114.232.104.42

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 1 05:42:39 bacztwo courieresmtpd[23152]: error,relay=::ffff:114.232.104.42,msg="535 Authentication failed.",cmd: AUTH LOGIN hr Sep 1 05:43:31 bacztwo courieresmtpd[14239]: error,relay=::ffff:114.232.104.42,msg="535 Authentication failed.",cmd: AUTH LOGIN hr Sep 1 05:45:09 bacztwo courieresmtpd[6092]: error,relay=::ffff:114.232.104.42,msg="535 Authentication failed.",cmd: AUTH LOGIN andcycle Sep 1 05:45:17 bacztwo courieresmtpd[24698]: error,relay=::ffff:114.232.104.42,msg="535 Authentication failed.",cmd: AUTH LOGIN hr Sep 1 05:45:42 bacztwo courieresmtpd[10302]: error,relay=::ffff:114.232.104.42,msg="535 Authentication failed.",cmd: AUTH LOGIN hr ...	2019-09-01 12:22:16

类型

评论内容

时间

attack

Sep  1 05:42:39 bacztwo courieresmtpd[23152]: error,relay=::ffff:114.232.104.42,msg="535 Authentication failed.",cmd: AUTH LOGIN hr
Sep  1 05:43:31 bacztwo courieresmtpd[14239]: error,relay=::ffff:114.232.104.42,msg="535 Authentication failed.",cmd: AUTH LOGIN hr
Sep  1 05:45:09 bacztwo courieresmtpd[6092]: error,relay=::ffff:114.232.104.42,msg="535 Authentication failed.",cmd: AUTH LOGIN andcycle
Sep  1 05:45:17 bacztwo courieresmtpd[24698]: error,relay=::ffff:114.232.104.42,msg="535 Authentication failed.",cmd: AUTH LOGIN hr
Sep  1 05:45:42 bacztwo courieresmtpd[10302]: error,relay=::ffff:114.232.104.42,msg="535 Authentication failed.",cmd: AUTH LOGIN hr
...

2019-09-01 12:22:16

相同子网IP讨论:

IP	类型	评论内容	时间
114.232.104.225	attackbotsspam	badbot	2019-11-20 17:43:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.232.104.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16927
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.232.104.42.			IN	A

;; AUTHORITY SECTION:
.			457	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019083102 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 01 12:22:09 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 42.104.232.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.104.232.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
94.200.124.64	attackspambots	Feb 12 12:22:15 server sshd\[3482\]: Invalid user diana from 94.200.124.64 Feb 12 12:22:15 server sshd\[3482\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.200.124.64 Feb 12 12:22:17 server sshd\[3482\]: Failed password for invalid user diana from 94.200.124.64 port 55114 ssh2 Feb 12 16:46:44 server sshd\[17263\]: Invalid user leo from 94.200.124.64 Feb 12 16:46:44 server sshd\[17263\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.200.124.64 ...	2020-02-12 22:23:00
196.202.83.252	attackspam	port scan and connect, tcp 23 (telnet)	2020-02-12 22:14:14
182.75.248.254	attack	Feb 12 14:46:26 lnxmysql61 sshd[15984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.75.248.254	2020-02-12 22:41:34
200.196.253.251	attackbotsspam	Feb 12 15:15:43 silence02 sshd[10444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.196.253.251 Feb 12 15:15:45 silence02 sshd[10444]: Failed password for invalid user 111111 from 200.196.253.251 port 51628 ssh2 Feb 12 15:19:01 silence02 sshd[10710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.196.253.251	2020-02-12 22:21:52
81.192.52.89	attack	02/12/2020-08:46:19.912384 81.192.52.89 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-02-12 22:49:15
183.82.121.81	attack	Feb 12 09:21:49 plusreed sshd[28285]: Invalid user sargeant from 183.82.121.81 ...	2020-02-12 22:34:06
77.235.116.9	attackbots	Unauthorized connection attempt from IP address 77.235.116.9 on Port 445(SMB)	2020-02-12 22:03:32
80.66.81.148	attack	Feb 12 15:01:10 mail postfix/smtpd\[16060\]: warning: unknown\[80.66.81.148\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 12 15:31:16 mail postfix/smtpd\[16681\]: warning: unknown\[80.66.81.148\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 12 15:31:36 mail postfix/smtpd\[16681\]: warning: unknown\[80.66.81.148\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 12 15:32:15 mail postfix/smtpd\[16681\]: warning: unknown\[80.66.81.148\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-02-12 22:42:40
189.26.17.43	attackspam	SSH/22 MH Probe, BF, Hack -	2020-02-12 22:37:38
89.248.162.136	attackspam	02/12/2020-15:22:32.402905 89.248.162.136 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 99	2020-02-12 22:39:46
87.120.36.234	attack	Feb 12 03:57:37 web1 sshd\[29625\]: Invalid user andrew from 87.120.36.234 Feb 12 03:57:37 web1 sshd\[29625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.120.36.234 Feb 12 03:57:39 web1 sshd\[29625\]: Failed password for invalid user andrew from 87.120.36.234 port 50980 ssh2 Feb 12 04:03:27 web1 sshd\[30201\]: Invalid user ip from 87.120.36.234 Feb 12 04:03:27 web1 sshd\[30201\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.120.36.234	2020-02-12 22:31:27
41.208.131.13	attackbots	Feb 12 04:15:46 hpm sshd\[16217\]: Invalid user cxwh from 41.208.131.13 Feb 12 04:15:46 hpm sshd\[16217\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.208.131.13 Feb 12 04:15:48 hpm sshd\[16217\]: Failed password for invalid user cxwh from 41.208.131.13 port 56728 ssh2 Feb 12 04:20:02 hpm sshd\[16738\]: Invalid user steam from 41.208.131.13 Feb 12 04:20:02 hpm sshd\[16738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.208.131.13	2020-02-12 22:35:31
54.36.189.113	attackbots	Feb 12 15:21:54 vps647732 sshd[6126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.189.113 Feb 12 15:21:55 vps647732 sshd[6126]: Failed password for invalid user minecraft from 54.36.189.113 port 55952 ssh2 ...	2020-02-12 22:36:47
118.24.103.30	attack	Feb 12 15:31:30 silence02 sshd[11635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.103.30 Feb 12 15:31:33 silence02 sshd[11635]: Failed password for invalid user support from 118.24.103.30 port 50726 ssh2 Feb 12 15:38:07 silence02 sshd[12315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.103.30	2020-02-12 22:39:17
129.211.43.36	attackspambots	Feb 12 14:46:46 sso sshd[19181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.43.36 Feb 12 14:46:48 sso sshd[19181]: Failed password for invalid user System from 129.211.43.36 port 35338 ssh2 ...	2020-02-12 22:19:01

最近上报的IP列表

209.214.203.14	68.192.237.32	218.183.19.99	86.55.8.156
173.175.126.252	2.76.53.238	99.98.208.141	72.199.70.152
50.255.78.236	93.212.195.93	178.128.103.131	110.173.173.125
38.106.49.245	106.21.136.47	34.3.49.30	85.5.141.73
37.8.199.98	142.61.226.138	198.46.131.130	114.193.159.197