168.196.42.150

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Visual Link Comunicacoes Multimidia Ltda - ME

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 8 08:36:11 odroid64 sshd\[15183\]: Invalid user orders from 168.196.42.150 Jul 8 08:36:11 odroid64 sshd\[15183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.42.150 ...	2020-07-08 18:44:37
attack	Jul 3 02:03:45 *** sshd[27527]: Invalid user jmd from 168.196.42.150	2020-07-04 00:09:35

类型

评论内容

时间

attack

Jul  8 08:36:11 odroid64 sshd\[15183\]: Invalid user orders from 168.196.42.150
Jul  8 08:36:11 odroid64 sshd\[15183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.42.150
...

2020-07-08 18:44:37

attack

Jul  3 02:03:45 *** sshd[27527]: Invalid user jmd from 168.196.42.150

2020-07-04 00:09:35

相同子网IP讨论:

IP	类型	评论内容	时间
168.196.42.182	attackspam	SpamScore above: 10.0	2020-04-15 14:09:20
168.196.42.122	attackspambots	Mar 3 18:25:14 gw1 sshd[13748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.42.122 Mar 3 18:25:16 gw1 sshd[13748]: Failed password for invalid user bruno from 168.196.42.122 port 49501 ssh2 ...	2020-03-03 21:37:57
168.196.42.122	attack	Mar 3 10:01:04 gw1 sshd[24733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.42.122 Mar 3 10:01:06 gw1 sshd[24733]: Failed password for invalid user hdfs from 168.196.42.122 port 46090 ssh2 ...	2020-03-03 13:04:45
168.196.42.122	attackbotsspam	Feb 25 00:15:41 server sshd[1279751]: Failed password for invalid user michelle from 168.196.42.122 port 57785 ssh2 Feb 25 00:19:53 server sshd[1280610]: Failed password for invalid user sanjeev from 168.196.42.122 port 33739 ssh2 Feb 25 00:24:10 server sshd[1281538]: Failed password for invalid user mailman from 168.196.42.122 port 37914 ssh2	2020-02-25 08:49:17
168.196.42.122	attackspambots	Feb 21 15:55:26 cumulus sshd[26053]: Invalid user gmodserver from 168.196.42.122 port 45377 Feb 21 15:55:26 cumulus sshd[26053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.42.122 Feb 21 15:55:28 cumulus sshd[26053]: Failed password for invalid user gmodserver from 168.196.42.122 port 45377 ssh2 Feb 21 15:55:28 cumulus sshd[26053]: Received disconnect from 168.196.42.122 port 45377:11: Bye Bye [preauth] Feb 21 15:55:28 cumulus sshd[26053]: Disconnected from 168.196.42.122 port 45377 [preauth] Feb 21 16:06:52 cumulus sshd[26360]: Invalid user akazam from 168.196.42.122 port 49222 Feb 21 16:06:52 cumulus sshd[26360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.42.122 Feb 21 16:06:53 cumulus sshd[26360]: Failed password for invalid user akazam from 168.196.42.122 port 49222 ssh2 Feb 21 16:06:54 cumulus sshd[26360]: Received disconnect from 168.196.42.122 port 49222:11: B........ -------------------------------	2020-02-22 20:22:14
168.196.42.122	attackspambots	Feb 21 15:55:26 cumulus sshd[26053]: Invalid user gmodserver from 168.196.42.122 port 45377 Feb 21 15:55:26 cumulus sshd[26053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.42.122 Feb 21 15:55:28 cumulus sshd[26053]: Failed password for invalid user gmodserver from 168.196.42.122 port 45377 ssh2 Feb 21 15:55:28 cumulus sshd[26053]: Received disconnect from 168.196.42.122 port 45377:11: Bye Bye [preauth] Feb 21 15:55:28 cumulus sshd[26053]: Disconnected from 168.196.42.122 port 45377 [preauth] Feb 21 16:06:52 cumulus sshd[26360]: Invalid user akazam from 168.196.42.122 port 49222 Feb 21 16:06:52 cumulus sshd[26360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.42.122 Feb 21 16:06:53 cumulus sshd[26360]: Failed password for invalid user akazam from 168.196.42.122 port 49222 ssh2 Feb 21 16:06:54 cumulus sshd[26360]: Received disconnect from 168.196.42.122 port 49222:11: B........ -------------------------------	2020-02-22 08:25:49

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 168.196.42.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27586
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;168.196.42.150.			IN	A

;; AUTHORITY SECTION:
.			558	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070300 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 04 00:09:26 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

150.42.196.168.in-addr.arpa domain name pointer 168-196-42-150.provedorvisuallink.net.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
150.42.196.168.in-addr.arpa	name = 168-196-42-150.provedorvisuallink.net.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
181.30.26.40	attack	Sep 22 01:34:43 ns41 sshd[1687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.30.26.40	2019-09-22 10:16:12
90.188.114.107	attackspam	Sep 22 04:18:32 markkoudstaal sshd[27611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.188.114.107 Sep 22 04:18:34 markkoudstaal sshd[27611]: Failed password for invalid user NetLinx from 90.188.114.107 port 55126 ssh2 Sep 22 04:22:44 markkoudstaal sshd[27985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.188.114.107	2019-09-22 10:27:27
178.62.33.38	attackspambots	Automatic report - Banned IP Access	2019-09-22 10:28:23
106.13.67.22	attackspambots	Sep 21 16:04:35 eddieflores sshd\[15277\]: Invalid user web from 106.13.67.22 Sep 21 16:04:35 eddieflores sshd\[15277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.22 Sep 21 16:04:37 eddieflores sshd\[15277\]: Failed password for invalid user web from 106.13.67.22 port 38050 ssh2 Sep 21 16:10:11 eddieflores sshd\[15894\]: Invalid user imageuser from 106.13.67.22 Sep 21 16:10:11 eddieflores sshd\[15894\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.22	2019-09-22 10:21:14
112.85.42.185	attack	Sep 21 22:53:52 aat-srv002 sshd[2610]: Failed password for root from 112.85.42.185 port 46730 ssh2 Sep 21 22:56:56 aat-srv002 sshd[2798]: Failed password for root from 112.85.42.185 port 39444 ssh2 Sep 21 22:57:44 aat-srv002 sshd[2815]: Failed password for root from 112.85.42.185 port 13077 ssh2 ...	2019-09-22 12:15:04
112.197.0.125	attackspambots	2019-09-21T23:28:44.1286411495-001 sshd\[46281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.197.0.125 2019-09-21T23:28:45.3631251495-001 sshd\[46281\]: Failed password for invalid user Alphanetworks from 112.197.0.125 port 16345 ssh2 2019-09-21T23:43:44.0688301495-001 sshd\[47644\]: Invalid user ssh-user from 112.197.0.125 port 2520 2019-09-21T23:43:44.0718441495-001 sshd\[47644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.197.0.125 2019-09-21T23:43:46.1944221495-001 sshd\[47644\]: Failed password for invalid user ssh-user from 112.197.0.125 port 2520 ssh2 2019-09-21T23:48:48.2028131495-001 sshd\[48047\]: Invalid user jesse from 112.197.0.125 port 3702 ...	2019-09-22 12:14:36
37.119.230.22	attackbotsspam	Sep 21 18:11:45 hiderm sshd\[13622\]: Invalid user juancarlos from 37.119.230.22 Sep 21 18:11:45 hiderm sshd\[13622\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=net-37-119-230-22.cust.vodafonedsl.it Sep 21 18:11:47 hiderm sshd\[13622\]: Failed password for invalid user juancarlos from 37.119.230.22 port 36047 ssh2 Sep 21 18:18:49 hiderm sshd\[14469\]: Invalid user ftpuser1 from 37.119.230.22 Sep 21 18:18:49 hiderm sshd\[14469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=net-37-119-230-22.cust.vodafonedsl.it	2019-09-22 12:20:36
54.38.184.235	attackspambots	Sep 21 23:53:56 TORMINT sshd\[17685\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.184.235 user=root Sep 21 23:53:57 TORMINT sshd\[17685\]: Failed password for root from 54.38.184.235 port 35580 ssh2 Sep 21 23:57:57 TORMINT sshd\[17924\]: Invalid user atul from 54.38.184.235 Sep 21 23:57:57 TORMINT sshd\[17924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.184.235 ...	2019-09-22 12:07:34
60.212.42.56	attackspam	60.212.42.56 - - [21/Sep/2019:23:29:51 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 60.212.42.56 - - [21/Sep/2019:23:29:53 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 60.212.42.56 - - [21/Sep/2019:23:29:54 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 60.212.42.56 - - [21/Sep/2019:23:29:55 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 60.212.42.56 - - [21/Sep/2019:23:29:56 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 60.212.42.56 - - [21/Sep/2019	2019-09-22 10:23:14
104.236.250.88	attackspambots	Sep 22 06:16:21 core sshd[31409]: Invalid user webshop from 104.236.250.88 port 50316 Sep 22 06:16:23 core sshd[31409]: Failed password for invalid user webshop from 104.236.250.88 port 50316 ssh2 ...	2019-09-22 12:20:18
222.186.42.163	attackbotsspam	Sep 22 04:12:05 cvbnet sshd[29822]: Failed password for root from 222.186.42.163 port 62154 ssh2 Sep 22 04:12:08 cvbnet sshd[29822]: Failed password for root from 222.186.42.163 port 62154 ssh2	2019-09-22 10:17:58
137.74.115.225	attackbots	" "	2019-09-22 12:02:41
213.139.144.10	attack	Sep 21 11:43:31 wbs sshd\[16607\]: Invalid user zliu from 213.139.144.10 Sep 21 11:43:31 wbs sshd\[16607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.139.144.10 Sep 21 11:43:33 wbs sshd\[16607\]: Failed password for invalid user zliu from 213.139.144.10 port 63180 ssh2 Sep 21 11:50:18 wbs sshd\[17225\]: Invalid user xbot from 213.139.144.10 Sep 21 11:50:18 wbs sshd\[17225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.139.144.10	2019-09-22 10:13:35
62.99.132.170	attackbots	Sep 22 00:19:39 heissa sshd\[32346\]: Invalid user wg from 62.99.132.170 port 49044 Sep 22 00:19:39 heissa sshd\[32346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62-99-132-170.static.upcbusiness.at Sep 22 00:19:42 heissa sshd\[32346\]: Failed password for invalid user wg from 62.99.132.170 port 49044 ssh2 Sep 22 00:28:08 heissa sshd\[882\]: Invalid user vnc from 62.99.132.170 port 41380 Sep 22 00:28:08 heissa sshd\[882\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62-99-132-170.static.upcbusiness.at	2019-09-22 10:10:27
193.232.45.237	attackbots	Sep 22 02:31:40 jane sshd[779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.232.45.237 Sep 22 02:31:41 jane sshd[779]: Failed password for invalid user ultra from 193.232.45.237 port 59769 ssh2 ...	2019-09-22 10:24:45

最近上报的IP列表

49.235.213.234	76.75.110.28	103.82.235.3	14.177.228.189
206.189.205.39	103.98.16.135	119.45.149.173	188.75.143.98
218.154.47.85	103.199.161.14	179.184.0.112	52.150.16.34
77.128.73.84	36.232.235.177	120.29.78.214	93.86.118.140
183.89.57.140	193.93.62.61	195.93.168.6	1.52.212.245