66.42.5.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Telastic

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorized connection attempt detected from IP address 66.42.5.20 to port 23	2020-05-13 03:01:00
attack	Unauthorized connection attempt detected from IP address 66.42.5.20 to port 23	2020-05-04 16:45:03

相同子网IP讨论:

IP	类型	评论内容	时间
66.42.55.203	attackspambots	66.42.55.203 - - [03/Sep/2020:07:45:15 +0100] "POST /wp-login.php HTTP/1.1" 200 1791 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.42.55.203 - - [03/Sep/2020:07:45:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1772 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.42.55.203 - - [03/Sep/2020:07:45:19 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-03 23:10:39
66.42.55.203	attackspambots	66.42.55.203 - - [03/Sep/2020:06:39:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2420 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.42.55.203 - - [03/Sep/2020:06:39:08 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.42.55.203 - - [03/Sep/2020:06:39:10 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-03 14:44:53
66.42.55.203	attack	66.42.55.203 - - [02/Sep/2020:22:46:26 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.42.55.203 - - [02/Sep/2020:22:46:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.42.55.203 - - [02/Sep/2020:22:46:31 +0100] "POST /wp-login.php HTTP/1.1" 200 1887 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-03 06:58:02
66.42.50.81	attack	WordPress wp-login brute force :: 66.42.50.81 0.124 - [10/Aug/2020:12:09:06 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1837 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-08-10 20:46:18
66.42.5.235	attackbotsspam	Unauthorized connection attempt detected from IP address 66.42.5.235 to port 23	2020-07-09 06:50:12
66.42.5.241	attackspambots	Unauthorized connection attempt detected from IP address 66.42.5.241 to port 23	2020-07-09 06:07:59
66.42.5.241	attack	Unauthorized connection attempt detected from IP address 66.42.5.241 to port 23	2020-07-07 04:04:23
66.42.52.214	attackbots	[Aegis] @ 2019-07-26 05:30:25 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-04-29 20:22:51
66.42.56.21	attackbots	66.42.56.21 - - \[22/Apr/2020:09:27:32 +0200\] "POST /wp-login.php HTTP/1.0" 200 6811 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 66.42.56.21 - - \[22/Apr/2020:09:27:35 +0200\] "POST /wp-login.php HTTP/1.0" 200 6809 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 66.42.56.21 - - \[22/Apr/2020:09:27:37 +0200\] "POST /wp-login.php HTTP/1.0" 200 6657 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-04-22 19:26:46
66.42.52.160	attackspam	Automatic report - XMLRPC Attack	2020-04-22 19:05:09
66.42.56.21	attackspam	Apr 21 23:49:37 wordpress wordpress(www.ruhnke.cloud)[97586]: Blocked authentication attempt for admin from ::ffff:66.42.56.21	2020-04-22 06:11:39
66.42.52.160	attackspambots	ENG,WP GET /wp-login.php	2020-04-22 03:58:45
66.42.5.164	attackbots	Unauthorized connection attempt detected from IP address 66.42.5.164 to port 23	2020-04-13 04:03:16
66.42.56.21	attack	Automatic report - XMLRPC Attack	2020-04-01 19:37:51
66.42.56.21	attackspambots	xmlrpc attack	2020-03-08 13:21:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.42.5.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59407
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.42.5.20.			IN	A

;; AUTHORITY SECTION:
.			467	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050400 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 16:44:54 CST 2020
;; MSG SIZE  rcvd: 114

HOST信息:

Host 20.5.42.66.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 20.5.42.66.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
149.56.142.220	attackbots	Sep 9 22:26:09 ubuntu-2gb-nbg1-dc3-1 sshd[21141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.142.220 Sep 9 22:26:11 ubuntu-2gb-nbg1-dc3-1 sshd[21141]: Failed password for invalid user testuser1 from 149.56.142.220 port 49566 ssh2 ...	2019-09-10 07:22:09
206.189.222.181	attackspambots	Sep 9 18:36:27 vps200512 sshd\[9919\]: Invalid user demo from 206.189.222.181 Sep 9 18:36:27 vps200512 sshd\[9919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.222.181 Sep 9 18:36:29 vps200512 sshd\[9919\]: Failed password for invalid user demo from 206.189.222.181 port 36392 ssh2 Sep 9 18:42:14 vps200512 sshd\[10141\]: Invalid user mysql2 from 206.189.222.181 Sep 9 18:42:14 vps200512 sshd\[10141\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.222.181	2019-09-10 06:42:36
138.68.53.163	attackbotsspam	Sep 9 09:50:21 hanapaa sshd\[2568\]: Invalid user dspace from 138.68.53.163 Sep 9 09:50:21 hanapaa sshd\[2568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.53.163 Sep 9 09:50:23 hanapaa sshd\[2568\]: Failed password for invalid user dspace from 138.68.53.163 port 38154 ssh2 Sep 9 09:56:08 hanapaa sshd\[3067\]: Invalid user cloudadmin from 138.68.53.163 Sep 9 09:56:08 hanapaa sshd\[3067\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.53.163	2019-09-10 06:59:45
5.36.42.141	attackspambots	Sep 9 04:56:02 aiointranet sshd\[30365\]: Invalid user admin from 5.36.42.141 Sep 9 04:56:02 aiointranet sshd\[30365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.36.42.141.dynamic-dsl-ip.omantel.net.om Sep 9 04:56:09 aiointranet sshd\[30365\]: Failed password for invalid user admin from 5.36.42.141 port 53225 ssh2 Sep 9 04:56:11 aiointranet sshd\[30365\]: Failed password for invalid user admin from 5.36.42.141 port 53225 ssh2 Sep 9 04:56:13 aiointranet sshd\[30365\]: Failed password for invalid user admin from 5.36.42.141 port 53225 ssh2	2019-09-10 07:20:15
37.187.51.172	attackspam	Automatic report - Banned IP Access	2019-09-10 07:09:49
122.192.33.102	attackbotsspam	Sep 9 22:25:07 game-panel sshd[16269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.192.33.102 Sep 9 22:25:08 game-panel sshd[16269]: Failed password for invalid user ts3server from 122.192.33.102 port 53462 ssh2 Sep 9 22:30:52 game-panel sshd[16459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.192.33.102	2019-09-10 06:39:40
185.232.67.6	attackbotsspam	Sep 10 00:25:03 lenivpn01 kernel: \[300710.392033\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=185.232.67.6 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=9295 DF PROTO=TCP SPT=58136 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 10 00:25:04 lenivpn01 kernel: \[300711.381082\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=185.232.67.6 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=9296 DF PROTO=TCP SPT=58136 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 10 00:25:06 lenivpn01 kernel: \[300713.388179\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=185.232.67.6 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=9297 DF PROTO=TCP SPT=58136 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 ...	2019-09-10 07:10:23
92.255.3.13	attack	PHP DIESCAN Information Disclosure Vulnerability	2019-09-10 07:06:55
62.219.152.204	attack	Automatic report - Port Scan Attack	2019-09-10 07:12:05
222.73.36.73	attackbotsspam	325 failed attempt(s) in the last 24h	2019-09-10 07:22:59
165.227.150.158	attack	SSH invalid-user multiple login try	2019-09-10 07:14:56
5.26.218.141	attackspambots	port scan and connect, tcp 23 (telnet)	2019-09-10 06:43:48
41.228.12.149	attackbots	Sep 9 23:00:44 km20725 sshd\[16070\]: Invalid user weblogic from 41.228.12.149Sep 9 23:00:46 km20725 sshd\[16070\]: Failed password for invalid user weblogic from 41.228.12.149 port 41142 ssh2Sep 9 23:08:18 km20725 sshd\[16439\]: Invalid user zabbix from 41.228.12.149Sep 9 23:08:20 km20725 sshd\[16439\]: Failed password for invalid user zabbix from 41.228.12.149 port 55196 ssh2 ...	2019-09-10 07:19:03
210.14.69.76	attackspam	Sep 9 19:18:42 server sshd[49621]: Failed password for invalid user Eemeli from 210.14.69.76 port 58909 ssh2 Sep 9 19:24:26 server sshd[51339]: Failed password for invalid user sergio from 210.14.69.76 port 55946 ssh2 Sep 9 19:29:27 server sshd[52677]: Failed password for invalid user jt from 210.14.69.76 port 50774 ssh2	2019-09-10 06:46:14
124.94.54.159	attackspam	Unauthorised access (Sep 9) SRC=124.94.54.159 LEN=40 TTL=49 ID=42510 TCP DPT=8080 WINDOW=15138 SYN	2019-09-10 07:18:29

最近上报的IP列表

176.142.126.157	39.96.172.31	88.27.167.184	192.168.1.21
187.225.212.147	178.46.212.55	165.227.106.12	95.47.61.48
103.17.38.249	185.203.208.178	91.195.35.124	182.123.206.221
176.113.115.39	113.165.54.168	27.254.68.108	172.69.35.50
192.168.1.142	110.138.150.174	162.243.138.119	106.12.47.131