169.197.108.42

基本信息:

城市(city): Amsterdam

省份(region): North Holland

国家(country): Netherlands

运营商(isp): Zenlayer Inc

主机名(hostname): unknown

机构(organization): Zenlayer Inc

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorized connection attempt detected from IP address 169.197.108.42 to port 80	2020-03-23 12:49:54
attackspambots	Unauthorized connection attempt detected from IP address 169.197.108.42 to port 6443	2020-03-17 20:32:18
attackspambots	Unauthorized connection attempt detected from IP address 169.197.108.42	2020-03-14 02:37:03
attack	Unauthorized connection attempt detected from IP address 169.197.108.42	2020-02-20 04:02:04
attackbotsspam	404 NOT FOUND	2020-02-13 06:56:57
attackspambots	W 31101,/var/log/nginx/access.log,-,-	2020-02-08 10:26:08
attackspam	Unauthorized connection attempt detected from IP address 169.197.108.42 to port 993 [J]	2020-02-01 17:48:35
attackspambots	Unauthorized connection attempt detected from IP address 169.197.108.42 to port 21	2019-12-29 18:21:45
attackbots	Unauthorized connection attempt detected from IP address 169.197.108.42 to port 8090	2019-12-29 03:21:42
attackspambots	scan z	2019-11-20 05:51:51
attackspambots	Honeypot hit.	2019-10-30 04:29:50
attackbots	Microsoft Windows HTTP.sys Remote Code Execution Vulnerability, PTR: survey.internet-census.org.	2019-10-11 20:16:13
attackspam	Microsoft Windows HTTP.sys Remote Code Execution Vulnerability, PTR: survey.internet-census.org.	2019-09-21 08:43:41
attackspambots	Caught in portsentry honeypot	2019-09-06 00:59:13
attackbots	none	2019-08-10 11:50:42

相同子网IP讨论:

IP	类型	评论内容	时间
169.197.108.38	attackbotsspam	8081/tcp 8080/tcp 993/tcp... [2020-02-11/04-12]17pkt,9pt.(tcp)	2020-04-12 18:48:26
169.197.108.205	attack	" "	2020-04-12 14:28:30
169.197.108.163	attackspam	Port 443 (HTTPS) access denied	2020-04-10 16:40:39
169.197.108.30	attackspam	Unauthorized connection attempt detected from IP address 169.197.108.30 to port 80	2020-04-10 04:56:50
169.197.108.196	attackspam	trying to access non-authorized port	2020-04-03 16:19:31
169.197.108.198	attack	Attempted connection to port 8080.	2020-03-31 16:21:22
169.197.108.162	attack	Attempted connection to port 8181.	2020-03-30 21:52:26
169.197.108.188	attackbotsspam	8081/tcp 8090/tcp 8088/tcp... [2020-02-01/03-27]13pkt,8pt.(tcp)	2020-03-29 07:04:59
169.197.108.203	attackbotsspam	Port 80 (HTTP) access denied	2020-03-25 19:39:59
169.197.108.6	attack	port scan and connect, tcp 443 (https)	2020-03-20 02:51:45
169.197.108.38	attackspam	Unauthorized connection attempt detected from IP address 169.197.108.38 to port 143	2020-03-17 22:37:18
169.197.108.205	attack	firewall-block, port(s): 8088/tcp	2020-03-12 16:54:55
169.197.108.196	attackbotsspam	" "	2020-03-11 23:01:04
169.197.108.190	attackbots	03/08/2020-23:49:58.879838 169.197.108.190 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-09 15:43:51
169.197.108.6	attack	port scan and connect, tcp 143 (imap)	2020-03-04 04:31:57

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 169.197.108.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34477
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;169.197.108.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 09 03:43:44 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 42.108.197.169.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.108.197.169.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
213.8.173.14	attackspambots	Automatic report - Banned IP Access	2020-08-23 15:04:47
89.45.226.116	attack	Invalid user postgres from 89.45.226.116 port 44210	2020-08-23 15:27:42
178.128.14.102	attackspam	Aug 23 06:13:32 h2779839 sshd[21175]: Invalid user production from 178.128.14.102 port 57680 Aug 23 06:13:32 h2779839 sshd[21175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.14.102 Aug 23 06:13:32 h2779839 sshd[21175]: Invalid user production from 178.128.14.102 port 57680 Aug 23 06:13:33 h2779839 sshd[21175]: Failed password for invalid user production from 178.128.14.102 port 57680 ssh2 Aug 23 06:17:05 h2779839 sshd[21222]: Invalid user lidio from 178.128.14.102 port 36158 Aug 23 06:17:05 h2779839 sshd[21222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.14.102 Aug 23 06:17:05 h2779839 sshd[21222]: Invalid user lidio from 178.128.14.102 port 36158 Aug 23 06:17:07 h2779839 sshd[21222]: Failed password for invalid user lidio from 178.128.14.102 port 36158 ssh2 Aug 23 06:20:36 h2779839 sshd[21278]: Invalid user fwa from 178.128.14.102 port 42854 ...	2020-08-23 15:06:59
116.228.233.91	attack	Time: Sun Aug 23 05:02:49 2020 +0000 IP: 116.228.233.91 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 23 04:50:13 ca-1-ams1 sshd[51705]: Invalid user admin from 116.228.233.91 port 46930 Aug 23 04:50:15 ca-1-ams1 sshd[51705]: Failed password for invalid user admin from 116.228.233.91 port 46930 ssh2 Aug 23 04:58:00 ca-1-ams1 sshd[51899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.228.233.91 user=root Aug 23 04:58:02 ca-1-ams1 sshd[51899]: Failed password for root from 116.228.233.91 port 39352 ssh2 Aug 23 05:02:48 ca-1-ams1 sshd[52068]: Invalid user filer from 116.228.233.91 port 48470	2020-08-23 14:57:01
49.235.202.65	attackspam	Aug 23 02:28:47 ny01 sshd[18229]: Failed password for root from 49.235.202.65 port 45328 ssh2 Aug 23 02:31:28 ny01 sshd[18572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.202.65 Aug 23 02:31:30 ny01 sshd[18572]: Failed password for invalid user deploy from 49.235.202.65 port 43770 ssh2	2020-08-23 14:48:09
133.130.119.178	attackspambots	Failed password for invalid user qwe from 133.130.119.178 port 64815 ssh2	2020-08-23 14:54:49
193.70.81.132	attack	193.70.81.132 - - [23/Aug/2020:05:51:46 +0200] "GET /wp-login.php HTTP/1.1" 200 8691 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.70.81.132 - - [23/Aug/2020:05:51:48 +0200] "POST /wp-login.php HTTP/1.1" 200 8921 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.70.81.132 - - [23/Aug/2020:05:51:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-23 15:21:30
189.8.68.56	attackbots	Aug 23 07:34:15 haigwepa sshd[12196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.68.56 Aug 23 07:34:17 haigwepa sshd[12196]: Failed password for invalid user zhangsan from 189.8.68.56 port 46928 ssh2 ...	2020-08-23 14:52:20
104.248.61.192	attackbotsspam	$f2bV_matches	2020-08-23 15:09:38
49.88.112.74	attack	Aug 23 07:11:41 onepixel sshd[3016179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.74 user=root Aug 23 07:11:43 onepixel sshd[3016179]: Failed password for root from 49.88.112.74 port 32245 ssh2 Aug 23 07:11:41 onepixel sshd[3016179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.74 user=root Aug 23 07:11:43 onepixel sshd[3016179]: Failed password for root from 49.88.112.74 port 32245 ssh2 Aug 23 07:11:47 onepixel sshd[3016179]: Failed password for root from 49.88.112.74 port 32245 ssh2	2020-08-23 15:17:47
107.6.169.250	attackspam	TCP (SYN) 107.6.169.250:15513 -> port 27015, len 44	2020-08-23 15:14:20
218.92.0.158	attack	Aug 23 08:58:46 vpn01 sshd[29673]: Failed password for root from 218.92.0.158 port 33578 ssh2 Aug 23 08:58:59 vpn01 sshd[29673]: error: maximum authentication attempts exceeded for root from 218.92.0.158 port 33578 ssh2 [preauth] ...	2020-08-23 15:01:13
92.222.90.130	attack	<6 unauthorized SSH connections	2020-08-23 15:15:41
192.241.172.175	attackspam	Aug 23 09:00:12 OPSO sshd\[16763\]: Invalid user ubuntu from 192.241.172.175 port 57772 Aug 23 09:00:12 OPSO sshd\[16763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.172.175 Aug 23 09:00:13 OPSO sshd\[16763\]: Failed password for invalid user ubuntu from 192.241.172.175 port 57772 ssh2 Aug 23 09:04:24 OPSO sshd\[17261\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.172.175 user=root Aug 23 09:04:26 OPSO sshd\[17261\]: Failed password for root from 192.241.172.175 port 36906 ssh2	2020-08-23 15:15:00
193.35.51.20	attackbots	2020-08-23 08:28:18 dovecot_login authenticator failed for $\[193.35.51.20\]$ \[193.35.51.20\]: 535 Incorrect authentication data $set_id=73568237@yt.gl$ 2020-08-23 08:28:25 dovecot_login authenticator failed for $\[193.35.51.20\]$ \[193.35.51.20\]: 535 Incorrect authentication data 2020-08-23 08:28:35 dovecot_login authenticator failed for $\[193.35.51.20\]$ \[193.35.51.20\]: 535 Incorrect authentication data 2020-08-23 08:28:40 dovecot_login authenticator failed for $\[193.35.51.20\]$ \[193.35.51.20\]: 535 Incorrect authentication data 2020-08-23 08:28:52 dovecot_login authenticator failed for $\[193.35.51.20\]$ \[193.35.51.20\]: 535 Incorrect authentication data 2020-08-23 08:28:58 dovecot_login authenticator failed for $\[193.35.51.20\]$ \[193.35.51.20\]: 535 Incorrect authentication data 2020-08-23 08:29:03 dovecot_login authenticator failed for $\[193.35.51.20\]$ \[193.35.51.20\]: 535 Incorrect authentication data 2020-08-23 08:29:09 dovecot_login authenticator fa ...	2020-08-23 14:49:10

最近上报的IP列表

183.88.235.31	68.183.114.2	49.247.131.11	157.92.26.222
193.35.154.239	212.2.204.181	107.179.229.2	94.177.224.72
180.125.175.139	149.129.214.140	219.92.175.60	103.243.143.140
159.203.116.103	178.128.62.134	35.189.169.188	5.9.140.71
47.88.213.154	185.176.26.13	210.245.51.2	193.70.35.223