42.117.109.196

基本信息:

城市(city): Da Nang

省份(region): Da Nang

国家(country): Vietnam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 42.117.109.196 on Port 445(SMB)	2019-10-30 02:29:14

相同子网IP讨论:

IP	类型	评论内容	时间
42.117.109.79	attackspam	Sep 3 10:03:49 cvbmail sshd\[19407\]: Invalid user pi from 42.117.109.79 Sep 3 10:03:49 cvbmail sshd\[19408\]: Invalid user pi from 42.117.109.79 Sep 3 10:03:49 cvbmail sshd\[19407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.117.109.79	2019-09-04 00:33:17

类型

评论内容

时间

42.117.109.79

attackspam

Sep  3 10:03:49 cvbmail sshd\[19407\]: Invalid user pi from 42.117.109.79
Sep  3 10:03:49 cvbmail sshd\[19408\]: Invalid user pi from 42.117.109.79
Sep  3 10:03:49 cvbmail sshd\[19407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.117.109.79

2019-09-04 00:33:17

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.117.109.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33956
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.117.109.196.			IN	A

;; AUTHORITY SECTION:
.			401	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102901 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 02:29:10 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 196.109.117.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 196.109.117.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
218.255.139.205	attack	firewall-block, port(s): 445/tcp	2020-02-05 07:27:36
14.231.247.245	attackspambots	Unauthorized connection attempt detected from IP address 14.231.247.245 to port 22 [J]	2020-02-05 07:23:34
45.125.66.28	attackbots	Rude login attack (5 tries in 1d)	2020-02-05 07:29:02
129.211.27.10	attack	2020-02-04T13:17:34.222506linuxbox-skyline sshd[59151]: Invalid user cbs from 129.211.27.10 port 50285 ...	2020-02-05 07:48:48
95.165.153.49	attackbots	Honeypot attack, port: 445, PTR: 95-165-153-49.static.spd-mgts.ru.	2020-02-05 07:18:20
188.75.16.163	attack	Unauthorized connection attempt detected from IP address 188.75.16.163 to port 1433 [J]	2020-02-05 07:35:02
162.247.74.27	attackbotsspam	$f2bV_matches	2020-02-05 07:36:15
218.92.0.165	attack	SSH Brute Force	2020-02-05 07:35:49
13.69.153.106	attack	Feb 5 00:22:10 sd-53420 sshd\[9007\]: Invalid user psycho from 13.69.153.106 Feb 5 00:22:10 sd-53420 sshd\[9007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.69.153.106 Feb 5 00:22:12 sd-53420 sshd\[9007\]: Failed password for invalid user psycho from 13.69.153.106 port 55538 ssh2 Feb 5 00:31:20 sd-53420 sshd\[9746\]: Invalid user aruna from 13.69.153.106 Feb 5 00:31:20 sd-53420 sshd\[9746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.69.153.106 ...	2020-02-05 07:32:21
45.190.220.248	attackbots	Feb 4 14:17:35 mailman postfix/smtpd[4238]: warning: unknown[45.190.220.248]: SASL PLAIN authentication failed: authentication failure	2020-02-05 07:45:41
221.132.118.208	attack	Feb 4 21:17:55 grey postfix/smtpd\[7935\]: NOQUEUE: reject: RCPT from unknown\[221.132.118.208\]: 554 5.7.1 Service unavailable\; Client host \[221.132.118.208\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=221.132.118.208\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-05 07:34:06
122.117.49.170	attackspambots	Honeypot attack, port: 81, PTR: 122-117-49-170.HINET-IP.hinet.net.	2020-02-05 07:49:13
148.72.210.28	attackbots	SASL PLAIN auth failed: ruser=...	2020-02-05 07:15:07
2.42.114.2	attackbots	81/tcp [2020-02-04]1pkt	2020-02-05 07:14:46
82.208.115.246	attack	Honeypot attack, port: 445, PTR: 82-208-115-246.dynamic.mts-nn.ru.	2020-02-05 07:40:09

最近上报的IP列表

249.2.47.187	240.9.185.177	188.55.157.181	115.21.180.250
172.86.126.204	243.94.171.137	87.179.141.72	109.29.192.193
77.4.248.193	34.205.52.79	112.107.50.248	14.186.0.173
202.125.186.125	26.28.22.237	252.181.127.198	83.149.17.50
159.109.34.181	107.222.186.126	83.90.190.135	191.75.63.55