42.115.49.128 - IPInfo

基本信息:

城市(city): Phnom Penh

省份(region): Phnom Penh

国家(country): Cambodia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): OpenNet ISP Cambodia

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
42.115.49.238	attackbots	Unauthorized connection attempt from IP address 42.115.49.238 on Port 445(SMB)	2020-06-21 21:43:37
42.115.49.223	attack	Fail2Ban Ban Triggered	2020-04-16 14:17:43

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.115.49.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58176
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.115.49.128.			IN	A

;; AUTHORITY SECTION:
.			3160	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072600 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 27 00:22:56 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 128.49.115.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 128.49.115.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
164.132.98.75	attackbots	Jun 30 16:56:58 rocket sshd[3626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.98.75 Jun 30 16:57:01 rocket sshd[3626]: Failed password for invalid user student from 164.132.98.75 port 57223 ssh2 Jun 30 16:58:31 rocket sshd[3700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.98.75 ...	2020-07-01 00:33:28
125.126.106.222	attack	attempted outlook sync	2020-07-01 01:09:13
101.39.226.235	attackbots	Port probing on unauthorized port 1433	2020-07-01 01:11:10
106.12.208.175	attack	probing for ASP exploits	2020-07-01 01:13:12
46.38.145.5	attack	2020-06-30T10:04:15.331270linuxbox-skyline auth[400734]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=grad-bot rhost=46.38.145.5 ...	2020-07-01 01:14:41
106.13.123.29	attackspambots	2020-06-30T15:50:03.370529mail.csmailer.org sshd[18888]: Invalid user it from 106.13.123.29 port 36192 2020-06-30T15:50:03.373983mail.csmailer.org sshd[18888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.123.29 2020-06-30T15:50:03.370529mail.csmailer.org sshd[18888]: Invalid user it from 106.13.123.29 port 36192 2020-06-30T15:50:05.486769mail.csmailer.org sshd[18888]: Failed password for invalid user it from 106.13.123.29 port 36192 ssh2 2020-06-30T15:51:21.003997mail.csmailer.org sshd[19154]: Invalid user db from 106.13.123.29 port 49882 ...	2020-07-01 01:10:09
51.68.251.202	attackspambots	Jun 30 15:37:33 ns392434 sshd[11671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.251.202 user=root Jun 30 15:37:35 ns392434 sshd[11671]: Failed password for root from 51.68.251.202 port 38268 ssh2 Jun 30 15:42:37 ns392434 sshd[11832]: Invalid user ubuntu from 51.68.251.202 port 56858 Jun 30 15:42:37 ns392434 sshd[11832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.251.202 Jun 30 15:42:37 ns392434 sshd[11832]: Invalid user ubuntu from 51.68.251.202 port 56858 Jun 30 15:42:39 ns392434 sshd[11832]: Failed password for invalid user ubuntu from 51.68.251.202 port 56858 ssh2 Jun 30 15:45:43 ns392434 sshd[11873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.251.202 user=root Jun 30 15:45:45 ns392434 sshd[11873]: Failed password for root from 51.68.251.202 port 55546 ssh2 Jun 30 15:48:40 ns392434 sshd[11931]: Invalid user jm from 51.68.251.202 port 54220	2020-07-01 00:38:13
140.143.228.18	attack	$f2bV_matches	2020-07-01 00:53:17
104.248.144.208	attack	104.248.144.208 - - [30/Jun/2020:13:44:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [30/Jun/2020:13:44:13 +0100] "POST /wp-login.php HTTP/1.1" 200 1924 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [30/Jun/2020:13:44:15 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-01 00:47:22
222.186.15.115	attackspam	Jun 30 12:10:01 NPSTNNYC01T sshd[30688]: Failed password for root from 222.186.15.115 port 57388 ssh2 Jun 30 12:10:12 NPSTNNYC01T sshd[30698]: Failed password for root from 222.186.15.115 port 31022 ssh2 ...	2020-07-01 00:29:55
186.215.83.103	attackbots	firewall-block, port(s): 445/tcp	2020-07-01 01:17:28
129.226.53.203	attackbotsspam	Multiple SSH authentication failures from 129.226.53.203	2020-07-01 00:47:05
69.243.180.163	attackbots	Jun 30 15:21:18 server2 sshd\[29960\]: Invalid user admin from 69.243.180.163 Jun 30 15:21:20 server2 sshd\[29962\]: User root from c-69-243-180-163.hsd1.il.comcast.net not allowed because not listed in AllowUsers Jun 30 15:21:21 server2 sshd\[29964\]: Invalid user admin from 69.243.180.163 Jun 30 15:21:22 server2 sshd\[29968\]: Invalid user admin from 69.243.180.163 Jun 30 15:21:23 server2 sshd\[29970\]: Invalid user admin from 69.243.180.163 Jun 30 15:21:24 server2 sshd\[29972\]: User apache from c-69-243-180-163.hsd1.il.comcast.net not allowed because not listed in AllowUsers	2020-07-01 00:44:37
14.154.28.108	attackspambots	20 attempts against mh-ssh on seed	2020-07-01 01:19:16
96.126.126.239	attack	Lines containing failures of 96.126.126.239 Jun 30 13:40:02 mc postfix/smtpd[14837]: connect from anzeige.phplist.com[96.126.126.239] Jun 30 13:40:03 mc postfix/smtpd[14837]: Anonymous TLS connection established from anzeige.phplist.com[96.126.126.239]: TLSv1.2 whostnameh cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bhostnames) Jun 30 13:40:38 mc postgrey[16463]: action=greylist, reason=new, client_name=anzeige.phplist.com, client_address=96.126.126.239, sender=x@x recipient=x@x Jun 30 13:40:39 mc postfix/smtpd[14837]: disconnect from anzeige.phplist.com[96.126.126.239] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 eclipset=1 quhostname=1 commands=6/8 Jun 30 13:40:44 mc postfix/smtpd[14837]: connect from anzeige.phplist.com[96.126.126.239] Jun 30 13:40:45 mc postfix/smtpd[14837]: Anonymous TLS connection established from anzeige.phplist.com[96.126.126.239]: TLSv1.2 whostnameh cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bhostnames) Jun 30 13:40:45 mc postgrey[16463]: action=g........ ------------------------------	2020-07-01 01:05:22

最近上报的IP列表

129.28.148.242	14.236.10.180	180.179.41.195	103.207.46.246
50.59.18.221	64.147.225.193	95.165.162.145	156.242.72.100
92.67.94.188	156.54.173.75	218.250.122.161	117.44.60.242
152.88.105.210	149.23.166.241	53.125.248.245	122.176.46.13
46.136.42.222	51.255.234.209	62.127.149.211	39.253.101.179