必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:
类型 评论内容 时间
attack
Jun 26 20:02:20 itv-usvr-01 sshd[5083]: Invalid user support from 42.118.1.20
Jun 26 20:02:20 itv-usvr-01 sshd[5083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.1.20
Jun 26 20:02:20 itv-usvr-01 sshd[5083]: Invalid user support from 42.118.1.20
Jun 26 20:02:21 itv-usvr-01 sshd[5083]: Failed password for invalid user support from 42.118.1.20 port 47788 ssh2
Jun 26 20:02:22 itv-usvr-01 sshd[5085]: Invalid user admin from 42.118.1.20
2019-06-27 05:48:58
相同子网IP讨论:
IP 类型 评论内容 时间
42.118.1.184 attackbotsspam
445/tcp 445/tcp
[2020-10-11]2pkt
2020-10-12 20:45:21
42.118.1.184 attackspambots
445/tcp 445/tcp
[2020-10-11]2pkt
2020-10-12 12:14:21
42.118.121.252 attackspambots
2020-09-14T20:08:24.373954hostname sshd[70063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252  user=root
2020-09-14T20:08:26.670612hostname sshd[70063]: Failed password for root from 42.118.121.252 port 22598 ssh2
...
2020-09-14 22:23:05
42.118.121.252 attack
Sep 14 06:07:17 ns382633 sshd\[2233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252  user=root
Sep 14 06:07:20 ns382633 sshd\[2233\]: Failed password for root from 42.118.121.252 port 20196 ssh2
Sep 14 06:18:27 ns382633 sshd\[4167\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252  user=root
Sep 14 06:18:29 ns382633 sshd\[4167\]: Failed password for root from 42.118.121.252 port 40642 ssh2
Sep 14 06:23:03 ns382633 sshd\[4993\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252  user=root
2020-09-14 14:14:24
42.118.145.176 attackbotsspam
Honeypot attack, port: 445, PTR: PTR record not found
2020-09-07 22:35:22
42.118.145.176 attack
Honeypot attack, port: 445, PTR: PTR record not found
2020-09-07 14:16:20
42.118.145.176 attack
Honeypot attack, port: 445, PTR: PTR record not found
2020-09-07 06:49:10
42.118.129.58 attack
Automatic report - Port Scan Attack
2020-09-01 12:35:23
42.118.180.109 attack
Attempted connection to port 445.
2020-08-30 17:27:31
42.118.142.1 attack
2020-08-26 22:36:52.049113-0500  localhost smtpd[75750]: NOQUEUE: reject: RCPT from unknown[42.118.142.1]: 554 5.7.1 Service unavailable; Client host [42.118.142.1] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/42.118.142.1; from= to= proto=ESMTP helo=<[42.118.142.1]>
2020-08-27 15:43:35
42.118.141.198 attackbots
Unauthorized connection attempt from IP address 42.118.141.198 on Port 445(SMB)
2020-08-19 03:27:50
42.118.157.62 attackbotsspam
1597665897 - 08/17/2020 14:04:57 Host: 42.118.157.62/42.118.157.62 Port: 445 TCP Blocked
2020-08-17 22:29:19
42.118.16.3 attackspam
 TCP (SYN) 42.118.16.3:8268 -> port 445, len 52
2020-08-13 03:08:36
42.118.100.2 attackbotsspam
MultiHost/MultiPort Probe, Scan, Hack -
2020-08-12 21:36:22
42.118.140.188 attackbotsspam
Unauthorized connection attempt from IP address 42.118.140.188 on Port 445(SMB)
2020-08-12 19:15:13
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.118.1.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16711
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.118.1.20.			IN	A

;; AUTHORITY SECTION:
.			3219	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062602 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 27 05:48:53 CST 2019
;; MSG SIZE  rcvd: 115
HOST信息:
Host 20.1.118.42.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 20.1.118.42.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
104.248.237.238 attackbots
Dec 20 17:53:00 server sshd\[5393\]: Invalid user ravnskog from 104.248.237.238
Dec 20 17:53:00 server sshd\[5393\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.237.238 
Dec 20 17:53:02 server sshd\[5393\]: Failed password for invalid user ravnskog from 104.248.237.238 port 47730 ssh2
Dec 20 17:59:21 server sshd\[6850\]: Invalid user schanck from 104.248.237.238
Dec 20 17:59:21 server sshd\[6850\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.237.238 
...
2019-12-21 02:17:35
91.121.103.175 attackspambots
Nov 23 12:17:41 microserver sshd[8957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.103.175  user=root
Nov 23 12:17:43 microserver sshd[8957]: Failed password for root from 91.121.103.175 port 35508 ssh2
Nov 23 12:22:21 microserver sshd[9633]: Invalid user devra from 91.121.103.175 port 42038
Nov 23 12:22:21 microserver sshd[9633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.103.175
Nov 23 12:22:23 microserver sshd[9633]: Failed password for invalid user devra from 91.121.103.175 port 42038 ssh2
Nov 23 12:34:15 microserver sshd[11095]: Invalid user web from 91.121.103.175 port 33322
Nov 23 12:34:15 microserver sshd[11095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.103.175
Nov 23 12:34:18 microserver sshd[11095]: Failed password for invalid user web from 91.121.103.175 port 33322 ssh2
Nov 23 12:37:58 microserver sshd[11705]: Invalid user minerv from 91.121.1
2019-12-21 02:46:12
49.213.27.19 attackbotsspam
Attempt to attack host OS, exploiting network vulnerabilities, on 20-12-2019 14:51:02.
2019-12-21 02:48:29
123.138.111.239 attackspam
Dec 20 16:17:32 vmd46246 kernel: [766436.039853] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=51931 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 
Dec 20 16:17:33 vmd46246 kernel: [766436.693748] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=45865 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 
Dec 20 16:17:33 vmd46246 kernel: [766437.344518] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=123.138.111.239 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=36648 PROTO=TCP SPT=3132 DPT=11211 WINDOW=8192 RES=0x00 SYN URGP=0 
...
2019-12-21 02:09:41
157.230.112.34 attackbots
Dec 20 17:39:38 legacy sshd[17495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.112.34
Dec 20 17:39:40 legacy sshd[17495]: Failed password for invalid user picasoo from 157.230.112.34 port 50420 ssh2
Dec 20 17:44:50 legacy sshd[17751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.112.34
...
2019-12-21 02:38:17
45.134.179.241 attack
12/20/2019-09:51:48.209630 45.134.179.241 Protocol: 6 ET SCAN NMAP -sS window 1024
2019-12-21 02:18:05
77.235.21.147 attackbots
Dec 20 12:19:35 mail sshd\[28126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.235.21.147  user=root
...
2019-12-21 02:39:53
128.199.219.181 attack
Dec 20 08:28:15 hpm sshd\[2423\]: Invalid user guest from 128.199.219.181
Dec 20 08:28:15 hpm sshd\[2423\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.219.181
Dec 20 08:28:16 hpm sshd\[2423\]: Failed password for invalid user guest from 128.199.219.181 port 35210 ssh2
Dec 20 08:34:20 hpm sshd\[3052\]: Invalid user finite from 128.199.219.181
Dec 20 08:34:20 hpm sshd\[3052\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.219.181
2019-12-21 02:35:51
182.61.43.179 attack
Dec 20 15:30:04 Ubuntu-1404-trusty-64-minimal sshd\[25538\]: Invalid user ur from 182.61.43.179
Dec 20 15:30:04 Ubuntu-1404-trusty-64-minimal sshd\[25538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.43.179
Dec 20 15:30:07 Ubuntu-1404-trusty-64-minimal sshd\[25538\]: Failed password for invalid user ur from 182.61.43.179 port 56234 ssh2
Dec 20 15:51:48 Ubuntu-1404-trusty-64-minimal sshd\[11237\]: Invalid user ftpuser from 182.61.43.179
Dec 20 15:51:48 Ubuntu-1404-trusty-64-minimal sshd\[11237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.43.179
2019-12-21 02:16:25
203.125.145.58 attackbotsspam
Dec 20 15:36:53 Ubuntu-1404-trusty-64-minimal sshd\[32537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.125.145.58  user=root
Dec 20 15:36:55 Ubuntu-1404-trusty-64-minimal sshd\[32537\]: Failed password for root from 203.125.145.58 port 56712 ssh2
Dec 20 15:45:21 Ubuntu-1404-trusty-64-minimal sshd\[4407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.125.145.58  user=root
Dec 20 15:45:23 Ubuntu-1404-trusty-64-minimal sshd\[4407\]: Failed password for root from 203.125.145.58 port 38340 ssh2
Dec 20 15:51:59 Ubuntu-1404-trusty-64-minimal sshd\[11291\]: Invalid user tysdahl from 203.125.145.58
2019-12-21 02:08:29
104.168.88.123 attack
3389BruteforceFW23
2019-12-21 02:20:24
84.22.34.133 attackbots
Chat Spam
2019-12-21 02:51:40
223.25.101.74 attack
SSH Brute-Forcing (server2)
2019-12-21 02:26:05
149.202.18.41 attackbots
MultiHost/MultiPort Probe, Scan, Hack -
2019-12-21 02:09:03
216.144.251.86 attackbots
Dec 20 15:45:50 sd-53420 sshd\[31543\]: Invalid user test from 216.144.251.86
Dec 20 15:45:50 sd-53420 sshd\[31543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.144.251.86
Dec 20 15:45:52 sd-53420 sshd\[31543\]: Failed password for invalid user test from 216.144.251.86 port 36174 ssh2
Dec 20 15:51:41 sd-53420 sshd\[1151\]: User root from 216.144.251.86 not allowed because none of user's groups are listed in AllowGroups
Dec 20 15:51:41 sd-53420 sshd\[1151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.144.251.86  user=root
...
2019-12-21 02:21:09

最近上报的IP列表

62.234.77.136 187.10.255.1 92.168.126.193 85.191.126.130
54.36.148.54 5.149.105.154 212.142.140.81 191.14.113.99
40.77.167.66 186.236.125.72 10.182.42.193 79.107.227.20
131.100.77.24 49.67.141.231 213.202.162.141 210.56.27.173
206.117.25.88 202.137.134.108 201.81.101.16 192.182.124.9