42.113.157.125

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Lines containing failures of 42.113.157.125 Jul 3 04:02:48 shared03 sshd[8217]: Did not receive identification string from 42.113.157.125 port 48819 Jul 3 04:02:51 shared03 sshd[8221]: Invalid user noc from 42.113.157.125 port 16167 Jul 3 04:02:51 shared03 sshd[8221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.113.157.125 Jul 3 04:02:53 shared03 sshd[8221]: Failed password for invalid user noc from 42.113.157.125 port 16167 ssh2 Jul 3 04:02:53 shared03 sshd[8221]: Connection closed by invalid user noc 42.113.157.125 port 16167 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.113.157.125	2020-07-03 23:14:45

类型

评论内容

时间

attackspambots

Lines containing failures of 42.113.157.125
Jul  3 04:02:48 shared03 sshd[8217]: Did not receive identification string from 42.113.157.125 port 48819
Jul  3 04:02:51 shared03 sshd[8221]: Invalid user noc from 42.113.157.125 port 16167
Jul  3 04:02:51 shared03 sshd[8221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.113.157.125
Jul  3 04:02:53 shared03 sshd[8221]: Failed password for invalid user noc from 42.113.157.125 port 16167 ssh2
Jul  3 04:02:53 shared03 sshd[8221]: Connection closed by invalid user noc 42.113.157.125 port 16167 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=42.113.157.125

2020-07-03 23:14:45

相同子网IP讨论:

IP	类型	评论内容	时间
42.113.157.251	attack	Unauthorized connection attempt from IP address 42.113.157.251 on Port 445(SMB)	2019-12-24 19:15:35

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.113.157.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18524
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.113.157.125.			IN	A

;; AUTHORITY SECTION:
.			244	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070202 1800 900 604800 86400

;; Query time: 80 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 03 10:17:11 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 125.157.113.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 125.157.113.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
139.59.95.60	attackspam	TCP (SYN) 139.59.95.60:54350 -> port 22608, len 44	2020-06-30 07:29:24
112.91.211.28	attack	Port probing on unauthorized port 23	2020-06-30 07:23:59
1.174.244.163	attackbots	Honeypot attack, port: 81, PTR: 1-174-244-163.dynamic-ip.hinet.net.	2020-06-30 07:26:32
134.175.129.204	attack	Invalid user kgn from 134.175.129.204 port 55654	2020-06-30 07:05:32
115.238.186.104	attackbots	Jun 29 22:53:09 zulu412 sshd\[28060\]: Invalid user ninja from 115.238.186.104 port 44658 Jun 29 22:53:09 zulu412 sshd\[28060\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.186.104 Jun 29 22:53:11 zulu412 sshd\[28060\]: Failed password for invalid user ninja from 115.238.186.104 port 44658 ssh2 ...	2020-06-30 07:16:19
192.241.231.118	attack	Hits on port : 8081	2020-06-30 06:58:14
139.59.40.233	attack	139.59.40.233 - - [29/Jun/2020:23:29:59 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.40.233 - - [29/Jun/2020:23:30:02 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.40.233 - - [29/Jun/2020:23:30:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-30 07:07:58
106.246.92.234	attackbotsspam	Jun 29 22:03:57 ip-172-31-61-156 sshd[19068]: Invalid user deploy from 106.246.92.234 Jun 29 22:03:59 ip-172-31-61-156 sshd[19068]: Failed password for invalid user deploy from 106.246.92.234 port 60316 ssh2 Jun 29 22:03:57 ip-172-31-61-156 sshd[19068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.246.92.234 Jun 29 22:03:57 ip-172-31-61-156 sshd[19068]: Invalid user deploy from 106.246.92.234 Jun 29 22:03:59 ip-172-31-61-156 sshd[19068]: Failed password for invalid user deploy from 106.246.92.234 port 60316 ssh2 ...	2020-06-30 07:02:36
116.3.198.225	attack	Jun 29 22:50:26 ns382633 sshd\[8083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.3.198.225 user=root Jun 29 22:50:28 ns382633 sshd\[8083\]: Failed password for root from 116.3.198.225 port 36178 ssh2 Jun 29 22:54:49 ns382633 sshd\[8838\]: Invalid user hyegyeong from 116.3.198.225 port 34360 Jun 29 22:54:49 ns382633 sshd\[8838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.3.198.225 Jun 29 22:54:52 ns382633 sshd\[8838\]: Failed password for invalid user hyegyeong from 116.3.198.225 port 34360 ssh2	2020-06-30 07:19:45
45.144.195.246	attackspambots	Automatic report - Port Scan Attack	2020-06-30 07:16:48
124.42.83.34	attackspambots	2020-06-29T04:26:53.4902741495-001 sshd[41992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.42.83.34 user=root 2020-06-29T04:26:55.0440511495-001 sshd[41992]: Failed password for root from 124.42.83.34 port 50262 ssh2 2020-06-29T04:30:25.4398851495-001 sshd[42171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.42.83.34 user=root 2020-06-29T04:30:26.7630541495-001 sshd[42171]: Failed password for root from 124.42.83.34 port 44140 ssh2 2020-06-29T17:57:06.6960131495-001 sshd[9593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.42.83.34 user=root 2020-06-29T17:57:08.9667191495-001 sshd[9593]: Failed password for root from 124.42.83.34 port 50648 ssh2 ...	2020-06-30 07:03:35
64.227.2.96	attackspam	DATE:2020-06-29 21:46:39, IP:64.227.2.96, PORT:ssh SSH brute force auth (docker-dc)	2020-06-30 07:29:09
81.68.78.224	attack	2020-06-30T00:02:12.653401vps751288.ovh.net sshd\[29586\]: Invalid user nagios from 81.68.78.224 port 37786 2020-06-30T00:02:12.661968vps751288.ovh.net sshd\[29586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.78.224 2020-06-30T00:02:14.942513vps751288.ovh.net sshd\[29586\]: Failed password for invalid user nagios from 81.68.78.224 port 37786 ssh2 2020-06-30T00:06:59.277967vps751288.ovh.net sshd\[29756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.78.224 user=root 2020-06-30T00:07:00.625114vps751288.ovh.net sshd\[29756\]: Failed password for root from 81.68.78.224 port 36722 ssh2	2020-06-30 07:09:06
177.242.46.46	attackspam	21 attempts against mh-ssh on float	2020-06-30 07:23:09
77.42.102.186	attackbots	Automatic report - Port Scan Attack	2020-06-30 07:06:34

最近上报的IP列表

228.240.90.248	181.188.183.42	187.96.192.138	18.145.206.42
121.166.245.171	101.161.76.91	222.194.49.72	27.72.105.41
159.203.36.107	35.25.239.26	62.126.47.73	144.21.95.231
131.232.71.173	104.242.117.231	134.45.75.160	150.178.138.138
98.121.29.65	94.49.213.233	158.252.184.147	220.227.162.235