180.70.138.57 - IPInfo

基本信息:

城市(city): Yongin-si

省份(region): Gyeonggi-do

国家(country): South Korea

运营商(isp): SK Broadband Co Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	54068/udp 54068/udp 54068/udp... [2020-06-22]6pkt,1pt.(udp)	2020-06-23 07:06:33

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.70.138.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33277
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.70.138.57.			IN	A

;; AUTHORITY SECTION:
.			501	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062202 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 23 07:06:30 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 57.138.70.180.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 57.138.70.180.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
95.15.154.166	attackbotsspam	Oct 12 15:46:20 node1 sshd[17571]: reveeclipse mapping checking getaddrinfo for 95.15.154.166.dynamic.ttnet.com.tr [95.15.154.166] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 12 15:46:20 node1 sshd[17571]: Disconnecting: Too many authentication failures for r.r from 95.15.154.166 port 37776 ssh2 [preauth] Oct 12 15:46:24 node1 sshd[17578]: reveeclipse mapping checking getaddrinfo for 95.15.154.166.dynamic.ttnet.com.tr [95.15.154.166] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 12 15:46:25 node1 sshd[17578]: Disconnecting: Too many authentication failures for r.r from 95.15.154.166 port 37781 ssh2 [preauth] Oct 12 15:46:28 node1 sshd[17584]: reveeclipse mapping checking getaddrinfo for 95.15.154.166.dynamic.ttnet.com.tr [95.15.154.166] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 12 15:46:28 node1 sshd[17584]: Received disconnect from 95.15.154.166: 11: disconnected by user [preauth] Oct 12 15:46:32 node1 sshd[17589]: reveeclipse mapping checking getaddrinfo for 95.15.154.166.dynamic........ -------------------------------	2019-10-13 05:02:05
49.88.112.72	attackspam	Oct 12 23:01:00 sauna sshd[139977]: Failed password for root from 49.88.112.72 port 29694 ssh2 ...	2019-10-13 05:16:31
31.210.211.114	attackbots	2019-10-12T20:30:50.535683abusebot.cloudsearch.cf sshd\[30341\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.210.211.114 user=root	2019-10-13 04:42:09
51.38.236.221	attackspam	Oct 12 15:53:46 apollo sshd\[32436\]: Failed password for root from 51.38.236.221 port 51282 ssh2Oct 12 16:03:17 apollo sshd\[32465\]: Failed password for root from 51.38.236.221 port 33450 ssh2Oct 12 16:07:47 apollo sshd\[32478\]: Failed password for root from 51.38.236.221 port 44528 ssh2 ...	2019-10-13 04:47:14
177.133.42.89	attack	Oct 12 10:30:01 localhost postfix/smtpd[32174]: disconnect from unknown[177.133.42.89] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 12 10:32:18 localhost postfix/smtpd[804]: disconnect from unknown[177.133.42.89] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 12 10:49:04 localhost postfix/smtpd[5406]: disconnect from unknown[177.133.42.89] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 12 10:56:53 localhost postfix/smtpd[7742]: lost connection after EHLO from unknown[177.133.42.89] Oct 12 11:00:08 localhost postfix/smtpd[7073]: servereout after CONNECT from unknown[177.133.42.89] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.133.42.89	2019-10-13 05:09:48
192.42.116.28	attack	Oct 12 01:45:32 * sshd[25246]: Failed password for invalid user hxhtadmin from 192.42.116.28 port 60366 ssh2 Oct 12 01:45:37 * sshd[25248]: Failed password for invalid user hxhtftp from 192.42.116.28 port 33410 ssh2 Oct 12 01:45:39 * sshd[25248]: Failed password for invalid user hxhtftp from 192.42.116.28 port 33410 ssh2 Oct 12 01:45:42 * sshd[25248]: Failed password for invalid user hxhtftp from 192.42.116.28 port 33410 ssh2	2019-10-13 04:57:38
195.211.101.86	attack	[portscan] Port scan	2019-10-13 04:42:32
83.219.136.196	attackbotsspam	Oct 12 15:51:49 tamoto postfix/smtpd[4334]: connect from cgn-pool-83-219-136-196.tis-dialog.ru[83.219.136.196] Oct 12 15:51:50 tamoto postfix/smtpd[4334]: warning: cgn-pool-83-219-136-196.tis-dialog.ru[83.219.136.196]: SASL CRAM-MD5 authentication failed: authentication failure Oct 12 15:51:50 tamoto postfix/smtpd[4334]: lost connection after AUTH from cgn-pool-83-219-136-196.tis-dialog.ru[83.219.136.196] Oct 12 15:51:50 tamoto postfix/smtpd[4334]: disconnect from cgn-pool-83-219-136-196.tis-dialog.ru[83.219.136.196] Oct 12 15:51:51 tamoto postfix/smtpd[4334]: connect from cgn-pool-83-219-136-196.tis-dialog.ru[83.219.136.196] Oct 12 15:51:51 tamoto postfix/smtpd[4334]: warning: cgn-pool-83-219-136-196.tis-dialog.ru[83.219.136.196]: SASL CRAM-MD5 authentication failed: authentication failure Oct 12 15:51:51 tamoto postfix/smtpd[4334]: lost connection after AUTH from cgn-pool-83-219-136-196.tis-dialog.ru[83.219.136.196] Oct 12 15:51:51 tamoto postfix/smtpd[4334]: disconne........ -------------------------------	2019-10-13 05:14:59
65.19.174.248	attackspambots	SMB Server BruteForce Attack	2019-10-13 05:01:24
159.203.216.157	attackbots	Oct 12 23:42:36 www sshd\[159629\]: Invalid user P4SS!@\# from 159.203.216.157 Oct 12 23:42:36 www sshd\[159629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.216.157 Oct 12 23:42:38 www sshd\[159629\]: Failed password for invalid user P4SS!@\# from 159.203.216.157 port 50942 ssh2 ...	2019-10-13 04:48:57
80.88.90.86	attack	Oct 12 10:25:08 php1 sshd\[25659\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.88.90.86 user=root Oct 12 10:25:11 php1 sshd\[25659\]: Failed password for root from 80.88.90.86 port 36374 ssh2 Oct 12 10:29:27 php1 sshd\[26042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.88.90.86 user=root Oct 12 10:29:28 php1 sshd\[26042\]: Failed password for root from 80.88.90.86 port 49004 ssh2 Oct 12 10:33:43 php1 sshd\[26567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.88.90.86 user=root	2019-10-13 05:13:52
186.103.197.99	attackbots	Port 1433 Scan	2019-10-13 04:56:04
41.202.66.3	attackspam	$f2bV_matches	2019-10-13 04:50:20
218.75.132.59	attackbots	Oct 12 10:30:03 plusreed sshd[6533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.132.59 user=root Oct 12 10:30:05 plusreed sshd[6533]: Failed password for root from 218.75.132.59 port 53463 ssh2 ...	2019-10-13 05:16:42
167.71.80.120	attackbotsspam	167.71.80.120 - - [12/Oct/2019:16:07:09 +0200] "POST /wp-login.php HTTP/1.1" 200 2111 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.80.120 - - [12/Oct/2019:16:07:15 +0200] "POST /wp-login.php HTTP/1.1" 200 2092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-13 05:03:59

最近上报的IP列表

174.56.244.119	109.242.93.187	83.115.191.185	182.211.35.197
162.82.193.74	177.96.211.253	41.146.228.135	50.4.175.39
179.146.112.143	177.144.119.186	74.86.75.56	49.229.250.247
161.162.20.222	94.132.150.175	83.184.177.64	106.91.195.159
122.160.29.232	148.101.223.117	76.89.170.20	109.156.223.91