220.67.70.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea, Republic of

运营商(isp): Information and Communications University

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Dec 27 07:23:23 [munged] sshd[19302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.67.70.6	2019-12-27 20:05:26

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.67.70.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17538
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.67.70.6.			IN	A

;; AUTHORITY SECTION:
.			373	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122700 1800 900 604800 86400

;; Query time: 305 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 27 20:05:18 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 6.70.67.220.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 6.70.67.220.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
185.66.213.64	attack	Sep 11 20:32:55 auw2 sshd\[28833\]: Invalid user proxyuser from 185.66.213.64 Sep 11 20:32:55 auw2 sshd\[28833\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.66.213.64 Sep 11 20:32:56 auw2 sshd\[28833\]: Failed password for invalid user proxyuser from 185.66.213.64 port 45144 ssh2 Sep 11 20:38:59 auw2 sshd\[29342\]: Invalid user 1 from 185.66.213.64 Sep 11 20:38:59 auw2 sshd\[29342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.66.213.64	2019-09-12 14:51:35
121.166.187.237	attack	Sep 12 07:49:05 microserver sshd[49490]: Invalid user ts3server from 121.166.187.237 port 60448 Sep 12 07:49:05 microserver sshd[49490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.166.187.237 Sep 12 07:49:06 microserver sshd[49490]: Failed password for invalid user ts3server from 121.166.187.237 port 60448 ssh2 Sep 12 07:55:43 microserver sshd[50661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.166.187.237 user=root Sep 12 07:55:45 microserver sshd[50661]: Failed password for root from 121.166.187.237 port 37866 ssh2 Sep 12 08:08:59 microserver sshd[52315]: Invalid user ftpuser from 121.166.187.237 port 34584 Sep 12 08:08:59 microserver sshd[52315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.166.187.237 Sep 12 08:09:01 microserver sshd[52315]: Failed password for invalid user ftpuser from 121.166.187.237 port 34584 ssh2 Sep 12 08:15:43 microserver sshd[53493]: Inva	2019-09-12 15:27:11
130.61.72.90	attack	Sep 11 20:32:17 web1 sshd\[9177\]: Invalid user odoo from 130.61.72.90 Sep 11 20:32:17 web1 sshd\[9177\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.72.90 Sep 11 20:32:19 web1 sshd\[9177\]: Failed password for invalid user odoo from 130.61.72.90 port 59688 ssh2 Sep 11 20:38:19 web1 sshd\[9686\]: Invalid user user from 130.61.72.90 Sep 11 20:38:19 web1 sshd\[9686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.72.90	2019-09-12 14:52:14
94.188.24.50	attack	2019-09-12T04:41:02.558460abusebot-8.cloudsearch.cf sshd\[4044\]: Invalid user user1 from 94.188.24.50 port 46850	2019-09-12 15:10:41
202.186.245.130	attackspambots	Unauthorised access (Sep 12) SRC=202.186.245.130 LEN=44 TTL=246 ID=8388 TCP DPT=445 WINDOW=1024 SYN	2019-09-12 15:07:11
203.106.166.45	attackspambots	Sep 12 03:56:07 MK-Soft-VM7 sshd\[1855\]: Invalid user nagiospass from 203.106.166.45 port 36009 Sep 12 03:56:07 MK-Soft-VM7 sshd\[1855\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.106.166.45 Sep 12 03:56:09 MK-Soft-VM7 sshd\[1855\]: Failed password for invalid user nagiospass from 203.106.166.45 port 36009 ssh2 ...	2019-09-12 14:58:15
50.239.143.100	attackbotsspam	Sep 12 01:17:25 ws12vmsma01 sshd[65258]: Invalid user user1 from 50.239.143.100 Sep 12 01:17:27 ws12vmsma01 sshd[65258]: Failed password for invalid user user1 from 50.239.143.100 port 33694 ssh2 Sep 12 01:23:02 ws12vmsma01 sshd[777]: Invalid user arma3server from 50.239.143.100 ...	2019-09-12 15:15:28
222.186.52.124	attack	2019-09-12T08:55:31.564402centos sshd\[28269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.124 user=root 2019-09-12T08:55:33.244785centos sshd\[28269\]: Failed password for root from 222.186.52.124 port 23526 ssh2 2019-09-12T08:55:35.803509centos sshd\[28269\]: Failed password for root from 222.186.52.124 port 23526 ssh2	2019-09-12 15:12:01
179.217.182.149	attackspambots	DATE:2019-09-12 05:56:02, IP:179.217.182.149, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-09-12 15:09:09
223.15.156.38	attack	CN - 1H : (300) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 223.15.156.38 CIDR : 223.15.128.0/18 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 WYKRYTE ATAKI Z ASN4134 : 1H - 12 3H - 21 6H - 29 12H - 47 24H - 72 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-12 15:36:27
167.71.223.191	attackbots	Sep 12 02:47:56 vps200512 sshd\[25313\]: Invalid user 123 from 167.71.223.191 Sep 12 02:47:56 vps200512 sshd\[25313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.223.191 Sep 12 02:47:58 vps200512 sshd\[25313\]: Failed password for invalid user 123 from 167.71.223.191 port 57388 ssh2 Sep 12 02:57:14 vps200512 sshd\[25519\]: Invalid user qwe123!@\# from 167.71.223.191 Sep 12 02:57:14 vps200512 sshd\[25519\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.223.191	2019-09-12 14:58:48
187.174.191.154	attack	Sep 11 05:16:30 sanyalnet-awsem3-1 sshd[31010]: Connection from 187.174.191.154 port 55398 on 172.30.0.184 port 22 Sep 11 05:16:31 sanyalnet-awsem3-1 sshd[31010]: reveeclipse mapping checking getaddrinfo for customer-187-174-191-154.uninet-ide.com.mx [187.174.191.154] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 11 05:16:31 sanyalnet-awsem3-1 sshd[31010]: Invalid user insserver from 187.174.191.154 Sep 11 05:16:31 sanyalnet-awsem3-1 sshd[31010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.191.154 Sep 11 05:16:33 sanyalnet-awsem3-1 sshd[31010]: Failed password for invalid user insserver from 187.174.191.154 port 55398 ssh2 Sep 11 05:16:33 sanyalnet-awsem3-1 sshd[31010]: Received disconnect from 187.174.191.154: 11: Bye Bye [preauth] Sep 11 05:26:42 sanyalnet-awsem3-1 sshd[31407]: Connection from 187.174.191.154 port 43192 on 172.30.0.184 port 22 Sep 11 05:26:43 sanyalnet-awsem3-1 sshd[31407]: reveeclipse mapping checking ge........ -------------------------------	2019-09-12 15:06:03
218.98.26.165	attackbotsspam	2019-09-12T07:34:17.910425abusebot-4.cloudsearch.cf sshd\[29341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.165 user=root	2019-09-12 15:39:59
218.206.132.194	attackspambots	Sep 12 03:45:59 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=218.206.132.194, lip=10.140.194.78, TLS, session=<0rJq+VKSgwDazoTC> Sep 12 03:54:24 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=218.206.132.194, lip=10.140.194.78, TLS, session= Sep 12 03:55:47 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 8 secs): user=, method=PLAIN, rip=218.206.132.194, lip=10.140.194.78, TLS: Disconnected, session=	2019-09-12 15:25:30
182.219.172.224	attackspam	Sep 12 09:01:04 markkoudstaal sshd[19034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.219.172.224 Sep 12 09:01:07 markkoudstaal sshd[19034]: Failed password for invalid user 1234 from 182.219.172.224 port 53490 ssh2 Sep 12 09:08:51 markkoudstaal sshd[19723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.219.172.224	2019-09-12 15:18:41

最近上报的IP列表

1.194.238.187	190.207.70.135	123.115.144.213	195.244.210.25
195.244.209.112	13.82.228.223	125.72.120.105	14.236.127.207
110.17.3.54	113.170.104.102	178.220.112.185	136.233.20.197
210.96.47.245	39.37.163.197	190.61.45.234	111.192.80.246
4.212.235.62	195.170.23.210	140.207.180.41	122.5.99.195