42.116.62.141 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	scan z	2019-08-16 11:40:31

相同子网IP讨论:

IP	类型	评论内容	时间
42.116.62.207	attackbots	(Oct 4) LEN=40 TTL=47 ID=57782 TCP DPT=8080 WINDOW=17011 SYN (Oct 4) LEN=40 TTL=47 ID=7783 TCP DPT=8080 WINDOW=14616 SYN (Oct 3) LEN=40 TTL=47 ID=23215 TCP DPT=8080 WINDOW=17011 SYN (Oct 3) LEN=40 TTL=47 ID=60084 TCP DPT=8080 WINDOW=17011 SYN (Oct 3) LEN=40 TTL=47 ID=40399 TCP DPT=8080 WINDOW=14616 SYN (Oct 2) LEN=40 TTL=47 ID=62513 TCP DPT=8080 WINDOW=36779 SYN (Oct 2) LEN=40 TTL=47 ID=32290 TCP DPT=8080 WINDOW=17011 SYN (Oct 2) LEN=40 TTL=47 ID=19087 TCP DPT=8080 WINDOW=17011 SYN (Oct 1) LEN=40 TTL=47 ID=4240 TCP DPT=8080 WINDOW=14616 SYN (Oct 1) LEN=40 TTL=47 ID=55868 TCP DPT=8080 WINDOW=17011 SYN (Oct 1) LEN=40 TTL=47 ID=3737 TCP DPT=8080 WINDOW=36779 SYN (Oct 1) LEN=40 TTL=47 ID=33409 TCP DPT=8080 WINDOW=3123 SYN (Oct 1) LEN=40 TTL=47 ID=2502 TCP DPT=8080 WINDOW=14616 SYN (Oct 1) LEN=40 TTL=43 ID=64406 TCP DPT=8080 WINDOW=17011 SYN	2019-10-04 22:29:19

类型

评论内容

时间

42.116.62.207

attackbots

(Oct  4)  LEN=40 TTL=47 ID=57782 TCP DPT=8080 WINDOW=17011 SYN 
 (Oct  4)  LEN=40 TTL=47 ID=7783 TCP DPT=8080 WINDOW=14616 SYN 
 (Oct  3)  LEN=40 TTL=47 ID=23215 TCP DPT=8080 WINDOW=17011 SYN 
 (Oct  3)  LEN=40 TTL=47 ID=60084 TCP DPT=8080 WINDOW=17011 SYN 
 (Oct  3)  LEN=40 TTL=47 ID=40399 TCP DPT=8080 WINDOW=14616 SYN 
 (Oct  2)  LEN=40 TTL=47 ID=62513 TCP DPT=8080 WINDOW=36779 SYN 
 (Oct  2)  LEN=40 TTL=47 ID=32290 TCP DPT=8080 WINDOW=17011 SYN 
 (Oct  2)  LEN=40 TTL=47 ID=19087 TCP DPT=8080 WINDOW=17011 SYN 
 (Oct  1)  LEN=40 TTL=47 ID=4240 TCP DPT=8080 WINDOW=14616 SYN 
 (Oct  1)  LEN=40 TTL=47 ID=55868 TCP DPT=8080 WINDOW=17011 SYN 
 (Oct  1)  LEN=40 TTL=47 ID=3737 TCP DPT=8080 WINDOW=36779 SYN 
 (Oct  1)  LEN=40 TTL=47 ID=33409 TCP DPT=8080 WINDOW=3123 SYN 
 (Oct  1)  LEN=40 TTL=47 ID=2502 TCP DPT=8080 WINDOW=14616 SYN 
 (Oct  1)  LEN=40 TTL=43 ID=64406 TCP DPT=8080 WINDOW=17011 SYN

2019-10-04 22:29:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.116.62.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5330
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.116.62.141.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081503 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 16 11:40:19 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 141.62.116.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 141.62.116.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
104.236.228.46	attack	ssh brute force	2019-12-30 19:28:24
132.232.14.180	attack	Dec 30 17:13:13 webhost01 sshd[12886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.14.180 Dec 30 17:13:14 webhost01 sshd[12886]: Failed password for invalid user test from 132.232.14.180 port 52804 ssh2 ...	2019-12-30 19:14:47
2001:278:1033:8::78:249	attackspambots	xmlrpc attack	2019-12-30 19:34:28
113.177.134.162	attackspambots	Lines containing failures of 113.177.134.162 Dec 30 07:06:06 shared06 sshd[7853]: Invalid user admin from 113.177.134.162 port 35624 Dec 30 07:06:06 shared06 sshd[7853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.177.134.162 Dec 30 07:06:08 shared06 sshd[7853]: Failed password for invalid user admin from 113.177.134.162 port 35624 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.177.134.162	2019-12-30 19:07:26
78.191.145.253	attack	Unauthorized connection attempt detected from IP address 78.191.145.253 to port 22	2019-12-30 19:22:51
200.98.139.167	attackspambots	Dec 30 12:01:30 tuxlinux sshd[24137]: Invalid user user from 200.98.139.167 port 50818 Dec 30 12:01:30 tuxlinux sshd[24137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.98.139.167 Dec 30 12:01:30 tuxlinux sshd[24137]: Invalid user user from 200.98.139.167 port 50818 Dec 30 12:01:30 tuxlinux sshd[24137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.98.139.167 Dec 30 12:01:30 tuxlinux sshd[24137]: Invalid user user from 200.98.139.167 port 50818 Dec 30 12:01:30 tuxlinux sshd[24137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.98.139.167 Dec 30 12:01:32 tuxlinux sshd[24137]: Failed password for invalid user user from 200.98.139.167 port 50818 ssh2 ...	2019-12-30 19:08:15
88.147.116.7	attackspambots	Telnet Server BruteForce Attack	2019-12-30 19:02:23
79.166.112.142	attackbots	Telnet Server BruteForce Attack	2019-12-30 19:10:06
2607:f298:5:103f::2a2:b406	attack	Automatically reported by fail2ban report script (mx1)	2019-12-30 19:36:58
199.58.86.211	attackbots	Automatic report - Banned IP Access	2019-12-30 19:17:38
177.126.165.170	attackbots	SSH/22 MH Probe, BF, Hack -	2019-12-30 19:11:28
218.92.0.192	attackspambots	Dec 30 17:19:26 itv-usvr-01 sshd[18771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.192 user=root Dec 30 17:19:28 itv-usvr-01 sshd[18771]: Failed password for root from 218.92.0.192 port 56068 ssh2	2019-12-30 19:06:29
34.217.126.211	attackbots	Automatic report - XMLRPC Attack	2019-12-30 19:10:26
128.199.158.182	attackbotsspam	128.199.158.182 - - \[30/Dec/2019:11:29:59 +0100\] "POST /wp-login.php HTTP/1.0" 200 7544 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 128.199.158.182 - - \[30/Dec/2019:11:30:02 +0100\] "POST /wp-login.php HTTP/1.0" 200 7411 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 128.199.158.182 - - \[30/Dec/2019:11:30:05 +0100\] "POST /wp-login.php HTTP/1.0" 200 7407 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-12-30 19:25:12
2002:b988:a36b::b988:a36b	attack	[MonDec3007:24:29.1119032019][:error][pid17852:tid47296993572608][client2002:b988:a36b::b988:a36b:55508][client2002:b988:a36b::b988:a36b]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(\^w3c-\\|systran\\\\\\\\\)\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"237"][id"331039"][rev"1"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(Python-urllib\).DisablethisruleifyouusePython-urllib."][severity"CRITICAL"][hostname"ilgiornaledelticino.ch"][uri"/vendor/phpunit/php-timer/composer.json"][unique_id"XgmYHVXdhrL7w79l-lHgxAAAAEo"][MonDec3007:24:48.5045932019][:error][pid17613:tid47296993572608][client2002:b988:a36b::b988:a36b:57712][client2002:b988:a36b::b988:a36b]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(\^w3c-\\|systran\\\\\\\\\)\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"237"][id"331039"][rev"1"][msg"Atomicorp.co	2019-12-30 18:59:39

最近上报的IP列表

73.68.52.205	77.30.236.214	110.87.106.162	62.234.95.148
144.31.244.43	113.104.128.187	26.235.159.213	103.221.254.73
191.7.116.219	113.233.77.54	114.240.126.98	186.225.51.58
91.98.59.202	88.214.11.71	150.214.153.40	187.120.136.166
171.241.236.149	230.63.103.229	61.191.61.169	185.139.236.20