66.42.4.164 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Telastic

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 66.42.4.164 to port 23	2020-04-13 03:23:18

相同子网IP讨论:

IP	类型	评论内容	时间
66.42.4.100	attackspam	Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23	2020-07-22 19:44:32
66.42.42.168	attackspam	Unauthorized connection attempt detected from IP address 66.42.42.168 to port 80 [T]	2020-07-22 01:37:00
66.42.4.100	attackbotsspam	Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23	2020-05-31 21:14:41
66.42.49.38	attackspambots	Automatic report - XMLRPC Attack	2020-05-16 08:28:50
66.42.4.100	attack	Unauthorized connection attempt detected from IP address 66.42.4.100 to port 23	2020-05-13 04:56:31
66.42.49.175	attack	[portscan] Port scan	2020-05-11 07:02:06
66.42.43.150	attack	Invalid user test1 from 66.42.43.150 port 33682	2020-04-23 07:56:15
66.42.43.150	attackbotsspam	Invalid user postgres from 66.42.43.150 port 40324	2020-04-21 14:24:50
66.42.43.150	attack	$f2bV_matches	2020-04-21 02:20:41
66.42.43.150	attackbotsspam	Invalid user postgres from 66.42.43.150 port 40324	2020-04-20 15:44:23
66.42.43.150	attackspam	Apr 18 22:10:31 ncomp sshd[23348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.42.43.150 user=root Apr 18 22:10:33 ncomp sshd[23348]: Failed password for root from 66.42.43.150 port 33082 ssh2 Apr 18 22:20:41 ncomp sshd[23979]: Invalid user test04 from 66.42.43.150	2020-04-19 04:48:11
66.42.43.150	attack	Unauthorized connection attempt detected from IP address 66.42.43.150 to port 22 [T]	2020-04-18 15:49:13
66.42.4.196	attack	Unauthorized connection attempt detected from IP address 66.42.4.196 to port 23	2020-04-13 04:39:53
66.42.43.150	attack	SSH Brute Force	2020-04-11 07:28:04
66.42.43.150	attackspambots	Apr 10 13:59:42 server sshd[10498]: Failed password for invalid user apache from 66.42.43.150 port 43516 ssh2 Apr 10 14:05:34 server sshd[12180]: Failed password for invalid user kmiller from 66.42.43.150 port 42836 ssh2 Apr 10 14:09:25 server sshd[13194]: Failed password for root from 66.42.43.150 port 46246 ssh2	2020-04-10 23:06:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.42.4.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45158
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.42.4.164.			IN	A

;; AUTHORITY SECTION:
.			352	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041201 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 13 03:23:14 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 164.4.42.66.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.4.42.66.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.127.133.94	attack	Mar 20 18:37:50 vlre-nyc-1 sshd\[6458\]: Invalid user mfs from 45.127.133.94 Mar 20 18:37:50 vlre-nyc-1 sshd\[6458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.127.133.94 Mar 20 18:37:52 vlre-nyc-1 sshd\[6458\]: Failed password for invalid user mfs from 45.127.133.94 port 43864 ssh2 Mar 20 18:45:11 vlre-nyc-1 sshd\[6859\]: Invalid user teamspeak3-server from 45.127.133.94 Mar 20 18:45:11 vlre-nyc-1 sshd\[6859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.127.133.94 ...	2020-03-21 04:30:04
67.20.200.109	attackbots	Invalid user pi from 67.20.200.109 port 39262	2020-03-21 04:10:35
134.73.51.241	attackbots	Mar 20 15:01:11 mail.srvfarm.net postfix/smtpd[2795536]: NOQUEUE: reject: RCPT from room.impitsol.com[134.73.51.241]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 20 15:01:12 mail.srvfarm.net postfix/smtpd[2795536]: NOQUEUE: reject: RCPT from room.impitsol.com[134.73.51.241]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 20 15:07:19 mail.srvfarm.net postfix/smtpd[2807225]: NOQUEUE: reject: RCPT from room.impitsol.com[134.73.51.241]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 20 15:08:55 mail.srvfarm.net postfix/smtpd[2807225]: NOQUEUE: reject: RCPT from room.impit	2020-03-21 04:49:20
106.12.100.73	attack	Mar 20 20:44:20 ns382633 sshd\[12878\]: Invalid user member from 106.12.100.73 port 57978 Mar 20 20:44:20 ns382633 sshd\[12878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.100.73 Mar 20 20:44:23 ns382633 sshd\[12878\]: Failed password for invalid user member from 106.12.100.73 port 57978 ssh2 Mar 20 21:04:27 ns382633 sshd\[17221\]: Invalid user inet from 106.12.100.73 port 40256 Mar 20 21:04:27 ns382633 sshd\[17221\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.100.73	2020-03-21 04:22:36
217.182.197.93	attack	217.182.197.93 - - [20/Mar/2020:14:06:21 +0100] "GET /wp-login.php HTTP/1.1" 200 6463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 217.182.197.93 - - [20/Mar/2020:14:06:23 +0100] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 217.182.197.93 - - [20/Mar/2020:14:06:24 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-21 04:11:07
111.229.125.124	attackspambots	Mar 20 20:30:17 Invalid user egghead from 111.229.125.124 port 43104	2020-03-21 04:30:56
222.186.190.2	attack	Mar 21 01:36:10 gw1 sshd[27611]: Failed password for root from 222.186.190.2 port 65022 ssh2 Mar 21 01:36:13 gw1 sshd[27611]: Failed password for root from 222.186.190.2 port 65022 ssh2 ...	2020-03-21 04:37:56
180.244.232.9	attackbots	1584709536 - 03/20/2020 14:05:36 Host: 180.244.232.9/180.244.232.9 Port: 445 TCP Blocked	2020-03-21 04:39:07
77.181.122.77	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-03-21 04:12:17
222.186.31.83	attack	Mar 21 02:01:18 areeb-Workstation sshd[13203]: Failed password for root from 222.186.31.83 port 35020 ssh2 Mar 21 02:01:22 areeb-Workstation sshd[13203]: Failed password for root from 222.186.31.83 port 35020 ssh2 ...	2020-03-21 04:31:56
192.241.211.94	attackspambots	Mar 20 15:52:55 plusreed sshd[9217]: Invalid user aconnelly from 192.241.211.94 ...	2020-03-21 04:14:05
190.64.147.19	attackbots	Mar 20 13:54:48 mail.srvfarm.net postfix/smtpd[2768619]: NOQUEUE: reject: RCPT from r190-64-147-19.su-static.adinet.com.uy[190.64.147.19]: 554 5.7.1 Service unavailable; Client host [190.64.147.19] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?190.64.147.19; from= to= proto=ESMTP helo= Mar 20 13:54:49 mail.srvfarm.net postfix/smtpd[2768619]: NOQUEUE: reject: RCPT from r190-64-147-19.su-static.adinet.com.uy[190.64.147.19]: 554 5.7.1 Service unavailable; Client host [190.64.147.19] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?190.64.147.19; from= to= proto=ESMTP helo= Mar 20 13:54:50 mail.srvfarm.net postfix/smtpd[2768619]: NOQUEUE: reject: RCPT from r190-64-147-19.su-static.adinet.com.uy[190.64.147.19]: 554 5.7.1 Service unavailable; Client host [190.64.147.19] blocke	2020-03-21 04:48:32
51.68.139.151	attackspambots	(mod_security) mod_security (id:930130) triggered by 51.68.139.151 (PL/Poland/151.ip-51-68-139.eu): 5 in the last 3600 secs	2020-03-21 04:24:05
51.75.18.212	attackspambots	Mar 20 18:48:23 vps647732 sshd[7118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.18.212 Mar 20 18:48:24 vps647732 sshd[7118]: Failed password for invalid user af from 51.75.18.212 port 46732 ssh2 ...	2020-03-21 04:27:25
78.11.200.147	attackbots	Automatic report - Port Scan Attack	2020-03-21 04:47:25

最近上报的IP列表

30.119.122.29	234.21.42.243	222.173.36.190	222.113.43.131
222.106.30.213	220.117.113.199	220.85.243.172	220.79.10.44
217.209.155.137	221.51.55.4	213.81.147.251	91.208.31.121
100.74.87.8	119.196.51.149	47.100.150.196	216.15.209.141
213.66.249.54	51.131.45.36	153.5.115.29	105.80.149.129