193.42.40.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United Kingdom of Great Britain and Northern Ireland

运营商(isp): Sky Digital Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 1 23:26:54 our-server-hostname sshd[26625]: reveeclipse mapping checking getaddrinfo for 193-42-40-68.idc-ip.axxxxxxx34823.net [193.42.40.68] failed - POSSIBLE BREAK-IN ATTEMPT! Apr 1 23:26:55 our-server-hostname sshd[26625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.40.68 user=r.r Apr 1 23:26:57 our-server-hostname sshd[26625]: Failed password for r.r from 193.42.40.68 port 53266 ssh2 Apr 1 23:32:47 our-server-hostname sshd[27734]: reveeclipse mapping checking getaddrinfo for 193-42-40-68.idc-ip.axxxxxxx34823.net [193.42.40.68] failed - POSSIBLE BREAK-IN ATTEMPT! Apr 1 23:32:47 our-server-hostname sshd[27734]: Invalid user rw from 193.42.40.68 Apr 1 23:32:47 our-server-hostname sshd[27734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.40.68 Apr 1 23:32:50 our-server-hostname sshd[27734]: Failed password for invalid user rw from 193.42.40.68 port 56990 ssh........ -------------------------------	2020-04-01 22:32:56

类型

评论内容

时间

attack

Apr  1 23:26:54 our-server-hostname sshd[26625]: reveeclipse mapping checking getaddrinfo for 193-42-40-68.idc-ip.axxxxxxx34823.net [193.42.40.68] failed - POSSIBLE BREAK-IN ATTEMPT!
Apr  1 23:26:55 our-server-hostname sshd[26625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.40.68  user=r.r
Apr  1 23:26:57 our-server-hostname sshd[26625]: Failed password for r.r from 193.42.40.68 port 53266 ssh2
Apr  1 23:32:47 our-server-hostname sshd[27734]: reveeclipse mapping checking getaddrinfo for 193-42-40-68.idc-ip.axxxxxxx34823.net [193.42.40.68] failed - POSSIBLE BREAK-IN ATTEMPT!
Apr  1 23:32:47 our-server-hostname sshd[27734]: Invalid user rw from 193.42.40.68
Apr  1 23:32:47 our-server-hostname sshd[27734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.40.68 
Apr  1 23:32:50 our-server-hostname sshd[27734]: Failed password for invalid user rw from 193.42.40.68 port 56990 ssh........
-------------------------------

2020-04-01 22:32:56

相同子网IP讨论:

IP	类型	评论内容	时间
193.42.40.104	attackbots	Port Scan: TCP/445	2019-09-25 08:49:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.42.40.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15137
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.42.40.68.			IN	A

;; AUTHORITY SECTION:
.			566	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040100 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 22:32:51 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

68.40.42.193.in-addr.arpa domain name pointer 193-42-40-68.idc-ip.as134823.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
68.40.42.193.in-addr.arpa	name = 193-42-40-68.idc-ip.as134823.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
152.136.22.63	attackspambots	Jul 12 15:43:20 abendstille sshd\[5506\]: Invalid user metin2 from 152.136.22.63 Jul 12 15:43:20 abendstille sshd\[5506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.22.63 Jul 12 15:43:22 abendstille sshd\[5506\]: Failed password for invalid user metin2 from 152.136.22.63 port 46140 ssh2 Jul 12 15:51:49 abendstille sshd\[14095\]: Invalid user davis from 152.136.22.63 Jul 12 15:51:49 abendstille sshd\[14095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.22.63 ...	2020-07-13 02:55:37
142.93.212.213	attackspam	Jul 12 19:53:49 vm0 sshd[16806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.212.213 Jul 12 19:53:50 vm0 sshd[16806]: Failed password for invalid user ion from 142.93.212.213 port 55598 ssh2 ...	2020-07-13 02:59:13
139.170.150.252	attackspam	web-1 [ssh] SSH Attack	2020-07-13 02:26:35
101.36.178.48	attackspam	2020-07-12T15:53:38.609393galaxy.wi.uni-potsdam.de sshd[32632]: Invalid user leixu from 101.36.178.48 port 60072 2020-07-12T15:53:38.613979galaxy.wi.uni-potsdam.de sshd[32632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.178.48 2020-07-12T15:53:38.609393galaxy.wi.uni-potsdam.de sshd[32632]: Invalid user leixu from 101.36.178.48 port 60072 2020-07-12T15:53:40.724823galaxy.wi.uni-potsdam.de sshd[32632]: Failed password for invalid user leixu from 101.36.178.48 port 60072 ssh2 2020-07-12T15:54:28.969719galaxy.wi.uni-potsdam.de sshd[32743]: Invalid user ursula from 101.36.178.48 port 10883 2020-07-12T15:54:28.974861galaxy.wi.uni-potsdam.de sshd[32743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.178.48 2020-07-12T15:54:28.969719galaxy.wi.uni-potsdam.de sshd[32743]: Invalid user ursula from 101.36.178.48 port 10883 2020-07-12T15:54:30.614485galaxy.wi.uni-potsdam.de sshd[32743]: Failed passw ...	2020-07-13 02:28:59
162.243.141.36	attackbotsspam	[Sun Jun 21 23:01:54 2020] - DDoS Attack From IP: 162.243.141.36 Port: 49125	2020-07-13 02:40:21
116.196.116.205	attackspambots	Invalid user nieto from 116.196.116.205 port 43092	2020-07-13 02:39:10
87.208.56.229	attackspambots	Invalid user pi from 87.208.56.229 port 55674	2020-07-13 02:35:43
162.243.131.61	attackspambots	[Thu Jun 25 09:31:01 2020] - DDoS Attack From IP: 162.243.131.61 Port: 36698	2020-07-13 02:24:04
192.241.212.43	attackbotsspam	[Wed Jun 24 08:38:16 2020] - DDoS Attack From IP: 192.241.212.43 Port: 51446	2020-07-13 02:27:56
111.229.120.173	attackbots	Jul 12 19:36:32 lnxweb62 sshd[16297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.120.173	2020-07-13 02:46:54
23.250.1.148	attackbotsspam	(From sadye@maxoutmedia.buzz) Hello tompkinschiro.com, Confirm your email to receive payments: https://maxoutmedia.buzz/go/payments/ Thank you, Sadye	2020-07-13 02:49:49
124.156.54.244	attackbots	[Wed Jun 24 06:24:20 2020] - DDoS Attack From IP: 124.156.54.244 Port: 45329	2020-07-13 02:29:21
188.19.188.108	attackbotsspam	Icarus honeypot on github	2020-07-13 02:57:14
107.6.169.250	attack	Unauthorized connection attempt detected from IP address 107.6.169.250 to port 79	2020-07-13 02:49:13
61.177.172.41	attack	2020-07-12T14:28:30.446456na-vps210223 sshd[24017]: Failed password for root from 61.177.172.41 port 60711 ssh2 2020-07-12T14:28:33.289165na-vps210223 sshd[24017]: Failed password for root from 61.177.172.41 port 60711 ssh2 2020-07-12T14:28:36.956836na-vps210223 sshd[24017]: Failed password for root from 61.177.172.41 port 60711 ssh2 2020-07-12T14:28:36.957117na-vps210223 sshd[24017]: error: maximum authentication attempts exceeded for root from 61.177.172.41 port 60711 ssh2 [preauth] 2020-07-12T14:28:36.957137na-vps210223 sshd[24017]: Disconnecting: Too many authentication failures [preauth] ...	2020-07-13 02:34:27

最近上报的IP列表

130.183.126.167	45.78.255.104	189.146.203.176	98.60.162.74
185.59.66.187	121.92.109.125	203.59.13.74	62.18.245.237
136.85.41.218	71.55.27.156	125.165.209.119	47.127.248.19
60.175.74.62	102.141.152.215	156.110.105.93	2.222.69.201
41.4.170.127	120.68.96.94	202.200.9.244	184.48.48.136