166.252.40.67 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 166.252.40.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59094
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;166.252.40.67.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022201 1800 900 604800 86400

;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 23 02:07:57 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

67.40.252.166.in-addr.arpa domain name pointer 67.sub-166-252-40.myvzw.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
67.40.252.166.in-addr.arpa	name = 67.sub-166-252-40.myvzw.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
107.132.88.42	attackspambots	...	2020-08-06 23:39:07
112.85.42.188	attackbotsspam	08/06/2020-11:59:41.347219 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-08-07 00:00:11
162.62.26.113	attackbotsspam	[Thu Aug 06 14:34:33 2020] - DDoS Attack From IP: 162.62.26.113 Port: 54096	2020-08-06 23:41:47
183.109.124.137	attack	...	2020-08-06 23:36:03
58.16.145.208	attackspam	(sshd) Failed SSH login from 58.16.145.208 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 6 16:08:15 s1 sshd[30355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.16.145.208 user=root Aug 6 16:08:17 s1 sshd[30355]: Failed password for root from 58.16.145.208 port 40294 ssh2 Aug 6 16:20:17 s1 sshd[30839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.16.145.208 user=root Aug 6 16:20:19 s1 sshd[30839]: Failed password for root from 58.16.145.208 port 56802 ssh2 Aug 6 16:24:29 s1 sshd[30922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.16.145.208 user=root	2020-08-06 23:44:21
218.36.86.40	attackbots	Aug 6 05:24:49 s158375 sshd[10927]: Failed password for root from 218.36.86.40 port 47990 ssh2	2020-08-06 23:33:55
51.158.21.162	attack	WordPress wp-login brute force :: 51.158.21.162 0.068 BYPASS [06/Aug/2020:13:25:15 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2003 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-06 23:15:35
31.13.115.7	attackspambots	[Thu Aug 06 20:25:04.020163 2020] [:error] [pid 20419:tid 139707921213184] [client 31.13.115.7:39632] [client 31.13.115.7] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-categories/553-klimatologi/prakiraan-klimatologi/peringatan-dini/peringatan-dini-kekeringan/peringatan-dini-kekeringan-di-propinsi-jawa-timur/555558196-peringatan-dini-kekeringan-meteorologis-di-provinsi-jawa-timur-pemutakhiran-data-hingga-31-juli-202 ...	2020-08-06 23:18:09
110.78.23.220	attack	Aug 6 03:20:36 web9 sshd\[10418\]: Invalid user qazqaz from 110.78.23.220 Aug 6 03:20:36 web9 sshd\[10418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.78.23.220 Aug 6 03:20:38 web9 sshd\[10418\]: Failed password for invalid user qazqaz from 110.78.23.220 port 64486 ssh2 Aug 6 03:24:31 web9 sshd\[10923\]: Invalid user zp123456 from 110.78.23.220 Aug 6 03:24:31 web9 sshd\[10923\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.78.23.220	2020-08-06 23:43:55
119.45.5.237	attackbots	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-06 23:30:04
36.74.115.106	attackspambots	Automatic report - Port Scan Attack	2020-08-06 23:17:19
114.227.24.233	attack	(mod_security) mod_security (id:920350) triggered by 114.227.24.233 (CN/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/06 13:24:57 [error] 13432#0: 81890 [client 114.227.24.233] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' (Value: `46.249.37.137' ) [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/phpmyadmin/"] [unique_id "159672029722.057472"] [ref "o0,13v155,13"], client: 114.227.24.233, [redacted] request: "GET /phpmyadmin/ HTTP/1.1" [redacted]	2020-08-06 23:23:36
31.192.63.210	attackbots	Attempts against non-existent wp-login	2020-08-06 23:50:56
49.235.35.133	attack	SSH invalid-user multiple login try	2020-08-06 23:27:39
45.187.152.19	attack	Aug 6 16:56:03 ip106 sshd[13316]: Failed password for root from 45.187.152.19 port 55848 ssh2 ...	2020-08-06 23:43:23

最近上报的IP列表

250.236.121.223	20.153.62.86	8.227.149.24	91.175.107.165
225.37.37.60	9.18.197.47	71.144.188.90	140.40.117.26
74.28.143.233	21.163.30.217	186.26.211.75	225.137.251.38
188.98.197.45	172.69.169.41	210.143.193.232	240.158.197.108
211.74.208.252	220.220.228.53	174.16.130.74	136.73.235.12