218.11.30.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Hebei Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorised access (Oct 19) SRC=218.11.30.20 LEN=40 TTL=49 ID=43607 TCP DPT=8080 WINDOW=43868 SYN Unauthorised access (Oct 19) SRC=218.11.30.20 LEN=40 TTL=49 ID=37053 TCP DPT=8080 WINDOW=43868 SYN Unauthorised access (Oct 17) SRC=218.11.30.20 LEN=40 TTL=49 ID=47523 TCP DPT=8080 WINDOW=43868 SYN Unauthorised access (Oct 16) SRC=218.11.30.20 LEN=40 TTL=49 ID=28411 TCP DPT=8080 WINDOW=43868 SYN Unauthorised access (Oct 16) SRC=218.11.30.20 LEN=40 TTL=49 ID=5400 TCP DPT=8080 WINDOW=40138 SYN Unauthorised access (Oct 15) SRC=218.11.30.20 LEN=40 TTL=49 ID=20272 TCP DPT=8080 WINDOW=43868 SYN	2019-10-19 20:01:23

类型

评论内容

时间

attack

Unauthorised access (Oct 19) SRC=218.11.30.20 LEN=40 TTL=49 ID=43607 TCP DPT=8080 WINDOW=43868 SYN 
Unauthorised access (Oct 19) SRC=218.11.30.20 LEN=40 TTL=49 ID=37053 TCP DPT=8080 WINDOW=43868 SYN 
Unauthorised access (Oct 17) SRC=218.11.30.20 LEN=40 TTL=49 ID=47523 TCP DPT=8080 WINDOW=43868 SYN 
Unauthorised access (Oct 16) SRC=218.11.30.20 LEN=40 TTL=49 ID=28411 TCP DPT=8080 WINDOW=43868 SYN 
Unauthorised access (Oct 16) SRC=218.11.30.20 LEN=40 TTL=49 ID=5400 TCP DPT=8080 WINDOW=40138 SYN 
Unauthorised access (Oct 15) SRC=218.11.30.20 LEN=40 TTL=49 ID=20272 TCP DPT=8080 WINDOW=43868 SYN

2019-10-19 20:01:23

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.11.30.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24711
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;218.11.30.20.			IN	A

;; AUTHORITY SECTION:
.			472	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101900 1800 900 604800 86400

;; Query time: 169 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 19 20:01:20 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 20.30.11.218.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 20.30.11.218.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
103.13.31.73	attackspambots	Sep 4 13:12:33 vps647732 sshd[25758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.13.31.73 Sep 4 13:12:35 vps647732 sshd[25758]: Failed password for invalid user info from 103.13.31.73 port 33896 ssh2 ...	2020-09-04 23:24:41
45.129.33.154	attackbotsspam	SRC=45.129.33.154 PROTO=TCP SPT=59977 DPT=10066	2020-09-04 23:49:44
207.180.232.135	attack	Fail2Ban Ban Triggered	2020-09-04 23:06:28
209.97.179.52	attackbots	Automatic report - Banned IP Access	2020-09-04 23:34:43
218.92.0.248	attackspam	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-04 23:16:45
188.226.167.212	attack	Port Scan ...	2020-09-04 23:47:05
179.124.36.196	attackbots	Sep 4 16:31:25 lnxded63 sshd[24757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.124.36.196	2020-09-04 23:53:13
3.96.10.90	attackspam	Automatic report - Banned IP Access	2020-09-04 23:10:51
222.186.175.215	attackspambots	Sep 4 17:41:04 sso sshd[11093]: Failed password for root from 222.186.175.215 port 6008 ssh2 Sep 4 17:41:14 sso sshd[11093]: Failed password for root from 222.186.175.215 port 6008 ssh2 ...	2020-09-04 23:41:51
177.200.68.157	attackbotsspam	Sep 3 18:47:55 mellenthin postfix/smtpd[20177]: NOQUEUE: reject: RCPT from 177-200-68-157.dynamic.skysever.com.br[177.200.68.157]: 554 5.7.1 Service unavailable; Client host [177.200.68.157] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/177.200.68.157; from= to= proto=ESMTP helo=<177-200-68-157.dynamic.skysever.com.br>	2020-09-04 23:28:43
197.185.99.55	attackbotsspam	Sep 2 10:19:05 mxgate1 postfix/postscreen[17278]: CONNECT from [197.185.99.55]:40433 to [176.31.12.44]:25 Sep 2 10:19:05 mxgate1 postfix/dnsblog[17284]: addr 197.185.99.55 listed by domain bl.spamcop.net as 127.0.0.2 Sep 2 10:19:05 mxgate1 postfix/dnsblog[17285]: addr 197.185.99.55 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Sep 2 10:19:05 mxgate1 postfix/dnsblog[17283]: addr 197.185.99.55 listed by domain zen.spamhaus.org as 127.0.0.2 Sep 2 10:19:05 mxgate1 postfix/dnsblog[17283]: addr 197.185.99.55 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 2 10:19:05 mxgate1 postfix/dnsblog[17283]: addr 197.185.99.55 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 2 10:19:05 mxgate1 postfix/dnsblog[17286]: addr 197.185.99.55 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 2 10:19:05 mxgate1 postfix/dnsblog[17287]: addr 197.185.99.55 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 2 10:19:11 mxgate1 postfix/postscreen[17278]: DNSBL rank 6 for [197........ -------------------------------	2020-09-04 23:23:25
184.178.172.28	attackspam	Dovecot Invalid User Login Attempt.	2020-09-04 23:15:10
41.142.245.48	attackbotsspam	2020-09-03 11:40:01.688513-0500 localhost smtpd[17531]: NOQUEUE: reject: RCPT from unknown[41.142.245.48]: 554 5.7.1 Service unavailable; Client host [41.142.245.48] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/41.142.245.48; from= to= proto=ESMTP helo=<[41.142.245.48]>	2020-09-04 23:19:59
123.171.42.28	attackbotsspam	Lines containing failures of 123.171.42.28 Sep 2 04:12:33 newdogma sshd[22349]: Connection closed by 123.171.42.28 port 55930 [preauth] Sep 2 04:14:17 newdogma sshd[22639]: Invalid user mysql from 123.171.42.28 port 47770 Sep 2 04:14:17 newdogma sshd[22639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.171.42.28 Sep 2 04:14:19 newdogma sshd[22639]: Failed password for invalid user mysql from 123.171.42.28 port 47770 ssh2 Sep 2 04:14:21 newdogma sshd[22639]: Received disconnect from 123.171.42.28 port 47770:11: Bye Bye [preauth] Sep 2 04:14:21 newdogma sshd[22639]: Disconnected from invalid user mysql 123.171.42.28 port 47770 [preauth] Sep 2 04:16:08 newdogma sshd[23038]: Invalid user stack from 123.171.42.28 port 39616 Sep 2 04:16:08 newdogma sshd[23038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.171.42.28 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip	2020-09-04 23:01:41
103.255.242.220	attack	Lines containing failures of 103.255.242.220 Sep 2 04:27:36 newdogma sshd[25502]: Invalid user elisa from 103.255.242.220 port 35020 Sep 2 04:27:36 newdogma sshd[25502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.255.242.220 Sep 2 04:27:37 newdogma sshd[25502]: Failed password for invalid user elisa from 103.255.242.220 port 35020 ssh2 Sep 2 04:27:38 newdogma sshd[25502]: Received disconnect from 103.255.242.220 port 35020:11: Bye Bye [preauth] Sep 2 04:27:38 newdogma sshd[25502]: Disconnected from invalid user elisa 103.255.242.220 port 35020 [preauth] Sep 2 04:31:41 newdogma sshd[26399]: Invalid user minecraft from 103.255.242.220 port 58928 Sep 2 04:31:41 newdogma sshd[26399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.255.242.220 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.255.242.220	2020-09-04 23:38:15

最近上报的IP列表

59.147.219.72	232.184.35.195	76.82.191.132	189.15.105.171
78.189.85.136	152.254.206.50	34.5.211.15	78.251.177.103
137.165.32.192	52.44.17.205	92.63.204.48	206.253.56.185
190.232.181.192	156.105.152.117	210.245.51.51	109.224.12.170
91.211.246.96	182.68.71.23	59.94.166.203	36.67.222.187