104.42.213.169

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 24 22:06:56 abendstille sshd\[12749\]: Invalid user 107 from 104.42.213.169 Sep 24 22:06:56 abendstille sshd\[12749\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.213.169 Sep 24 22:06:56 abendstille sshd\[12752\]: Invalid user 107 from 104.42.213.169 Sep 24 22:06:56 abendstille sshd\[12752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.213.169 Sep 24 22:06:58 abendstille sshd\[12749\]: Failed password for invalid user 107 from 104.42.213.169 port 46905 ssh2 ...	2020-09-25 04:09:29

类型

评论内容

时间

attack

Sep 24 22:06:56 abendstille sshd\[12749\]: Invalid user 107 from 104.42.213.169
Sep 24 22:06:56 abendstille sshd\[12749\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.213.169
Sep 24 22:06:56 abendstille sshd\[12752\]: Invalid user 107 from 104.42.213.169
Sep 24 22:06:56 abendstille sshd\[12752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.213.169
Sep 24 22:06:58 abendstille sshd\[12749\]: Failed password for invalid user 107 from 104.42.213.169 port 46905 ssh2
...

2020-09-25 04:09:29

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.42.213.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38093
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.42.213.169.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092401 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 25 04:09:18 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 169.213.42.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 169.213.42.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.175.167	attackspambots	Jun 9 04:47:47 hcbbdb sshd\[31326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Jun 9 04:47:48 hcbbdb sshd\[31326\]: Failed password for root from 222.186.175.167 port 18234 ssh2 Jun 9 04:47:52 hcbbdb sshd\[31326\]: Failed password for root from 222.186.175.167 port 18234 ssh2 Jun 9 04:47:55 hcbbdb sshd\[31326\]: Failed password for root from 222.186.175.167 port 18234 ssh2 Jun 9 04:47:58 hcbbdb sshd\[31326\]: Failed password for root from 222.186.175.167 port 18234 ssh2	2020-06-09 12:48:22
31.129.68.164	attack	2020-06-09T05:53:54.472406vps751288.ovh.net sshd\[9809\]: Invalid user zyy from 31.129.68.164 port 60556 2020-06-09T05:53:54.482075vps751288.ovh.net sshd\[9809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.129.68.164 2020-06-09T05:53:56.846767vps751288.ovh.net sshd\[9809\]: Failed password for invalid user zyy from 31.129.68.164 port 60556 ssh2 2020-06-09T05:57:08.212594vps751288.ovh.net sshd\[9821\]: Invalid user traci from 31.129.68.164 port 34156 2020-06-09T05:57:08.223529vps751288.ovh.net sshd\[9821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.129.68.164	2020-06-09 12:47:11
49.233.216.158	attack	Jun 9 06:39:21 eventyay sshd[3016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.216.158 Jun 9 06:39:23 eventyay sshd[3016]: Failed password for invalid user zenenko from 49.233.216.158 port 48804 ssh2 Jun 9 06:43:14 eventyay sshd[3216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.216.158 ...	2020-06-09 12:45:11
95.85.26.23	attack	2020-06-09T05:09:30.470135shield sshd\[3679\]: Invalid user ow from 95.85.26.23 port 56504 2020-06-09T05:09:30.473965shield sshd\[3679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=otakoyi.com.ua 2020-06-09T05:09:32.228076shield sshd\[3679\]: Failed password for invalid user ow from 95.85.26.23 port 56504 ssh2 2020-06-09T05:13:06.076202shield sshd\[4739\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=otakoyi.com.ua user=root 2020-06-09T05:13:07.815360shield sshd\[4739\]: Failed password for root from 95.85.26.23 port 60684 ssh2	2020-06-09 13:14:27
50.2.209.6	attackbotsspam	Jun 9 05:56:58 icecube postfix/smtpd[79723]: NOQUEUE: reject: RCPT from mail-a.webstudioninetytwo.com[50.2.209.6]: 554 5.7.1 Service unavailable; Client host [50.2.209.6] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-06-09 12:53:55
36.155.112.131	attack	Jun 9 10:51:08 itv-usvr-01 sshd[10718]: Invalid user santi from 36.155.112.131 Jun 9 10:51:08 itv-usvr-01 sshd[10718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.112.131 Jun 9 10:51:08 itv-usvr-01 sshd[10718]: Invalid user santi from 36.155.112.131 Jun 9 10:51:11 itv-usvr-01 sshd[10718]: Failed password for invalid user santi from 36.155.112.131 port 60099 ssh2 Jun 9 10:56:47 itv-usvr-01 sshd[11021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.112.131 user=ubuntu Jun 9 10:56:50 itv-usvr-01 sshd[11021]: Failed password for ubuntu from 36.155.112.131 port 56466 ssh2	2020-06-09 13:02:04
88.130.64.27	attack	detected by Fail2Ban	2020-06-09 13:17:41
46.38.145.253	attackbotsspam	Jun 9 06:46:40 srv01 postfix/smtpd\[16221\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 06:46:51 srv01 postfix/smtpd\[16223\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 06:47:28 srv01 postfix/smtpd\[16223\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 06:48:03 srv01 postfix/smtpd\[16223\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 06:48:23 srv01 postfix/smtpd\[16223\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-09 12:54:10
46.38.145.4	attackbots	Jun 9 07:07:09 srv01 postfix/smtpd\[25488\]: warning: unknown\[46.38.145.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 07:07:19 srv01 postfix/smtpd\[22496\]: warning: unknown\[46.38.145.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 07:07:48 srv01 postfix/smtpd\[25488\]: warning: unknown\[46.38.145.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 07:08:27 srv01 postfix/smtpd\[6921\]: warning: unknown\[46.38.145.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 07:08:46 srv01 postfix/smtpd\[25488\]: warning: unknown\[46.38.145.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-09 13:25:38
82.252.132.156	attackbotsspam	Total attacks: 4	2020-06-09 12:51:06
123.19.138.37	attackspam	20/6/8@23:56:40: FAIL: Alarm-Network address from=123.19.138.37 ...	2020-06-09 13:09:14
106.13.185.97	attack	SSH Brute-Force. Ports scanning.	2020-06-09 12:52:17
71.189.47.10	attackbotsspam	2020-06-09T08:13:31.677001lavrinenko.info sshd[17935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.189.47.10 2020-06-09T08:13:31.669089lavrinenko.info sshd[17935]: Invalid user nominatim from 71.189.47.10 port 57824 2020-06-09T08:13:33.840429lavrinenko.info sshd[17935]: Failed password for invalid user nominatim from 71.189.47.10 port 57824 ssh2 2020-06-09T08:17:27.541954lavrinenko.info sshd[18062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.189.47.10 user=root 2020-06-09T08:17:29.770720lavrinenko.info sshd[18062]: Failed password for root from 71.189.47.10 port 47037 ssh2 ...	2020-06-09 13:20:28
182.156.209.222	attack	$f2bV_matches	2020-06-09 13:24:00
64.202.184.71	attackbots	64.202.184.71 - - [09/Jun/2020:05:27:37 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.202.184.71 - - [09/Jun/2020:05:27:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1860 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.202.184.71 - - [09/Jun/2020:05:27:39 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-09 13:06:39

最近上报的IP列表

45.234.196.68	94.76.145.10	62.98.51.208	197.163.85.157
126.191.111.242	113.172.207.169	157.67.27.70	209.58.143.69
190.85.128.218	56.177.165.133	124.94.106.55	34.165.186.91
193.111.198.162	166.176.94.83	25.24.7.149	147.185.131.169
122.120.111.177	76.12.112.106	81.223.241.247	241.24.167.60