118.40.108.70 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea (the Republic of)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 118.40.108.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30662
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;118.40.108.70.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021800 1800 900 604800 86400

;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 23:21:28 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

Host 70.108.40.118.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.108.40.118.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
75.50.59.234	attackbots	2019-09-23T17:14:28.9387391495-001 sshd\[19215\]: Invalid user com from 75.50.59.234 port 35214 2019-09-23T17:14:28.9460181495-001 sshd\[19215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.50.59.234 2019-09-23T17:14:30.4587371495-001 sshd\[19215\]: Failed password for invalid user com from 75.50.59.234 port 35214 ssh2 2019-09-23T17:18:26.6308631495-001 sshd\[19506\]: Invalid user ftp0 from 75.50.59.234 port 49664 2019-09-23T17:18:26.6339921495-001 sshd\[19506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.50.59.234 2019-09-23T17:18:28.1517141495-001 sshd\[19506\]: Failed password for invalid user ftp0 from 75.50.59.234 port 49664 ssh2 ...	2019-09-24 05:30:20
79.136.57.191	attackbots	port scan and connect, tcp 22 (ssh)	2019-09-24 05:36:47
18.200.94.89	attackspam	NOTE - Blacklisted phishing redirect spam link s.free.fr = 212.27.60.108; consistent malicious redirect; aggregate spam volume up to 15/day. Phishing redirect links in common with Google Group plmhuryuergsdjkhfreyfghjsdk.icu using s.free.fr and with bulk Timeweb link *.ddnsking.com = 176.57.208.216. Unsolicited bulk spam - a8-156.smtp-out.amazonses.com, Amazon - 54.240.8.156 Spam link s.free.fr = 212.27.60.108, Free SAS (ProXad) - malware - blacklisted – REPETITIVE REDIRECTS: - jujuloo.com = 212.28.86.254 BROADBAND-ARAXCOM (domain previously hosted on 5.32.174.22, Arax-Impex s.r.l. and 216.52.165.164, NAME.COM – UBE originating from ematketpremium.com) - pbmjx.superextremetrack.company = repeat IP 118.184.32.7 Shanghai Anchnet Network Technology - free.fr = 212.27.48.10 Free SAS (ProXad) Spam link esputnik.com = 18.200.94.89, 34.246.110.72 Amazon Sender domain blancetnoire.site = 185.98.131.45 Ligne Web Services EURL	2019-09-24 05:38:11
82.117.190.170	attack	Sep 23 23:35:22 vmd17057 sshd\[10333\]: Invalid user prime from 82.117.190.170 port 35736 Sep 23 23:35:22 vmd17057 sshd\[10333\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.117.190.170 Sep 23 23:35:25 vmd17057 sshd\[10333\]: Failed password for invalid user prime from 82.117.190.170 port 35736 ssh2 ...	2019-09-24 05:37:17
54.39.147.2	attackbots	Sep 23 23:11:41 vps647732 sshd[19104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.147.2 Sep 23 23:11:43 vps647732 sshd[19104]: Failed password for invalid user 123 from 54.39.147.2 port 34624 ssh2 ...	2019-09-24 05:33:11
34.246.110.72	attackspam	NOTE - Blacklisted phishing redirect spam link s.free.fr = 212.27.60.108; consistent malicious redirect; aggregate spam volume up to 15/day. Phishing redirect links in common with Google Group plmhuryuergsdjkhfreyfghjsdk.icu using s.free.fr and with bulk Timeweb link *.ddnsking.com = 176.57.208.216. Unsolicited bulk spam - a8-156.smtp-out.amazonses.com, Amazon - 54.240.8.156 Spam link s.free.fr = 212.27.60.108, Free SAS (ProXad) - malware - blacklisted – REPETITIVE REDIRECTS: - jujuloo.com = 212.28.86.254 BROADBAND-ARAXCOM (domain previously hosted on 5.32.174.22, Arax-Impex s.r.l. and 216.52.165.164, NAME.COM – UBE originating from ematketpremium.com) - pbmjx.superextremetrack.company = repeat IP 118.184.32.7 Shanghai Anchnet Network Technology - free.fr = 212.27.48.10 Free SAS (ProXad) Spam link esputnik.com = 18.200.94.89, 34.246.110.72 Amazon Sender domain blancetnoire.site = 185.98.131.45 Ligne Web Services EURL	2019-09-24 05:27:24
119.207.126.21	attack	Sep 23 11:23:59 eddieflores sshd\[17819\]: Invalid user it from 119.207.126.21 Sep 23 11:23:59 eddieflores sshd\[17819\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.207.126.21 Sep 23 11:24:01 eddieflores sshd\[17819\]: Failed password for invalid user it from 119.207.126.21 port 37570 ssh2 Sep 23 11:28:17 eddieflores sshd\[18163\]: Invalid user p from 119.207.126.21 Sep 23 11:28:17 eddieflores sshd\[18163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.207.126.21	2019-09-24 05:37:50
222.186.175.183	attackspam	Sep 23 23:17:07 legacy sshd[3488]: Failed password for root from 222.186.175.183 port 56708 ssh2 Sep 23 23:17:24 legacy sshd[3488]: error: maximum authentication attempts exceeded for root from 222.186.175.183 port 56708 ssh2 [preauth] Sep 23 23:17:34 legacy sshd[3499]: Failed password for root from 222.186.175.183 port 58202 ssh2 ...	2019-09-24 05:18:24
111.19.162.80	attack	Sep 23 23:11:33 lnxmysql61 sshd[4239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.19.162.80 Sep 23 23:11:33 lnxmysql61 sshd[4239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.19.162.80	2019-09-24 05:39:34
13.58.186.252	attack	WordpressAttack	2019-09-24 05:13:58
83.48.77.4	attackspam	[Tue Sep 24 04:11:57.405523 2019] [:error] [pid 27996:tid 139658000312064] [client 83.48.77.4:34088] [client 83.48.77.4] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1075"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "XYk1HXEbL5xsyYG@6K-3hwAAAMU"] ...	2019-09-24 05:23:02
86.102.177.131	attackspam	Unauthorized connection attempt from IP address 86.102.177.131 on Port 445(SMB)	2019-09-24 05:12:20
196.218.152.2	attackspambots	34567/tcp 34567/tcp 9000/tcp [2019-08-25/09-23]3pkt	2019-09-24 05:34:44
183.134.199.68	attack	Sep 24 00:03:23 www2 sshd\[34401\]: Invalid user lclin from 183.134.199.68Sep 24 00:03:25 www2 sshd\[34401\]: Failed password for invalid user lclin from 183.134.199.68 port 42920 ssh2Sep 24 00:11:59 www2 sshd\[35488\]: Invalid user osmc from 183.134.199.68 ...	2019-09-24 05:22:29
5.39.92.187	attackbotsspam	09/23/2019-17:31:51.790652 5.39.92.187 Protocol: 6 ET COMPROMISED Known Compromised or Hostile Host Traffic group 32	2019-09-24 05:34:11

最近上报的IP列表

65.17.212.251	38.77.124.159	113.91.199.15	94.186.222.181
217.8.252.134	84.116.117.16	34.75.114.30	133.233.146.15
15.31.120.37	175.155.185.187	21.40.97.27	188.186.169.85
135.250.110.253	156.59.221.40	146.204.234.2	223.118.88.124
12.215.46.24	58.183.244.162	40.33.131.132	92.254.121.217