218.93.121.42 - IPInfo

基本信息:

城市(city): Changzhou

省份(region): Jiangsu

国家(country): China

运营商(isp): Changzhou Minghang Benniu Airport

主机名(hostname): unknown

机构(organization): No.31,Jin-rong Street

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	port scan and connect, tcp 22 (ssh)	2019-07-29 18:59:10
attackspambots	2019-07-28 18:45:20,111 [snip] proftpd[20735] [snip] (218.93.121.42[218.93.121.42]): USER root: no such user found from 218.93.121.42 [218.93.121.42] to ::ffff:[snip]:22 2019-07-28 18:45:22,726 [snip] proftpd[20742] [snip] (218.93.121.42[218.93.121.42]): USER root: no such user found from 218.93.121.42 [218.93.121.42] to ::ffff:[snip]:22 2019-07-28 18:45:25,953 [snip] proftpd[20746] [snip] (218.93.121.42[218.93.121.42]): USER root: no such user found from 218.93.121.42 [218.93.121.42] to ::ffff:[snip]:22[...]	2019-07-29 02:25:20

类型

评论内容

时间

attackspam

port scan and connect, tcp 22 (ssh)

2019-07-29 18:59:10

attackspambots

2019-07-28 18:45:20,111 [snip] proftpd[20735] [snip] (218.93.121.42[218.93.121.42]): USER root: no such user found from 218.93.121.42 [218.93.121.42] to ::ffff:[snip]:22
2019-07-28 18:45:22,726 [snip] proftpd[20742] [snip] (218.93.121.42[218.93.121.42]): USER root: no such user found from 218.93.121.42 [218.93.121.42] to ::ffff:[snip]:22
2019-07-28 18:45:25,953 [snip] proftpd[20746] [snip] (218.93.121.42[218.93.121.42]): USER root: no such user found from 218.93.121.42 [218.93.121.42] to ::ffff:[snip]:22[...]

2019-07-29 02:25:20

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.93.121.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46721
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;218.93.121.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072800 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 02:25:15 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 42.121.93.218.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.121.93.218.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
212.83.141.237	attack	3x Failed Password	2020-06-01 22:14:58
115.84.76.12	attackspambots	$f2bV_matches	2020-06-01 22:05:39
106.75.13.213	attackbotsspam	Jun 1 09:18:50 Tower sshd[9801]: Connection from 106.75.13.213 port 40637 on 192.168.10.220 port 22 rdomain "" Jun 1 09:18:54 Tower sshd[9801]: Failed password for root from 106.75.13.213 port 40637 ssh2 Jun 1 09:18:54 Tower sshd[9801]: Received disconnect from 106.75.13.213 port 40637:11: Bye Bye [preauth] Jun 1 09:18:54 Tower sshd[9801]: Disconnected from authenticating user root 106.75.13.213 port 40637 [preauth]	2020-06-01 22:46:57
1.52.96.55	attack	2019-07-07 16:44:09 1hk8Oe-0002kF-JH SMTP connection from $\[1.52.96.55\]$ \[1.52.96.55\]:25980 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-07 16:44:19 1hk8Oo-0002kQ-BY SMTP connection from $\[1.52.96.55\]$ \[1.52.96.55\]:54324 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-07 16:44:28 1hk8Ox-0002kc-Fk SMTP connection from $\[1.52.96.55\]$ \[1.52.96.55\]:53012 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-06-01 22:07:08
213.60.19.18	attackbots	Jun 1 14:05:13 vmd26974 sshd[1276]: Failed password for root from 213.60.19.18 port 35994 ssh2 ...	2020-06-01 22:12:47
59.126.2.6	attackspambots	Port probing on unauthorized port 2323	2020-06-01 22:18:25
212.64.0.99	attackbotsspam	SSH Honeypot -> SSH Bruteforce / Login	2020-06-01 22:12:29
72.210.252.135	attackspambots	Dovecot Invalid User Login Attempt.	2020-06-01 22:10:13
103.93.17.149	attackbots	May 31 21:14:42 serwer sshd\[31293\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.17.149 user=root May 31 21:14:44 serwer sshd\[31293\]: Failed password for root from 103.93.17.149 port 43846 ssh2 May 31 21:21:16 serwer sshd\[31993\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.17.149 user=root May 31 21:21:19 serwer sshd\[31993\]: Failed password for root from 103.93.17.149 port 45878 ssh2 May 31 21:24:42 serwer sshd\[32227\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.17.149 user=root May 31 21:24:44 serwer sshd\[32227\]: Failed password for root from 103.93.17.149 port 49574 ssh2 May 31 21:28:10 serwer sshd\[32555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.17.149 user=root May 31 21:28:12 serwer sshd\[32555\]: Failed password for root from 103.93.17.149 port 532 ...	2020-06-01 22:40:01
95.69.73.139	attackspam	Unauthorized access to web resources	2020-06-01 22:20:18
104.155.215.32	attackspambots	May 31 09:40:34 serwer sshd\[29073\]: Invalid user web from 104.155.215.32 port 52096 May 31 09:40:34 serwer sshd\[29073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.155.215.32 May 31 09:40:37 serwer sshd\[29073\]: Failed password for invalid user web from 104.155.215.32 port 52096 ssh2 May 31 09:43:26 serwer sshd\[29305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.155.215.32 user=root May 31 09:43:28 serwer sshd\[29305\]: Failed password for root from 104.155.215.32 port 43724 ssh2 May 31 09:46:20 serwer sshd\[29620\]: Invalid user privoxy from 104.155.215.32 port 35316 May 31 09:46:20 serwer sshd\[29620\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.155.215.32 May 31 09:46:22 serwer sshd\[29620\]: Failed password for invalid user privoxy from 104.155.215.32 port 35316 ssh2 May 31 09:49:08 serwer sshd\[29849\]: Invalid user cbrow ...	2020-06-01 22:21:48
139.59.5.179	attackspambots	139.59.5.179 - - [01/Jun/2020:15:24:27 +0200] "GET /wp-login.php HTTP/1.1" 200 6364 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.5.179 - - [01/Jun/2020:15:24:30 +0200] "POST /wp-login.php HTTP/1.1" 200 6615 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.5.179 - - [01/Jun/2020:15:24:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-01 22:44:52
159.89.123.66	attackbots	CMS (WordPress or Joomla) login attempt.	2020-06-01 22:29:30
109.130.153.176	attack	20/6/1@08:08:01: FAIL: IoT-Telnet address from=109.130.153.176 ...	2020-06-01 22:19:45
217.163.30.151	normal	Merci	2020-06-01 22:24:03

最近上报的IP列表

1.144.108.67	88.121.189.225	70.66.194.63	98.141.13.233
168.213.220.157	146.221.86.9	165.22.104.146	116.247.218.12
23.237.187.66	64.88.19.117	203.132.175.41	14.186.244.217
160.216.126.3	214.6.118.91	191.76.202.69	220.90.81.121
82.135.132.143	201.239.9.109	42.204.128.177	83.114.79.233