30.131.216.137

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 30.131.216.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31293
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;30.131.216.137.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020301 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 03:13:28 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

Host 137.216.131.30.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.216.131.30.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
221.229.247.179	attack	Jul 8 22:25:30 mailman dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=, method=PLAIN, rip=221.229.247.179, lip=[munged], TLS	2019-07-09 16:16:52
31.134.224.226	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 14:14:06,114 INFO [shellcode_manager] (31.134.224.226) no match, writing hexdump (ab18299770a6e7bdc69893e5061ce0fc :2136201) - MS17010 (EternalBlue)	2019-07-09 16:18:53
113.161.46.37	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 12:48:33,947 INFO [shellcode_manager] (113.161.46.37) no match, writing hexdump (7849856a15ee82e335f2213075682f18 :2110858) - MS17010 (EternalBlue)	2019-07-09 16:31:25
123.182.231.248	attack	Port Scan detected from 123.182.231.248 (CN/China/-). 4 hits in the last 135 seconds	2019-07-09 16:32:30
134.209.83.125	attackbots	Jul 8 08:07:43 GIZ-Server-02 sshd[12090]: User r.r from 134.209.83.125 not allowed because not listed in AllowUsers Jul 8 08:07:43 GIZ-Server-02 sshd[12090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.83.125 user=r.r Jul 8 08:07:45 GIZ-Server-02 sshd[12090]: Failed password for invalid user r.r from 134.209.83.125 port 55052 ssh2 Jul 8 08:07:45 GIZ-Server-02 sshd[12090]: Received disconnect from 134.209.83.125: 11: Bye Bye [preauth] Jul 8 08:07:45 GIZ-Server-02 sshd[12109]: Invalid user admin from 134.209.83.125 Jul 8 08:07:45 GIZ-Server-02 sshd[12109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.83.125 Jul 8 08:07:47 GIZ-Server-02 sshd[12109]: Failed password for invalid user admin from 134.209.83.125 port 57154 ssh2 Jul 8 08:07:47 GIZ-Server-02 sshd[12109]: Received disconnect from 134.209.83.125: 11: Bye Bye [preauth] Jul 8 08:07:48 GIZ-Server-02 sshd[1........ -------------------------------	2019-07-09 16:08:09
196.41.122.250	attackbotsspam	Jul 8 09:30:37 josie sshd[32551]: Invalid user upload from 196.41.122.250 Jul 8 09:30:37 josie sshd[32551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.41.122.250 Jul 8 09:30:40 josie sshd[32551]: Failed password for invalid user upload from 196.41.122.250 port 60458 ssh2 Jul 8 09:30:40 josie sshd[32556]: Received disconnect from 196.41.122.250: 11: Bye Bye Jul 8 09:32:55 josie sshd[1596]: Invalid user test from 196.41.122.250 Jul 8 09:32:55 josie sshd[1596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.41.122.250 Jul 8 09:32:57 josie sshd[1596]: Failed password for invalid user test from 196.41.122.250 port 52174 ssh2 Jul 8 09:32:57 josie sshd[1597]: Received disconnect from 196.41.122.250: 11: Bye Bye Jul 8 09:34:48 josie sshd[3163]: Invalid user reg from 196.41.122.250 Jul 8 09:34:48 josie sshd[3163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 e........ -------------------------------	2019-07-09 16:00:57
203.195.155.100	attack	Jul 8 22:01:16 * sshd[6458]: Invalid user xxxxxxtian from 203.195.155.100 port 52686 Jul 8 22:01:18 * sshd[6458]: Failed password for invalid user xxxxxxtian from 203.195.155.100 port 52686 ssh2 Jul 8 22:01:19 * sshd[6458]: Received disconnect from 203.195.155.100 port 52686:11: Bye Bye [preauth] Jul 8 22:01:19 * sshd[6458]: Disconnected from 203.195.155.100 port 52686 [preauth] Jul 8 22:02:47 * sshd[7659]: Invalid user mb from 203.195.155.100 port 37756 Jul 8 22:02:50 * sshd[7659]: Failed password for invalid user mb from 203.195.155.100 port 37756 ssh2 Jul 8 22:02:50 * sshd[7659]: Received disconnect from 203.195.155.100 port 37756:11: Bye Bye [preauth] Jul 8 22:02:50 * sshd[7659]: Disconnected from 203.195.155.100 port 37756 [preauth] Jul 8 22:03:47 * sshd[8501]: Invalid user admin from 203.195.155.100 port 46586 Jul 8 22:03:49 * sshd[8501]: Failed password for invalid user admin from 203.195.155.100 port 46586 ssh2 Jul 8 22:03:49 *** s........ -------------------------------	2019-07-09 16:25:06
104.153.251.139	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-07-09 16:09:02
51.255.98.249	attackspambots	WordPress wp-login brute force :: 51.255.98.249 0.068 BYPASS [09/Jul/2019:16:29:47 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 4214 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-09 16:18:00
101.255.52.22	attack	[Tue Jul 09 10:26:34.060015 2019] [:error] [pid 11585:tid 140310080325376] [client 101.255.52.22:49621] [client 101.255.52.22] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XSQJaoBIf5GA96T0U89q@gAAABA"] ...	2019-07-09 15:57:28
211.240.105.132	attack	detected by Fail2Ban	2019-07-09 16:44:54
185.234.219.17	attackspam	Automatic report - Web App Attack	2019-07-09 16:03:00
14.248.72.219	attack	Jul 9 05:14:11 pl3server sshd[1545579]: Address 14.248.72.219 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 9 05:14:11 pl3server sshd[1545579]: Invalid user admin from 14.248.72.219 Jul 9 05:14:11 pl3server sshd[1545579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.248.72.219 Jul 9 05:14:13 pl3server sshd[1545579]: Failed password for invalid user admin from 14.248.72.219 port 59904 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.248.72.219	2019-07-09 16:11:32
81.22.45.219	attackspambots	Honeypot attack, port: 81, PTR: PTR record not found	2019-07-09 16:38:37
77.247.110.223	attack	Port Scan detected from 77.247.110.223 (NL/Netherlands/-). 4 hits in the last 145 seconds	2019-07-09 16:27:33

最近上报的IP列表

5.103.199.159	202.113.14.103	85.131.129.216	64.97.119.147
247.109.183.193	145.10.68.45	24.189.12.90	145.158.176.21
42.187.184.49	19.150.162.30	3.2.102.113	252.137.203.1
141.243.187.109	224.150.0.135	240.50.24.15	166.109.154.147
29.146.13.79	176.106.23.159	97.109.214.124	191.254.140.50