218.148.55.72 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea, Republic of

运营商(isp): KT Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Unauthorized connection attempt detected from IP address 218.148.55.72 to port 3389 [J]	2020-01-19 17:37:51

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.148.55.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7561
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;218.148.55.72.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011900 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 19 17:37:47 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 72.55.148.218.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.55.148.218.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
149.56.23.154	attackbots	Invalid user user from 149.56.23.154 port 60064	2019-09-26 13:29:39
62.7.90.34	attack	Sep 25 19:17:08 tdfoods sshd\[26531\]: Invalid user cmd from 62.7.90.34 Sep 25 19:17:08 tdfoods sshd\[26531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.7.90.34 Sep 25 19:17:10 tdfoods sshd\[26531\]: Failed password for invalid user cmd from 62.7.90.34 port 56414 ssh2 Sep 25 19:21:37 tdfoods sshd\[26876\]: Invalid user ftp1 from 62.7.90.34 Sep 25 19:21:37 tdfoods sshd\[26876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.7.90.34	2019-09-26 13:26:32
111.75.149.221	attack	Sep 26 05:53:42 andromeda postfix/smtpd\[31859\]: warning: unknown\[111.75.149.221\]: SASL LOGIN authentication failed: authentication failure Sep 26 05:53:46 andromeda postfix/smtpd\[23797\]: warning: unknown\[111.75.149.221\]: SASL LOGIN authentication failed: authentication failure Sep 26 05:53:50 andromeda postfix/smtpd\[38305\]: warning: unknown\[111.75.149.221\]: SASL LOGIN authentication failed: authentication failure Sep 26 05:53:58 andromeda postfix/smtpd\[31859\]: warning: unknown\[111.75.149.221\]: SASL LOGIN authentication failed: authentication failure Sep 26 05:54:03 andromeda postfix/smtpd\[38305\]: warning: unknown\[111.75.149.221\]: SASL LOGIN authentication failed: authentication failure	2019-09-26 14:13:22
23.129.64.206	attackbotsspam	Sep 26 05:30:24 thevastnessof sshd[26279]: Failed password for root from 23.129.64.206 port 43361 ssh2 ...	2019-09-26 14:03:23
52.172.44.97	attackspam	Sep 26 07:18:36 vps691689 sshd[7254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.44.97 Sep 26 07:18:37 vps691689 sshd[7254]: Failed password for invalid user 123 from 52.172.44.97 port 42180 ssh2 Sep 26 07:23:23 vps691689 sshd[7302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.44.97 ...	2019-09-26 13:40:11
114.93.135.221	attack	Tried to logon to my synology	2019-09-26 14:09:20
77.247.181.162	attack	Sep 26 05:15:20 thevastnessof sshd[25920]: Failed password for root from 77.247.181.162 port 43270 ssh2 ...	2019-09-26 13:54:26
176.119.24.141	attack	Automatic report - Banned IP Access	2019-09-26 14:08:49
54.37.71.235	attackbotsspam	Sep 25 19:40:09 web9 sshd\[9221\]: Invalid user varmas from 54.37.71.235 Sep 25 19:40:09 web9 sshd\[9221\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.71.235 Sep 25 19:40:11 web9 sshd\[9221\]: Failed password for invalid user varmas from 54.37.71.235 port 41400 ssh2 Sep 25 19:45:24 web9 sshd\[10156\]: Invalid user siva from 54.37.71.235 Sep 25 19:45:24 web9 sshd\[10156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.71.235	2019-09-26 13:51:05
222.186.175.202	attack	Sep 26 07:50:32 MK-Soft-VM7 sshd[13704]: Failed password for root from 222.186.175.202 port 39312 ssh2 Sep 26 07:50:37 MK-Soft-VM7 sshd[13704]: Failed password for root from 222.186.175.202 port 39312 ssh2 ...	2019-09-26 13:52:53
27.109.156.24	attackspambots	Forbidden directory scan :: 2019/09/26 13:54:12 [error] 1103#1103: *294806 access forbidden by rule, client: 27.109.156.24, server: [censored_4], request: "GET //lazyfoodreviews.sql HTTP/1.1", host: "[censored_4]:443"	2019-09-26 14:07:02
37.49.224.137	attackspambots	Port Scan detected from 37.49.224.137 (NL/Netherlands/-). 4 hits in the last 256 seconds	2019-09-26 13:46:30
222.186.175.217	attackbotsspam	Sep 26 07:50:18 dcd-gentoo sshd[25805]: User root from 222.186.175.217 not allowed because none of user's groups are listed in AllowGroups Sep 26 07:50:22 dcd-gentoo sshd[25805]: error: PAM: Authentication failure for illegal user root from 222.186.175.217 Sep 26 07:50:18 dcd-gentoo sshd[25805]: User root from 222.186.175.217 not allowed because none of user's groups are listed in AllowGroups Sep 26 07:50:22 dcd-gentoo sshd[25805]: error: PAM: Authentication failure for illegal user root from 222.186.175.217 Sep 26 07:50:18 dcd-gentoo sshd[25805]: User root from 222.186.175.217 not allowed because none of user's groups are listed in AllowGroups Sep 26 07:50:22 dcd-gentoo sshd[25805]: error: PAM: Authentication failure for illegal user root from 222.186.175.217 Sep 26 07:50:22 dcd-gentoo sshd[25805]: Failed keyboard-interactive/pam for invalid user root from 222.186.175.217 port 21888 ssh2 ...	2019-09-26 14:08:18
117.52.14.19	attackspambots	Port Scan detected from 117.52.14.19 (KR/South Korea/-). 4 hits in the last 95 seconds	2019-09-26 13:49:00
222.186.175.6	attack	Sep 26 08:15:55 dcd-gentoo sshd[27377]: User root from 222.186.175.6 not allowed because none of user's groups are listed in AllowGroups Sep 26 08:15:59 dcd-gentoo sshd[27377]: error: PAM: Authentication failure for illegal user root from 222.186.175.6 Sep 26 08:15:55 dcd-gentoo sshd[27377]: User root from 222.186.175.6 not allowed because none of user's groups are listed in AllowGroups Sep 26 08:15:59 dcd-gentoo sshd[27377]: error: PAM: Authentication failure for illegal user root from 222.186.175.6 Sep 26 08:15:55 dcd-gentoo sshd[27377]: User root from 222.186.175.6 not allowed because none of user's groups are listed in AllowGroups Sep 26 08:15:59 dcd-gentoo sshd[27377]: error: PAM: Authentication failure for illegal user root from 222.186.175.6 Sep 26 08:15:59 dcd-gentoo sshd[27377]: Failed keyboard-interactive/pam for invalid user root from 222.186.175.6 port 20934 ssh2 ...	2019-09-26 14:20:25

最近上报的IP列表

128.0.204.148	123.20.146.103	116.49.115.143	115.76.28.187
202.195.103.47	106.13.237.44	102.112.22.97	91.185.12.92
90.189.170.118	88.250.115.204	85.186.38.177	84.214.65.149
79.166.0.109	76.70.93.42	74.63.192.130	72.17.22.78
62.90.49.157	2.167.147.10	60.168.96.182	60.49.38.34