42.112.166.157

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jan 3 14:05:16 debian-2gb-nbg1-2 kernel: \[316043.135600\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=42.112.166.157 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=1409 PROTO=TCP SPT=43185 DPT=23 WINDOW=17985 RES=0x00 SYN URGP=0	2020-01-03 23:46:34

类型

评论内容

时间

attack

Jan  3 14:05:16 debian-2gb-nbg1-2 kernel: \[316043.135600\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=42.112.166.157 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=1409 PROTO=TCP SPT=43185 DPT=23 WINDOW=17985 RES=0x00 SYN URGP=0

2020-01-03 23:46:34

相同子网IP讨论:

IP	类型	评论内容	时间
42.112.166.22	attack	Unauthorized connection attempt detected from IP address 42.112.166.22 to port 23	2019-12-31 03:17:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.112.166.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26354
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.112.166.157.			IN	A

;; AUTHORITY SECTION:
.			543	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010300 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 23:46:29 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

157.166.112.42.in-addr.arpa has no PTR record

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 157.166.112.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
213.109.1.15	attackspam	proto=tcp . spt=59926 . dpt=25 . (listed on Blocklist de Sep 14) (770)	2019-09-15 08:34:32
49.234.48.171	attackspam	Automatic report - Banned IP Access	2019-09-15 07:57:18
116.118.11.88	attackspambots	Chat Spam	2019-09-15 08:19:01
51.77.147.95	attackbots	Sep 14 08:10:50 php2 sshd\[30610\]: Invalid user brood from 51.77.147.95 Sep 14 08:10:50 php2 sshd\[30610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.ip-51-77-147.eu Sep 14 08:10:52 php2 sshd\[30610\]: Failed password for invalid user brood from 51.77.147.95 port 42148 ssh2 Sep 14 08:14:43 php2 sshd\[30916\]: Invalid user penis from 51.77.147.95 Sep 14 08:14:43 php2 sshd\[30916\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.ip-51-77-147.eu	2019-09-15 08:13:51
182.254.205.83	attackspambots	Sep 14 09:27:56 php1 sshd\[14647\]: Invalid user junsuk from 182.254.205.83 Sep 14 09:27:56 php1 sshd\[14647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.205.83 Sep 14 09:27:58 php1 sshd\[14647\]: Failed password for invalid user junsuk from 182.254.205.83 port 34314 ssh2 Sep 14 09:32:57 php1 sshd\[15086\]: Invalid user confluence from 182.254.205.83 Sep 14 09:32:57 php1 sshd\[15086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.205.83	2019-09-15 08:31:45
152.242.14.150	attackspam	Sep 14 20:04:45 nxxxxxxx sshd[8724]: reveeclipse mapping checking getaddrinfo for 152-242-14-150.user.vivozap.com.br [152.242.14.150] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 14 20:04:46 nxxxxxxx sshd[8724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.242.14.150 user=r.r Sep 14 20:04:48 nxxxxxxx sshd[8724]: Failed password for r.r from 152.242.14.150 port 45813 ssh2 Sep 14 20:04:48 nxxxxxxx sshd[8724]: Received disconnect from 152.242.14.150: 11: Bye Bye [preauth] Sep 14 20:04:50 nxxxxxxx sshd[8749]: reveeclipse mapping checking getaddrinfo for 152-242-14-150.user.vivozap.com.br [152.242.14.150] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 14 20:04:50 nxxxxxxx sshd[8749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.242.14.150 user=r.r Sep 14 20:04:52 nxxxxxxx sshd[8749]: Failed password for r.r from 152.242.14.150 port 45814 ssh2 Sep 14 20:04:53 nxxxxxxx sshd[8749]: Received disc........ -------------------------------	2019-09-15 08:22:14
5.45.6.66	attack	Sep 15 01:34:39 rpi sshd[5163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.45.6.66 Sep 15 01:34:41 rpi sshd[5163]: Failed password for invalid user gitblit from 5.45.6.66 port 39126 ssh2	2019-09-15 08:06:55
201.159.95.94	attackspambots	proto=tcp . spt=42090 . dpt=25 . (listed on Blocklist de Sep 14) (778)	2019-09-15 08:18:44
179.125.25.218	attack	Spamassassin_179.125.25.218	2019-09-15 08:10:18
104.248.62.208	attack	Sep 14 13:19:01 tdfoods sshd\[24359\]: Invalid user git from 104.248.62.208 Sep 14 13:19:01 tdfoods sshd\[24359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.62.208 Sep 14 13:19:03 tdfoods sshd\[24359\]: Failed password for invalid user git from 104.248.62.208 port 35204 ssh2 Sep 14 13:23:22 tdfoods sshd\[24807\]: Invalid user de1 from 104.248.62.208 Sep 14 13:23:22 tdfoods sshd\[24807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.62.208	2019-09-15 08:09:39
51.38.238.87	attack	Sep 14 21:05:17 vps647732 sshd[1101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.238.87 Sep 14 21:05:19 vps647732 sshd[1101]: Failed password for invalid user mckey from 51.38.238.87 port 39106 ssh2 ...	2019-09-15 08:31:00
59.127.155.17	attackspam	1568484854 - 09/15/2019 01:14:14 Host: 59-127-155-17.HINET-IP.hinet.net/59.127.155.17 Port: 23 TCP Blocked ...	2019-09-15 08:36:38
123.205.150.147	attackbots	proto=tcp . spt=47747 . dpt=25 . (listed on Blocklist de Sep 14) (780)	2019-09-15 08:13:18
59.83.221.4	attack	Sep 15 02:19:01 dedicated sshd[28455]: Failed password for root from 59.83.221.4 port 2932 ssh2 Sep 15 02:19:04 dedicated sshd[28455]: Failed password for root from 59.83.221.4 port 2932 ssh2 Sep 15 02:19:06 dedicated sshd[28455]: Failed password for root from 59.83.221.4 port 2932 ssh2 Sep 15 02:19:08 dedicated sshd[28455]: Failed password for root from 59.83.221.4 port 2932 ssh2 Sep 15 02:19:10 dedicated sshd[28455]: Failed password for root from 59.83.221.4 port 2932 ssh2	2019-09-15 08:20:34
134.175.197.226	attackbotsspam	F2B jail: sshd. Time: 2019-09-15 02:29:38, Reported by: VKReport	2019-09-15 08:35:34

最近上报的IP列表

100.136.200.204	36.63.204.180	173.124.214.35	176.181.15.114
99.240.226.117	109.218.75.55	94.244.153.174	58.115.37.200
23.66.91.23	142.127.172.145	98.51.136.212	57.127.11.251
183.6.107.68	66.189.67.177	121.91.97.3	158.211.178.255
109.252.247.230	2.182.18.154	37.49.230.124	71.92.86.115