94.231.166.58 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): Link Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 94.231.166.58 to port 23 [T]	2020-05-06 07:49:16
attackspambots	Automatic report - Port Scan Attack	2019-10-17 18:56:51

相同子网IP讨论:

IP	类型	评论内容	时间
94.231.166.137	attackspambots	Unauthorized connection attempt from IP address 94.231.166.137 on Port 445(SMB)	2020-09-18 21:35:20
94.231.166.137	attack	Unauthorized connection attempt from IP address 94.231.166.137 on Port 445(SMB)	2020-09-18 13:52:22
94.231.166.137	attack	Unauthorized connection attempt from IP address 94.231.166.137 on Port 445(SMB)	2020-09-18 04:10:03
94.231.166.137	attack	Unauthorized connection attempt from IP address 94.231.166.137 on Port 445(SMB)	2020-03-06 03:43:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.231.166.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50780
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.231.166.58.			IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101700 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 17 18:56:47 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 58.166.231.94.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 58.166.231.94.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.85.118.111	attackspambots	Unauthorised access (Nov 6) SRC=112.85.118.111 LEN=40 TTL=49 ID=6709 TCP DPT=8080 WINDOW=28610 SYN Unauthorised access (Nov 6) SRC=112.85.118.111 LEN=40 TTL=49 ID=615 TCP DPT=8080 WINDOW=55877 SYN Unauthorised access (Nov 5) SRC=112.85.118.111 LEN=40 TTL=49 ID=12423 TCP DPT=8080 WINDOW=28610 SYN Unauthorised access (Nov 5) SRC=112.85.118.111 LEN=40 TTL=49 ID=55659 TCP DPT=8080 WINDOW=55877 SYN Unauthorised access (Nov 4) SRC=112.85.118.111 LEN=40 TTL=49 ID=49268 TCP DPT=8080 WINDOW=55877 SYN Unauthorised access (Nov 4) SRC=112.85.118.111 LEN=40 TTL=49 ID=7293 TCP DPT=8080 WINDOW=55877 SYN Unauthorised access (Nov 4) SRC=112.85.118.111 LEN=40 TTL=49 ID=50983 TCP DPT=8080 WINDOW=55877 SYN	2019-11-06 19:04:04
142.11.233.55	attackbots	From: "SÃO CRISTOVÃO" (HOSPITAL SÃO CRISTOVÃO)	2019-11-06 19:24:14
211.18.250.201	attackspambots	Nov 6 04:09:22 ws22vmsma01 sshd[55260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.18.250.201 Nov 6 04:09:24 ws22vmsma01 sshd[55260]: Failed password for invalid user aasand from 211.18.250.201 port 32774 ssh2 ...	2019-11-06 19:12:43
217.61.2.97	attack	Nov 6 11:45:58 vpn01 sshd[28796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.2.97 Nov 6 11:46:01 vpn01 sshd[28796]: Failed password for invalid user mai from 217.61.2.97 port 54983 ssh2 ...	2019-11-06 18:58:22
34.66.84.11	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: 11.84.66.34.bc.googleusercontent.com.	2019-11-06 19:22:24
157.0.132.174	attackspambots	Unauthorised access (Nov 6) SRC=157.0.132.174 LEN=48 TTL=48 ID=19051 DF TCP DPT=1433 WINDOW=8192 SYN	2019-11-06 19:01:28
185.222.57.76	attackbots	Nov 4 12:39:54 our-server-hostname postfix/smtpd[6225]: connect from unknown[185.222.57.76] Nov x@x Nov 4 12:39:56 our-server-hostname postfix/smtpd[6225]: disconnect from unknown[185.222.57.76] Nov 4 12:41:21 our-server-hostname postfix/smtpd[6225]: connect from unknown[185.222.57.76] Nov x@x Nov 4 12:41:22 our-server-hostname postfix/smtpd[6225]: disconnect from unknown[185.222.57.76] Nov 4 12:42:34 our-server-hostname postfix/smtpd[32684]: connect from unknown[185.222.57.76] Nov x@x Nov 4 12:42:36 our-server-hostname postfix/smtpd[32684]: disconnect from unknown[185.222.57.76] Nov 4 12:42:38 our-server-hostname postfix/smtpd[32381]: connect from unknown[185.222.57.76] Nov x@x Nov 4 12:42:39 our-server-hostname postfix/smtpd[32381]: disconnect from unknown[185.222.57.76] Nov 4 12:44:22 our-server-hostname postfix/smtpd[32040]: connect from unknown[185.222.57.76] Nov x@x Nov 4 12:44:23 our-server-hostname postfix/smtpd[32040]: disconnect from unknown[185.222......... -------------------------------	2019-11-06 18:53:29
45.136.110.47	attackspambots	Nov 6 11:06:10 h2177944 kernel: \[5910405.680827\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=62213 PROTO=TCP SPT=45328 DPT=7930 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 6 11:45:26 h2177944 kernel: \[5912761.114343\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=24372 PROTO=TCP SPT=45328 DPT=6928 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 6 11:50:09 h2177944 kernel: \[5913044.278273\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=47697 PROTO=TCP SPT=45328 DPT=7656 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 6 11:50:50 h2177944 kernel: \[5913085.519718\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=51123 PROTO=TCP SPT=45328 DPT=7774 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 6 11:55:29 h2177944 kernel: \[5913364.973806\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9	2019-11-06 19:22:06
51.89.125.75	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: ip75.ip-51-89-125.eu.	2019-11-06 19:20:59
24.244.144.145	attackbots	Automatic report - Banned IP Access	2019-11-06 19:01:13
139.59.73.205	attackbotsspam	Nov 5 00:12:11 cw sshd[19234]: Invalid user 1234 from 139.59.73.205 Nov 5 00:12:11 cw sshd[19235]: Received disconnect from 139.59.73.205: 11: Bye Bye Nov 5 00:12:13 cw sshd[19236]: Invalid user admin from 139.59.73.205 Nov 5 00:12:13 cw sshd[19237]: Received disconnect from 139.59.73.205: 11: Bye Bye Nov 5 00:12:15 cw sshd[19238]: Invalid user ubnt from 139.59.73.205 Nov 5 00:12:15 cw sshd[19241]: Received disconnect from 139.59.73.205: 11: Bye Bye Nov 5 00:12:17 cw sshd[19242]: User r.r from 139.59.73.205 not allowed because listed in DenyUsers Nov 5 00:12:17 cw sshd[19243]: Received disconnect from 139.59.73.205: 11: Bye Bye Nov 5 00:12:18 cw sshd[19244]: Invalid user default from 139.59.73.205 Nov 5 00:12:19 cw sshd[19245]: Received disconnect from 139.59.73.205: 11: Bye Bye Nov 5 00:12:20 cw sshd[19246]: Invalid user default from 139.59.73.205 Nov 5 00:12:20 cw sshd[19247]: Received disconnect from 139.59.73.205: 11: Bye Bye Nov 5 00:12:21 cw sshd[1924........ -------------------------------	2019-11-06 19:30:09
41.225.16.234	attackbotsspam	2019-11-06T07:24:08.205974 X postfix/smtpd[19205]: NOQUEUE: reject: RCPT from unknown[41.225.16.234]: 554 5.7.1 Service unavailable; Client host [41.225.16.234] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/41.225.16.234; from= to= proto=ESMTP helo=	2019-11-06 19:28:54
45.249.111.40	attackspam	Nov 6 11:18:01 vps58358 sshd\[14075\]: Invalid user fw from 45.249.111.40Nov 6 11:18:03 vps58358 sshd\[14075\]: Failed password for invalid user fw from 45.249.111.40 port 43928 ssh2Nov 6 11:22:30 vps58358 sshd\[14152\]: Invalid user shuo from 45.249.111.40Nov 6 11:22:32 vps58358 sshd\[14152\]: Failed password for invalid user shuo from 45.249.111.40 port 53898 ssh2Nov 6 11:27:00 vps58358 sshd\[14185\]: Invalid user kran from 45.249.111.40Nov 6 11:27:02 vps58358 sshd\[14185\]: Failed password for invalid user kran from 45.249.111.40 port 35638 ssh2 ...	2019-11-06 18:59:25
42.236.220.32	attackbotsspam	CN China hn.kd.ny.adsl Failures: 5 smtpauth	2019-11-06 19:03:13
35.243.148.126	attack	CloudCIX Reconnaissance Scan Detected, PTR: 126.148.243.35.bc.googleusercontent.com.	2019-11-06 18:50:25

最近上报的IP列表

207.228.243.204	36.155.114.82	41.202.170.120	117.7.115.88
5.187.70.45	115.148.245.155	81.91.153.175	79.117.61.210
200.172.160.255	208.212.103.116	165.62.164.167	93.125.114.141
9.164.31.54	187.88.64.44	238.68.228.12	106.60.65.43
53.89.21.126	80.217.168.90	88.55.152.247	223.205.239.136