42.114.1.219 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH bruteforce more then 50 syn to 22 port per 10 seconds.	2020-03-12 18:44:22

相同子网IP讨论:

IP	类型	评论内容	时间
42.114.12.225	attack	Unauthorized connection attempt from IP address 42.114.12.225 on Port 445(SMB)	2020-09-01 18:47:23
42.114.112.213	attackbotsspam	1598732822 - 08/29/2020 22:27:02 Host: 42.114.112.213/42.114.112.213 Port: 445 TCP Blocked	2020-08-30 05:43:45
42.114.162.107	attackspambots	1598616236 - 08/28/2020 14:03:56 Host: 42.114.162.107/42.114.162.107 Port: 445 TCP Blocked	2020-08-29 02:13:34
42.114.113.98	attackspambots	Unauthorized connection attempt from IP address 42.114.113.98 on Port 445(SMB)	2020-08-13 20:22:35
42.114.126.120	attackbots	Port probing on unauthorized port 23	2020-08-13 01:48:07
42.114.195.170	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-02 02:41:52
42.114.195.148	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-02 01:39:51
42.114.162.15	attack	1594439408 - 07/11/2020 05:50:08 Host: 42.114.162.15/42.114.162.15 Port: 445 TCP Blocked	2020-07-11 18:27:05
42.114.150.19	attack	TCP (SYN) 42.114.150.19:24377 -> port 23, len 44	2020-07-09 19:36:07
42.114.162.87	attackbots	1593847074 - 07/04/2020 09:17:54 Host: 42.114.162.87/42.114.162.87 Port: 445 TCP Blocked	2020-07-04 18:53:32
42.114.170.212	attackbots	Jun 28 05:53:44 debian-2gb-nbg1-2 kernel: \[15575073.274730\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=42.114.170.212 DST=195.201.40.59 LEN=130 TOS=0x00 PREC=0x00 TTL=112 ID=47779 PROTO=UDP SPT=52231 DPT=58592 LEN=110	2020-06-28 15:01:21
42.114.12.86	attackbots	Unauthorized connection attempt from IP address 42.114.12.86 on Port 445(SMB)	2020-06-17 01:02:57
42.114.170.55	attackbotsspam	1591588018 - 06/08/2020 05:46:58 Host: 42.114.170.55/42.114.170.55 Port: 445 TCP Blocked	2020-06-08 19:06:25
42.114.182.94	attack	445/tcp 445/tcp [2020-06-08]2pkt	2020-06-08 13:39:36
42.114.121.152	attack	kidness.family 42.114.121.152 [04/Jun/2020:05:58:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4265 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" kidness.family 42.114.121.152 [04/Jun/2020:05:59:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4265 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"	2020-06-04 12:09:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.114.1.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38074
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.114.1.219.			IN	A

;; AUTHORITY SECTION:
.			393	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031200 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 12 18:44:19 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 219.1.114.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 219.1.114.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
149.56.141.193	attackspam	Oct 21 05:38:08 webhost01 sshd[15599]: Failed password for root from 149.56.141.193 port 51994 ssh2 ...	2019-10-21 07:05:21
125.224.17.223	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/125.224.17.223/ TW - 1H : (147) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 125.224.17.223 CIDR : 125.224.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 ATTACKS DETECTED ASN3462 : 1H - 3 3H - 12 6H - 18 12H - 48 24H - 139 DateTime : 2019-10-20 22:23:58 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-21 07:27:12
182.106.217.138	attack	Oct 19 01:58:29 linuxrulz sshd[19887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.106.217.138 user=r.r Oct 19 01:58:31 linuxrulz sshd[19887]: Failed password for r.r from 182.106.217.138 port 34233 ssh2 Oct 19 01:58:31 linuxrulz sshd[19887]: Received disconnect from 182.106.217.138 port 34233:11: Bye Bye [preauth] Oct 19 01:58:31 linuxrulz sshd[19887]: Disconnected from 182.106.217.138 port 34233 [preauth] Oct 19 02:23:51 linuxrulz sshd[23380]: Invalid user helpdesk from 182.106.217.138 port 45300 Oct 19 02:23:51 linuxrulz sshd[23380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.106.217.138 Oct 19 02:23:53 linuxrulz sshd[23380]: Failed password for invalid user helpdesk from 182.106.217.138 port 45300 ssh2 Oct 19 02:23:53 linuxrulz sshd[23380]: Received disconnect from 182.106.217.138 port 45300:11: Bye Bye [preauth] Oct 19 02:23:53 linuxrulz sshd[23380]: Disconnected from ........ -------------------------------	2019-10-21 07:27:25
182.219.172.224	attack	Oct 20 12:12:10 php1 sshd\[16845\]: Invalid user wpyan from 182.219.172.224 Oct 20 12:12:10 php1 sshd\[16845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.219.172.224 Oct 20 12:12:12 php1 sshd\[16845\]: Failed password for invalid user wpyan from 182.219.172.224 port 40860 ssh2 Oct 20 12:17:09 php1 sshd\[17234\]: Invalid user locallocal from 182.219.172.224 Oct 20 12:17:09 php1 sshd\[17234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.219.172.224	2019-10-21 06:48:38
223.220.159.78	attackspambots	2019-10-20T22:28:39.827950abusebot-5.cloudsearch.cf sshd\[26925\]: Invalid user waggoner from 223.220.159.78 port 42713	2019-10-21 06:47:54
165.22.101.190	attackbotsspam	Fail2Ban Ban Triggered	2019-10-21 06:43:07
191.36.246.167	attackbots	2019-10-20T22:39:32.890245abusebot-5.cloudsearch.cf sshd\[27087\]: Invalid user joanna from 191.36.246.167 port 18074 2019-10-20T22:39:32.894643abusebot-5.cloudsearch.cf sshd\[27087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.36.246.167	2019-10-21 07:11:45
159.203.201.24	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-21 06:46:26
5.189.181.29	attackspambots	Oct 21 00:34:18 vps691689 sshd[16313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.189.181.29 Oct 21 00:34:19 vps691689 sshd[16313]: Failed password for invalid user gl from 5.189.181.29 port 34864 ssh2 ...	2019-10-21 07:04:53
59.126.43.218	attackbotsspam	" "	2019-10-21 06:39:00
106.12.13.143	attackbotsspam	Oct 20 22:21:50 localhost sshd\[99576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.143 user=root Oct 20 22:21:52 localhost sshd\[99576\]: Failed password for root from 106.12.13.143 port 33490 ssh2 Oct 20 22:26:21 localhost sshd\[99741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.143 user=root Oct 20 22:26:23 localhost sshd\[99741\]: Failed password for root from 106.12.13.143 port 43556 ssh2 Oct 20 22:30:44 localhost sshd\[99875\]: Invalid user oo from 106.12.13.143 port 53652 Oct 20 22:30:44 localhost sshd\[99875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.143 ...	2019-10-21 06:50:06
84.14.254.44	attack	Honeypot attack, port: 445, PTR: 44.254-14-84.ripe.coltfrance.com.	2019-10-21 06:39:44
222.186.175.150	attackbots	2019-10-20T22:47:37.143983abusebot-8.cloudsearch.cf sshd\[14801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.150 user=root	2019-10-21 06:55:31
198.27.70.174	attackspambots	$f2bV_matches	2019-10-21 07:26:38
157.245.111.175	attack	Oct 21 00:48:38 meumeu sshd[27954]: Failed password for root from 157.245.111.175 port 37522 ssh2 Oct 21 00:53:14 meumeu sshd[28693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.111.175 Oct 21 00:53:16 meumeu sshd[28693]: Failed password for invalid user rmsupd from 157.245.111.175 port 49088 ssh2 ...	2019-10-21 07:07:53

最近上报的IP列表

129.211.15.146	223.150.218.85	171.114.101.248	116.102.168.3
185.243.216.47	91.201.243.238	36.79.222.242	103.140.238.187
61.19.183.48	49.49.251.116	2400:6180:100:d0::8f2:5001	180.76.152.18
125.162.117.231	125.24.70.123	36.72.213.119	200.59.189.122
185.248.140.184	212.125.185.17	189.133.232.140	93.157.144.85

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表