42.114.149.43 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorised access (Oct 9) SRC=42.114.149.43 LEN=40 TTL=47 ID=34594 TCP DPT=8080 WINDOW=47025 SYN Unauthorised access (Oct 8) SRC=42.114.149.43 LEN=40 TTL=47 ID=55331 TCP DPT=8080 WINDOW=60770 SYN Unauthorised access (Oct 8) SRC=42.114.149.43 LEN=40 TTL=47 ID=52439 TCP DPT=8080 WINDOW=60770 SYN Unauthorised access (Oct 8) SRC=42.114.149.43 LEN=40 TTL=47 ID=9034 TCP DPT=8080 WINDOW=47025 SYN Unauthorised access (Oct 8) SRC=42.114.149.43 LEN=40 TTL=47 ID=20035 TCP DPT=8080 WINDOW=47025 SYN Unauthorised access (Oct 8) SRC=42.114.149.43 LEN=40 TTL=47 ID=40371 TCP DPT=8080 WINDOW=60770 SYN	2019-10-09 19:34:18

类型

评论内容

时间

attack

Unauthorised access (Oct  9) SRC=42.114.149.43 LEN=40 TTL=47 ID=34594 TCP DPT=8080 WINDOW=47025 SYN 
Unauthorised access (Oct  8) SRC=42.114.149.43 LEN=40 TTL=47 ID=55331 TCP DPT=8080 WINDOW=60770 SYN 
Unauthorised access (Oct  8) SRC=42.114.149.43 LEN=40 TTL=47 ID=52439 TCP DPT=8080 WINDOW=60770 SYN 
Unauthorised access (Oct  8) SRC=42.114.149.43 LEN=40 TTL=47 ID=9034 TCP DPT=8080 WINDOW=47025 SYN 
Unauthorised access (Oct  8) SRC=42.114.149.43 LEN=40 TTL=47 ID=20035 TCP DPT=8080 WINDOW=47025 SYN 
Unauthorised access (Oct  8) SRC=42.114.149.43 LEN=40 TTL=47 ID=40371 TCP DPT=8080 WINDOW=60770 SYN

2019-10-09 19:34:18

相同子网IP讨论:

IP	类型	评论内容	时间
42.114.149.174	attackspam	Unauthorized connection attempt detected from IP address 42.114.149.174 to port 445 [T]	2020-03-24 22:45:40
42.114.149.116	attack	1580878287 - 02/05/2020 05:51:27 Host: 42.114.149.116/42.114.149.116 Port: 445 TCP Blocked	2020-02-05 21:44:04

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.114.149.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28869
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.114.149.43.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100900 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 09 19:34:14 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 43.149.114.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 43.149.114.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
197.37.207.172	attackspam	Lines containing failures of 197.37.207.172 Nov 24 07:06:56 shared10 sshd[11646]: Invalid user admin from 197.37.207.172 port 46773 Nov 24 07:06:56 shared10 sshd[11646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.37.207.172 Nov 24 07:06:58 shared10 sshd[11646]: Failed password for invalid user admin from 197.37.207.172 port 46773 ssh2 Nov 24 07:06:58 shared10 sshd[11646]: Connection closed by invalid user admin 197.37.207.172 port 46773 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=197.37.207.172	2019-11-24 17:21:12
152.136.180.82	attackbotsspam	11/24/2019-03:58:04.592706 152.136.180.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-24 17:49:30
77.40.29.88	attackspam	Nov 24 07:03:57 izar postfix/smtpd[15195]: warning: hostname 88.29.pppoe.mari-el.ru does not resolve to address 77.40.29.88: Name or service not known Nov 24 07:03:57 izar postfix/smtpd[15195]: connect from unknown[77.40.29.88] Nov 24 07:03:58 izar postfix/smtpd[15195]: warning: unknown[77.40.29.88]: SASL LOGIN authentication failed: authentication failure Nov 24 07:03:58 izar postfix/smtpd[15195]: disconnect from unknown[77.40.29.88] Nov 24 07:04:44 izar postfix/smtpd[15195]: warning: hostname 88.29.pppoe.mari-el.ru does not resolve to address 77.40.29.88: Name or service not known Nov 24 07:04:44 izar postfix/smtpd[15195]: connect from unknown[77.40.29.88] Nov 24 07:04:45 izar postfix/smtpd[15195]: warning: unknown[77.40.29.88]: SASL LOGIN authentication failed: authentication failure Nov 24 07:04:45 izar postfix/smtpd[15195]: disconnect from unknown[77.40.29.88] Nov 24 07:05:39 izar postfix/smtpd[15195]: warning: hostname 88.29.pppoe.mari-el.ru does not resolve to ad........ -------------------------------	2019-11-24 17:13:57
123.207.233.222	attack	Nov 24 10:05:19 meumeu sshd[7914]: Failed password for root from 123.207.233.222 port 59922 ssh2 Nov 24 10:13:11 meumeu sshd[8902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.233.222 Nov 24 10:13:14 meumeu sshd[8902]: Failed password for invalid user zczyz from 123.207.233.222 port 36740 ssh2 ...	2019-11-24 17:28:36
42.159.132.238	attackbots	Nov 24 03:21:21 ws22vmsma01 sshd[60956]: Failed password for root from 42.159.132.238 port 56164 ssh2 Nov 24 03:25:10 ws22vmsma01 sshd[68633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.132.238 ...	2019-11-24 17:42:55
177.34.125.113	attack	Nov 24 09:52:41 MK-Soft-VM7 sshd[12671]: Failed password for root from 177.34.125.113 port 57855 ssh2 ...	2019-11-24 17:43:48
82.81.103.245	attackspambots	Automatic report - Port Scan Attack	2019-11-24 17:19:57
69.12.68.167	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-24 17:25:50
80.68.188.87	attackspam	Nov 23 20:32:50 web9 sshd\[24713\]: Invalid user gj from 80.68.188.87 Nov 23 20:32:50 web9 sshd\[24713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.68.188.87 Nov 23 20:32:52 web9 sshd\[24713\]: Failed password for invalid user gj from 80.68.188.87 port 37657 ssh2 Nov 23 20:40:42 web9 sshd\[25667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.68.188.87 user=root Nov 23 20:40:44 web9 sshd\[25667\]: Failed password for root from 80.68.188.87 port 56616 ssh2	2019-11-24 17:16:52
185.175.93.21	attack	Portscan or hack attempt detected by psad/fwsnort	2019-11-24 17:39:34
106.13.4.172	attackspambots	Nov 24 07:24:49 MK-Soft-VM8 sshd[6565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.172 Nov 24 07:24:51 MK-Soft-VM8 sshd[6565]: Failed password for invalid user danshiro from 106.13.4.172 port 56448 ssh2 ...	2019-11-24 17:50:50
96.11.211.180	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-11-24 17:30:47
35.228.188.244	attack	Nov 24 09:00:37 sd-53420 sshd\[30269\]: Invalid user operator from 35.228.188.244 Nov 24 09:00:37 sd-53420 sshd\[30269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.228.188.244 Nov 24 09:00:40 sd-53420 sshd\[30269\]: Failed password for invalid user operator from 35.228.188.244 port 41504 ssh2 Nov 24 09:04:07 sd-53420 sshd\[31274\]: User root from 35.228.188.244 not allowed because none of user's groups are listed in AllowGroups Nov 24 09:04:07 sd-53420 sshd\[31274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.228.188.244 user=root ...	2019-11-24 17:18:27
114.88.99.16	attack	Nov 24 01:15:28 eola postfix/smtpd[27296]: connect from unknown[114.88.99.16] Nov 24 01:15:29 eola postfix/smtpd[27296]: lost connection after AUTH from unknown[114.88.99.16] Nov 24 01:15:29 eola postfix/smtpd[27296]: disconnect from unknown[114.88.99.16] ehlo=1 auth=0/1 commands=1/2 Nov 24 01:15:30 eola postfix/smtpd[27296]: connect from unknown[114.88.99.16] Nov 24 01:15:30 eola postfix/smtpd[27296]: lost connection after AUTH from unknown[114.88.99.16] Nov 24 01:15:30 eola postfix/smtpd[27296]: disconnect from unknown[114.88.99.16] ehlo=1 auth=0/1 commands=1/2 Nov 24 01:15:31 eola postfix/smtpd[27296]: connect from unknown[114.88.99.16] Nov 24 01:15:32 eola postfix/smtpd[27296]: lost connection after AUTH from unknown[114.88.99.16] Nov 24 01:15:32 eola postfix/smtpd[27296]: disconnect from unknown[114.88.99.16] ehlo=1 auth=0/1 commands=1/2 Nov 24 01:15:32 eola postfix/smtpd[27296]: connect from unknown[114.88.99.16] Nov 24 01:15:33 eola postfix/smtpd[27296]: lost con........ -------------------------------	2019-11-24 17:40:29
213.32.7.212	attackspam	Nov 23 23:32:24 web1 sshd\[327\]: Invalid user erenity from 213.32.7.212 Nov 23 23:32:24 web1 sshd\[327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.7.212 Nov 23 23:32:26 web1 sshd\[327\]: Failed password for invalid user erenity from 213.32.7.212 port 37062 ssh2 Nov 23 23:35:56 web1 sshd\[665\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.7.212 user=root Nov 23 23:35:59 web1 sshd\[665\]: Failed password for root from 213.32.7.212 port 44918 ssh2	2019-11-24 17:39:48

最近上报的IP列表

121.254.143.243	92.38.24.68	1.60.49.231	183.83.226.123
93.222.181.24	118.194.128.49	115.55.65.52	71.92.12.243
68.192.71.70	42.7.167.109	117.54.224.138	220.156.174.26
115.238.194.223	100.133.121.81	178.17.171.39	227.111.254.23
115.238.194.222	67.205.136.93	159.89.96.143	176.109.240.154