121.42.13.164 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port scan on 2 port(s): 2375 2376	2020-03-02 04:29:40

相同子网IP讨论:

IP	类型	评论内容	时间
121.42.138.121	attackbots	[26/Nov/2019:07:18:43 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Apache-HttpClient/4.5.2 (Java/1.8.0_151)" [26/Nov/2019:07:18:50 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Apache-HttpClient/4.5.2 (Java/1.8.0_151)"	2019-11-26 22:13:22
121.42.13.194	attackspam	Automatic report - Banned IP Access	2019-11-02 17:10:44

类型

评论内容

时间

121.42.138.121

attackbots

[26/Nov/2019:07:18:43 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Apache-HttpClient/4.5.2 (Java/1.8.0_151)"
[26/Nov/2019:07:18:50 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Apache-HttpClient/4.5.2 (Java/1.8.0_151)"

2019-11-26 22:13:22

121.42.13.194

attackspam

Automatic report - Banned IP Access

2019-11-02 17:10:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.42.13.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26903
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.42.13.164.			IN	A

;; AUTHORITY SECTION:
.			405	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030101 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 04:29:37 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 164.13.42.121.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.13.42.121.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
187.44.113.33	attackbotsspam	Sep 20 23:37:25 saschabauer sshd[30922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.44.113.33 Sep 20 23:37:27 saschabauer sshd[30922]: Failed password for invalid user shari from 187.44.113.33 port 51426 ssh2	2019-09-21 05:43:33
148.204.211.136	attack	Sep 20 11:16:24 aiointranet sshd\[25074\]: Failed password for invalid user julia from 148.204.211.136 port 35968 ssh2 Sep 20 11:21:02 aiointranet sshd\[25422\]: Invalid user sistemas from 148.204.211.136 Sep 20 11:21:02 aiointranet sshd\[25422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.204.211.136 Sep 20 11:21:03 aiointranet sshd\[25422\]: Failed password for invalid user sistemas from 148.204.211.136 port 46188 ssh2 Sep 20 11:25:37 aiointranet sshd\[25779\]: Invalid user yan from 148.204.211.136	2019-09-21 05:39:15
104.236.61.100	attackspam	Sep 20 17:30:03 ny01 sshd[6231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.61.100 Sep 20 17:30:05 ny01 sshd[6231]: Failed password for invalid user arif from 104.236.61.100 port 38519 ssh2 Sep 20 17:34:15 ny01 sshd[6965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.61.100	2019-09-21 05:36:59
202.43.164.46	attack	Sep 20 23:36:35 tux-35-217 sshd\[20636\]: Invalid user po3rte from 202.43.164.46 port 34986 Sep 20 23:36:35 tux-35-217 sshd\[20636\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.43.164.46 Sep 20 23:36:37 tux-35-217 sshd\[20636\]: Failed password for invalid user po3rte from 202.43.164.46 port 34986 ssh2 Sep 20 23:42:30 tux-35-217 sshd\[20652\]: Invalid user rx from 202.43.164.46 port 48098 Sep 20 23:42:30 tux-35-217 sshd\[20652\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.43.164.46 ...	2019-09-21 05:46:06
37.187.17.58	attackspambots	Sep 20 23:08:20 bouncer sshd\[23016\]: Invalid user testftp from 37.187.17.58 port 59001 Sep 20 23:08:20 bouncer sshd\[23016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.17.58 Sep 20 23:08:22 bouncer sshd\[23016\]: Failed password for invalid user testftp from 37.187.17.58 port 59001 ssh2 ...	2019-09-21 05:42:39
180.66.34.140	attack	Sep 20 22:33:56 MK-Soft-VM5 sshd\[11085\]: Invalid user blessed from 180.66.34.140 port 37750 Sep 20 22:33:56 MK-Soft-VM5 sshd\[11085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.66.34.140 Sep 20 22:33:59 MK-Soft-VM5 sshd\[11085\]: Failed password for invalid user blessed from 180.66.34.140 port 37750 ssh2 ...	2019-09-21 05:20:20
163.47.214.158	attack	Sep 20 08:13:19 php1 sshd\[30466\]: Invalid user ubuntu2 from 163.47.214.158 Sep 20 08:13:19 php1 sshd\[30466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.47.214.158 Sep 20 08:13:22 php1 sshd\[30466\]: Failed password for invalid user ubuntu2 from 163.47.214.158 port 34170 ssh2 Sep 20 08:18:27 php1 sshd\[31037\]: Invalid user ctrls from 163.47.214.158 Sep 20 08:18:27 php1 sshd\[31037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.47.214.158	2019-09-21 05:45:05
186.211.185.106	attackspam	SPF Fail sender not permitted to send mail for @commcorp.net.br / Mail sent to address hacked/leaked from atari.st	2019-09-21 05:23:33
104.131.111.64	attackbots	Sep 20 23:29:00 icinga sshd[10780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.111.64 Sep 20 23:29:02 icinga sshd[10780]: Failed password for invalid user etc from 104.131.111.64 port 59483 ssh2 ...	2019-09-21 05:32:07
129.150.218.101	attack	Sep 20 21:03:14 localhost sshd\[15487\]: Invalid user lorraine from 129.150.218.101 port 52056 Sep 20 21:03:14 localhost sshd\[15487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.150.218.101 Sep 20 21:03:16 localhost sshd\[15487\]: Failed password for invalid user lorraine from 129.150.218.101 port 52056 ssh2	2019-09-21 05:57:19
80.17.244.2	attack	Sep 21 00:45:33 www sshd\[193488\]: Invalid user test8 from 80.17.244.2 Sep 21 00:45:33 www sshd\[193488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.17.244.2 Sep 21 00:45:35 www sshd\[193488\]: Failed password for invalid user test8 from 80.17.244.2 port 33300 ssh2 ...	2019-09-21 05:55:11
185.208.211.140	attack	2019-09-20 23:00:29,677 fail2ban.actions: WARNING [postfix] Ban 185.208.211.140	2019-09-21 05:52:01
119.60.255.90	attack	Unauthorized SSH login attempts	2019-09-21 06:00:50
165.227.115.93	attackspambots	Sep 20 19:56:24 venus sshd\[1400\]: Invalid user fossil from 165.227.115.93 port 35034 Sep 20 19:56:24 venus sshd\[1400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.115.93 Sep 20 19:56:26 venus sshd\[1400\]: Failed password for invalid user fossil from 165.227.115.93 port 35034 ssh2 ...	2019-09-21 05:49:07
212.64.44.246	attackbotsspam	Sep 20 17:13:20 plusreed sshd[26476]: Invalid user db2fadm1 from 212.64.44.246 ...	2019-09-21 05:27:21

最近上报的IP列表

62.122.226.1	198.110.112.221	79.212.51.158	37.188.197.145
182.20.143.165	181.25.55.236	115.91.56.43	220.135.73.9
125.161.130.17	181.222.243.202	151.80.47.23	66.190.96.205
68.227.203.185	45.136.108.17	160.154.232.112	67.1.80.202
46.179.114.230	195.154.175.22	36.219.117.102	118.220.215.119