193.42.40.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United Kingdom of Great Britain and Northern Ireland

运营商(isp): Sky Digital Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 1 23:26:54 our-server-hostname sshd[26625]: reveeclipse mapping checking getaddrinfo for 193-42-40-68.idc-ip.axxxxxxx34823.net [193.42.40.68] failed - POSSIBLE BREAK-IN ATTEMPT! Apr 1 23:26:55 our-server-hostname sshd[26625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.40.68 user=r.r Apr 1 23:26:57 our-server-hostname sshd[26625]: Failed password for r.r from 193.42.40.68 port 53266 ssh2 Apr 1 23:32:47 our-server-hostname sshd[27734]: reveeclipse mapping checking getaddrinfo for 193-42-40-68.idc-ip.axxxxxxx34823.net [193.42.40.68] failed - POSSIBLE BREAK-IN ATTEMPT! Apr 1 23:32:47 our-server-hostname sshd[27734]: Invalid user rw from 193.42.40.68 Apr 1 23:32:47 our-server-hostname sshd[27734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.40.68 Apr 1 23:32:50 our-server-hostname sshd[27734]: Failed password for invalid user rw from 193.42.40.68 port 56990 ssh........ -------------------------------	2020-04-01 22:32:56

类型

评论内容

时间

attack

Apr  1 23:26:54 our-server-hostname sshd[26625]: reveeclipse mapping checking getaddrinfo for 193-42-40-68.idc-ip.axxxxxxx34823.net [193.42.40.68] failed - POSSIBLE BREAK-IN ATTEMPT!
Apr  1 23:26:55 our-server-hostname sshd[26625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.40.68  user=r.r
Apr  1 23:26:57 our-server-hostname sshd[26625]: Failed password for r.r from 193.42.40.68 port 53266 ssh2
Apr  1 23:32:47 our-server-hostname sshd[27734]: reveeclipse mapping checking getaddrinfo for 193-42-40-68.idc-ip.axxxxxxx34823.net [193.42.40.68] failed - POSSIBLE BREAK-IN ATTEMPT!
Apr  1 23:32:47 our-server-hostname sshd[27734]: Invalid user rw from 193.42.40.68
Apr  1 23:32:47 our-server-hostname sshd[27734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.40.68 
Apr  1 23:32:50 our-server-hostname sshd[27734]: Failed password for invalid user rw from 193.42.40.68 port 56990 ssh........
-------------------------------

2020-04-01 22:32:56

相同子网IP讨论:

IP	类型	评论内容	时间
193.42.40.104	attackbots	Port Scan: TCP/445	2019-09-25 08:49:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.42.40.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15137
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.42.40.68.			IN	A

;; AUTHORITY SECTION:
.			566	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040100 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 22:32:51 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

68.40.42.193.in-addr.arpa domain name pointer 193-42-40-68.idc-ip.as134823.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
68.40.42.193.in-addr.arpa	name = 193-42-40-68.idc-ip.as134823.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
203.160.174.214	attackbotsspam	Invalid user mjestel from 203.160.174.214 port 36446	2019-11-15 16:18:29
159.65.166.179	attack	/wp-admin/	2019-11-15 16:29:19
106.13.103.1	attackspam	Invalid user yoyo from 106.13.103.1 port 45372	2019-11-15 16:20:06
62.159.228.138	attackspambots	Nov 15 13:42:14 areeb-Workstation sshd[17905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.159.228.138 Nov 15 13:42:16 areeb-Workstation sshd[17905]: Failed password for invalid user schilles from 62.159.228.138 port 9691 ssh2 ...	2019-11-15 16:27:04
106.12.130.235	attackspambots	Nov 15 08:58:03 SilenceServices sshd[10428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.235 Nov 15 08:58:04 SilenceServices sshd[10428]: Failed password for invalid user fauzi from 106.12.130.235 port 60686 ssh2 Nov 15 09:03:46 SilenceServices sshd[12354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.235	2019-11-15 16:23:23
195.176.3.19	attack	xmlrpc attack	2019-11-15 16:44:09
111.231.85.239	attackbotsspam	Nov 14 16:21:17 warning: unknown[111.231.85.239]: SASL LOGIN authentication failed: authentication failure Nov 14 16:21:21 warning: unknown[111.231.85.239]: SASL LOGIN authentication failed: authentication failure Nov 14 16:21:25 warning: unknown[111.231.85.239]: SASL LOGIN authentication failed: authentication failure	2019-11-15 16:45:33
39.110.250.69	attackbots	Nov 15 09:10:14 dedicated sshd[6716]: Invalid user hiromasa from 39.110.250.69 port 48680	2019-11-15 16:19:03
203.147.64.147	attack	Nov 15 07:27:17 xeon cyrus/imap[7941]: badlogin: host-203-147-64-147.h17.canl.nc [203.147.64.147] plain [SASL(-13): authentication failure: Password verification failed]	2019-11-15 16:29:03
106.12.197.119	attackbots	Nov 15 10:16:31 server sshd\[28736\]: Invalid user jacky from 106.12.197.119 port 34888 Nov 15 10:16:31 server sshd\[28736\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Nov 15 10:16:33 server sshd\[28736\]: Failed password for invalid user jacky from 106.12.197.119 port 34888 ssh2 Nov 15 10:21:04 server sshd\[16171\]: Invalid user mcnicol from 106.12.197.119 port 42320 Nov 15 10:21:04 server sshd\[16171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119	2019-11-15 16:29:43
81.22.45.133	attackbotsspam	11/15/2019-03:09:03.998147 81.22.45.133 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-15 16:23:57
45.82.153.76	attackbots	Nov 15 09:45:07 relay postfix/smtpd\[26990\]: warning: unknown\[45.82.153.76\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 09:45:25 relay postfix/smtpd\[17974\]: warning: unknown\[45.82.153.76\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 09:45:41 relay postfix/smtpd\[27095\]: warning: unknown\[45.82.153.76\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 09:46:50 relay postfix/smtpd\[17985\]: warning: unknown\[45.82.153.76\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 09:47:09 relay postfix/smtpd\[17985\]: warning: unknown\[45.82.153.76\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-15 16:49:37
139.199.219.235	attackbots	Automatic report - SSH Brute-Force Attack	2019-11-15 16:41:40
92.118.38.38	attackspambots	Nov 15 09:24:24 webserver postfix/smtpd\[24281\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 09:25:00 webserver postfix/smtpd\[24281\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 09:25:36 webserver postfix/smtpd\[24281\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 09:26:11 webserver postfix/smtpd\[24281\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 09:26:47 webserver postfix/smtpd\[24288\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-15 16:28:14
142.93.215.102	attack	2019-11-15T08:06:48.097150abusebot-5.cloudsearch.cf sshd\[14255\]: Invalid user dj from 142.93.215.102 port 52616	2019-11-15 16:26:14

最近上报的IP列表

130.183.126.167	45.78.255.104	189.146.203.176	98.60.162.74
185.59.66.187	121.92.109.125	203.59.13.74	62.18.245.237
136.85.41.218	71.55.27.156	125.165.209.119	47.127.248.19
60.175.74.62	102.141.152.215	156.110.105.93	2.222.69.201
41.4.170.127	120.68.96.94	202.200.9.244	184.48.48.136