66.42.29.145 - IPInfo

基本信息:

城市(city): Orlando

省份(region): Florida

国家(country): United States

运营商(isp): Telastic

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Telnet Server BruteForce Attack	2020-01-06 04:24:55

相同子网IP讨论:

IP	类型	评论内容	时间
66.42.29.248	attackbots	Unauthorized connection attempt detected from IP address 66.42.29.248 to port 23	2020-07-22 14:49:32
66.42.29.0	attack	Unauthorized connection attempt detected from IP address 66.42.29.0 to port 23	2020-06-29 02:45:21
66.42.29.82	attack	Unauthorized connection attempt detected from IP address 66.42.29.82 to port 23	2020-06-13 08:27:58
66.42.29.165	attackbots	Unauthorized connection attempt detected from IP address 66.42.29.165 to port 5358	2020-05-13 04:16:40
66.42.29.72	attackbotsspam	Unauthorized connection attempt detected from IP address 66.42.29.72 to port 23	2020-04-13 04:02:55
66.42.29.159	attackspambots	Unauthorized connection attempt detected from IP address 66.42.29.159 to port 23	2020-01-06 18:09:12
66.42.29.220	attackspambots	Unauthorized connection attempt detected from IP address 66.42.29.220 to port 23 [J]	2020-01-05 23:55:43
66.42.29.157	attackbotsspam	Unauthorized connection attempt detected from IP address 66.42.29.157 to port 23	2020-01-05 23:26:00
66.42.29.157	attack	Unauthorized connection attempt detected from IP address 66.42.29.157 to port 23	2019-12-29 08:23:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.42.29.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5796
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.42.29.145.			IN	A

;; AUTHORITY SECTION:
.			536	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010501 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 06 04:24:51 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 145.29.42.66.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 145.29.42.66.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
186.0.109.126	attackbotsspam	Unauthorized connection attempt from IP address 186.0.109.126 on Port 445(SMB)	2019-11-20 23:28:34
222.186.175.182	attack	2019-11-20T16:31:01.588304ns386461 sshd\[22467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root 2019-11-20T16:31:02.935476ns386461 sshd\[22467\]: Failed password for root from 222.186.175.182 port 32600 ssh2 2019-11-20T16:31:06.274578ns386461 sshd\[22467\]: Failed password for root from 222.186.175.182 port 32600 ssh2 2019-11-20T16:31:09.358427ns386461 sshd\[22467\]: Failed password for root from 222.186.175.182 port 32600 ssh2 2019-11-20T16:31:12.186541ns386461 sshd\[22467\]: Failed password for root from 222.186.175.182 port 32600 ssh2 ...	2019-11-20 23:32:30
36.237.11.217	attackbotsspam	Unauthorized connection attempt from IP address 36.237.11.217 on Port 445(SMB)	2019-11-20 23:14:07
179.36.41.239	attackbots	2019-11-20 14:47:32 H=(179-36-41-239.speedy.com.ar) [179.36.41.239]:34132 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=179.36.41.239) 2019-11-20 14:47:33 unexpected disconnection while reading SMTP command from (179-36-41-239.speedy.com.ar) [179.36.41.239]:34132 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-11-20 15:30:36 H=(179-36-41-239.speedy.com.ar) [179.36.41.239]:39641 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=179.36.41.239) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=179.36.41.239	2019-11-20 23:36:25
180.76.173.189	attack	Nov 20 11:46:02 ldap01vmsma01 sshd[11397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.173.189 Nov 20 11:46:04 ldap01vmsma01 sshd[11397]: Failed password for invalid user fogelin from 180.76.173.189 port 35756 ssh2 ...	2019-11-20 23:47:29
93.171.33.32	attackspam	11/20/2019-15:46:15.379458 93.171.33.32 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-20 23:39:10
193.188.22.229	attackbots	fatal: Unable to negotiate with 193.188.22.229 port 38844: no matching cipher found. Their offer: aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none [preauth]	2019-11-20 23:34:32
72.87.95.169	attackspambots	Telnet brute force and port scan	2019-11-20 23:53:47
50.70.229.239	attackbotsspam	Nov 20 20:43:33 vibhu-HP-Z238-Microtower-Workstation sshd\[14615\]: Invalid user aile from 50.70.229.239 Nov 20 20:43:33 vibhu-HP-Z238-Microtower-Workstation sshd\[14615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.70.229.239 Nov 20 20:43:35 vibhu-HP-Z238-Microtower-Workstation sshd\[14615\]: Failed password for invalid user aile from 50.70.229.239 port 50112 ssh2 Nov 20 20:47:29 vibhu-HP-Z238-Microtower-Workstation sshd\[15475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.70.229.239 user=uucp Nov 20 20:47:30 vibhu-HP-Z238-Microtower-Workstation sshd\[15475\]: Failed password for uucp from 50.70.229.239 port 58452 ssh2 ...	2019-11-20 23:27:11
61.153.189.140	attackspam	Automatic report - Banned IP Access	2019-11-20 23:17:48
115.84.105.136	attack	Unauthorized connection attempt from IP address 115.84.105.136 on Port 445(SMB)	2019-11-20 23:22:30
186.89.233.75	attackspambots	Unauthorized connection attempt from IP address 186.89.233.75 on Port 445(SMB)	2019-11-20 23:41:23
181.53.30.95	attackbotsspam	2019-11-20 15:19:37 H=(dynamic-ip-1815303095.cable.net.co) [181.53.30.95]:42436 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=181.53.30.95) 2019-11-20 15:19:38 unexpected disconnection while reading SMTP command from (dynamic-ip-1815303095.cable.net.co) [181.53.30.95]:42436 I=[10.100.18.22]:25 (error: Connection reset by peer) 2019-11-20 15:41:47 H=(dynamic-ip-1815303095.cable.net.co) [181.53.30.95]:48177 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=181.53.30.95) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=181.53.30.95	2019-11-20 23:16:32
189.211.188.47	attackbots	Unauthorized connection attempt from IP address 189.211.188.47 on Port 445(SMB)	2019-11-20 23:49:14
5.102.18.11	attackspam	2019-11-20 13:45:15 H=([5.102.18.11]) [5.102.18.11]:11121 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=5.102.18.11) 2019-11-20 13:45:16 unexpected disconnection while reading SMTP command from ([5.102.18.11]) [5.102.18.11]:11121 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-11-20 15:30:40 H=([5.102.18.11]) [5.102.18.11]:13051 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=5.102.18.11) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=5.102.18.11	2019-11-20 23:42:58

最近上报的IP列表

54.183.202.175	49.51.12.230	116.2.227.115	222.165.217.35
45.172.230.8	150.198.63.97	45.5.203.183	107.125.175.151
99.88.70.165	74.243.171.23	37.6.142.124	89.69.216.191
31.41.84.17	116.123.120.195	31.25.135.69	75.224.61.248
103.36.5.251	27.2.64.208	109.39.59.3	191.168.188.87