220.244.104.207

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Australia

运营商(isp): TPG Internet Pty Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	23/tcp [2020-01-29]1pkt	2020-01-30 01:30:44
attackspam	Unauthorized connection attempt detected from IP address 220.244.104.207 to port 23 [J]	2020-01-25 01:59:54

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.244.104.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1398
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.244.104.207.		IN	A

;; AUTHORITY SECTION:
.			588	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012400 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 25 01:59:50 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

207.104.244.220.in-addr.arpa domain name pointer 220-244-104-207.static.tpgi.com.au.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
207.104.244.220.in-addr.arpa	name = 220-244-104-207.static.tpgi.com.au.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
189.90.14.101	attack	Sep 13 11:51:32 host1 sshd[247617]: Invalid user jix from 189.90.14.101 port 62145 Sep 13 11:51:32 host1 sshd[247617]: Invalid user jix from 189.90.14.101 port 62145 Sep 13 11:51:32 host1 sshd[247617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.90.14.101 Sep 13 11:51:32 host1 sshd[247617]: Invalid user jix from 189.90.14.101 port 62145 Sep 13 11:51:34 host1 sshd[247617]: Failed password for invalid user jix from 189.90.14.101 port 62145 ssh2 ...	2020-09-13 17:55:59
144.217.94.188	attackspam	Failed password for invalid user html from 144.217.94.188 port 34266 ssh2	2020-09-13 18:02:19
178.128.72.84	attack	2020-09-12 UTC: (41x) - PlcmSpIp,admin(2x),b,bernard,dbuser,huawei,hurt,root(28x),test,test5,tomcat,upload,vali	2020-09-13 17:50:37
212.129.25.123	attackspam	WordPress wp-login brute force :: 212.129.25.123 0.108 - [13/Sep/2020:07:43:42 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-09-13 18:08:23
191.53.52.20	attackbots	Sep 13 03:26:00 mail.srvfarm.net postfix/smtpd[891607]: warning: unknown[191.53.52.20]: SASL PLAIN authentication failed: Sep 13 03:26:01 mail.srvfarm.net postfix/smtpd[891607]: lost connection after AUTH from unknown[191.53.52.20] Sep 13 03:26:26 mail.srvfarm.net postfix/smtps/smtpd[893602]: warning: unknown[191.53.52.20]: SASL PLAIN authentication failed: Sep 13 03:26:26 mail.srvfarm.net postfix/smtps/smtpd[893602]: lost connection after AUTH from unknown[191.53.52.20] Sep 13 03:30:20 mail.srvfarm.net postfix/smtpd[891609]: warning: unknown[191.53.52.20]: SASL PLAIN authentication failed:	2020-09-13 17:28:34
31.172.188.22	attackbots	Attempted Brute Force (dovecot)	2020-09-13 17:43:15
181.52.249.177	attackbots	Sep 13 12:39:41 pkdns2 sshd\[55697\]: Failed password for root from 181.52.249.177 port 40929 ssh2Sep 13 12:40:21 pkdns2 sshd\[55781\]: Failed password for root from 181.52.249.177 port 44321 ssh2Sep 13 12:41:01 pkdns2 sshd\[55793\]: Failed password for root from 181.52.249.177 port 47713 ssh2Sep 13 12:41:38 pkdns2 sshd\[55834\]: Invalid user invite from 181.52.249.177Sep 13 12:41:41 pkdns2 sshd\[55834\]: Failed password for invalid user invite from 181.52.249.177 port 51106 ssh2Sep 13 12:42:20 pkdns2 sshd\[55861\]: Failed password for root from 181.52.249.177 port 54502 ssh2 ...	2020-09-13 17:49:37
211.108.168.106	attack	SSH Brute Force	2020-09-13 17:47:23
186.227.161.37	attackbots	Sep 12 18:23:44 mail.srvfarm.net postfix/smtpd[533938]: warning: unknown[186.227.161.37]: SASL PLAIN authentication failed: Sep 12 18:23:44 mail.srvfarm.net postfix/smtpd[533938]: lost connection after AUTH from unknown[186.227.161.37] Sep 12 18:27:38 mail.srvfarm.net postfix/smtps/smtpd[548128]: warning: unknown[186.227.161.37]: SASL PLAIN authentication failed: Sep 12 18:27:39 mail.srvfarm.net postfix/smtps/smtpd[548128]: lost connection after AUTH from unknown[186.227.161.37] Sep 12 18:29:21 mail.srvfarm.net postfix/smtps/smtpd[546438]: warning: unknown[186.227.161.37]: SASL PLAIN authentication failed:	2020-09-13 17:30:39
79.125.160.114	attack	Email rejected due to spam filtering	2020-09-13 17:59:56
141.98.9.167	attack	2020-09-13T10:44:46.767829centos sshd[24518]: Invalid user guest from 141.98.9.167 port 37345 2020-09-13T10:44:46.767829centos sshd[24518]: Invalid user guest from 141.98.9.167 port 37345 2020-09-13T10:44:46.772241centos sshd[24518]: Failed none for invalid user guest from 141.98.9.167 port 37345 ssh2 ...	2020-09-13 17:35:18
198.12.227.90	attackspam	198.12.227.90 - - [13/Sep/2020:09:53:15 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.12.227.90 - - [13/Sep/2020:10:09:22 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-13 17:49:16
5.200.91.146	attack	Sep 12 18:20:17 mail.srvfarm.net postfix/smtpd[533956]: warning: unknown[5.200.91.146]: SASL PLAIN authentication failed: Sep 12 18:20:17 mail.srvfarm.net postfix/smtpd[533956]: lost connection after AUTH from unknown[5.200.91.146] Sep 12 18:24:34 mail.srvfarm.net postfix/smtpd[531922]: warning: unknown[5.200.91.146]: SASL PLAIN authentication failed: Sep 12 18:24:34 mail.srvfarm.net postfix/smtpd[531922]: lost connection after AUTH from unknown[5.200.91.146] Sep 12 18:24:58 mail.srvfarm.net postfix/smtpd[533956]: warning: unknown[5.200.91.146]: SASL PLAIN authentication failed:	2020-09-13 17:43:40
45.129.33.43	attackbots	Sep 13 10:37:54 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=45.129.33.43 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=15145 PROTO=TCP SPT=45927 DPT=11736 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 13 10:50:27 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=45.129.33.43 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=7419 PROTO=TCP SPT=45927 DPT=11675 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 13 10:51:19 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=45.129.33.43 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=63533 PROTO=TCP SPT=45927 DPT=11638 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 13 11:19:28 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=45.129.33.43 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=53861 PROTO=TCP SPT=45927 DPT=11873 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 13 11:39:32 *hidd ...	2020-09-13 18:00:11
103.207.6.133	attackbotsspam	Sep 12 18:16:09 mail.srvfarm.net postfix/smtps/smtpd[532199]: warning: unknown[103.207.6.133]: SASL PLAIN authentication failed: Sep 12 18:16:10 mail.srvfarm.net postfix/smtps/smtpd[532199]: lost connection after AUTH from unknown[103.207.6.133] Sep 12 18:18:08 mail.srvfarm.net postfix/smtpd[531922]: warning: unknown[103.207.6.133]: SASL PLAIN authentication failed: Sep 12 18:18:08 mail.srvfarm.net postfix/smtpd[531922]: lost connection after AUTH from unknown[103.207.6.133] Sep 12 18:24:32 mail.srvfarm.net postfix/smtps/smtpd[547816]: warning: unknown[103.207.6.133]: SASL PLAIN authentication failed:	2020-09-13 17:38:13

最近上报的IP列表

14.163.138.49	84.17.62.143	171.88.42.194	2.45.235.100
114.67.73.185	151.106.52.18	178.128.30.105	146.0.84.148
103.133.109.107	32.8.24.13	56.45.87.46	105.112.177.128
41.224.252.247	27.57.139.8	189.78.152.192	59.30.85.18
157.245.204.227	119.51.219.65	95.59.169.74	88.12.58.96