42.112.108.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 42.112.108.4 on Port 445(SMB)	2019-10-30 06:31:58

相同子网IP讨论:

IP	类型	评论内容	时间
42.112.108.255	attack	1598702863 - 08/29/2020 14:07:43 Host: 42.112.108.255/42.112.108.255 Port: 445 TCP Blocked	2020-08-30 00:43:56
42.112.108.204	attackbotsspam	03/20/2020-23:47:42.049216 42.112.108.204 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-03-21 18:48:02
42.112.108.80	attackbotsspam	Unauthorized connection attempt from IP address 42.112.108.80 on Port 445(SMB)	2020-03-07 09:41:34
42.112.108.68	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 02:40:02
42.112.108.253	attack	Unauthorized connection attempt from IP address 42.112.108.253 on Port 445(SMB)	2020-01-13 20:20:17
42.112.108.14	attackbotsspam	" "	2020-01-13 16:34:08
42.112.108.51	attack	Unauthorized connection attempt from IP address 42.112.108.51 on Port 445(SMB)	2019-11-06 04:26:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.112.108.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24139
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.112.108.4.			IN	A

;; AUTHORITY SECTION:
.			539	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102901 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 06:31:54 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 4.108.112.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 4.108.112.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
113.186.47.184	attackspam	Jun 25 19:22:18 andromeda sshd\[41367\]: Invalid user admin from 113.186.47.184 port 44156 Jun 25 19:22:18 andromeda sshd\[41367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.186.47.184 Jun 25 19:22:20 andromeda sshd\[41367\]: Failed password for invalid user admin from 113.186.47.184 port 44156 ssh2	2019-06-26 02:53:11
197.48.67.189	attackspambots	Jun 25 19:10:29 pl3server sshd[2065780]: reveeclipse mapping checking getaddrinfo for host-197.48.67.189.tedata.net [197.48.67.189] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 25 19:10:29 pl3server sshd[2065780]: Invalid user admin from 197.48.67.189 Jun 25 19:10:29 pl3server sshd[2065780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.48.67.189 Jun 25 19:10:31 pl3server sshd[2065780]: Failed password for invalid user admin from 197.48.67.189 port 38924 ssh2 Jun 25 19:10:31 pl3server sshd[2065780]: Connection closed by 197.48.67.189 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=197.48.67.189	2019-06-26 03:02:05
37.148.212.18	attackspam	Jun 25 19:10:18 srv1 sshd[28684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.148.212.18 user=r.r Jun 25 19:10:21 srv1 sshd[28684]: Failed password for r.r from 37.148.212.18 port 35701 ssh2 Jun 25 19:10:21 srv1 sshd[28688]: Invalid user admin from 37.148.212.18 Jun 25 19:10:21 srv1 sshd[28688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.148.212.18 Jun 25 19:10:23 srv1 sshd[28688]: Failed password for invalid user admin from 37.148.212.18 port 37506 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.148.212.18	2019-06-26 03:00:40
218.61.16.185	attackbots	firewall-block, port(s): 60001/tcp	2019-06-26 03:35:34
178.32.46.62	attack	Brute forcing Wordpress login	2019-06-26 03:16:22
159.65.144.233	attackbotsspam	Jun 25 20:41:34 vmd17057 sshd\[20823\]: Invalid user userA from 159.65.144.233 port 21654 Jun 25 20:41:34 vmd17057 sshd\[20823\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.144.233 Jun 25 20:41:36 vmd17057 sshd\[20823\]: Failed password for invalid user userA from 159.65.144.233 port 21654 ssh2 ...	2019-06-26 03:09:26
49.67.69.80	attack	2019-06-25T13:47:26.245520 X postfix/smtpd[4416]: warning: unknown[49.67.69.80]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T17:47:07.317431 X postfix/smtpd[36763]: warning: unknown[49.67.69.80]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T19:22:25.192755 X postfix/smtpd[49565]: warning: unknown[49.67.69.80]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-26 02:51:14
129.250.206.86	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-06-26 03:27:48
58.62.55.130	attack	Jun 25 16:59:24 h1655903 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=58.62.55.130, lip=85.214.28.7, session=\ Jun 25 18:20:53 h1655903 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=58.62.55.130, lip=85.214.28.7, session=\ Jun 25 19:21:02 h1655903 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=58.62.55.130, lip=85.214.28.7, session=\ ...	2019-06-26 03:17:34
117.50.73.241	attackspambots	Jun 25 19:22:17 lnxded64 sshd[26631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.73.241 Jun 25 19:22:17 lnxded64 sshd[26631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.73.241	2019-06-26 02:54:45
188.166.236.211	attackspambots	2019-06-25T20:04:41.522045test01.cajus.name sshd\[24596\]: Invalid user jiong from 188.166.236.211 port 37981 2019-06-25T20:04:41.537757test01.cajus.name sshd\[24596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.236.211 2019-06-25T20:04:43.780914test01.cajus.name sshd\[24596\]: Failed password for invalid user jiong from 188.166.236.211 port 37981 ssh2	2019-06-26 03:32:34
139.59.70.180	attackbots	Jun 25 02:05:31 GIZ-Server-02 sshd[9818]: Invalid user fake from 139.59.70.180 Jun 25 02:05:31 GIZ-Server-02 sshd[9818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.70.180 Jun 25 02:05:33 GIZ-Server-02 sshd[9818]: Failed password for invalid user fake from 139.59.70.180 port 33988 ssh2 Jun 25 02:05:33 GIZ-Server-02 sshd[9818]: Received disconnect from 139.59.70.180: 11: Bye Bye [preauth] Jun 25 02:05:34 GIZ-Server-02 sshd[9820]: Invalid user ubnt from 139.59.70.180 Jun 25 02:05:34 GIZ-Server-02 sshd[9820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.70.180 Jun 25 02:05:36 GIZ-Server-02 sshd[9820]: Failed password for invalid user ubnt from 139.59.70.180 port 41896 ssh2 Jun 25 02:05:36 GIZ-Server-02 sshd[9820]: Received disconnect from 139.59.70.180: 11: Bye Bye [preauth] Jun 25 02:05:37 GIZ-Server-02 sshd[9822]: User r.r from 139.59.70.180 not allowed because not list........ -------------------------------	2019-06-26 02:48:17
200.17.79.55	attack	Lines containing failures of 200.17.79.55 Jun 25 19:10:39 omfg postfix/smtpd[18322]: connect from unknown[200.17.79.55] Jun x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=200.17.79.55	2019-06-26 03:03:56
103.224.186.133	attack	port scan and connect, tcp 23 (telnet)	2019-06-26 03:10:12
58.242.83.29	attack	Jun 25 21:04:51 core01 sshd\[3613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.242.83.29 user=root Jun 25 21:04:53 core01 sshd\[3613\]: Failed password for root from 58.242.83.29 port 13304 ssh2 ...	2019-06-26 03:20:35

最近上报的IP列表

113.201.13.26	204.224.158.247	12.108.254.128	207.180.203.51
177.83.228.157	204.198.218.138	116.186.246.19	150.123.134.211
95.64.119.106	104.179.240.114	44.63.114.215	71.71.49.235
60.202.45.188	163.73.52.220	16.236.113.247	161.182.249.87
116.226.12.250	147.102.164.29	189.47.25.82	41.61.136.248

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表