203.128.249.42

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Smart Telecom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Mobile ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	TCP (SYN) 203.128.249.42:55562 -> port 445, len 52	2020-06-24 19:46:17
attack	Unauthorized connection attempt from IP address 203.128.249.42 on Port 445(SMB)	2019-08-08 07:57:13

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.128.249.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57790
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.128.249.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080702 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 07:57:06 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

42.249.128.203.in-addr.arpa has no PTR record

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 42.249.128.203.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
177.94.220.41	attackspambots	(imapd) Failed IMAP login from 177.94.220.41 (BR/Brazil/177-94-220-41.dsl.telesp.net.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: May 15 16:57:08 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=177.94.220.41, lip=5.63.12.44, TLS, session=<4Ho/7q6lp+WxXtwp>	2020-05-15 21:56:02
178.16.175.146	attackbotsspam	May 15 15:14:53 buvik sshd[20605]: Invalid user oracle from 178.16.175.146 May 15 15:14:53 buvik sshd[20605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.16.175.146 May 15 15:14:55 buvik sshd[20605]: Failed password for invalid user oracle from 178.16.175.146 port 10941 ssh2 ...	2020-05-15 21:39:41
111.161.74.106	attackspam	leo_www	2020-05-15 21:26:45
103.139.219.20	attack	May 15 12:23:15 124388 sshd[11971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.219.20 May 15 12:23:15 124388 sshd[11971]: Invalid user deploy from 103.139.219.20 port 54614 May 15 12:23:18 124388 sshd[11971]: Failed password for invalid user deploy from 103.139.219.20 port 54614 ssh2 May 15 12:27:27 124388 sshd[12084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.219.20 user=root May 15 12:27:29 124388 sshd[12084]: Failed password for root from 103.139.219.20 port 34982 ssh2	2020-05-15 21:45:34
14.249.205.103	attack	May 15 14:27:05 ArkNodeAT sshd\[31219\]: Invalid user system from 14.249.205.103 May 15 14:27:05 ArkNodeAT sshd\[31219\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.249.205.103 May 15 14:27:07 ArkNodeAT sshd\[31219\]: Failed password for invalid user system from 14.249.205.103 port 61705 ssh2	2020-05-15 21:57:42
3.124.254.147	attackbots	WordPress login Brute force / Web App Attack on client site.	2020-05-15 21:35:06
165.22.94.219	attack	Automatic report - XMLRPC Attack	2020-05-15 21:40:17
175.6.140.14	attackspam	May 15 15:00:00 h2779839 sshd[3927]: Invalid user jacosta from 175.6.140.14 port 46334 May 15 15:00:00 h2779839 sshd[3927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.140.14 May 15 15:00:00 h2779839 sshd[3927]: Invalid user jacosta from 175.6.140.14 port 46334 May 15 15:00:02 h2779839 sshd[3927]: Failed password for invalid user jacosta from 175.6.140.14 port 46334 ssh2 May 15 15:04:07 h2779839 sshd[4016]: Invalid user ubuntu from 175.6.140.14 port 60196 May 15 15:04:07 h2779839 sshd[4016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.140.14 May 15 15:04:07 h2779839 sshd[4016]: Invalid user ubuntu from 175.6.140.14 port 60196 May 15 15:04:09 h2779839 sshd[4016]: Failed password for invalid user ubuntu from 175.6.140.14 port 60196 ssh2 May 15 15:08:13 h2779839 sshd[4064]: Invalid user cooper from 175.6.140.14 port 45824 ...	2020-05-15 21:59:43
124.240.199.2	attackspam	May 15 12:44:19 vlre-nyc-1 sshd\[8671\]: Invalid user admin from 124.240.199.2 May 15 12:44:19 vlre-nyc-1 sshd\[8671\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.240.199.2 May 15 12:44:21 vlre-nyc-1 sshd\[8671\]: Failed password for invalid user admin from 124.240.199.2 port 38939 ssh2 May 15 12:50:35 vlre-nyc-1 sshd\[8752\]: Invalid user tester from 124.240.199.2 May 15 12:50:35 vlre-nyc-1 sshd\[8752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.240.199.2 ...	2020-05-15 21:41:18
157.245.186.41	attack	May 15 15:30:13 sip sshd[273203]: Invalid user geoeast from 157.245.186.41 port 35914 May 15 15:30:14 sip sshd[273203]: Failed password for invalid user geoeast from 157.245.186.41 port 35914 ssh2 May 15 15:34:06 sip sshd[273233]: Invalid user postgres from 157.245.186.41 port 43580 ...	2020-05-15 21:46:11
106.12.172.248	attackbots	May 15 15:10:00 server sshd[14323]: Failed password for root from 106.12.172.248 port 59082 ssh2 May 15 15:13:35 server sshd[14630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.172.248 May 15 15:13:37 server sshd[14630]: Failed password for invalid user username from 106.12.172.248 port 44964 ssh2 ...	2020-05-15 21:17:59
88.247.218.108	attack	May 15 14:27:43 debian-2gb-nbg1-2 kernel: \[11804512.288779\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=88.247.218.108 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=48 ID=11138 PROTO=TCP SPT=41061 DPT=8000 WINDOW=48662 RES=0x00 SYN URGP=0	2020-05-15 21:35:39
198.27.79.180	attackspambots	May 15 14:24:09 vps sshd[29732]: Failed password for root from 198.27.79.180 port 59806 ssh2 May 15 14:28:01 vps sshd[29916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.27.79.180 May 15 14:28:03 vps sshd[29916]: Failed password for invalid user nx from 198.27.79.180 port 59607 ssh2 ...	2020-05-15 21:15:23
192.144.172.50	attack	May 15 14:27:14 prox sshd[10194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.172.50 May 15 14:27:17 prox sshd[10194]: Failed password for invalid user squid from 192.144.172.50 port 37988 ssh2	2020-05-15 21:53:12
122.114.170.130	attack	May 15 15:17:43 mout sshd[4137]: Invalid user abe from 122.114.170.130 port 40740	2020-05-15 21:31:48

最近上报的IP列表

91.206.15.28	132.232.17.23	77.132.18.33	124.158.164.42
129.42.208.179	113.65.189.56	168.235.103.143	202.79.174.122
134.73.161.214	27.74.245.84	217.61.98.201	175.138.91.175
78.142.211.173	222.141.112.28	242.33.79.236	221.202.11.89
219.241.212.2	203.205.29.13	83.221.205.203	54.36.149.27