66.42.4.164 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Telastic

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 66.42.4.164 to port 23	2020-04-13 03:23:18

相同子网IP讨论:

IP	类型	评论内容	时间
66.42.4.100	attackspam	Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23	2020-07-22 19:44:32
66.42.42.168	attackspam	Unauthorized connection attempt detected from IP address 66.42.42.168 to port 80 [T]	2020-07-22 01:37:00
66.42.4.100	attackbotsspam	Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23	2020-05-31 21:14:41
66.42.49.38	attackspambots	Automatic report - XMLRPC Attack	2020-05-16 08:28:50
66.42.4.100	attack	Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23	2020-05-13 04:56:31
66.42.49.175	attack	[portscan] Port scan	2020-05-11 07:02:06
66.42.43.150	attack	Invalid user test1 from 66.42.43.150 port 33682	2020-04-23 07:56:15
66.42.43.150	attackbotsspam	Invalid user postgres from 66.42.43.150 port 40324	2020-04-21 14:24:50
66.42.43.150	attack	$f2bV_matches	2020-04-21 02:20:41
66.42.43.150	attackbotsspam	Invalid user postgres from 66.42.43.150 port 40324	2020-04-20 15:44:23
66.42.43.150	attackspam	Apr 18 22:10:31 ncomp sshd[23348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.42.43.150 user=root Apr 18 22:10:33 ncomp sshd[23348]: Failed password for root from 66.42.43.150 port 33082 ssh2 Apr 18 22:20:41 ncomp sshd[23979]: Invalid user test04 from 66.42.43.150	2020-04-19 04:48:11
66.42.43.150	attack	Unauthorized connection attempt detected from IP address 66.42.43.150 to port 22 [T]	2020-04-18 15:49:13
66.42.4.196	attack	Unauthorized connection attempt detected from IP address 66.42.4.196 to port 23	2020-04-13 04:39:53
66.42.43.150	attack	SSH Brute Force	2020-04-11 07:28:04
66.42.43.150	attackspambots	Apr 10 13:59:42 server sshd[10498]: Failed password for invalid user apache from 66.42.43.150 port 43516 ssh2 Apr 10 14:05:34 server sshd[12180]: Failed password for invalid user kmiller from 66.42.43.150 port 42836 ssh2 Apr 10 14:09:25 server sshd[13194]: Failed password for root from 66.42.43.150 port 46246 ssh2	2020-04-10 23:06:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.42.4.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45158
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.42.4.164.			IN	A

;; AUTHORITY SECTION:
.			352	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041201 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 13 03:23:14 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 164.4.42.66.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.4.42.66.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.113.90.226	attack	2020-06-05 06:57:21.721269-0500 localhost smtpd[21357]: NOQUEUE: reject: RCPT from unknown[103.113.90.226]: 450 4.7.25 Client host rejected: cannot find your hostname, [103.113.90.226]; from= to= proto=ESMTP helo=<00fd7eba.megamega.xyz>	2020-06-05 21:05:21
103.56.113.224	attackbotsspam	Jun 5 15:04:53 santamaria sshd\[30021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.56.113.224 user=root Jun 5 15:04:55 santamaria sshd\[30021\]: Failed password for root from 103.56.113.224 port 39336 ssh2 Jun 5 15:08:51 santamaria sshd\[30100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.56.113.224 user=root ...	2020-06-05 21:13:25
212.166.68.146	attackbots	Jun 5 14:34:29 abendstille sshd\[31032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.166.68.146 user=root Jun 5 14:34:31 abendstille sshd\[31032\]: Failed password for root from 212.166.68.146 port 51420 ssh2 Jun 5 14:38:26 abendstille sshd\[2067\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.166.68.146 user=root Jun 5 14:38:28 abendstille sshd\[2067\]: Failed password for root from 212.166.68.146 port 53868 ssh2 Jun 5 14:42:17 abendstille sshd\[5732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.166.68.146 user=root ...	2020-06-05 20:44:45
175.24.51.45	attack	Jun 5 08:58:32 firewall sshd[19740]: Failed password for root from 175.24.51.45 port 48004 ssh2 Jun 5 09:03:25 firewall sshd[19875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.51.45 user=root Jun 5 09:03:27 firewall sshd[19875]: Failed password for root from 175.24.51.45 port 42926 ssh2 ...	2020-06-05 20:48:56
191.53.198.255	attackspambots	Currently 7 failed/unauthorized logins attempts via SMTP/IMAP whostnameh 7 different usernames and wrong password: 2020-06-05T13:54:13+02:00 x@x 2020-06-03T19:17:42+02:00 x@x 2019-08-04T01:59:06+02:00 x@x 2019-08-03T01:03:04+02:00 x@x 2019-07-17T08:28:23+02:00 x@x 2019-07-07T01:51:54+02:00 x@x 2019-07-01T13:31:08+02:00 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=191.53.198.255	2020-06-05 20:40:04
103.80.36.218	attackbotsspam	Jun 5 14:29:34 PorscheCustomer sshd[27284]: Failed password for root from 103.80.36.218 port 64814 ssh2 Jun 5 14:32:15 PorscheCustomer sshd[27392]: Failed password for root from 103.80.36.218 port 64396 ssh2 ...	2020-06-05 21:01:17
222.186.30.57	attackbots	2020-06-05T14:30:08.729127sd-86998 sshd[33034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root 2020-06-05T14:30:11.421929sd-86998 sshd[33034]: Failed password for root from 222.186.30.57 port 47751 ssh2 2020-06-05T14:30:13.218624sd-86998 sshd[33034]: Failed password for root from 222.186.30.57 port 47751 ssh2 2020-06-05T14:30:08.729127sd-86998 sshd[33034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root 2020-06-05T14:30:11.421929sd-86998 sshd[33034]: Failed password for root from 222.186.30.57 port 47751 ssh2 2020-06-05T14:30:13.218624sd-86998 sshd[33034]: Failed password for root from 222.186.30.57 port 47751 ssh2 2020-06-05T14:30:08.729127sd-86998 sshd[33034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root 2020-06-05T14:30:11.421929sd-86998 sshd[33034]: Failed password for root from 222.186 ...	2020-06-05 20:36:12
5.188.86.164	attackspambots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-05T11:50:42Z and 2020-06-05T12:02:54Z	2020-06-05 21:16:59
68.183.184.243	attackspambots	CMS (WordPress or Joomla) login attempt.	2020-06-05 20:44:32
46.105.41.101	attack	Email rejected due to spam filtering	2020-06-05 21:06:13
42.116.242.165	attackbots	REQUESTED PAGE: /Scripts/sendform.php	2020-06-05 21:02:22
31.220.1.210	attack	Jun 5 14:25:39 ns382633 sshd\[4385\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.220.1.210 user=root Jun 5 14:25:41 ns382633 sshd\[4385\]: Failed password for root from 31.220.1.210 port 46746 ssh2 Jun 5 14:25:46 ns382633 sshd\[4391\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.220.1.210 user=root Jun 5 14:25:48 ns382633 sshd\[4391\]: Failed password for root from 31.220.1.210 port 53370 ssh2 Jun 5 14:25:51 ns382633 sshd\[4393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.220.1.210 user=root	2020-06-05 20:53:53
51.158.171.38	attackbots	Jun 5 12:26:32 mxgate1 postfix/postscreen[29601]: CONNECT from [51.158.171.38]:51995 to [176.31.12.44]:25 Jun 5 12:26:38 mxgate1 postfix/postscreen[29601]: PASS NEW [51.158.171.38]:51995 Jun 5 12:26:39 mxgate1 postfix/smtpd[29628]: connect from riquezaetica.com[51.158.171.38] Jun x@x Jun 5 12:26:40 mxgate1 postfix/smtpd[29628]: disconnect from riquezaetica.com[51.158.171.38] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Jun 5 12:36:40 mxgate1 postfix/postscreen[30170]: CONNECT from [51.158.171.38]:41863 to [176.31.12.44]:25 Jun 5 12:36:42 mxgate1 postfix/postscreen[30170]: PASS OLD [51.158.171.38]:41863 Jun 5 12:36:42 mxgate1 postfix/smtpd[30176]: connect from riquezaetica.com[51.158.171.38] Jun x@x Jun 5 12:36:42 mxgate1 postfix/smtpd[30176]: disconnect from riquezaetica.com[51.158.171.38] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Jun 5 12:46:41 mxgate1 postfix/postscreen[30212]: CONNECT from [51.158.171.38]:33300 to [176.31.12......... -------------------------------	2020-06-05 20:51:32
77.202.192.113	attackbotsspam	Tried sshing with brute force.	2020-06-05 20:57:12
165.56.181.250	attack	165.56.181.250 - - [05/Jun/2020:14:59:14 +0200] "GET /wp-login.php HTTP/1.1" 200 6183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.56.181.250 - - [05/Jun/2020:14:59:24 +0200] "POST /wp-login.php HTTP/1.1" 200 6434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.56.181.250 - - [05/Jun/2020:14:59:37 +0200] "GET /wp-login.php HTTP/1.1" 200 6183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-05 21:11:22

最近上报的IP列表

30.119.122.29	234.21.42.243	222.173.36.190	222.113.43.131
222.106.30.213	220.117.113.199	220.85.243.172	220.79.10.44
217.209.155.137	221.51.55.4	213.81.147.251	91.208.31.121
100.74.87.8	119.196.51.149	47.100.150.196	216.15.209.141
213.66.249.54	51.131.45.36	153.5.115.29	105.80.149.129