166.52.206.114

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 166.52.206.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46760
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;166.52.206.114.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031000 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 10 13:23:34 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

b'Host 114.206.52.166.in-addr.arpa not found: 2(SERVFAIL)
'

NSLOOKUP信息:

server can't find 166.52.206.114.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
172.104.108.109	attack	srvr1: (mod_security) mod_security (id:920350) triggered by 172.104.108.109 (US/-/scan-92.security.ipip.net): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/04 19:47:33 [error] 246777#0: 198802 [client 172.104.108.109] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160183365376.869714"] [ref "o0,13v21,13"], client: 172.104.108.109, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-10-05 03:53:39
198.211.126.138	attackspambots	Oct 4 20:07:28 gospond sshd[31192]: Failed password for root from 198.211.126.138 port 57438 ssh2 Oct 4 20:07:26 gospond sshd[31192]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.126.138 user=root Oct 4 20:07:28 gospond sshd[31192]: Failed password for root from 198.211.126.138 port 57438 ssh2 ...	2020-10-05 04:18:50
179.7.192.198	attackspambots	Oct 3 22:25:23 nxxxxxxx sshd[25970]: refused connect from 179.7.192.198 (17= 9.7.192.198) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=179.7.192.198	2020-10-05 04:25:14
5.202.179.40	attackbots	Icarus honeypot on github	2020-10-05 04:06:46
14.183.81.150	attack	Wordpress File Manager Plugin Remote Code Execution Vulnerability, PTR: static.vnpt.vn.	2020-10-05 04:19:34
49.232.102.194	attackspam	1601757296 - 10/04/2020 03:34:56 Host: 49.232.102.194/49.232.102.194 Port: 6379 TCP Blocked ...	2020-10-05 04:04:37
190.75.134.29	attack	1601757303 - 10/03/2020 22:35:03 Host: 190.75.134.29/190.75.134.29 Port: 445 TCP Blocked ...	2020-10-05 03:57:11
85.209.0.102	attackbotsspam	Oct 4 17:15:29 vps46666688 sshd[26117]: Failed password for root from 85.209.0.102 port 38158 ssh2 ...	2020-10-05 04:17:00
163.172.251.159	attackspam	masters-of-media.de 163.172.251.159 [04/Oct/2020:10:48:35 +0200] "POST /wp-login.php HTTP/1.1" 200 6823 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" masters-of-media.de 163.172.251.159 [04/Oct/2020:10:48:36 +0200] "POST /wp-login.php HTTP/1.1" 200 6782 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-05 04:03:36
179.7.224.77	attack	Wordpress File Manager Plugin Remote Code Execution Vulnerability, PTR: PTR record not found	2020-10-05 03:58:29
195.54.161.31	attack	Repeated RDP login failures. Last user: SERVER01	2020-10-05 03:56:49
45.129.33.46	attackbotsspam	Oct 4 21:10:57 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=45.129.33.46 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=17783 PROTO=TCP SPT=51908 DPT=64914 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 4 21:11:19 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=45.129.33.46 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=15796 PROTO=TCP SPT=51908 DPT=9650 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 4 21:13:50 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=45.129.33.46 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=31345 PROTO=TCP SPT=51908 DPT=31099 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 4 21:14:58 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=45.129.33.46 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=61213 PROTO=TCP SPT=51908 DPT=63970 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 4 21:17:52 hidden kernel: [ ...	2020-10-05 04:14:47
193.27.228.151	attackbots	RDP Brute-Force (honeypot 13)	2020-10-05 04:01:26
217.138.221.92	attack	Repeated RDP login failures. Last user: Test	2020-10-05 04:00:03
218.92.0.133	attack	Oct 4 20:50:03 mavik sshd[24241]: Failed password for root from 218.92.0.133 port 27832 ssh2 Oct 4 20:50:06 mavik sshd[24241]: Failed password for root from 218.92.0.133 port 27832 ssh2 Oct 4 20:50:10 mavik sshd[24241]: Failed password for root from 218.92.0.133 port 27832 ssh2 Oct 4 20:50:13 mavik sshd[24241]: Failed password for root from 218.92.0.133 port 27832 ssh2 Oct 4 20:50:16 mavik sshd[24241]: Failed password for root from 218.92.0.133 port 27832 ssh2 ...	2020-10-05 03:50:35

最近上报的IP列表

125.107.139.64	125.107.14.110	125.107.14.136	125.107.14.175
125.107.14.180	125.107.14.204	125.107.152.109	125.107.173.240
125.107.175.114	73.116.126.245	125.107.183.177	125.107.184.160
125.107.184.169	125.107.184.177	125.107.184.194	159.157.195.224
125.107.184.21	125.107.184.213	125.107.184.218	121.11.54.215