27.66.221.30 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.66.221.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20843
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;27.66.221.30.			IN	A

;; AUTHORITY SECTION:
.			271	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 19:33:06 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

30.221.66.27.in-addr.arpa domain name pointer localhost.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
30.221.66.27.in-addr.arpa	name = localhost.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
206.189.183.152	attack	C1,WP GET /chicken-house/wp-login.php	2020-10-05 03:56:32
51.158.111.168	attackbotsspam	Oct 4 20:58:32 Ubuntu-1404-trusty-64-minimal sshd\[32319\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.111.168 user=root Oct 4 20:58:34 Ubuntu-1404-trusty-64-minimal sshd\[32319\]: Failed password for root from 51.158.111.168 port 49978 ssh2 Oct 4 21:02:03 Ubuntu-1404-trusty-64-minimal sshd\[7135\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.111.168 user=root Oct 4 21:02:04 Ubuntu-1404-trusty-64-minimal sshd\[7135\]: Failed password for root from 51.158.111.168 port 52216 ssh2 Oct 4 21:04:55 Ubuntu-1404-trusty-64-minimal sshd\[9284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.111.168 user=root	2020-10-05 04:11:52
122.51.31.171	attackbots	5x Failed Password	2020-10-05 04:19:22
2.88.83.74	attackbotsspam	Wordpress File Manager Plugin Remote Code Execution Vulnerability, PTR: PTR record not found	2020-10-05 03:47:51
193.169.254.38	attack	2020-10-04T13:39:23Z - RDP login failed multiple times. (193.169.254.38)	2020-10-05 04:00:58
187.189.93.17	attackspambots	Wordpress File Manager Plugin Remote Code Execution Vulnerability, PTR: fixed-187-189-93-17.totalplay.net.	2020-10-05 04:09:44
185.202.1.106	attackbotsspam	Repeated RDP login failures. Last user: Administrator	2020-10-05 03:57:59
163.172.251.159	attackspam	masters-of-media.de 163.172.251.159 [04/Oct/2020:10:48:35 +0200] "POST /wp-login.php HTTP/1.1" 200 6823 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" masters-of-media.de 163.172.251.159 [04/Oct/2020:10:48:36 +0200] "POST /wp-login.php HTTP/1.1" 200 6782 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-05 04:03:36
104.248.123.197	attack	Sep 30 08:32:58 roki-contabo sshd\[2298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.123.197 user=root Sep 30 08:33:00 roki-contabo sshd\[2298\]: Failed password for root from 104.248.123.197 port 47318 ssh2 Sep 30 08:42:37 roki-contabo sshd\[2394\]: Invalid user ian from 104.248.123.197 Sep 30 08:42:37 roki-contabo sshd\[2394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.123.197 Sep 30 08:42:39 roki-contabo sshd\[2394\]: Failed password for invalid user ian from 104.248.123.197 port 56104 ssh2 ...	2020-10-05 04:10:54
49.234.213.237	attack	Oct 4 13:20:55 IngegnereFirenze sshd[16865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.213.237 user=root ...	2020-10-05 04:05:58
134.175.28.62	attackbotsspam	2020-10-04T21:25:22.987439mail.broermann.family sshd[17617]: Failed password for root from 134.175.28.62 port 37326 ssh2 2020-10-04T21:30:47.694918mail.broermann.family sshd[18080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.28.62 user=root 2020-10-04T21:30:49.305397mail.broermann.family sshd[18080]: Failed password for root from 134.175.28.62 port 38766 ssh2 2020-10-04T21:36:12.864545mail.broermann.family sshd[18549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.28.62 user=root 2020-10-04T21:36:15.092331mail.broermann.family sshd[18549]: Failed password for root from 134.175.28.62 port 40204 ssh2 ...	2020-10-05 04:15:10
51.83.97.44	attackspambots	Oct 4 17:15:52 dev0-dcde-rnet sshd[384]: Failed password for root from 51.83.97.44 port 44418 ssh2 Oct 4 17:19:49 dev0-dcde-rnet sshd[559]: Failed password for root from 51.83.97.44 port 51536 ssh2	2020-10-05 03:52:39
172.104.108.109	attack	srvr1: (mod_security) mod_security (id:920350) triggered by 172.104.108.109 (US/-/scan-92.security.ipip.net): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/04 19:47:33 [error] 246777#0: 198802 [client 172.104.108.109] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160183365376.869714"] [ref "o0,13v21,13"], client: 172.104.108.109, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-10-05 03:53:39
198.211.126.138	attackspambots	Oct 4 20:07:28 gospond sshd[31192]: Failed password for root from 198.211.126.138 port 57438 ssh2 Oct 4 20:07:26 gospond sshd[31192]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.126.138 user=root Oct 4 20:07:28 gospond sshd[31192]: Failed password for root from 198.211.126.138 port 57438 ssh2 ...	2020-10-05 04:18:50
109.129.124.128	attack	scanner	2020-10-05 04:08:08

最近上报的IP列表

213.55.95.201	13.92.122.227	23.224.186.185	113.53.17.25
39.79.85.216	185.146.59.28	103.101.104.218	217.29.218.81
38.18.58.68	129.21.150.1	103.242.166.5	45.172.108.42
101.32.178.221	58.187.66.218	81.3.157.106	170.51.8.150
211.141.32.89	187.117.162.126	36.148.86.232	118.168.131.117