66.49.13.125 - IPInfo

基本信息:

城市(city): Overland

省份(region): Missouri

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
66.49.131.65	attackbotsspam	Oct 9 06:58:15 web1 sshd[7768]: Invalid user test from 66.49.131.65 port 57908 Oct 9 06:58:15 web1 sshd[7768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.49.131.65 Oct 9 06:58:15 web1 sshd[7768]: Invalid user test from 66.49.131.65 port 57908 Oct 9 06:58:17 web1 sshd[7768]: Failed password for invalid user test from 66.49.131.65 port 57908 ssh2 Oct 9 07:04:51 web1 sshd[9935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.49.131.65 user=root Oct 9 07:04:53 web1 sshd[9935]: Failed password for root from 66.49.131.65 port 58690 ssh2 Oct 9 07:09:13 web1 sshd[11692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.49.131.65 user=root Oct 9 07:09:15 web1 sshd[11692]: Failed password for root from 66.49.131.65 port 58090 ssh2 Oct 9 07:12:52 web1 sshd[12901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66. ...	2020-10-09 04:25:55
66.49.131.65	attack	SSH Brute-force	2020-10-08 20:34:51
66.49.131.65	attackspambots	2020-10-07T21:26:31.988154server.mjenks.net sshd[69632]: Failed password for root from 66.49.131.65 port 38830 ssh2 2020-10-07T21:27:22.183717server.mjenks.net sshd[69702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.49.131.65 user=root 2020-10-07T21:27:24.818068server.mjenks.net sshd[69702]: Failed password for root from 66.49.131.65 port 50412 ssh2 2020-10-07T21:28:12.611135server.mjenks.net sshd[69744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.49.131.65 user=root 2020-10-07T21:28:14.773719server.mjenks.net sshd[69744]: Failed password for root from 66.49.131.65 port 33756 ssh2 ...	2020-10-08 12:31:20
66.49.131.65	attackbots	Oct 8 00:31:19 rancher-0 sshd[528007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.49.131.65 user=root Oct 8 00:31:20 rancher-0 sshd[528007]: Failed password for root from 66.49.131.65 port 37920 ssh2 ...	2020-10-08 07:52:25
66.49.131.65	attackspam	(sshd) Failed SSH login from 66.49.131.65 (CA/Canada/ip-66-49-131-65.rdns.distributel.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 7 11:54:16 optimus sshd[15769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.49.131.65 user=root Oct 7 11:54:18 optimus sshd[15769]: Failed password for root from 66.49.131.65 port 52006 ssh2 Oct 7 11:58:56 optimus sshd[17414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.49.131.65 user=root Oct 7 11:58:58 optimus sshd[17414]: Failed password for root from 66.49.131.65 port 60102 ssh2 Oct 7 12:03:32 optimus sshd[19086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.49.131.65 user=root	2020-10-08 02:11:30
66.49.131.65	attackspam	2020-10-06 UTC: (41x) - root(41x)	2020-10-07 18:20:13
66.49.131.65	attackspam	2020-09-29T05:41:23.306863correo.[domain] sshd[22912]: Failed password for invalid user grid from 66.49.131.65 port 41976 ssh2 2020-09-29T05:53:45.373981correo.[domain] sshd[24024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.49.131.65 user=root 2020-09-29T05:53:48.274670correo.[domain] sshd[24024]: Failed password for root from 66.49.131.65 port 42558 ssh2 ...	2020-09-30 06:52:54
66.49.131.65	attackspam	<6 unauthorized SSH connections	2020-09-29 15:28:28
66.49.134.174	attackbots	Honeypot attack, port: 5555, PTR: ip-66-49-134-174.rdns.distributel.net.	2020-02-24 03:43:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.49.13.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9600
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.49.13.125.			IN	A

;; AUTHORITY SECTION:
.			346	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120300 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 00:07:58 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

125.13.49.66.in-addr.arpa domain name pointer 66.49.13.125.nw.nuvox.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
125.13.49.66.in-addr.arpa	name = 66.49.13.125.nw.nuvox.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
68.183.128.210	attackbots	DATE:2020-03-20 14:09:51, IP:68.183.128.210, PORT:ssh SSH brute force auth (docker-dc)	2020-03-21 02:14:44
39.155.215.142	attackspambots	[munged]::443 39.155.215.142 - - [20/Mar/2020:14:09:41 +0100] "POST /[munged]: HTTP/1.1" 200 16858 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 39.155.215.142 - - [20/Mar/2020:14:09:43 +0100] "POST /[munged]: HTTP/1.1" 200 12239 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 39.155.215.142 - - [20/Mar/2020:14:09:43 +0100] "POST /[munged]: HTTP/1.1" 200 12239 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 39.155.215.142 - - [20/Mar/2020:14:09:46 +0100] "POST /[munged]: HTTP/1.1" 200 12239 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 39.155.215.142 - - [20/Mar/2020:14:09:46 +0100] "POST /[munged]: HTTP/1.1" 200 12239 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 39.155.215.142 - - [20/Mar/202	2020-03-21 02:17:07
80.81.0.94	attack	Invalid user katarina from 80.81.0.94 port 1166	2020-03-21 01:43:50
59.64.129.142	attackbotsspam	Mar 18 13:31:56 pl3server sshd[5834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.64.129.142 user=r.r Mar 18 13:31:58 pl3server sshd[5834]: Failed password for r.r from 59.64.129.142 port 52276 ssh2 Mar 18 13:31:58 pl3server sshd[5834]: Received disconnect from 59.64.129.142: 11: Bye Bye [preauth] Mar 18 13:42:14 pl3server sshd[23689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.64.129.142 user=r.r Mar 18 13:42:16 pl3server sshd[23689]: Failed password for r.r from 59.64.129.142 port 45908 ssh2 Mar 18 13:42:16 pl3server sshd[23689]: Received disconnect from 59.64.129.142: 11: Bye Bye [preauth] Mar 18 13:45:41 pl3server sshd[28424]: Invalid user sandbox from 59.64.129.142 Mar 18 13:45:41 pl3server sshd[28424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.64.129.142 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=59.64.1	2020-03-21 02:16:46
207.180.244.128	attack	SSH invalid-user multiple login try	2020-03-21 01:40:56
186.193.141.161	attackbotsspam	" "	2020-03-21 01:39:16
141.8.132.24	attackbots	[Fri Mar 20 20:09:17.192662 2020] [:error] [pid 15887:tid 139661176485632] [client 141.8.132.24:65023] [client 141.8.132.24] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnTAfXEhhvTdM6dYCcoxwgAAAcQ"] ...	2020-03-21 02:30:38
184.105.139.85	attack	Portscan or hack attempt detected by psad/fwsnort	2020-03-21 02:17:27
200.54.11.243	attack	Port probing on unauthorized port 23	2020-03-21 02:09:22
79.124.62.70	attackbots	[MK-Root1] Blocked by UFW	2020-03-21 01:59:24
104.227.139.186	attack	Port Scan detected from 104.227.139.186 (US/United States/New York/Buffalo/-). 4 hits in the last 285 seconds	2020-03-21 02:07:19
1.213.195.155	attack	Mar 20 10:45:11 plusreed sshd[29906]: Invalid user solaris from 1.213.195.155 ...	2020-03-21 02:32:25
202.131.152.2	attackbots	Mar 20 14:50:11 vps46666688 sshd[11441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.152.2 Mar 20 14:50:13 vps46666688 sshd[11441]: Failed password for invalid user daiyun from 202.131.152.2 port 54266 ssh2 ...	2020-03-21 01:52:44
103.126.56.22	attackbotsspam	SSH bruteforce	2020-03-21 01:53:44
140.238.161.208	attack	trying to access non-authorized port	2020-03-21 02:09:00

最近上报的IP列表

163.1.111.227	147.135.157.145	220.147.81.183	128.249.229.186
54.200.209.24	39.100.202.129	204.217.59.225	167.163.245.101
17.224.186.137	167.172.195.187	13.51.22.244	99.131.173.29
178.44.224.55	133.50.99.136	115.117.5.16	46.110.215.137
96.145.51.135	198.190.237.129	6.2.63.168	206.181.4.181