121.42.13.164 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port scan on 2 port(s): 2375 2376	2020-03-02 04:29:40

相同子网IP讨论:

IP	类型	评论内容	时间
121.42.138.121	attackbots	[26/Nov/2019:07:18:43 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Apache-HttpClient/4.5.2 (Java/1.8.0_151)" [26/Nov/2019:07:18:50 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Apache-HttpClient/4.5.2 (Java/1.8.0_151)"	2019-11-26 22:13:22
121.42.13.194	attackspam	Automatic report - Banned IP Access	2019-11-02 17:10:44

类型

评论内容

时间

121.42.138.121

attackbots

[26/Nov/2019:07:18:43 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Apache-HttpClient/4.5.2 (Java/1.8.0_151)"
[26/Nov/2019:07:18:50 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Apache-HttpClient/4.5.2 (Java/1.8.0_151)"

2019-11-26 22:13:22

121.42.13.194

attackspam

Automatic report - Banned IP Access

2019-11-02 17:10:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.42.13.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26903
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.42.13.164.			IN	A

;; AUTHORITY SECTION:
.			405	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030101 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 04:29:37 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 164.13.42.121.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.13.42.121.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
119.29.205.52	attackspambots	Dec 30 08:02:27 [host] sshd[2832]: Invalid user ao from 119.29.205.52 Dec 30 08:02:27 [host] sshd[2832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.205.52 Dec 30 08:02:30 [host] sshd[2832]: Failed password for invalid user ao from 119.29.205.52 port 36428 ssh2	2019-12-30 15:25:18
222.186.180.223	attack	Dec 30 07:43:26 root sshd[20769]: Failed password for root from 222.186.180.223 port 22902 ssh2 Dec 30 07:43:30 root sshd[20769]: Failed password for root from 222.186.180.223 port 22902 ssh2 Dec 30 07:43:35 root sshd[20769]: Failed password for root from 222.186.180.223 port 22902 ssh2 Dec 30 07:43:39 root sshd[20769]: Failed password for root from 222.186.180.223 port 22902 ssh2 ...	2019-12-30 14:49:01
222.186.175.140	attackspambots	Dec 27 12:52:37 microserver sshd[60850]: Failed none for root from 222.186.175.140 port 17508 ssh2 Dec 27 12:52:37 microserver sshd[60850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.140 user=root Dec 27 12:52:39 microserver sshd[60850]: Failed password for root from 222.186.175.140 port 17508 ssh2 Dec 27 12:52:42 microserver sshd[60850]: Failed password for root from 222.186.175.140 port 17508 ssh2 Dec 27 12:52:45 microserver sshd[60850]: Failed password for root from 222.186.175.140 port 17508 ssh2 Dec 28 02:58:57 microserver sshd[45391]: Failed none for root from 222.186.175.140 port 21524 ssh2 Dec 28 02:58:57 microserver sshd[45391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.140 user=root Dec 28 02:58:59 microserver sshd[45391]: Failed password for root from 222.186.175.140 port 21524 ssh2 Dec 28 02:59:02 microserver sshd[45391]: Failed password for root from 222.186.175.140 port 21524 ssh2	2019-12-30 15:19:18
140.143.236.197	attackspam	Dec 30 06:15:39 marvibiene sshd[46179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.236.197 user=root Dec 30 06:15:41 marvibiene sshd[46179]: Failed password for root from 140.143.236.197 port 32846 ssh2 Dec 30 06:40:48 marvibiene sshd[46651]: Invalid user investor from 140.143.236.197 port 60182 ...	2019-12-30 14:53:55
125.141.139.9	attackspam	Brute-force attempt banned	2019-12-30 14:54:18
159.65.62.216	attack	Dec 29 20:54:50 web9 sshd\[15842\]: Invalid user devmgr from 159.65.62.216 Dec 29 20:54:50 web9 sshd\[15842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.62.216 Dec 29 20:54:52 web9 sshd\[15842\]: Failed password for invalid user devmgr from 159.65.62.216 port 59250 ssh2 Dec 29 20:57:40 web9 sshd\[16193\]: Invalid user omcuser from 159.65.62.216 Dec 29 20:57:40 web9 sshd\[16193\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.62.216	2019-12-30 15:14:00
58.32.0.168	attack	Unauthorized connection attempt detected from IP address 58.32.0.168 to port 1433	2019-12-30 15:07:29
79.188.68.89	attack	Dec 30 01:56:34 plusreed sshd[23501]: Invalid user ftpuser from 79.188.68.89 ...	2019-12-30 14:59:10
51.68.124.181	attackbots	Dec 30 09:20:13 server sshd\[14825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.ip-51-68-124.eu user=vcsa Dec 30 09:20:14 server sshd\[14825\]: Failed password for vcsa from 51.68.124.181 port 59638 ssh2 Dec 30 09:30:32 server sshd\[16886\]: Invalid user ftpuser from 51.68.124.181 Dec 30 09:30:32 server sshd\[16886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.ip-51-68-124.eu Dec 30 09:30:34 server sshd\[16886\]: Failed password for invalid user ftpuser from 51.68.124.181 port 41850 ssh2 ...	2019-12-30 14:45:39
186.151.18.213	attackspam	Dec 30 07:49:44 vps647732 sshd[22762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.151.18.213 Dec 30 07:49:46 vps647732 sshd[22762]: Failed password for invalid user beck from 186.151.18.213 port 41990 ssh2 ...	2019-12-30 14:51:07
218.147.191.212	attack	Dec 30 07:30:10 mc1 kernel: \[1846197.032739\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=218.147.191.212 DST=159.69.205.51 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=9279 DF PROTO=TCP SPT=56815 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 30 07:30:13 mc1 kernel: \[1846200.111589\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=218.147.191.212 DST=159.69.205.51 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=12255 DF PROTO=TCP SPT=56815 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 30 07:30:19 mc1 kernel: \[1846206.202110\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=218.147.191.212 DST=159.69.205.51 LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=17960 DF PROTO=TCP SPT=56815 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 ...	2019-12-30 15:12:03
94.102.49.190	attack	SSH-bruteforce attempts	2019-12-30 15:07:06
31.222.195.30	attackbotsspam	Dec 30 07:41:03 minden010 sshd[29820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.222.195.30 Dec 30 07:41:05 minden010 sshd[29820]: Failed password for invalid user yorksvil from 31.222.195.30 port 13518 ssh2 Dec 30 07:43:12 minden010 sshd[30460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.222.195.30 ...	2019-12-30 15:02:51
221.204.11.179	attack	Automatic report - SSH Brute-Force Attack	2019-12-30 15:03:33
77.87.99.68	attack	Dec 30 06:56:38 thevastnessof sshd[28320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.87.99.68 ...	2019-12-30 14:59:24

最近上报的IP列表

62.122.226.1	198.110.112.221	79.212.51.158	37.188.197.145
182.20.143.165	181.25.55.236	115.91.56.43	220.135.73.9
125.161.130.17	181.222.243.202	151.80.47.23	66.190.96.205
68.227.203.185	45.136.108.17	160.154.232.112	67.1.80.202
46.179.114.230	195.154.175.22	36.219.117.102	118.220.215.119