113.117.66.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
113.117.66.183	attack	2020-02-25T00:21:18.326700 X postfix/smtpd[5329]: lost connection after AUTH from unknown[113.117.66.183] 2020-02-25T00:21:19.557020 X postfix/smtpd[5329]: lost connection after AUTH from unknown[113.117.66.183] 2020-02-25T00:21:20.425802 X postfix/smtpd[5329]: lost connection after AUTH from unknown[113.117.66.183]	2020-02-25 12:03:47

类型

评论内容

时间

113.117.66.183

attack

2020-02-25T00:21:18.326700 X postfix/smtpd[5329]: lost connection after AUTH from unknown[113.117.66.183]
2020-02-25T00:21:19.557020 X postfix/smtpd[5329]: lost connection after AUTH from unknown[113.117.66.183]
2020-02-25T00:21:20.425802 X postfix/smtpd[5329]: lost connection after AUTH from unknown[113.117.66.183]

2020-02-25 12:03:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.117.66.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17945
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;113.117.66.80.			IN	A

;; AUTHORITY SECTION:
.			489	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030200 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 02 21:49:57 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

Host 80.66.117.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.66.117.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
31.215.253.237	attack	Sql/code injection probe	2020-10-07 03:47:28
61.52.97.168	attackspam	DATE:2020-10-05 22:34:07, IP:61.52.97.168, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-07 03:49:31
86.86.41.22	attackspam	TCP (SYN) 86.86.41.22:35788 -> port 22, len 44	2020-10-07 04:11:57
123.132.237.18	attackspambots	Oct 6 14:39:48 * sshd[15822]: Failed password for root from 123.132.237.18 port 59974 ssh2	2020-10-07 04:14:10
190.104.235.8	attackbotsspam	2020-10-06T11:32:54.482808abusebot.cloudsearch.cf sshd[334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.104.235.8 user=root 2020-10-06T11:32:57.219991abusebot.cloudsearch.cf sshd[334]: Failed password for root from 190.104.235.8 port 45693 ssh2 2020-10-06T11:36:02.852635abusebot.cloudsearch.cf sshd[370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.104.235.8 user=root 2020-10-06T11:36:04.731569abusebot.cloudsearch.cf sshd[370]: Failed password for root from 190.104.235.8 port 38990 ssh2 2020-10-06T11:39:08.589014abusebot.cloudsearch.cf sshd[392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.104.235.8 user=root 2020-10-06T11:39:10.336718abusebot.cloudsearch.cf sshd[392]: Failed password for root from 190.104.235.8 port 60520 ssh2 2020-10-06T11:42:10.763123abusebot.cloudsearch.cf sshd[426]: pam_unix(sshd:auth): authentication failure; logname= ...	2020-10-07 03:46:19
186.209.135.88	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 186.209.135.88 (BR/Brazil/135.209.186.88-rev.tcheturbo.net.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-10-05 17:32:48 dovecot_login authenticator failed for (RECEPCAO) [186.209.135.88]:62416: 535 Incorrect authentication data (set_id=financeiro@radiochiru.com.br) 2020-10-05 17:33:15 dovecot_login authenticator failed for (RECEPCAO) [186.209.135.88]:62416: 535 Incorrect authentication data (set_id=financeiro@radiochiru.com.br) 2020-10-05 17:34:30 dovecot_login authenticator failed for (RECEPCAO) [186.209.135.88]:62433: 535 Incorrect authentication data (set_id=financeiro@radiochiru.com.br) 2020-10-05 17:34:37 dovecot_login authenticator failed for (RECEPCAO) [186.209.135.88]:62433: 535 Incorrect authentication data (set_id=financeiro@radiochiru.com.br) 2020-10-05 17:36:45 dovecot_login authenticator failed for (RECEPCAO) [186.209.135.88]:62449: 535 Incorrect authentication data (set_id=financeiro@radiochiru.com.br)	2020-10-07 03:51:39
50.62.177.189	attack	50.62.177.189 - - [05/Oct/2020:22:36:15 +0200] "POST /xmlrpc.php HTTP/2.0" 403 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 50.62.177.189 - - [05/Oct/2020:22:36:15 +0200] "POST /xmlrpc.php HTTP/2.0" 403 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" ...	2020-10-07 04:10:42
47.185.80.183	attack	Oct 6 17:35:02 extapp sshd[11617]: Invalid user admin from 47.185.80.183 Oct 6 17:35:04 extapp sshd[11617]: Failed password for invalid user admin from 47.185.80.183 port 36981 ssh2 Oct 6 17:35:05 extapp sshd[11773]: Invalid user admin from 47.185.80.183 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=47.185.80.183	2020-10-07 04:23:42
65.32.157.145	attackspam	Unauthorised access (Oct 6) SRC=65.32.157.145 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=26264 TCP DPT=8080 WINDOW=16926 SYN Unauthorised access (Oct 6) SRC=65.32.157.145 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=42131 TCP DPT=8080 WINDOW=16926 SYN Unauthorised access (Oct 5) SRC=65.32.157.145 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=9363 TCP DPT=8080 WINDOW=43434 SYN Unauthorised access (Oct 5) SRC=65.32.157.145 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=1747 TCP DPT=8080 WINDOW=64873 SYN Unauthorised access (Oct 5) SRC=65.32.157.145 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=52022 TCP DPT=8080 WINDOW=64516 SYN Unauthorised access (Oct 4) SRC=65.32.157.145 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=47797 TCP DPT=8080 WINDOW=64516 SYN Unauthorised access (Oct 4) SRC=65.32.157.145 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=26980 TCP DPT=8080 WINDOW=64451 SYN	2020-10-07 04:19:54
128.199.101.113	attackspambots	repeated SSH login attempts	2020-10-07 03:58:44
98.142.141.46	attackspambots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-05T20:36:50Z	2020-10-07 03:49:13
139.198.191.86	attack	139.198.191.86 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 6 13:14:13 server2 sshd[32428]: Failed password for root from 118.97.213.194 port 55010 ssh2 Oct 6 13:14:18 server2 sshd[32675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.191.86 user=root Oct 6 13:13:27 server2 sshd[31863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.146.59.157 user=root Oct 6 13:13:29 server2 sshd[31863]: Failed password for root from 195.146.59.157 port 35064 ssh2 Oct 6 13:14:11 server2 sshd[32428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.213.194 user=root Oct 6 13:13:22 server2 sshd[31810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.41.113 user=root IP Addresses Blocked: 118.97.213.194 (ID/Indonesia/-)	2020-10-07 03:53:27
181.189.144.206	attackspambots	Invalid user dd from 181.189.144.206 port 55972	2020-10-07 04:15:55
122.51.155.140	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-07 04:08:35
165.22.33.32	attackbotsspam	(sshd) Failed SSH login from 165.22.33.32 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 6 10:24:58 optimus sshd[8490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.33.32 user=root Oct 6 10:24:59 optimus sshd[8490]: Failed password for root from 165.22.33.32 port 55738 ssh2 Oct 6 10:28:34 optimus sshd[9573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.33.32 user=root Oct 6 10:28:36 optimus sshd[9573]: Failed password for root from 165.22.33.32 port 33456 ssh2 Oct 6 10:32:18 optimus sshd[10796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.33.32 user=root	2020-10-07 04:01:30

最近上报的IP列表

113.117.66.78	113.117.66.97	113.117.67.100	113.117.67.104
113.117.67.111	113.117.67.115	113.117.67.156	113.117.67.166
113.117.67.175	113.117.67.18	113.117.67.189	113.117.67.2
113.117.67.22	113.117.67.28	113.117.67.32	113.117.67.44
113.117.67.57	113.117.67.64	113.117.67.7	113.117.67.81