218.196.234.166

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.196.234.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16800
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;218.196.234.166.		IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021601 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 05:27:28 CST 2025
;; MSG SIZE  rcvd: 108

HOST信息:

Host 166.234.196.218.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

server can't find 218.196.234.166.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
200.199.114.226	attack	proto=tcp . spt=49197 . dpt=25 . (listed on Blocklist de Jul 07) (10)	2019-07-08 08:07:00
85.122.83.105	attack	85.122.83.105 - - \[08/Jul/2019:01:12:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 2110 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 85.122.83.105 - - \[08/Jul/2019:01:12:11 +0200\] "POST /wp-login.php HTTP/1.1" 200 2096 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-07-08 08:32:18
118.24.90.122	attack	Jul 7 19:10:00 plusreed sshd[5810]: Invalid user dev from 118.24.90.122 Jul 7 19:10:00 plusreed sshd[5810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.90.122 Jul 7 19:10:00 plusreed sshd[5810]: Invalid user dev from 118.24.90.122 Jul 7 19:10:02 plusreed sshd[5810]: Failed password for invalid user dev from 118.24.90.122 port 2853 ssh2 Jul 7 19:13:02 plusreed sshd[7171]: Invalid user bkpuser from 118.24.90.122 ...	2019-07-08 08:15:54
191.53.250.184	attackspam	Currently 7 failed/unauthorized logins attempts via SMTP/IMAP whostnameh 5 different usernames and wrong password: 2019-07-05T13:38:28+02:00 x@x 2019-07-05T13:32:15+02:00 x@x 2019-06-29T20:45:47+02:00 x@x 2019-06-26T02:58:22+02:00 x@x 2019-06-25T21:01:08+02:00 x@x 2019-06-23T22:00:00+02:00 x@x 2019-06-23T17:19:04+02:00 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=191.53.250.184	2019-07-08 08:03:34
139.59.56.121	attack	Jul 8 01:11:46 ArkNodeAT sshd\[7253\]: Invalid user carol from 139.59.56.121 Jul 8 01:11:46 ArkNodeAT sshd\[7253\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.56.121 Jul 8 01:11:47 ArkNodeAT sshd\[7253\]: Failed password for invalid user carol from 139.59.56.121 port 40872 ssh2	2019-07-08 08:34:53
59.133.41.183	attackspambots	Jul 3 04:13:32 srv01 sshd[23209]: Failed password for r.r from 59.133.41.183 port 59738 ssh2 Jul 3 04:13:37 srv01 sshd[23209]: Failed password for r.r from 59.133.41.183 port 59738 ssh2 Jul 3 04:13:42 srv01 sshd[23209]: Failed password for r.r from 59.133.41.183 port 59738 ssh2 Jul 3 04:13:47 srv01 sshd[23209]: Failed password for r.r from 59.133.41.183 port 59738 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=59.133.41.183	2019-07-08 07:53:22
58.233.121.253	attackbotsspam	Jul 4 13:40:21 mxgate1 postfix/postscreen[8023]: CONNECT from [58.233.121.253]:58628 to [176.31.12.44]:25 Jul 4 13:40:21 mxgate1 postfix/dnsblog[8026]: addr 58.233.121.253 listed by domain zen.spamhaus.org as 127.0.0.11 Jul 4 13:40:21 mxgate1 postfix/dnsblog[8026]: addr 58.233.121.253 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 4 13:40:21 mxgate1 postfix/dnsblog[8026]: addr 58.233.121.253 listed by domain zen.spamhaus.org as 127.0.0.3 Jul 4 13:40:21 mxgate1 postfix/dnsblog[8024]: addr 58.233.121.253 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 4 13:40:21 mxgate1 postfix/dnsblog[8027]: addr 58.233.121.253 listed by domain bl.spamcop.net as 127.0.0.2 Jul 4 13:40:21 mxgate1 postfix/dnsblog[8028]: addr 58.233.121.253 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jul 4 13:40:21 mxgate1 postfix/dnsblog[8025]: addr 58.233.121.253 listed by domain b.barracudacentral.org as 127.0.0.2 Jul 4 13:40:27 mxgate1 postfix/postscreen[8023]: DNSBL rank 6 for [58.2........ -------------------------------	2019-07-08 08:24:10
157.55.39.63	attack	Automatic report - Web App Attack	2019-07-08 08:04:09
49.66.133.191	attack	Jul 3 13:38:13 riskplan-s sshd[2175]: Invalid user gentry from 49.66.133.191 Jul 3 13:38:13 riskplan-s sshd[2175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.66.133.191 Jul 3 13:38:14 riskplan-s sshd[2175]: Failed password for invalid user gentry from 49.66.133.191 port 25349 ssh2 Jul 3 13:38:15 riskplan-s sshd[2175]: Received disconnect from 49.66.133.191: 11: Bye Bye [preauth] Jul 3 13:41:18 riskplan-s sshd[2382]: Invalid user cloud from 49.66.133.191 Jul 3 13:41:18 riskplan-s sshd[2382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.66.133.191 Jul 3 13:41:19 riskplan-s sshd[2382]: Failed password for invalid user cloud from 49.66.133.191 port 24855 ssh2 Jul 3 13:41:20 riskplan-s sshd[2382]: Received disconnect from 49.66.133.191: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.66.133.191	2019-07-08 08:11:44
35.247.216.228	attack	Jun 25 15:46:31 localhost postfix/smtpd[13915]: disconnect from 228.216.247.35.bc.googleusercontent.com[35.247.216.228] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Jun 26 01:08:49 localhost postfix/smtpd[4311]: disconnect from 228.216.247.35.bc.googleusercontent.com[35.247.216.228] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Jun 26 01:35:32 localhost postfix/smtpd[25772]: disconnect from 228.216.247.35.bc.googleusercontent.com[35.247.216.228] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Jun 26 01:57:58 localhost postfix/smtpd[14259]: disconnect from 228.216.247.35.bc.googleusercontent.com[35.247.216.228] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Jun 26 02:21:23 localhost postfix/smtpd[3096]: disconnect from 228.216.247.35.bc.googleusercontent.com[35.247.216.228] ehlo=1 auth=0/1 quhostname=1 commands=2/3 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=35.247.216.228	2019-07-08 08:08:02
182.119.153.213	attackspam	Jul 1 06:37:41 v22017014165242733 sshd[20524]: reveeclipse mapping checking getaddrinfo for hn.kd.ny.adsl [182.119.153.213] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 1 06:37:41 v22017014165242733 sshd[20524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.119.153.213 user=r.r Jul 1 06:37:42 v22017014165242733 sshd[20524]: Failed password for r.r from 182.119.153.213 port 52003 ssh2 Jul 1 06:37:47 v22017014165242733 sshd[20524]: Failed password for r.r from 182.119.153.213 port 52003 ssh2 Jul 1 06:37:52 v22017014165242733 sshd[20524]: Failed password for r.r from 182.119.153.213 port 52003 ssh2 Jul 1 06:37:57 v22017014165242733 sshd[20524]: Failed password for r.r from 182.119.153.213 port 52003 ssh2 Jul 1 06:38:03 v22017014165242733 sshd[20524]: Failed password for r.r from 182.119.153.213 port 52003 ssh2 Jul 1 06:38:09 v22017014165242733 sshd[20524]: Failed password for r.r from 182.119.153.213 port 52003 ssh2 Jul 1 ........ -------------------------------	2019-07-08 08:28:48
88.138.112.63	attackbotsspam	Jul 2 14:39:13 admin05 sshd[6805]: Invalid user pi from 88.138.112.63 port 42232 Jul 2 14:39:13 admin05 sshd[6803]: Invalid user pi from 88.138.112.63 port 42228 Jul 2 14:39:14 admin05 sshd[6805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.138.112.63 Jul 2 14:39:14 admin05 sshd[6803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.138.112.63 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=88.138.112.63	2019-07-08 08:34:18
82.135.30.41	attackbots	Many RDP login attempts detected by IDS script	2019-07-08 08:09:30
41.71.102.26	attackspambots	Unauthorised access (Jul 8) SRC=41.71.102.26 LEN=52 TTL=117 ID=9765 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-08 08:10:18
134.209.35.83	attackspambots	22/tcp [2019-07-07]1pkt	2019-07-08 08:23:39

最近上报的IP列表

191.172.99.104	215.110.214.3	6.226.102.149	238.53.199.254
59.195.43.227	171.47.12.187	79.233.178.129	204.194.138.195
81.58.68.240	221.72.180.85	104.210.138.23	211.24.49.106
168.215.75.110	27.252.117.180	128.1.124.104	121.116.29.48
225.190.163.164	165.38.223.21	126.221.90.19	178.136.148.211