211.112.66.29 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea (Republic of)

运营商(isp): Namincheon Brodcasting Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Hits on port : 26	2020-03-27 17:04:34

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.112.66.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56325
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.112.66.29.			IN	A

;; AUTHORITY SECTION:
.			370	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032700 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 27 17:04:31 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 29.66.112.211.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 29.66.112.211.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
183.230.248.227	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-20 22:16:30
122.51.134.25	attack	Sep 20 14:10:23 h1745522 sshd[25522]: Invalid user ubuntu from 122.51.134.25 port 59558 Sep 20 14:10:23 h1745522 sshd[25522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.134.25 Sep 20 14:10:23 h1745522 sshd[25522]: Invalid user ubuntu from 122.51.134.25 port 59558 Sep 20 14:10:25 h1745522 sshd[25522]: Failed password for invalid user ubuntu from 122.51.134.25 port 59558 ssh2 Sep 20 14:14:54 h1745522 sshd[25748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.134.25 user=root Sep 20 14:14:55 h1745522 sshd[25748]: Failed password for root from 122.51.134.25 port 33866 ssh2 Sep 20 14:19:35 h1745522 sshd[25961]: Invalid user admin from 122.51.134.25 port 36400 Sep 20 14:19:35 h1745522 sshd[25961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.134.25 Sep 20 14:19:35 h1745522 sshd[25961]: Invalid user admin from 122.51.134.25 port 36400 Sep 20 1 ...	2020-09-20 22:10:24
164.90.204.250	attack	prod8 ...	2020-09-20 21:50:52
206.189.87.108	attackbotsspam	(sshd) Failed SSH login from 206.189.87.108 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 03:56:20 server2 sshd[10881]: Invalid user esadmin from 206.189.87.108 Sep 20 03:56:20 server2 sshd[10881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.87.108 Sep 20 03:56:22 server2 sshd[10881]: Failed password for invalid user esadmin from 206.189.87.108 port 35454 ssh2 Sep 20 04:01:06 server2 sshd[15568]: Invalid user user01 from 206.189.87.108 Sep 20 04:01:06 server2 sshd[15568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.87.108	2020-09-20 21:39:57
159.65.228.105	attack	159.65.228.105 - - [20/Sep/2020:10:42:08 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.228.105 - - [20/Sep/2020:10:42:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.228.105 - - [20/Sep/2020:10:42:09 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-20 21:42:36
187.5.85.203	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-20 21:48:02
134.122.79.190	attack	DATE:2020-09-19 19:02:13, IP:134.122.79.190, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-09-20 21:52:09
185.220.102.242	attack	2020-09-19 UTC: (21x) - root(21x)	2020-09-20 21:48:33
122.117.156.141	attackspam	TCP (SYN) 122.117.156.141:43698 -> port 23, len 44	2020-09-20 22:01:02
78.100.6.36	attackbotsspam	Sep 20 13:49:23 ip-172-31-16-56 sshd\[21550\]: Invalid user student from 78.100.6.36\ Sep 20 13:49:26 ip-172-31-16-56 sshd\[21550\]: Failed password for invalid user student from 78.100.6.36 port 38286 ssh2\ Sep 20 13:53:49 ip-172-31-16-56 sshd\[21573\]: Failed password for root from 78.100.6.36 port 48120 ssh2\ Sep 20 13:58:09 ip-172-31-16-56 sshd\[21636\]: Invalid user nagios from 78.100.6.36\ Sep 20 13:58:11 ip-172-31-16-56 sshd\[21636\]: Failed password for invalid user nagios from 78.100.6.36 port 57956 ssh2\	2020-09-20 22:17:23
159.20.100.35	attackbots	SSH/22 MH Probe, BF, Hack -	2020-09-20 22:00:38
54.37.82.150	attackbots	54.37.82.150 - - [20/Sep/2020:13:14:48 +0000] "POST /wp-login.php HTTP/1.1" 200 2075 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 54.37.82.150 - - [20/Sep/2020:13:14:49 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 54.37.82.150 - - [20/Sep/2020:13:14:51 +0000] "POST /wp-login.php HTTP/1.1" 200 2049 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 54.37.82.150 - - [20/Sep/2020:13:14:53 +0000] "POST /wp-login.php HTTP/1.1" 200 2049 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 54.37.82.150 - - [20/Sep/2020:13:14:54 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-09-20 22:02:18
84.38.129.149	attack	Sep 20 12:58:24 raspberrypi sshd[22874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.38.129.149 Sep 20 12:58:26 raspberrypi sshd[22874]: Failed password for invalid user pi from 84.38.129.149 port 60056 ssh2 ...	2020-09-20 22:16:52
159.89.2.220	attackbots	xmlrpc attack	2020-09-20 21:55:06
58.230.147.230	attack	Sep 20 11:58:07 fhem-rasp sshd[25820]: Failed password for root from 58.230.147.230 port 39578 ssh2 Sep 20 11:58:09 fhem-rasp sshd[25820]: Disconnected from authenticating user root 58.230.147.230 port 39578 [preauth] ...	2020-09-20 21:48:59

最近上报的IP列表

192.241.238.97	171.247.9.76	46.4.44.8	2.59.146.22
103.12.162.189	119.237.78.118	207.66.27.17	139.209.147.241
163.121.146.140	217.134.108.43	229.99.56.114	213.136.73.44
245.83.170.231	98.199.19.19	95.121.102.43	237.184.160.138
197.135.225.97	16.198.190.60	192.241.237.127	192.241.234.142