77.42.124.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Iran, Islamic Republic of

运营商(isp): Rayaneh Danesh Golestan Complex P.J.S. Co.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Automatic report - Port Scan Attack	2020-06-06 21:41:26

相同子网IP讨论:

IP	类型	评论内容	时间
77.42.124.193	attackbotsspam	Automatic report - Port Scan Attack	2020-06-27 17:37:34
77.42.124.107	attack	Automatic report - Port Scan Attack	2020-06-25 07:27:20
77.42.124.38	attack	Unauthorized connection attempt detected from IP address 77.42.124.38 to port 23	2020-05-30 01:37:38
77.42.124.217	attackbots	Automatic report - Port Scan Attack	2020-05-21 21:49:38
77.42.124.22	attackbotsspam	Automatic report - Port Scan Attack	2020-04-08 05:29:05
77.42.124.36	attack	Automatic report - Port Scan Attack	2020-02-06 15:22:46
77.42.124.172	attack	Unauthorized connection attempt detected from IP address 77.42.124.172 to port 23 [J]	2020-02-05 16:19:42
77.42.124.59	attackbotsspam	Automatic report - Port Scan Attack	2020-01-23 23:59:13
77.42.124.65	attackspambots	Unauthorized connection attempt detected from IP address 77.42.124.65 to port 23 [J]	2020-01-16 08:43:00
77.42.124.38	attackspambots	Unauthorized connection attempt detected from IP address 77.42.124.38 to port 23 [J]	2020-01-06 05:17:47
77.42.124.169	attack	Unauthorized connection attempt detected from IP address 77.42.124.169 to port 23	2020-01-06 02:32:25
77.42.124.85	attackspambots	Automatic report - Port Scan Attack	2019-11-12 19:52:06
77.42.124.246	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-05 19:41:54
77.42.124.12	attackbots	Automatic report - Port Scan Attack	2019-10-21 17:48:30
77.42.124.144	attackspambots	Telnet Server BruteForce Attack	2019-10-20 17:12:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 77.42.124.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31792
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;77.42.124.68.			IN	A

;; AUTHORITY SECTION:
.			531	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060600 1800 900 604800 86400

;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 06 21:41:20 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 68.124.42.77.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.124.42.77.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
212.47.238.207	attack	Aug 26 02:41:45 mail sshd\[7512\]: Failed password for invalid user 123456 from 212.47.238.207 port 54682 ssh2 Aug 26 03:00:46 mail sshd\[7844\]: Invalid user gas from 212.47.238.207 port 44850 ...	2019-08-26 11:33:05
209.97.153.35	attackbotsspam	$f2bV_matches	2019-08-26 11:21:36
151.80.41.64	attackspambots	Aug 25 09:40:02 lcprod sshd\[18448\]: Invalid user lj from 151.80.41.64 Aug 25 09:40:02 lcprod sshd\[18448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns398062.ip-151-80-41.eu Aug 25 09:40:05 lcprod sshd\[18448\]: Failed password for invalid user lj from 151.80.41.64 port 39792 ssh2 Aug 25 09:43:56 lcprod sshd\[18748\]: Invalid user trade from 151.80.41.64 Aug 25 09:43:56 lcprod sshd\[18748\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns398062.ip-151-80-41.eu	2019-08-26 11:10:10
182.76.6.222	attack	Aug 26 05:47:17 mail sshd\[19775\]: Invalid user nine from 182.76.6.222 port 32797 Aug 26 05:47:17 mail sshd\[19775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.76.6.222 Aug 26 05:47:18 mail sshd\[19775\]: Failed password for invalid user nine from 182.76.6.222 port 32797 ssh2 Aug 26 05:52:30 mail sshd\[20461\]: Invalid user !@\#\$%\^\&\* from 182.76.6.222 port 55345 Aug 26 05:52:30 mail sshd\[20461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.76.6.222	2019-08-26 11:54:33
114.67.224.87	attack	Aug 26 05:24:14 v22019058497090703 sshd[26799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.224.87 Aug 26 05:24:16 v22019058497090703 sshd[26799]: Failed password for invalid user beothy from 114.67.224.87 port 43808 ssh2 Aug 26 05:29:47 v22019058497090703 sshd[27214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.224.87 ...	2019-08-26 11:44:12
1.48.233.205	attack	Aug 26 05:29:56 tuxlinux sshd[9368]: Invalid user admin from 1.48.233.205 port 56975 Aug 26 05:29:56 tuxlinux sshd[9368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.48.233.205 Aug 26 05:29:56 tuxlinux sshd[9368]: Invalid user admin from 1.48.233.205 port 56975 Aug 26 05:29:56 tuxlinux sshd[9368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.48.233.205 Aug 26 05:29:56 tuxlinux sshd[9368]: Invalid user admin from 1.48.233.205 port 56975 Aug 26 05:29:56 tuxlinux sshd[9368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.48.233.205 Aug 26 05:29:59 tuxlinux sshd[9368]: Failed password for invalid user admin from 1.48.233.205 port 56975 ssh2 ...	2019-08-26 11:38:42
37.187.46.74	attack	Aug 26 05:23:32 SilenceServices sshd[30785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.46.74 Aug 26 05:23:35 SilenceServices sshd[30785]: Failed password for invalid user etl from 37.187.46.74 port 57850 ssh2 Aug 26 05:29:46 SilenceServices sshd[690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.46.74	2019-08-26 11:45:47
164.132.107.245	attackspambots	Aug 26 05:25:53 vps691689 sshd[21891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.107.245 Aug 26 05:25:54 vps691689 sshd[21891]: Failed password for invalid user sabin from 164.132.107.245 port 34294 ssh2 Aug 26 05:29:51 vps691689 sshd[21945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.107.245 ...	2019-08-26 11:42:46
212.34.61.98	attackspambots	[portscan] Port scan	2019-08-26 11:12:57
54.38.183.181	attack	Aug 25 22:09:35 Ubuntu-1404-trusty-64-minimal sshd\[20297\]: Invalid user mythtv from 54.38.183.181 Aug 25 22:09:35 Ubuntu-1404-trusty-64-minimal sshd\[20297\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 Aug 25 22:09:37 Ubuntu-1404-trusty-64-minimal sshd\[20297\]: Failed password for invalid user mythtv from 54.38.183.181 port 49452 ssh2 Aug 25 22:14:15 Ubuntu-1404-trusty-64-minimal sshd\[26910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 user=root Aug 25 22:14:17 Ubuntu-1404-trusty-64-minimal sshd\[26910\]: Failed password for root from 54.38.183.181 port 46360 ssh2	2019-08-26 11:08:32
162.144.78.197	attack	fail2ban honeypot	2019-08-26 11:18:28
139.59.158.8	attackspam	Aug 26 05:54:02 dedicated sshd[16595]: Invalid user ubuntu from 139.59.158.8 port 48450	2019-08-26 11:58:04
167.114.236.104	attackspam	Aug 25 17:25:42 friendsofhawaii sshd\[8070\]: Invalid user smtp from 167.114.236.104 Aug 25 17:25:42 friendsofhawaii sshd\[8070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.ip-167-114-236.eu Aug 25 17:25:44 friendsofhawaii sshd\[8070\]: Failed password for invalid user smtp from 167.114.236.104 port 55510 ssh2 Aug 25 17:29:50 friendsofhawaii sshd\[8458\]: Invalid user jw from 167.114.236.104 Aug 25 17:29:50 friendsofhawaii sshd\[8458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.ip-167-114-236.eu	2019-08-26 11:43:34
60.173.34.221	attackspambots	Aug 25 14:18:58 eola postfix/smtpd[4380]: connect from unknown[60.173.34.221] Aug 25 14:18:59 eola postfix/smtpd[4380]: NOQUEUE: reject: RCPT from unknown[60.173.34.221]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo= Aug 25 14:18:59 eola postfix/smtpd[4380]: disconnect from unknown[60.173.34.221] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Aug 25 14:18:59 eola postfix/smtpd[4380]: connect from unknown[60.173.34.221] Aug 25 14:19:00 eola postfix/smtpd[4380]: lost connection after AUTH from unknown[60.173.34.221] Aug 25 14:19:00 eola postfix/smtpd[4380]: disconnect from unknown[60.173.34.221] ehlo=1 auth=0/1 commands=1/2 Aug 25 14:19:00 eola postfix/smtpd[4380]: connect from unknown[60.173.34.221] Aug 25 14:19:01 eola postfix/smtpd[4380]: lost connection after AUTH from unknown[60.173.34.221] Aug 25 14:19:01 eola postfix/smtpd[4380]: disconnect from unknown[60.173.34.221] ehlo=1 auth=0/1 commands=1/2 Aug 25 14:19:01 eola........ -------------------------------	2019-08-26 11:05:38
159.65.157.194	attackbots	Automated report - ssh fail2ban: Aug 26 02:16:56 authentication failure Aug 26 02:16:58 wrong password, user=web, port=40080, ssh2 Aug 26 02:21:34 authentication failure	2019-08-26 11:33:34

最近上报的IP列表

155.59.59.148	226.138.217.81	190.80.88.69	55.156.246.183
144.47.153.205	154.158.147.123	186.238.55.32	182.57.30.221
143.192.227.16	12.251.216.104	108.190.59.129	111.246.118.168
183.16.209.121	85.108.114.114	167.71.4.99	180.127.108.50
85.105.242.55	45.77.95.38	105.103.79.78	185.63.253.223