121.41.24.142 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 14 17:31:12 www sshd\[5336\]: Invalid user amanda from 121.41.24.142 port 39207 ...	2019-08-15 05:38:29
attack	SSH Brute-Force on port 22	2019-07-31 03:37:59

相同子网IP讨论:

IP	类型	评论内容	时间
121.41.24.64	attack	SSH brute force attempt	2020-08-12 22:30:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.41.24.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30947
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.41.24.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061801 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 19 04:34:47 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 142.24.41.121.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 142.24.41.121.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.52.248.175	attackbots	$f2bV_matches	2020-07-12 17:14:36
120.34.181.73	attackspam	Brute force attempt	2020-07-12 17:46:57
46.38.150.142	attackbotsspam	Jul 12 11:21:22 srv01 postfix/smtpd\[984\]: warning: unknown\[46.38.150.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 11:21:29 srv01 postfix/smtpd\[26944\]: warning: unknown\[46.38.150.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 11:21:47 srv01 postfix/smtpd\[984\]: warning: unknown\[46.38.150.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 11:22:01 srv01 postfix/smtpd\[4578\]: warning: unknown\[46.38.150.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 11:22:30 srv01 postfix/smtpd\[4577\]: warning: unknown\[46.38.150.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-12 17:29:30
94.74.176.129	attackspambots	20/7/12@00:30:30: FAIL: Alarm-Network address from=94.74.176.129 ...	2020-07-12 17:41:22
209.141.47.92	attackbots	Jul 12 11:58:35 server2 sshd\[29798\]: Invalid user centos from 209.141.47.92 Jul 12 11:59:37 server2 sshd\[29832\]: Invalid user db2inst1 from 209.141.47.92 Jul 12 12:00:39 server2 sshd\[30022\]: Invalid user debian from 209.141.47.92 Jul 12 12:01:41 server2 sshd\[30074\]: Invalid user ftpadmin from 209.141.47.92 Jul 12 12:02:44 server2 sshd\[30134\]: Invalid user git from 209.141.47.92 Jul 12 12:03:47 server2 sshd\[30175\]: Invalid user gituser from 209.141.47.92	2020-07-12 17:37:52
46.38.145.252	attackspambots	2020-07-12 09:24:39 auth_plain authenticator failed for (User) [46.38.145.252]: 535 Incorrect authentication data (set_id=mathiasr@mail.csmailer.org) 2020-07-12 09:25:42 auth_plain authenticator failed for (User) [46.38.145.252]: 535 Incorrect authentication data (set_id=meaghan@mail.csmailer.org) 2020-07-12 09:26:41 auth_plain authenticator failed for (User) [46.38.145.252]: 535 Incorrect authentication data (set_id=marshmallow@mail.csmailer.org) 2020-07-12 09:27:40 auth_plain authenticator failed for (User) [46.38.145.252]: 535 Incorrect authentication data (set_id=melena@mail.csmailer.org) 2020-07-12 09:28:39 auth_plain authenticator failed for (User) [46.38.145.252]: 535 Incorrect authentication data (set_id=madisson@mail.csmailer.org) ...	2020-07-12 17:26:57
139.99.219.208	attack	2020-07-12T06:40:39.298420shield sshd\[12022\]: Invalid user ziyi from 139.99.219.208 port 53753 2020-07-12T06:40:39.306338shield sshd\[12022\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.219.208 2020-07-12T06:40:41.285354shield sshd\[12022\]: Failed password for invalid user ziyi from 139.99.219.208 port 53753 ssh2 2020-07-12T06:44:35.304562shield sshd\[12448\]: Invalid user test from 139.99.219.208 port 51803 2020-07-12T06:44:35.314363shield sshd\[12448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.219.208	2020-07-12 17:41:06
123.207.142.208	attackbotsspam	Invalid user administrator from 123.207.142.208 port 33716	2020-07-12 17:36:19
114.33.206.3	attackspam	TCP (SYN) 114.33.206.3:5164 -> port 23, len 40	2020-07-12 17:28:33
185.204.118.116	attack	Jul 12 16:37:30 webhost01 sshd[24692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.204.118.116 Jul 12 16:37:32 webhost01 sshd[24692]: Failed password for invalid user upload from 185.204.118.116 port 56702 ssh2 ...	2020-07-12 17:42:59
149.56.12.88	attackbotsspam	Jul 12 11:20:41 haigwepa sshd[17067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.12.88 Jul 12 11:20:43 haigwepa sshd[17067]: Failed password for invalid user jiangxin from 149.56.12.88 port 55140 ssh2 ...	2020-07-12 17:44:23
191.53.223.198	attackbotsspam	Jul 12 05:09:04 mail.srvfarm.net postfix/smtpd[1835063]: warning: unknown[191.53.223.198]: SASL PLAIN authentication failed: Jul 12 05:09:04 mail.srvfarm.net postfix/smtpd[1835063]: lost connection after AUTH from unknown[191.53.223.198] Jul 12 05:10:25 mail.srvfarm.net postfix/smtps/smtpd[1861251]: warning: unknown[191.53.223.198]: SASL PLAIN authentication failed: Jul 12 05:10:26 mail.srvfarm.net postfix/smtps/smtpd[1861251]: lost connection after AUTH from unknown[191.53.223.198] Jul 12 05:16:30 mail.srvfarm.net postfix/smtpd[1835248]: warning: unknown[191.53.223.198]: SASL PLAIN authentication failed:	2020-07-12 17:21:41
46.38.148.22	attackbots	2020-07-12 11:15:49 dovecot_login authenticator failed for $User$ \[46.38.148.22\]: 535 Incorrect authentication data $set_id=notmodrewrite@hosting1.no-server.de$ 2020-07-12 11:15:50 dovecot_login authenticator failed for $User$ \[46.38.148.22\]: 535 Incorrect authentication data $set_id=au3@hosting1.no-server.de$ 2020-07-12 11:15:53 dovecot_login authenticator failed for $User$ \[46.38.148.22\]: 535 Incorrect authentication data $set_id=notmodrewrite@hosting1.no-server.de$ 2020-07-12 11:16:08 dovecot_login authenticator failed for $User$ \[46.38.148.22\]: 535 Incorrect authentication data $set_id=au3@hosting1.no-server.de$ 2020-07-12 11:16:12 dovecot_login authenticator failed for $User$ \[46.38.148.22\]: 535 Incorrect authentication data $set_id=au3@hosting1.no-server.de$ 2020-07-12 11:16:13 dovecot_login authenticator failed for $User$ \[46.38.148.22\]: 535 Incorrect authentication data $set_id=traffic@hosting1.no-server.de$ 2020-07-12 11:16:30 dovecot_login ...	2020-07-12 17:26:16
185.143.73.148	attackspambots	2020-07-12T03:11:49.434077linuxbox-skyline auth[887842]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=headphones rhost=185.143.73.148 ...	2020-07-12 17:23:26
140.246.191.130	attackbotsspam	Jul 12 10:37:25 ns382633 sshd\[18898\]: Invalid user klaus from 140.246.191.130 port 42217 Jul 12 10:37:25 ns382633 sshd\[18898\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.191.130 Jul 12 10:37:27 ns382633 sshd\[18898\]: Failed password for invalid user klaus from 140.246.191.130 port 42217 ssh2 Jul 12 10:50:23 ns382633 sshd\[21348\]: Invalid user kwatanab from 140.246.191.130 port 49012 Jul 12 10:50:23 ns382633 sshd\[21348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.191.130	2020-07-12 17:19:30

最近上报的IP列表

229.245.147.9	189.172.208.100	96.192.181.229	205.134.212.30
186.1.12.67	101.228.21.132	196.52.84.31	237.241.27.17
191.240.65.226	94.62.252.216	163.198.68.11	77.40.3.214
220.181.108.82	220.181.108.76	191.53.199.146	108.61.12.133
185.137.111.158	108.61.12.229	84.52.108.218	85.237.82.119