42.113.157.125

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Lines containing failures of 42.113.157.125 Jul 3 04:02:48 shared03 sshd[8217]: Did not receive identification string from 42.113.157.125 port 48819 Jul 3 04:02:51 shared03 sshd[8221]: Invalid user noc from 42.113.157.125 port 16167 Jul 3 04:02:51 shared03 sshd[8221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.113.157.125 Jul 3 04:02:53 shared03 sshd[8221]: Failed password for invalid user noc from 42.113.157.125 port 16167 ssh2 Jul 3 04:02:53 shared03 sshd[8221]: Connection closed by invalid user noc 42.113.157.125 port 16167 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.113.157.125	2020-07-03 23:14:45

类型

评论内容

时间

attackspambots

Lines containing failures of 42.113.157.125
Jul  3 04:02:48 shared03 sshd[8217]: Did not receive identification string from 42.113.157.125 port 48819
Jul  3 04:02:51 shared03 sshd[8221]: Invalid user noc from 42.113.157.125 port 16167
Jul  3 04:02:51 shared03 sshd[8221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.113.157.125
Jul  3 04:02:53 shared03 sshd[8221]: Failed password for invalid user noc from 42.113.157.125 port 16167 ssh2
Jul  3 04:02:53 shared03 sshd[8221]: Connection closed by invalid user noc 42.113.157.125 port 16167 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=42.113.157.125

2020-07-03 23:14:45

相同子网IP讨论:

IP	类型	评论内容	时间
42.113.157.251	attack	Unauthorized connection attempt from IP address 42.113.157.251 on Port 445(SMB)	2019-12-24 19:15:35

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.113.157.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18524
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.113.157.125.			IN	A

;; AUTHORITY SECTION:
.			244	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070202 1800 900 604800 86400

;; Query time: 80 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 03 10:17:11 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 125.157.113.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 125.157.113.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
45.143.220.56	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-21 02:50:50
118.91.255.14	attack	Nov 20 15:42:10 serwer sshd\[3652\]: Invalid user nold from 118.91.255.14 port 46922 Nov 20 15:42:10 serwer sshd\[3652\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.91.255.14 Nov 20 15:42:12 serwer sshd\[3652\]: Failed password for invalid user nold from 118.91.255.14 port 46922 ssh2 ...	2019-11-21 02:26:07
181.115.249.209	attackbots	$f2bV_matches	2019-11-21 02:36:05
112.85.42.94	attackspambots	Nov 20 19:39:45 ArkNodeAT sshd\[460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.94 user=root Nov 20 19:39:48 ArkNodeAT sshd\[460\]: Failed password for root from 112.85.42.94 port 19257 ssh2 Nov 20 19:40:41 ArkNodeAT sshd\[876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.94 user=root	2019-11-21 02:53:04
139.217.223.143	attackbots	$f2bV_matches	2019-11-21 02:57:57
148.70.84.130	attackspam	Nov 20 18:29:22 localhost sshd\[129213\]: Invalid user dario from 148.70.84.130 port 34718 Nov 20 18:29:22 localhost sshd\[129213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.84.130 Nov 20 18:29:24 localhost sshd\[129213\]: Failed password for invalid user dario from 148.70.84.130 port 34718 ssh2 Nov 20 18:33:50 localhost sshd\[129323\]: Invalid user minecraft2 from 148.70.84.130 port 49022 Nov 20 18:33:50 localhost sshd\[129323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.84.130 ...	2019-11-21 02:36:34
147.135.94.186	attack	scan invisible???	2019-11-21 02:41:34
62.232.178.10	attackbots	Nov 20 15:41:23 MK-Soft-VM8 sshd[23375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.232.178.10 Nov 20 15:41:24 MK-Soft-VM8 sshd[23375]: Failed password for invalid user admin from 62.232.178.10 port 57315 ssh2 ...	2019-11-21 02:48:46
89.205.8.237	attack	Nov 20 17:50:22 vpn01 sshd[19839]: Failed password for root from 89.205.8.237 port 33674 ssh2 ...	2019-11-21 02:30:22
113.190.225.170	attackbotsspam	Nov 20 08:41:04 mailman postfix/smtpd[26144]: warning: unknown[113.190.225.170]: SASL PLAIN authentication failed: authentication failure	2019-11-21 02:55:28
45.227.253.211	attackbotsspam	Nov 20 19:51:34 relay postfix/smtpd\[8360\]: warning: unknown\[45.227.253.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 20 19:51:41 relay postfix/smtpd\[1453\]: warning: unknown\[45.227.253.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 20 19:52:01 relay postfix/smtpd\[31611\]: warning: unknown\[45.227.253.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 20 19:52:08 relay postfix/smtpd\[8360\]: warning: unknown\[45.227.253.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 20 19:55:07 relay postfix/smtpd\[30570\]: warning: unknown\[45.227.253.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-21 03:00:11
81.171.98.128	attack	\[2019-11-20 13:27:13\] NOTICE\[2754\] chan_sip.c: Registration from '\' failed for '81.171.98.128:62993' - Wrong password \[2019-11-20 13:27:13\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-20T13:27:13.647-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="449",SessionID="0x7f26c485fc08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.98.128/62993",Challenge="1576b14f",ReceivedChallenge="1576b14f",ReceivedHash="27b2e07d63f4874bdfb6a87d9abd9ec3" \[2019-11-20 13:28:03\] NOTICE\[2754\] chan_sip.c: Registration from '\' failed for '81.171.98.128:51253' - Wrong password \[2019-11-20 13:28:03\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-20T13:28:03.713-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="8768",SessionID="0x7f26c485fc08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.98.1	2019-11-21 02:40:06
119.29.195.107	attackspambots	IP blocked	2019-11-21 02:46:29
171.246.108.244	attackbots	Automatic report - Port Scan Attack	2019-11-21 02:44:22
51.254.201.67	attack	Nov 20 17:57:39 SilenceServices sshd[32427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.201.67 Nov 20 17:57:41 SilenceServices sshd[32427]: Failed password for invalid user maryse from 51.254.201.67 port 54268 ssh2 Nov 20 18:01:18 SilenceServices sshd[1099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.201.67	2019-11-21 02:28:08

最近上报的IP列表

228.240.90.248	181.188.183.42	187.96.192.138	18.145.206.42
121.166.245.171	101.161.76.91	222.194.49.72	27.72.105.41
159.203.36.107	35.25.239.26	62.126.47.73	144.21.95.231
131.232.71.173	104.242.117.231	134.45.75.160	150.178.138.138
98.121.29.65	94.49.213.233	158.252.184.147	220.227.162.235