66.42.4.100 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Telastic

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23	2020-07-22 19:44:32
attackbotsspam	Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23	2020-05-31 21:14:41
attack	Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23	2020-05-13 04:56:31

类型

评论内容

时间

attackspam

Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23

2020-07-22 19:44:32

attackbotsspam

Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23

2020-05-31 21:14:41

attack

Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23

2020-05-13 04:56:31

相同子网IP讨论:

IP	类型	评论内容	时间
66.42.42.168	attackspam	Unauthorized connection attempt detected from IP address 66.42.42.168 to port 80 [T]	2020-07-22 01:37:00
66.42.49.38	attackspambots	Automatic report - XMLRPC Attack	2020-05-16 08:28:50
66.42.49.175	attack	[portscan] Port scan	2020-05-11 07:02:06
66.42.43.150	attack	Invalid user test1 from 66.42.43.150 port 33682	2020-04-23 07:56:15
66.42.43.150	attackbotsspam	Invalid user postgres from 66.42.43.150 port 40324	2020-04-21 14:24:50
66.42.43.150	attack	$f2bV_matches	2020-04-21 02:20:41
66.42.43.150	attackbotsspam	Invalid user postgres from 66.42.43.150 port 40324	2020-04-20 15:44:23
66.42.43.150	attackspam	Apr 18 22:10:31 ncomp sshd[23348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.42.43.150 user=root Apr 18 22:10:33 ncomp sshd[23348]: Failed password for root from 66.42.43.150 port 33082 ssh2 Apr 18 22:20:41 ncomp sshd[23979]: Invalid user test04 from 66.42.43.150	2020-04-19 04:48:11
66.42.43.150	attack	Unauthorized connection attempt detected from IP address 66.42.43.150 to port 22 [T]	2020-04-18 15:49:13
66.42.4.196	attack	Unauthorized connection attempt detected from IP address 66.42.4.196 to port 23	2020-04-13 04:39:53
66.42.4.164	attack	Unauthorized connection attempt detected from IP address 66.42.4.164 to port 23	2020-04-13 03:23:18
66.42.43.150	attack	SSH Brute Force	2020-04-11 07:28:04
66.42.43.150	attackspambots	Apr 10 13:59:42 server sshd[10498]: Failed password for invalid user apache from 66.42.43.150 port 43516 ssh2 Apr 10 14:05:34 server sshd[12180]: Failed password for invalid user kmiller from 66.42.43.150 port 42836 ssh2 Apr 10 14:09:25 server sshd[13194]: Failed password for root from 66.42.43.150 port 46246 ssh2	2020-04-10 23:06:51
66.42.43.150	attackspam	$f2bV_matches	2020-04-05 08:59:06
66.42.43.150	attackspam	Mar 29 21:04:58 pkdns2 sshd\[21487\]: Invalid user ebd from 66.42.43.150Mar 29 21:05:00 pkdns2 sshd\[21487\]: Failed password for invalid user ebd from 66.42.43.150 port 36784 ssh2Mar 29 21:08:23 pkdns2 sshd\[21692\]: Invalid user fjseclib from 66.42.43.150Mar 29 21:08:25 pkdns2 sshd\[21692\]: Failed password for invalid user fjseclib from 66.42.43.150 port 33352 ssh2Mar 29 21:11:48 pkdns2 sshd\[21864\]: Invalid user postgres from 66.42.43.150Mar 29 21:11:50 pkdns2 sshd\[21864\]: Failed password for invalid user postgres from 66.42.43.150 port 58152 ssh2 ...	2020-03-30 02:21:17

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.42.4.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23080
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.42.4.100.			IN	A

;; AUTHORITY SECTION:
.			293	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051201 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 13 04:56:27 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 100.4.42.66.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 100.4.42.66.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
117.48.209.85	attack	2019-11-11T17:27:20.239318abusebot-4.cloudsearch.cf sshd\[20466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.209.85 user=root	2019-11-12 04:36:45
190.115.1.49	attackspambots	2019-11-11 02:37:19 server sshd[82808]: Failed password for invalid user letasi from 190.115.1.49 port 55436 ssh2	2019-11-12 04:02:33
179.214.20.144	attackspambots	Automatic report - Port Scan	2019-11-12 04:32:11
159.65.151.216	attackspam	Nov 11 18:46:46 server sshd\[3051\]: Invalid user wosick from 159.65.151.216 port 58568 Nov 11 18:46:46 server sshd\[3051\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.151.216 Nov 11 18:46:47 server sshd\[3051\]: Failed password for invalid user wosick from 159.65.151.216 port 58568 ssh2 Nov 11 18:51:10 server sshd\[11411\]: Invalid user nj from 159.65.151.216 port 39450 Nov 11 18:51:10 server sshd\[11411\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.151.216	2019-11-12 04:04:00
8.14.149.127	attack	Nov 11 21:10:51 * sshd[18876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=8.14.149.127 Nov 11 21:10:54 * sshd[18876]: Failed password for invalid user awdrgyjil153 from 8.14.149.127 port 47994 ssh2	2019-11-12 04:27:24
54.37.67.144	attackbots	Nov 11 18:29:45 XXX sshd[58824]: Invalid user smmsp from 54.37.67.144 port 37152	2019-11-12 04:28:55
45.95.33.50	attackspambots	Nov 11 16:37:28 h2421860 postfix/postscreen[7644]: CONNECT from [45.95.33.50]:50699 to [85.214.119.52]:25 Nov 11 16:37:28 h2421860 postfix/dnsblog[7646]: addr 45.95.33.50 listed by domain bl.spamcop.net as 127.0.0.2 Nov 11 16:37:28 h2421860 postfix/dnsblog[7649]: addr 45.95.33.50 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 11 16:37:28 h2421860 postfix/dnsblog[7645]: addr 45.95.33.50 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 11 16:37:28 h2421860 postfix/dnsblog[7648]: addr 45.95.33.50 listed by domain Unknown.trblspam.com as 185.53.179.7 Nov 11 16:37:28 h2421860 postfix/dnsblog[7646]: addr 45.95.33.50 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 11 16:37:34 h2421860 postfix/postscreen[7644]: DNSBL rank 8 for [45.95.33.50]:50699 Nov x@x Nov 11 16:37:34 h2421860 postfix/postscreen[7644]: DISCONNECT [45.95.33.50]:50699 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.95.33.50	2019-11-12 04:07:29
222.82.237.238	attackbots	Nov 11 16:59:50 lnxmysql61 sshd[28055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.82.237.238	2019-11-12 04:39:04
87.154.251.205	attackbotsspam	Nov 11 20:59:07 mail postfix/smtpd[19838]: warning: p579AFBCD.dip0.t-ipconnect.de[87.154.251.205]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 11 21:06:18 mail postfix/smtpd[24173]: warning: p579AFBCD.dip0.t-ipconnect.de[87.154.251.205]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 11 21:07:36 mail postfix/smtpd[22333]: warning: p579AFBCD.dip0.t-ipconnect.de[87.154.251.205]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-12 04:23:26
177.139.167.7	attackbots	Nov 11 15:33:20 MainVPS sshd[19749]: Invalid user knollenburg from 177.139.167.7 port 57248 Nov 11 15:33:20 MainVPS sshd[19749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.139.167.7 Nov 11 15:33:20 MainVPS sshd[19749]: Invalid user knollenburg from 177.139.167.7 port 57248 Nov 11 15:33:22 MainVPS sshd[19749]: Failed password for invalid user knollenburg from 177.139.167.7 port 57248 ssh2 Nov 11 15:38:32 MainVPS sshd[30273]: Invalid user dj from 177.139.167.7 port 48645 ...	2019-11-12 04:11:32
81.22.45.115	attack	Nov 11 20:38:11 mc1 kernel: \[4787373.053985\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.115 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=59937 PROTO=TCP SPT=40293 DPT=853 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 20:39:20 mc1 kernel: \[4787441.284003\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.115 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=25833 PROTO=TCP SPT=40293 DPT=1929 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 20:44:23 mc1 kernel: \[4787745.112304\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.115 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=51016 PROTO=TCP SPT=40293 DPT=1115 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-12 04:02:05
119.81.132.210	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/119.81.132.210/ NL - 1H : (27) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : NL NAME ASN : ASN36351 IP : 119.81.132.210 CIDR : 119.81.128.0/18 PREFIX COUNT : 1060 UNIQUE IP COUNT : 4784128 ATTACKS DETECTED ASN36351 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 DateTime : 2019-11-11 15:38:05 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-11-12 04:34:08
207.180.222.40	attackbotsspam	Detected By Fail2ban	2019-11-12 04:16:10
173.249.28.191	attack	Masscan Scanner Request	2019-11-12 04:06:35
104.223.78.99	attackbotsspam	Looking for resource vulnerabilities	2019-11-12 04:23:09

最近上报的IP列表

207.102.152.26	201.253.11.236	70.253.136.173	201.202.31.170
198.108.66.211	127.193.82.39	43.189.217.133	196.64.203.209
190.230.31.16	187.178.64.172	186.179.219.86	186.46.38.154
181.113.32.170	179.89.60.3	178.206.162.129	177.195.8.25
170.82.108.189	85.110.18.197	115.42.77.114	74.208.236.55