77.42.104.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Iran, Islamic Republic of

运营商(isp): Rayaneh Danesh Golestan Complex P.J.S. Co.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorised access (Nov 16) SRC=77.42.104.6 LEN=44 PREC=0x20 TTL=49 ID=57490 TCP DPT=8080 WINDOW=43866 SYN	2019-11-16 19:16:32

相同子网IP讨论:

IP	类型	评论内容	时间
77.42.104.58	attack	Automatic report - Port Scan Attack	2019-11-16 16:25:28
77.42.104.91	attackspam	Automatic report - Port Scan Attack	2019-11-13 03:16:58
77.42.104.103	attackspam	Automatic report - Port Scan Attack	2019-11-03 03:10:06
77.42.104.68	attack	Automatic report - Port Scan Attack	2019-10-31 23:47:59
77.42.104.157	attackbots	23/tcp [2019-10-22]1pkt	2019-10-23 07:37:30
77.42.104.229	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-05 14:36:25
77.42.104.1	attackbotsspam	Telnet Server BruteForce Attack	2019-08-10 12:24:45
77.42.104.166	attackspambots	port 23 attempt blocked	2019-07-31 12:40:04
77.42.104.110	attackbots	Unauthorised access (Jul 8) SRC=77.42.104.110 LEN=44 PREC=0x20 TTL=49 ID=51072 TCP DPT=23 WINDOW=61241 SYN	2019-07-08 13:50:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 77.42.104.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42318
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;77.42.104.6.			IN	A

;; AUTHORITY SECTION:
.			493	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111600 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 16 19:16:28 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 6.104.42.77.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.104.42.77.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.254.222.6	attack	Sep 13 21:11:00 ip-172-31-62-245 sshd\[20406\]: Invalid user wp-user from 51.254.222.6\ Sep 13 21:11:03 ip-172-31-62-245 sshd\[20406\]: Failed password for invalid user wp-user from 51.254.222.6 port 48396 ssh2\ Sep 13 21:15:09 ip-172-31-62-245 sshd\[20422\]: Invalid user newuser from 51.254.222.6\ Sep 13 21:15:11 ip-172-31-62-245 sshd\[20422\]: Failed password for invalid user newuser from 51.254.222.6 port 43853 ssh2\ Sep 13 21:19:11 ip-172-31-62-245 sshd\[20439\]: Invalid user userftp from 51.254.222.6\	2019-09-14 07:51:12
189.211.111.99	attackbotsspam	Sep 13 13:41:00 auw2 sshd\[30235\]: Invalid user webmaster from 189.211.111.99 Sep 13 13:41:00 auw2 sshd\[30235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189-211-111-99.static.axtel.net Sep 13 13:41:03 auw2 sshd\[30235\]: Failed password for invalid user webmaster from 189.211.111.99 port 47728 ssh2 Sep 13 13:44:57 auw2 sshd\[30569\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189-211-111-99.static.axtel.net user=root Sep 13 13:45:00 auw2 sshd\[30569\]: Failed password for root from 189.211.111.99 port 33850 ssh2	2019-09-14 07:50:46
185.53.162.136	attack	Unauthorised access (Sep 14) SRC=185.53.162.136 LEN=40 TTL=245 ID=41977 TCP DPT=445 WINDOW=1024 SYN	2019-09-14 08:00:04
51.254.53.32	attack	Sep 13 17:23:44 Tower sshd[11403]: Connection from 51.254.53.32 port 54636 on 192.168.10.220 port 22 Sep 13 17:23:45 Tower sshd[11403]: Invalid user cron from 51.254.53.32 port 54636 Sep 13 17:23:45 Tower sshd[11403]: error: Could not get shadow information for NOUSER Sep 13 17:23:45 Tower sshd[11403]: Failed password for invalid user cron from 51.254.53.32 port 54636 ssh2 Sep 13 17:23:45 Tower sshd[11403]: Received disconnect from 51.254.53.32 port 54636:11: Bye Bye [preauth] Sep 13 17:23:45 Tower sshd[11403]: Disconnected from invalid user cron 51.254.53.32 port 54636 [preauth]	2019-09-14 07:36:51
154.6.195.174	attackspam	Message ID Created at: Fri, Sep 13, 2019 at 12:49 PM (Delivered after 0 seconds) From: "Medical News: CBD Coffee" To: Subject: Anxiety? Depression? CBD Coffee could be a lifesaver SPF: SOFTFAIL with IP 94.130.103.13	2019-09-14 07:34:52
197.34.112.61	attack	Sep 14 00:06:12 master sshd[15629]: Failed password for invalid user admin from 197.34.112.61 port 58758 ssh2	2019-09-14 07:32:02
128.199.102.157	attack	Sep 13 13:32:02 hiderm sshd\[25556\]: Invalid user www from 128.199.102.157 Sep 13 13:32:02 hiderm sshd\[25556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.102.157 Sep 13 13:32:04 hiderm sshd\[25556\]: Failed password for invalid user www from 128.199.102.157 port 55922 ssh2 Sep 13 13:36:59 hiderm sshd\[26002\]: Invalid user minecraft from 128.199.102.157 Sep 13 13:36:59 hiderm sshd\[26002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.102.157	2019-09-14 07:50:13
95.167.225.81	attackbots	Sep 13 23:22:47 MK-Soft-VM3 sshd\[13208\]: Invalid user op from 95.167.225.81 port 59104 Sep 13 23:22:47 MK-Soft-VM3 sshd\[13208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.225.81 Sep 13 23:22:49 MK-Soft-VM3 sshd\[13208\]: Failed password for invalid user op from 95.167.225.81 port 59104 ssh2 ...	2019-09-14 07:53:04
106.13.48.157	attack	Sep 14 02:42:54 www sshd\[18187\]: Invalid user sysop from 106.13.48.157 Sep 14 02:42:54 www sshd\[18187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.157 Sep 14 02:42:56 www sshd\[18187\]: Failed password for invalid user sysop from 106.13.48.157 port 35978 ssh2 ...	2019-09-14 07:46:26
171.35.167.89	attack	Chat Spam	2019-09-14 07:56:29
181.98.82.237	attack	Automatic report - Banned IP Access	2019-09-14 08:11:37
91.183.149.230	attackbotsspam	POP	2019-09-14 07:44:32
112.85.42.89	attackbotsspam	Sep 14 02:41:57 server sshd\[18550\]: User root from 112.85.42.89 not allowed because listed in DenyUsers Sep 14 02:41:58 server sshd\[18550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Sep 14 02:41:59 server sshd\[18550\]: Failed password for invalid user root from 112.85.42.89 port 47276 ssh2 Sep 14 02:42:02 server sshd\[18550\]: Failed password for invalid user root from 112.85.42.89 port 47276 ssh2 Sep 14 02:42:04 server sshd\[18550\]: Failed password for invalid user root from 112.85.42.89 port 47276 ssh2	2019-09-14 07:49:02
104.244.74.11	attackbots	Sep 13 23:32:38 master sshd[24440]: Failed password for root from 104.244.74.11 port 40654 ssh2 Sep 13 23:32:40 master sshd[24442]: Failed password for root from 104.244.74.11 port 43056 ssh2 Sep 13 23:32:43 master sshd[24444]: Failed password for root from 104.244.74.11 port 44768 ssh2 Sep 13 23:32:46 master sshd[24446]: Failed password for root from 104.244.74.11 port 46854 ssh2 Sep 13 23:32:49 master sshd[24448]: Failed password for invalid user admin from 104.244.74.11 port 48958 ssh2 Sep 13 23:32:52 master sshd[24450]: Failed password for invalid user admin from 104.244.74.11 port 50988 ssh2 Sep 13 23:32:55 master sshd[24452]: Failed password for invalid user admin from 104.244.74.11 port 53590 ssh2 Sep 13 23:32:57 master sshd[24454]: Failed password for invalid user test from 104.244.74.11 port 55668 ssh2 Sep 13 23:33:00 master sshd[24456]: Failed password for invalid user pi from 104.244.74.11 port 57072 ssh2 Sep 13 23:33:03 master sshd[24458]: Failed password for invalid user support from 104.244.74.1	2019-09-14 07:53:43
197.248.157.11	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-09-14 07:45:29

最近上报的IP列表

49.233.46.219	216.63.203.91	77.40.3.4	74.227.147.41
183.56.212.91	138.68.3.140	157.230.228.62	31.167.76.161
185.2.5.62	117.60.38.218	192.3.185.78	203.192.173.20
45.234.7.154	27.41.37.67	176.107.130.253	117.24.227.113
222.92.122.146	81.28.100.115	36.186.140.130	113.162.68.230