111.42.66.178 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Mobile Communications Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-15 02:36:42

相同子网IP讨论:

IP	类型	评论内容	时间
111.42.66.27	attack	Unauthorized connection attempt detected from IP address 111.42.66.27 to port 8080	2020-05-31 03:43:33
111.42.66.150	attackbotsspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-05-21 03:30:06
111.42.66.48	attackbots	Unauthorized connection attempt detected from IP address 111.42.66.48 to port 8080 [T]	2020-05-09 18:54:19
111.42.66.143	attackbots	WEB Remote Command Execution via Shell Script -1.a	2020-05-09 07:20:47
111.42.66.43	attackbots	Automatic report - Port Scan Attack	2020-05-08 07:03:12
111.42.66.48	attackspam	Unauthorised access (May 6) SRC=111.42.66.48 LEN=60 TOS=0x04 TTL=52 ID=27433 DF TCP DPT=8080 WINDOW=5840 SYN	2020-05-07 01:18:13
111.42.66.162	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-04-12 21:54:06
111.42.66.151	attackspam	111.42.66.151 - - \[21/Feb/2020:05:56:51 +0100\] "POST /HNAP1/ HTTP/1.0" 301 551 "-" "-"	2020-02-21 14:49:02
111.42.66.45	attackspambots	unauthorized connection attempt	2020-02-16 19:18:24
111.42.66.31	attackspambots	Automatic report - Port Scan Attack	2020-01-30 21:38:03
111.42.66.36	attackspambots	Unauthorized connection attempt detected from IP address 111.42.66.36 to port 23 [J]	2020-01-29 03:41:57
111.42.66.16	attack	unauthorized connection attempt	2020-01-12 20:07:08
111.42.66.4	attack	Unauthorized connection attempt detected from IP address 111.42.66.4 to port 2323 [T]	2020-01-09 04:19:51
111.42.66.52	attack	Unauthorized connection attempt detected from IP address 111.42.66.52 to port 8080 [T]	2020-01-07 01:22:03
111.42.66.45	attackspambots	Unauthorized connection attempt detected from IP address 111.42.66.45 to port 8080 [T]	2020-01-07 00:45:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.42.66.178
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34937
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.42.66.178.			IN	A

;; AUTHORITY SECTION:
.			154	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121300 1800 900 604800 86400

;; Query time: 252 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 13 18:18:17 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 178.66.42.111.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 178.66.42.111.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
40.118.226.96	attack	2020-08-19T12:37:00.738504vps1033 sshd[8545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.118.226.96 2020-08-19T12:37:00.734206vps1033 sshd[8545]: Invalid user phion from 40.118.226.96 port 44100 2020-08-19T12:37:03.134925vps1033 sshd[8545]: Failed password for invalid user phion from 40.118.226.96 port 44100 ssh2 2020-08-19T12:40:21.570059vps1033 sshd[15794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.118.226.96 user=root 2020-08-19T12:40:23.893329vps1033 sshd[15794]: Failed password for root from 40.118.226.96 port 33368 ssh2 ...	2020-08-19 21:06:05
221.149.43.38	attack	2020-08-19T12:32:01.121161shield sshd\[30587\]: Invalid user pi from 221.149.43.38 port 42802 2020-08-19T12:32:01.323588shield sshd\[30587\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.149.43.38 2020-08-19T12:32:01.646988shield sshd\[30589\]: Invalid user pi from 221.149.43.38 port 42816 2020-08-19T12:32:01.845750shield sshd\[30589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.149.43.38 2020-08-19T12:32:03.339191shield sshd\[30587\]: Failed password for invalid user pi from 221.149.43.38 port 42802 ssh2	2020-08-19 20:56:16
46.165.245.154	attackspambots	report	2020-08-19 21:04:52
5.152.207.195	attack	Port Scan detected! ...	2020-08-19 21:09:22
129.82.138.44	attack	srv02 Mass scanning activity detected Target: - ..	2020-08-19 20:49:55
131.221.32.138	attack	Aug 19 19:27:01 webhost01 sshd[13359]: Failed password for root from 131.221.32.138 port 41716 ssh2 ...	2020-08-19 20:53:09
117.6.79.105	attackspambots	Unauthorized connection attempt from IP address 117.6.79.105 on Port 445(SMB)	2020-08-19 21:13:56
194.44.243.186	attackspambots	Dovecot Invalid User Login Attempt.	2020-08-19 21:18:58
90.112.42.41	attackbots	Hacking	2020-08-19 21:04:37
37.1.204.92	attack	$f2bV_matches	2020-08-19 21:00:21
111.72.193.52	attackbots	Aug 19 14:31:04 srv01 postfix/smtpd\[7554\]: warning: unknown\[111.72.193.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 19 14:31:18 srv01 postfix/smtpd\[7554\]: warning: unknown\[111.72.193.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 19 14:31:32 srv01 postfix/smtpd\[7554\]: warning: unknown\[111.72.193.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 19 14:31:50 srv01 postfix/smtpd\[7554\]: warning: unknown\[111.72.193.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 19 14:32:04 srv01 postfix/smtpd\[7554\]: warning: unknown\[111.72.193.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-19 20:55:12
103.205.180.188	attackspam	2020-08-19T07:41:05.845469dreamphreak.com sshd[106955]: Invalid user workshop from 103.205.180.188 port 57204 2020-08-19T07:41:08.214824dreamphreak.com sshd[106955]: Failed password for invalid user workshop from 103.205.180.188 port 57204 ssh2 ...	2020-08-19 21:20:29
81.68.111.134	attackspambots	Aug 19 15:45:01 journals sshd\[38923\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.111.134 user=root Aug 19 15:45:03 journals sshd\[38923\]: Failed password for root from 81.68.111.134 port 57822 ssh2 Aug 19 15:48:24 journals sshd\[39335\]: Invalid user share from 81.68.111.134 Aug 19 15:48:24 journals sshd\[39335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.111.134 Aug 19 15:48:25 journals sshd\[39335\]: Failed password for invalid user share from 81.68.111.134 port 39094 ssh2 ...	2020-08-19 20:57:28
183.82.121.34	attackbots	prod8 ...	2020-08-19 20:43:32
51.210.181.54	attackspambots	Lines containing failures of 51.210.181.54 Aug 18 11:44:11 kmh-wsh-001-nbg03 sshd[25346]: Invalid user carlos from 51.210.181.54 port 55566 Aug 18 11:44:11 kmh-wsh-001-nbg03 sshd[25346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.210.181.54 Aug 18 11:44:14 kmh-wsh-001-nbg03 sshd[25346]: Failed password for invalid user carlos from 51.210.181.54 port 55566 ssh2 Aug 18 11:44:15 kmh-wsh-001-nbg03 sshd[25346]: Received disconnect from 51.210.181.54 port 55566:11: Bye Bye [preauth] Aug 18 11:44:15 kmh-wsh-001-nbg03 sshd[25346]: Disconnected from invalid user carlos 51.210.181.54 port 55566 [preauth] Aug 18 11:50:30 kmh-wsh-001-nbg03 sshd[25958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.210.181.54 user=r.r Aug 18 11:50:33 kmh-wsh-001-nbg03 sshd[25958]: Failed password for r.r from 51.210.181.54 port 59292 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=51.210.1	2020-08-19 20:55:55

最近上报的IP列表

191.251.115.251	212.234.196.186	109.137.62.106	127.199.29.215
189.81.178.137	113.172.105.127	6.165.65.116	52.61.5.195
244.218.30.187	56.249.224.124	45.116.233.28	28.43.227.25
102.185.233.119	45.55.128.109	122.154.225.205	202.131.238.138
119.92.228.238	124.79.219.209	94.123.56.239	113.68.61.132