77.42.104.1 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Iran, Islamic Republic of

运营商(isp): Rayaneh Danesh Golestan Complex P.J.S. Co.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Telnet Server BruteForce Attack	2019-08-10 12:24:45

相同子网IP讨论:

IP	类型	评论内容	时间
77.42.104.6	attack	Unauthorised access (Nov 16) SRC=77.42.104.6 LEN=44 PREC=0x20 TTL=49 ID=57490 TCP DPT=8080 WINDOW=43866 SYN	2019-11-16 19:16:32
77.42.104.58	attack	Automatic report - Port Scan Attack	2019-11-16 16:25:28
77.42.104.91	attackspam	Automatic report - Port Scan Attack	2019-11-13 03:16:58
77.42.104.103	attackspam	Automatic report - Port Scan Attack	2019-11-03 03:10:06
77.42.104.68	attack	Automatic report - Port Scan Attack	2019-10-31 23:47:59
77.42.104.157	attackbots	23/tcp [2019-10-22]1pkt	2019-10-23 07:37:30
77.42.104.229	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-05 14:36:25
77.42.104.166	attackspambots	port 23 attempt blocked	2019-07-31 12:40:04
77.42.104.110	attackbots	Unauthorised access (Jul 8) SRC=77.42.104.110 LEN=44 PREC=0x20 TTL=49 ID=51072 TCP DPT=23 WINDOW=61241 SYN	2019-07-08 13:50:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 77.42.104.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9942
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;77.42.104.1.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080902 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 10 12:24:39 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 1.104.42.77.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 1.104.42.77.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
200.84.173.87	attackbotsspam	Unauthorized connection attempt detected from IP address 200.84.173.87 to port 445	2020-02-27 07:35:07
118.25.146.128	attack	GET /wp-login.php HTTP/1.1	2020-02-27 07:39:58
89.36.213.80	attackbots	Trying ports that it shouldn't be.	2020-02-27 07:26:45
112.85.42.176	attackspam	(sshd) Failed SSH login from 112.85.42.176 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 27 00:20:31 amsweb01 sshd[16193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Feb 27 00:20:33 amsweb01 sshd[16193]: Failed password for root from 112.85.42.176 port 2262 ssh2 Feb 27 00:20:36 amsweb01 sshd[16193]: Failed password for root from 112.85.42.176 port 2262 ssh2 Feb 27 00:20:40 amsweb01 sshd[16193]: Failed password for root from 112.85.42.176 port 2262 ssh2 Feb 27 00:20:43 amsweb01 sshd[16193]: Failed password for root from 112.85.42.176 port 2262 ssh2	2020-02-27 07:22:42
198.98.52.100	attack	port scan and connect, tcp 22 (ssh)	2020-02-27 07:35:37
125.164.248.16	attackbotsspam	1582753694 - 02/26/2020 22:48:14 Host: 125.164.248.16/125.164.248.16 Port: 445 TCP Blocked	2020-02-27 07:39:01
209.17.96.2	attackbots	137/udp 8080/tcp 3000/tcp... [2019-12-27/2020-02-26]51pkt,12pt.(tcp),1pt.(udp)	2020-02-27 07:30:16
69.229.6.34	attackspambots	Invalid user php from 69.229.6.34 port 54650	2020-02-27 07:11:38
68.183.184.130	attackbotsspam	[munged]::443 68.183.184.130 - - [26/Feb/2020:23:26:00 +0100] "POST /[munged]: HTTP/1.1" 200 5665 "-" "-" [munged]::443 68.183.184.130 - - [26/Feb/2020:23:26:15 +0100] "POST /[munged]: HTTP/1.1" 200 5665 "-" "-" [munged]::443 68.183.184.130 - - [26/Feb/2020:23:26:32 +0100] "POST /[munged]: HTTP/1.1" 200 5665 "-" "-" [munged]::443 68.183.184.130 - - [26/Feb/2020:23:26:47 +0100] "POST /[munged]: HTTP/1.1" 200 5665 "-" "-" [munged]::443 68.183.184.130 - - [26/Feb/2020:23:27:03 +0100] "POST /[munged]: HTTP/1.1" 200 5665 "-" "-" [munged]::443 68.183.184.130 - - [26/Feb/2020:23:27:19 +0100] "POST /[munged]: HTTP/1.1" 200 5665 "-" "-" [munged]::443 68.183.184.130 - - [26/Feb/2020:23:27:35 +0100] "POST /[munged]: HTTP/1.1" 200 5665 "-" "-" [munged]::443 68.183.184.130 - - [26/Feb/2020:23:27:51 +0100] "POST /[munged]: HTTP/1.1" 200 5665 "-" "-" [munged]::443 68.183.184.130 - - [26/Feb/2020:23:28:07 +0100] "POST /[munged]: HTTP/1.1" 200 5665 "-" "-" [munged]::443 68.183.184.130 - - [26/Feb/2020:23:28:23 +0100] "POST /[	2020-02-27 07:41:06
176.31.251.177	attackspambots	Feb 26 00:48:51 server sshd\[14768\]: Invalid user wpyan from 176.31.251.177 Feb 26 00:48:51 server sshd\[14768\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns339752.ip-176-31-251.eu Feb 26 00:48:53 server sshd\[14768\]: Failed password for invalid user wpyan from 176.31.251.177 port 49534 ssh2 Feb 27 00:48:27 server sshd\[4688\]: Invalid user rabbitmq from 176.31.251.177 Feb 27 00:48:27 server sshd\[4688\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns339752.ip-176-31-251.eu ...	2020-02-27 07:36:51
222.186.52.139	attackspam	2020-02-27T00:43:59.520915scmdmz1 sshd[1003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.139 user=root 2020-02-27T00:44:01.833982scmdmz1 sshd[1003]: Failed password for root from 222.186.52.139 port 56049 ssh2 2020-02-27T00:44:04.121656scmdmz1 sshd[1003]: Failed password for root from 222.186.52.139 port 56049 ssh2 2020-02-27T00:43:59.520915scmdmz1 sshd[1003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.139 user=root 2020-02-27T00:44:01.833982scmdmz1 sshd[1003]: Failed password for root from 222.186.52.139 port 56049 ssh2 2020-02-27T00:44:04.121656scmdmz1 sshd[1003]: Failed password for root from 222.186.52.139 port 56049 ssh2 2020-02-27T00:43:59.520915scmdmz1 sshd[1003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.139 user=root 2020-02-27T00:44:01.833982scmdmz1 sshd[1003]: Failed password for root from 222.186.52.139 port 56049 ssh2 2020-02-2	2020-02-27 07:46:55
202.158.68.91	attackbotsspam	2020-02-26T23:20:32.386629shield sshd\[30035\]: Invalid user ghost from 202.158.68.91 port 55360 2020-02-26T23:20:32.391010shield sshd\[30035\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip68-91.cbn.net.id 2020-02-26T23:20:34.551527shield sshd\[30035\]: Failed password for invalid user ghost from 202.158.68.91 port 55360 ssh2 2020-02-26T23:27:40.458369shield sshd\[31562\]: Invalid user gnats from 202.158.68.91 port 54916 2020-02-26T23:27:40.463417shield sshd\[31562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip68-91.cbn.net.id	2020-02-27 07:34:40
122.51.156.113	attackbots	SSH Bruteforce attempt	2020-02-27 07:39:35
128.199.204.26	attack	Invalid user charles from 128.199.204.26 port 48320	2020-02-27 07:38:34
190.144.33.65	attack	Icarus honeypot on github	2020-02-27 07:48:54

最近上报的IP列表

207.189.0.187	110.42.6.90	34.232.39.62	77.42.114.85
188.246.226.81	187.87.6.218	187.109.60.248	31.29.33.60
148.85.152.197	98.210.48.44	51.68.214.133	71.198.238.219
194.183.171.171	59.39.142.213	168.61.118.97	3.87.73.0
119.9.95.184	11.29.73.128	14.29.251.33	42.114.140.16