189.50.42.132 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Total Telecom Ltda-ME

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-03-17 10:07:10

相同子网IP讨论:

IP	类型	评论内容	时间
189.50.42.101	attackspambots	Mar 17 08:55:36 MainVPS sshd[5278]: Invalid user hadoop from 189.50.42.101 port 53860 Mar 17 08:55:36 MainVPS sshd[5278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.50.42.101 Mar 17 08:55:36 MainVPS sshd[5278]: Invalid user hadoop from 189.50.42.101 port 53860 Mar 17 08:55:38 MainVPS sshd[5278]: Failed password for invalid user hadoop from 189.50.42.101 port 53860 ssh2 Mar 17 09:01:25 MainVPS sshd[16286]: Invalid user aws from 189.50.42.101 port 40529 ...	2020-03-17 16:16:06
189.50.42.10	attackspam	2020-03-16T19:50:55.059876abusebot-5.cloudsearch.cf sshd[4017]: Invalid user git from 189.50.42.10 port 39714 2020-03-16T19:50:55.068694abusebot-5.cloudsearch.cf sshd[4017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=rede42-10.total.psi.br 2020-03-16T19:50:55.059876abusebot-5.cloudsearch.cf sshd[4017]: Invalid user git from 189.50.42.10 port 39714 2020-03-16T19:50:56.713395abusebot-5.cloudsearch.cf sshd[4017]: Failed password for invalid user git from 189.50.42.10 port 39714 ssh2 2020-03-16T19:58:19.213964abusebot-5.cloudsearch.cf sshd[4032]: Invalid user wp-user from 189.50.42.10 port 51929 2020-03-16T19:58:19.220488abusebot-5.cloudsearch.cf sshd[4032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=rede42-10.total.psi.br 2020-03-16T19:58:19.213964abusebot-5.cloudsearch.cf sshd[4032]: Invalid user wp-user from 189.50.42.10 port 51929 2020-03-16T19:58:21.151357abusebot-5.cloudsearch.cf sshd[4032]: Fai ...	2020-03-17 05:04:43
189.50.42.154	attackbots	Mar 16 02:14:25 UTC__SANYALnet-Labs__cac14 sshd[31833]: Connection from 189.50.42.154 port 40424 on 45.62.235.190 port 22 Mar 16 02:14:27 UTC__SANYALnet-Labs__cac14 sshd[31833]: Invalid user steam from 189.50.42.154 Mar 16 02:14:29 UTC__SANYALnet-Labs__cac14 sshd[31833]: Failed password for invalid user steam from 189.50.42.154 port 40424 ssh2 Mar 16 02:14:30 UTC__SANYALnet-Labs__cac14 sshd[31833]: Received disconnect from 189.50.42.154: 11: Bye Bye [preauth] Mar 16 02:34:26 UTC__SANYALnet-Labs__cac14 sshd[32289]: Connection from 189.50.42.154 port 33357 on 45.62.235.190 port 22 Mar 16 02:34:30 UTC__SANYALnet-Labs__cac14 sshd[32289]: Failed password for invalid user r.r from 189.50.42.154 port 33357 ssh2 Mar 16 02:34:31 UTC__SANYALnet-Labs__cac14 sshd[32289]: Received disconnect from 189.50.42.154: 11: Bye Bye [preauth] Mar 16 02:42:59 UTC__SANYALnet-Labs__cac14 sshd[32448]: Connection from 189.50.42.154 port 33324 on 45.62.235.190 port 22 Mar 16 02:43:01 UTC__SANYALnet........ -------------------------------	2020-03-17 00:13:07
189.50.42.140	attack	Mar 16 08:52:50 host sshd\[9991\]: User user from 189.50.42.140 not allowed because none of user's groups are listed in AllowGroups	2020-03-16 21:40:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.50.42.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31732
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;189.50.42.132.			IN	A

;; AUTHORITY SECTION:
.			471	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031602 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 17 10:07:06 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

132.42.50.189.in-addr.arpa domain name pointer rede42-132.total.psi.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
132.42.50.189.in-addr.arpa	name = rede42-132.total.psi.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
103.105.98.1	attackspam	Aug 8 16:46:39 eventyay sshd[15698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.98.1 Aug 8 16:46:41 eventyay sshd[15698]: Failed password for invalid user jonathan from 103.105.98.1 port 42804 ssh2 Aug 8 16:52:17 eventyay sshd[16915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.98.1 ...	2019-08-08 23:33:22
210.182.167.230	attackbots	RDP Bruteforce	2019-08-08 23:09:59
137.74.233.229	attack	Aug 8 15:06:14 srv-4 sshd\[8496\]: Invalid user user1 from 137.74.233.229 Aug 8 15:06:14 srv-4 sshd\[8496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.233.229 Aug 8 15:06:16 srv-4 sshd\[8496\]: Failed password for invalid user user1 from 137.74.233.229 port 54990 ssh2 ...	2019-08-08 22:44:02
164.132.38.167	attackspam	2019-08-08T12:04:30.506290abusebot-8.cloudsearch.cf sshd\[13949\]: Invalid user guest from 164.132.38.167 port 57147	2019-08-08 23:32:54
149.129.224.77	attack	114.215.159.136 - - [08/Aug/2019:13:58:08 +0200] "GET /index.php?s=/index/ hink" 400 0 "-" "-"	2019-08-08 22:50:24
108.62.202.220	attackspambots	[LAN access from remote] from 108.62.202.220:51884 to 192.168.X.XX:443, Wednesday, Aug 07,2019 19:34:59	2019-08-08 23:18:30
134.175.82.227	attackspam	Aug 8 17:06:24 OPSO sshd\[28879\]: Invalid user hirano from 134.175.82.227 port 36036 Aug 8 17:06:24 OPSO sshd\[28879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.82.227 Aug 8 17:06:26 OPSO sshd\[28879\]: Failed password for invalid user hirano from 134.175.82.227 port 36036 ssh2 Aug 8 17:12:09 OPSO sshd\[29508\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.82.227 user=admin Aug 8 17:12:11 OPSO sshd\[29508\]: Failed password for admin from 134.175.82.227 port 54470 ssh2	2019-08-08 23:20:46
211.157.2.92	attackbotsspam	Aug 8 13:52:20 mail sshd\[4422\]: Failed password for invalid user xxx from 211.157.2.92 port 11410 ssh2 Aug 8 14:07:37 mail sshd\[4777\]: Invalid user fg from 211.157.2.92 port 15273 Aug 8 14:07:37 mail sshd\[4777\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.157.2.92 ...	2019-08-08 23:38:40
113.7.197.26	attack	Aug 8 12:04:02 DDOS Attack: SRC=113.7.197.26 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=47 DF PROTO=TCP SPT=26619 DPT=80 WINDOW=0 RES=0x00 RST URGP=0	2019-08-08 23:45:49
145.239.10.83	attackspambots	Aug 8 17:05:55 icinga sshd[25818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.10.83 Aug 8 17:05:58 icinga sshd[25818]: Failed password for invalid user wp from 145.239.10.83 port 43326 ssh2 ...	2019-08-08 23:15:46
109.254.173.9	attackbotsspam	Aug 8 21:07:47 itv-usvr-01 sshd[11512]: Invalid user master from 109.254.173.9 Aug 8 21:07:47 itv-usvr-01 sshd[11512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.254.173.9 Aug 8 21:07:47 itv-usvr-01 sshd[11512]: Invalid user master from 109.254.173.9 Aug 8 21:07:49 itv-usvr-01 sshd[11512]: Failed password for invalid user master from 109.254.173.9 port 60816 ssh2 Aug 8 21:15:27 itv-usvr-01 sshd[12348]: Invalid user duke from 109.254.173.9	2019-08-08 23:38:14
128.199.252.144	attackspam	Aug 8 14:01:15 vps647732 sshd[25492]: Failed password for root from 128.199.252.144 port 39378 ssh2 ...	2019-08-08 22:46:55
131.108.48.151	attackspambots	leo_www	2019-08-08 23:34:53
104.248.116.76	attack	2019-08-08T13:13:18.307574abusebot-4.cloudsearch.cf sshd\[15481\]: Invalid user leyla from 104.248.116.76 port 53310	2019-08-08 23:04:06
150.109.167.75	attackspam	" "	2019-08-08 23:13:26

最近上报的IP列表

138.219.244.110	5.39.217.213	14.232.236.57	49.79.122.178
121.23.41.151	190.175.11.156	131.140.114.229	83.30.218.121
31.177.241.7	142.83.38.237	15.140.254.251	170.44.9.137
1.127.111.51	4.16.249.113	1.250.159.39	32.246.14.190
236.205.241.34	176.81.184.241	123.112.142.179	155.94.22.51