42.112.16.97 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	20/6/26@07:26:53: FAIL: Alarm-Network address from=42.112.16.97 ...	2020-06-26 23:37:39
attackspam	1582550867 - 02/24/2020 14:27:47 Host: 42.112.16.97/42.112.16.97 Port: 445 TCP Blocked	2020-02-24 23:57:10
attackspambots	Dec 1 08:23:34 www sshd\[76564\]: Invalid user test from 42.112.16.97 Dec 1 08:23:34 www sshd\[76564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.16.97 Dec 1 08:23:36 www sshd\[76564\]: Failed password for invalid user test from 42.112.16.97 port 52742 ssh2 ...	2019-12-01 20:07:08

类型

评论内容

时间

attackspambots

20/6/26@07:26:53: FAIL: Alarm-Network address from=42.112.16.97
...

2020-06-26 23:37:39

attackspam

1582550867 - 02/24/2020 14:27:47 Host: 42.112.16.97/42.112.16.97 Port: 445 TCP Blocked

2020-02-24 23:57:10

attackspambots

Dec  1 08:23:34 www sshd\[76564\]: Invalid user test from 42.112.16.97
Dec  1 08:23:34 www sshd\[76564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.16.97
Dec  1 08:23:36 www sshd\[76564\]: Failed password for invalid user test from 42.112.16.97 port 52742 ssh2
...

2019-12-01 20:07:08

相同子网IP讨论:

IP	类型	评论内容	时间
42.112.16.126	attackspam	Unauthorized connection attempt from IP address 42.112.16.126 on Port 445(SMB)	2020-10-11 03:07:31
42.112.16.126	attackspambots	Unauthorized connection attempt from IP address 42.112.16.126 on Port 445(SMB)	2020-10-10 18:57:20
42.112.163.103	attackspambots	Unauthorized connection attempt from IP address 42.112.163.103 on Port 445(SMB)	2020-09-19 21:14:47
42.112.163.103	attack	Unauthorized connection attempt from IP address 42.112.163.103 on Port 445(SMB)	2020-09-19 13:08:07
42.112.163.103	attackbotsspam	Unauthorized connection attempt from IP address 42.112.163.103 on Port 445(SMB)	2020-09-19 04:47:41
42.112.162.239	attackbotsspam	Unauthorized connection attempt from IP address 42.112.162.239 on Port 445(SMB)	2020-08-25 05:35:17
42.112.16.118	attack	1596563648 - 08/04/2020 19:54:08 Host: 42.112.16.118/42.112.16.118 Port: 445 TCP Blocked	2020-08-05 07:40:15
42.112.165.219	attack	trying to access non-authorized port	2020-07-05 04:50:24
42.112.161.63	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 22:49:16
42.112.16.130	attackbotsspam	Unauthorized connection attempt from IP address 42.112.16.130 on Port 445(SMB)	2020-04-07 03:56:12
42.112.16.179	attack	Unauthorized connection attempt detected from IP address 42.112.16.179 to port 445 [T]	2020-03-11 15:42:01
42.112.167.240	attack	Automatic report - Port Scan Attack	2020-02-26 04:22:47
42.112.16.118	attack	20/2/21@08:12:32: FAIL: Alarm-Network address from=42.112.16.118 ...	2020-02-22 03:34:41
42.112.16.178	attack	suspicious action Thu, 20 Feb 2020 10:23:57 -0300	2020-02-21 03:00:11
42.112.16.179	attackbotsspam	suspicious action Thu, 20 Feb 2020 10:24:06 -0300	2020-02-21 02:52:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.112.16.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5651
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.112.16.97.			IN	A

;; AUTHORITY SECTION:
.			417	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120100 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 20:06:58 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 97.16.112.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 97.16.112.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
128.199.212.194	attack	128.199.212.194 - - [09/Apr/2020:23:54:00 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.212.194 - - [09/Apr/2020:23:54:04 +0200] "POST /wp-login.php HTTP/1.1" 200 6601 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.212.194 - - [09/Apr/2020:23:54:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-10 09:05:50
112.73.74.61	attackspambots	SSH bruteforce (Triggered fail2ban)	2020-04-10 08:59:19
187.162.62.136	attackspambots	Apr 10 01:46:34 debian-2gb-nbg1-2 kernel: \[8735004.121731\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=187.162.62.136 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=61477 PROTO=TCP SPT=34949 DPT=23 WINDOW=65533 RES=0x00 SYN URGP=0	2020-04-10 08:47:22
103.66.16.18	attack	2020-04-09T23:47:47.573868randservbullet-proofcloud-66.localdomain sshd[15768]: Invalid user system from 103.66.16.18 port 39556 2020-04-09T23:47:47.579394randservbullet-proofcloud-66.localdomain sshd[15768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.66.16.18 2020-04-09T23:47:47.573868randservbullet-proofcloud-66.localdomain sshd[15768]: Invalid user system from 103.66.16.18 port 39556 2020-04-09T23:47:49.778588randservbullet-proofcloud-66.localdomain sshd[15768]: Failed password for invalid user system from 103.66.16.18 port 39556 ssh2 ...	2020-04-10 08:44:03
103.119.140.45	attack	Distributed brute force attack	2020-04-10 08:34:38
92.118.38.66	attackbotsspam	Apr 10 01:54:17 mail postfix/smtpd\[7341\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 10 02:24:48 mail postfix/smtpd\[7777\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 10 02:25:39 mail postfix/smtpd\[8144\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 10 02:26:29 mail postfix/smtpd\[8144\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-04-10 09:06:18
218.92.0.212	attack	Apr 10 02:09:07 localhost sshd[10664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.212 user=root Apr 10 02:09:09 localhost sshd[10664]: Failed password for root from 218.92.0.212 port 30742 ssh2 ...	2020-04-10 08:34:23
61.19.30.156	attackspambots	Icarus honeypot on github	2020-04-10 08:44:45
166.111.152.230	attackspambots	$f2bV_matches	2020-04-10 08:57:56
106.13.181.170	attack	2020-04-10T01:04:52.808388struts4.enskede.local sshd\[3734\]: Invalid user admin from 106.13.181.170 port 60294 2020-04-10T01:04:52.814607struts4.enskede.local sshd\[3734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.170 2020-04-10T01:04:56.361756struts4.enskede.local sshd\[3734\]: Failed password for invalid user admin from 106.13.181.170 port 60294 ssh2 2020-04-10T01:09:05.860089struts4.enskede.local sshd\[3769\]: Invalid user upload from 106.13.181.170 port 61041 2020-04-10T01:09:05.866413struts4.enskede.local sshd\[3769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.170 ...	2020-04-10 08:42:46
117.60.232.137	attack	(smtpauth) Failed SMTP AUTH login from 117.60.232.137 (CN/China/137.232.60.117.other.xz.js.dynamic.163data.com.cn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-10 02:24:26 plain authenticator failed for (54bf329a06.wellweb.host) [117.60.232.137]: 535 Incorrect authentication data (set_id=info@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com)	2020-04-10 08:47:37
51.91.76.175	attackbotsspam	Apr 9 23:51:09 markkoudstaal sshd[32129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.76.175 Apr 9 23:51:11 markkoudstaal sshd[32129]: Failed password for invalid user deploy from 51.91.76.175 port 40523 ssh2 Apr 9 23:54:39 markkoudstaal sshd[32591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.76.175	2020-04-10 08:41:17
188.166.226.209	attack	(sshd) Failed SSH login from 188.166.226.209 (SG/Singapore/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 10 02:06:31 ubnt-55d23 sshd[29214]: Invalid user ubuntu from 188.166.226.209 port 33521 Apr 10 02:06:32 ubnt-55d23 sshd[29214]: Failed password for invalid user ubuntu from 188.166.226.209 port 33521 ssh2	2020-04-10 08:43:04
113.88.0.34	attack	Port scan on 1 port(s): 4899	2020-04-10 08:48:19
103.92.24.240	attackbots	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-10 08:44:25

最近上报的IP列表

4.21.136.216	164.83.228.100	215.0.49.217	198.93.144.162
42.243.143.36	58.114.15.167	107.78.236.55	69.88.151.85
177.153.220.6	180.251.33.48	156.203.204.168	162.224.210.21
61.128.74.11	140.6.92.66	190.33.159.38	112.230.20.32
181.48.69.155	79.185.111.117	245.58.228.207	2.32.132.174