51.248.76	attack	Oct 8 20:58:40 sshgateway sshd\[19045\]: Invalid user ian from 122.51.248.76 Oct 8 20:58:40 sshgateway sshd\[19045\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.248.76 Oct 8 20:58:42 sshgateway sshd\[19045\]: Failed password for invalid user ian from 122.51.248.76 port 34718 ssh2	2020-10-09 05:01:46
194.5.206.145	attackspambots	Oct 8 21:38:06 rancher-0 sshd[547736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.5.206.145 user=root Oct 8 21:38:09 rancher-0 sshd[547736]: Failed password for root from 194.5.206.145 port 50808 ssh2 ...	2020-10-09 05:22:13
104.168.214.86	attack	Oct 8 11:05:14 mail postfix/smtpd[27643]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: authentication failure	2020-10-09 05:12:13
49.232.114.29	attack	2020-10-08T19:28:56.513924ks3355764 sshd[451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.114.29 user=root 2020-10-08T19:28:57.977923ks3355764 sshd[451]: Failed password for root from 49.232.114.29 port 35654 ssh2 ...	2020-10-09 05:30:07
171.252.94.170	attack	23/tcp [2020-10-08]1pkt	2020-10-09 05:20:45
60.167.177.172	attackspambots	Oct 7 16:34:22 lanister sshd[21890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.177.172 user=root Oct 7 16:34:24 lanister sshd[21890]: Failed password for root from 60.167.177.172 port 36250 ssh2 Oct 7 16:46:32 lanister sshd[22095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.177.172 user=root Oct 7 16:46:35 lanister sshd[22095]: Failed password for root from 60.167.177.172 port 42776 ssh2	2020-10-09 05:11:26
111.75.222.141	attackspambots	Unauthorized connection attempt from IP address 111.75.222.141 on Port 445(SMB)	2020-10-09 05:21:55
181.57.148.194	attackspambots	20/10/8@00:40:38: FAIL: Alarm-Network address from=181.57.148.194 20/10/8@00:40:39: FAIL: Alarm-Network address from=181.57.148.194 ...	2020-10-09 05:39:24
27.66.117.100	attackspambots	TCP (SYN) 27.66.117.100:42879 -> port 23, len 40	2020-10-09 05:30:25

最近上报的IP列表

59.144.88.66	85.141.126.144	156.238.168.170	14.186.163.161
145.239.93.149	111.53.115.116	78.204.123.164	114.235.35.26
92.255.201.134	89.83.237.114	173.212.229.22	185.165.28.163
49.235.91.217	91.200.151.226	109.100.62.50	139.59.91.176
185.15.37.55	58.56.244.50	125.112.47.4	183.166.145.134