111.42.66.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Mobile Communications Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 111.42.66.52 to port 8080 [T]	2020-01-07 01:22:03

相同子网IP讨论:

IP	类型	评论内容	时间
111.42.66.27	attack	Unauthorized connection attempt detected from IP address 111.42.66.27 to port 8080	2020-05-31 03:43:33
111.42.66.150	attackbotsspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-05-21 03:30:06
111.42.66.48	attackbots	Unauthorized connection attempt detected from IP address 111.42.66.48 to port 8080 [T]	2020-05-09 18:54:19
111.42.66.143	attackbots	WEB Remote Command Execution via Shell Script -1.a	2020-05-09 07:20:47
111.42.66.43	attackbots	Automatic report - Port Scan Attack	2020-05-08 07:03:12
111.42.66.48	attackspam	Unauthorised access (May 6) SRC=111.42.66.48 LEN=60 TOS=0x04 TTL=52 ID=27433 DF TCP DPT=8080 WINDOW=5840 SYN	2020-05-07 01:18:13
111.42.66.162	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-04-12 21:54:06
111.42.66.151	attackspam	111.42.66.151 - - \[21/Feb/2020:05:56:51 +0100\] "POST /HNAP1/ HTTP/1.0" 301 551 "-" "-"	2020-02-21 14:49:02
111.42.66.45	attackspambots	unauthorized connection attempt	2020-02-16 19:18:24
111.42.66.31	attackspambots	Automatic report - Port Scan Attack	2020-01-30 21:38:03
111.42.66.36	attackspambots	Unauthorized connection attempt detected from IP address 111.42.66.36 to port 23 [J]	2020-01-29 03:41:57
111.42.66.178	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-15 02:36:42
111.42.66.16	attack	unauthorized connection attempt	2020-01-12 20:07:08
111.42.66.4	attack	Unauthorized connection attempt detected from IP address 111.42.66.4 to port 2323 [T]	2020-01-09 04:19:51
111.42.66.45	attackspambots	Unauthorized connection attempt detected from IP address 111.42.66.45 to port 8080 [T]	2020-01-07 00:45:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.42.66.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38362
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.42.66.52.			IN	A

;; AUTHORITY SECTION:
.			562	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010601 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 07 01:21:57 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 52.66.42.111.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 52.66.42.111.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
106.13.1.63	attackspam	Aug 18 12:06:50 web9 sshd\[15779\]: Invalid user ravi from 106.13.1.63 Aug 18 12:06:50 web9 sshd\[15779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.63 Aug 18 12:06:53 web9 sshd\[15779\]: Failed password for invalid user ravi from 106.13.1.63 port 11433 ssh2 Aug 18 12:11:52 web9 sshd\[16732\]: Invalid user come from 106.13.1.63 Aug 18 12:11:52 web9 sshd\[16732\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.63	2019-08-19 06:22:14
212.129.53.177	attackspambots	Aug 18 11:59:28 auw2 sshd\[32213\]: Invalid user marcin from 212.129.53.177 Aug 18 11:59:28 auw2 sshd\[32213\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=es17.homesyspro.com Aug 18 11:59:30 auw2 sshd\[32213\]: Failed password for invalid user marcin from 212.129.53.177 port 28539 ssh2 Aug 18 12:03:57 auw2 sshd\[321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=es17.homesyspro.com user=root Aug 18 12:04:00 auw2 sshd\[321\]: Failed password for root from 212.129.53.177 port 51599 ssh2	2019-08-19 06:05:28
101.227.90.169	attack	Aug 18 23:58:07 dedicated sshd[27613]: Invalid user ks from 101.227.90.169 port 54164	2019-08-19 06:10:20
18.216.42.122	attackbots	Aug 19 00:07:34 * sshd[23058]: Failed password for root from 18.216.42.122 port 55074 ssh2 Aug 19 00:11:47 * sshd[23635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.216.42.122	2019-08-19 06:28:45
217.182.165.158	attackbots	Aug 18 12:07:59 tdfoods sshd\[9757\]: Invalid user benoit from 217.182.165.158 Aug 18 12:07:59 tdfoods sshd\[9757\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3074474.ip-217-182-165.eu Aug 18 12:08:00 tdfoods sshd\[9757\]: Failed password for invalid user benoit from 217.182.165.158 port 45184 ssh2 Aug 18 12:11:51 tdfoods sshd\[10224\]: Invalid user ed from 217.182.165.158 Aug 18 12:11:51 tdfoods sshd\[10224\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3074474.ip-217-182-165.eu	2019-08-19 06:23:57
183.61.164.115	attack	Aug 19 05:12:17 webhost01 sshd[29825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.61.164.115 Aug 19 05:12:19 webhost01 sshd[29825]: Failed password for invalid user epmeneze from 183.61.164.115 port 9949 ssh2 ...	2019-08-19 06:21:45
54.36.163.70	attack	Aug 19 00:05:49 root sshd[18615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.163.70 Aug 19 00:05:51 root sshd[18615]: Failed password for invalid user lois from 54.36.163.70 port 40158 ssh2 Aug 19 00:17:26 root sshd[18777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.163.70 ...	2019-08-19 06:27:06
77.49.125.155	attackspambots	[18/Aug/2019:14:55:53 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"	2019-08-19 06:06:31
106.12.205.132	attack	Aug 19 00:11:40 amit sshd\[19085\]: Invalid user uftp from 106.12.205.132 Aug 19 00:11:41 amit sshd\[19085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.205.132 Aug 19 00:11:42 amit sshd\[19085\]: Failed password for invalid user uftp from 106.12.205.132 port 50380 ssh2 ...	2019-08-19 06:30:13
106.12.54.93	attackspam	Aug 18 23:51:25 mout sshd[21204]: Invalid user jose from 106.12.54.93 port 45318	2019-08-19 05:51:42
190.0.159.69	attackbots	Aug 18 18:22:52 xtremcommunity sshd\[7603\]: Invalid user joomla from 190.0.159.69 port 58186 Aug 18 18:22:52 xtremcommunity sshd\[7603\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.0.159.69 Aug 18 18:22:54 xtremcommunity sshd\[7603\]: Failed password for invalid user joomla from 190.0.159.69 port 58186 ssh2 Aug 18 18:28:39 xtremcommunity sshd\[7793\]: Invalid user carlos from 190.0.159.69 port 53217 Aug 18 18:28:39 xtremcommunity sshd\[7793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.0.159.69 ...	2019-08-19 06:32:43
200.165.49.202	attackspam	Aug 18 10:56:57 vps200512 sshd\[557\]: Invalid user steam from 200.165.49.202 Aug 18 10:56:57 vps200512 sshd\[557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.49.202 Aug 18 10:56:59 vps200512 sshd\[557\]: Failed password for invalid user steam from 200.165.49.202 port 43106 ssh2 Aug 18 11:02:20 vps200512 sshd\[663\]: Invalid user bd from 200.165.49.202 Aug 18 11:02:20 vps200512 sshd\[663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.49.202	2019-08-19 06:04:23
163.172.192.210	attackspambots	\[2019-08-18 13:49:43\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-18T13:49:43.654-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.192.210/58655",ACLName="no_extension_match" \[2019-08-18 13:53:35\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-18T13:53:35.508-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.192.210/58929",ACLName="no_extension_match" \[2019-08-18 13:57:20\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-18T13:57:20.083-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="333011972592277524",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.192.210/60709",ACLName="no_extension_match" ...	2019-08-19 05:52:20
173.212.209.142	attack	SSH Brute-Force reported by Fail2Ban	2019-08-19 06:19:38
159.65.191.184	attackbots	Aug 18 22:23:17 hb sshd\[16071\]: Invalid user testing from 159.65.191.184 Aug 18 22:23:17 hb sshd\[16071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.191.184 Aug 18 22:23:19 hb sshd\[16071\]: Failed password for invalid user testing from 159.65.191.184 port 40300 ssh2 Aug 18 22:27:23 hb sshd\[16458\]: Invalid user harrison from 159.65.191.184 Aug 18 22:27:23 hb sshd\[16458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.191.184	2019-08-19 06:33:09

最近上报的IP列表

223.97.23.208	220.248.113.26	202.111.13.98	182.155.227.141
182.148.242.16	157.47.202.195	123.179.15.107	122.254.53.92
121.254.66.145	119.96.133.212	91.105.138.20	77.42.120.227
58.20.30.49	49.159.200.5	49.75.0.177	47.92.117.252
46.153.46.36	42.119.214.86	42.117.213.15	42.115.46.254