150.117.216.66

基本信息:

城市(city): Taipei

省份(region): Taipei City

国家(country): Taiwan, China

运营商(isp): Chief Telecom Inc.

主机名(hostname): unknown

机构(organization): Digidom CableTV Co., LTD.

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 20 12:05:43 [host] sshd[3115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.117.216.66 user=backup Aug 20 12:05:45 [host] sshd[3115]: Failed password for backup from 150.117.216.66 port 46532 ssh2 Aug 20 12:09:34 [host] sshd[3261]: Invalid user er from 150.117.216.66	2019-08-20 22:51:18
attack	Automatic report - Banned IP Access	2019-08-07 13:52:36

类型

评论内容

时间

attackspam

Aug 20 12:05:43 [host] sshd[3115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.117.216.66  user=backup
Aug 20 12:05:45 [host] sshd[3115]: Failed password for backup from 150.117.216.66 port 46532 ssh2
Aug 20 12:09:34 [host] sshd[3261]: Invalid user er from 150.117.216.66

2019-08-20 22:51:18

attack

Automatic report - Banned IP Access

2019-08-07 13:52:36

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 150.117.216.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62909
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;150.117.216.66.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 20:42:47 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 66.216.117.150.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 66.216.117.150.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
222.186.173.183	attack	Dec 4 01:25:49 auw2 sshd\[28562\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root Dec 4 01:25:51 auw2 sshd\[28562\]: Failed password for root from 222.186.173.183 port 15964 ssh2 Dec 4 01:26:01 auw2 sshd\[28562\]: Failed password for root from 222.186.173.183 port 15964 ssh2 Dec 4 01:26:05 auw2 sshd\[28562\]: Failed password for root from 222.186.173.183 port 15964 ssh2 Dec 4 01:26:08 auw2 sshd\[28612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root	2019-12-04 19:30:24
118.32.223.32	attackspam	Dec 4 12:20:50 v22018076622670303 sshd\[10493\]: Invalid user ghetta from 118.32.223.32 port 49666 Dec 4 12:20:50 v22018076622670303 sshd\[10493\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.32.223.32 Dec 4 12:20:52 v22018076622670303 sshd\[10493\]: Failed password for invalid user ghetta from 118.32.223.32 port 49666 ssh2 ...	2019-12-04 19:33:33
52.203.197.242	attack	Dec 2 20:01:16 sanyalnet-cloud-vps2 sshd[10046]: Connection from 52.203.197.242 port 39348 on 45.62.253.138 port 22 Dec 2 20:01:17 sanyalnet-cloud-vps2 sshd[10046]: Invalid user backup from 52.203.197.242 port 39348 Dec 2 20:01:17 sanyalnet-cloud-vps2 sshd[10046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-52-203-197-242.compute-1.amazonaws.com Dec 2 20:01:19 sanyalnet-cloud-vps2 sshd[10046]: Failed password for invalid user backup from 52.203.197.242 port 39348 ssh2 Dec 2 20:01:19 sanyalnet-cloud-vps2 sshd[10046]: Received disconnect from 52.203.197.242 port 39348:11: Bye Bye [preauth] Dec 2 20:01:19 sanyalnet-cloud-vps2 sshd[10046]: Disconnected from 52.203.197.242 port 39348 [preauth] Dec 2 20:01:19 sanyalnet-cloud-vps2 sshd[10046]: Received disconnect from 52.203.197.242 port 39348:11: Bye Bye [preauth] Dec 2 20:01:19 sanyalnet-cloud-vps2 sshd[10046]: Disconnected from 52.203.197.242 port 39348 [preauth] Dec ........ -------------------------------	2019-12-04 19:20:22
45.55.86.19	attackspam	Dec 4 12:15:23 lnxweb62 sshd[18061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.86.19 Dec 4 12:15:26 lnxweb62 sshd[18061]: Failed password for invalid user airy from 45.55.86.19 port 35969 ssh2 Dec 4 12:21:05 lnxweb62 sshd[21690]: Failed password for root from 45.55.86.19 port 41176 ssh2	2019-12-04 19:26:16
223.220.112.244	attack	FTP Brute Force	2019-12-04 19:22:00
167.71.186.48	attackbots	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2019-12-04 19:27:41
121.162.131.223	attack	Dec 3 23:18:54 web9 sshd\[3934\]: Invalid user cirros from 121.162.131.223 Dec 3 23:18:55 web9 sshd\[3934\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.162.131.223 Dec 3 23:18:56 web9 sshd\[3934\]: Failed password for invalid user cirros from 121.162.131.223 port 49220 ssh2 Dec 3 23:26:03 web9 sshd\[5262\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.162.131.223 user=root Dec 3 23:26:05 web9 sshd\[5262\]: Failed password for root from 121.162.131.223 port 54783 ssh2	2019-12-04 19:10:10
58.50.138.198	attack	FTP Brute Force	2019-12-04 19:15:54
129.204.38.136	attackbotsspam	Dec 4 11:35:34 vmanager6029 sshd\[4221\]: Invalid user QAZ!@\#321 from 129.204.38.136 port 53928 Dec 4 11:35:34 vmanager6029 sshd\[4221\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.38.136 Dec 4 11:35:36 vmanager6029 sshd\[4221\]: Failed password for invalid user QAZ!@\#321 from 129.204.38.136 port 53928 ssh2	2019-12-04 19:23:19
178.62.95.188	attack	WordPress wp-login brute force :: 178.62.95.188 0.148 - [04/Dec/2019:09:20:21 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1805 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2019-12-04 19:19:21
218.92.0.157	attack	Dec 4 12:16:40 v22018076622670303 sshd\[10459\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.157 user=root Dec 4 12:16:42 v22018076622670303 sshd\[10459\]: Failed password for root from 218.92.0.157 port 13737 ssh2 Dec 4 12:16:45 v22018076622670303 sshd\[10459\]: Failed password for root from 218.92.0.157 port 13737 ssh2 ...	2019-12-04 19:19:06
106.12.98.12	attack	$f2bV_matches	2019-12-04 19:35:54
80.217.36.40	attack	Unauthorised access (Dec 4) SRC=80.217.36.40 LEN=40 TTL=53 ID=18381 TCP DPT=23 WINDOW=20080 SYN	2019-12-04 19:18:44
195.69.222.71	attackbotsspam	Dec 4 13:20:47 sauna sshd[33319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.69.222.71 Dec 4 13:20:49 sauna sshd[33319]: Failed password for invalid user petro from 195.69.222.71 port 40762 ssh2 ...	2019-12-04 19:39:40
104.40.202.181	attackbotsspam	2019-12-04T11:57:06.509310 sshd[7726]: Invalid user himenes from 104.40.202.181 port 44112 2019-12-04T11:57:06.522857 sshd[7726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.40.202.181 2019-12-04T11:57:06.509310 sshd[7726]: Invalid user himenes from 104.40.202.181 port 44112 2019-12-04T11:57:08.311002 sshd[7726]: Failed password for invalid user himenes from 104.40.202.181 port 44112 ssh2 2019-12-04T12:20:58.986004 sshd[8242]: Invalid user home from 104.40.202.181 port 55292 ...	2019-12-04 19:32:10

最近上报的IP列表

102.102.37.142	94.29.87.224	113.141.67.211	59.124.153.91
92.239.209.178	2.228.39.100	167.99.15.245	113.161.238.52
54.38.33.73	49.206.3.108	182.73.209.206	202.137.123.158
187.8.84.141	197.50.135.69	209.85.166.41	103.206.112.104
103.29.160.204	96.64.7.59	84.2.62.48	103.205.134.220