42.118.1.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 26 20:02:20 itv-usvr-01 sshd[5083]: Invalid user support from 42.118.1.20 Jun 26 20:02:20 itv-usvr-01 sshd[5083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.1.20 Jun 26 20:02:20 itv-usvr-01 sshd[5083]: Invalid user support from 42.118.1.20 Jun 26 20:02:21 itv-usvr-01 sshd[5083]: Failed password for invalid user support from 42.118.1.20 port 47788 ssh2 Jun 26 20:02:22 itv-usvr-01 sshd[5085]: Invalid user admin from 42.118.1.20	2019-06-27 05:48:58

类型

评论内容

时间

attack

Jun 26 20:02:20 itv-usvr-01 sshd[5083]: Invalid user support from 42.118.1.20
Jun 26 20:02:20 itv-usvr-01 sshd[5083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.1.20
Jun 26 20:02:20 itv-usvr-01 sshd[5083]: Invalid user support from 42.118.1.20
Jun 26 20:02:21 itv-usvr-01 sshd[5083]: Failed password for invalid user support from 42.118.1.20 port 47788 ssh2
Jun 26 20:02:22 itv-usvr-01 sshd[5085]: Invalid user admin from 42.118.1.20

2019-06-27 05:48:58

相同子网IP讨论:

IP	类型	评论内容	时间
42.118.1.184	attackbotsspam	445/tcp 445/tcp [2020-10-11]2pkt	2020-10-12 20:45:21
42.118.1.184	attackspambots	445/tcp 445/tcp [2020-10-11]2pkt	2020-10-12 12:14:21
42.118.121.252	attackspambots	2020-09-14T20:08:24.373954hostname sshd[70063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252 user=root 2020-09-14T20:08:26.670612hostname sshd[70063]: Failed password for root from 42.118.121.252 port 22598 ssh2 ...	2020-09-14 22:23:05
42.118.121.252	attack	Sep 14 06:07:17 ns382633 sshd\[2233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252 user=root Sep 14 06:07:20 ns382633 sshd\[2233\]: Failed password for root from 42.118.121.252 port 20196 ssh2 Sep 14 06:18:27 ns382633 sshd\[4167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252 user=root Sep 14 06:18:29 ns382633 sshd\[4167\]: Failed password for root from 42.118.121.252 port 40642 ssh2 Sep 14 06:23:03 ns382633 sshd\[4993\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252 user=root	2020-09-14 14:14:24
42.118.145.176	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 22:35:22
42.118.145.176	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 14:16:20
42.118.145.176	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 06:49:10
42.118.129.58	attack	Automatic report - Port Scan Attack	2020-09-01 12:35:23
42.118.180.109	attack	Attempted connection to port 445.	2020-08-30 17:27:31
42.118.142.1	attack	2020-08-26 22:36:52.049113-0500 localhost smtpd[75750]: NOQUEUE: reject: RCPT from unknown[42.118.142.1]: 554 5.7.1 Service unavailable; Client host [42.118.142.1] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/42.118.142.1; from= to= proto=ESMTP helo=<[42.118.142.1]>	2020-08-27 15:43:35
42.118.141.198	attackbots	Unauthorized connection attempt from IP address 42.118.141.198 on Port 445(SMB)	2020-08-19 03:27:50
42.118.157.62	attackbotsspam	1597665897 - 08/17/2020 14:04:57 Host: 42.118.157.62/42.118.157.62 Port: 445 TCP Blocked	2020-08-17 22:29:19
42.118.16.3	attackspam	TCP (SYN) 42.118.16.3:8268 -> port 445, len 52	2020-08-13 03:08:36
42.118.100.2	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-08-12 21:36:22
42.118.140.188	attackbotsspam	Unauthorized connection attempt from IP address 42.118.140.188 on Port 445(SMB)	2020-08-12 19:15:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.118.1.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16711
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.118.1.20.			IN	A

;; AUTHORITY SECTION:
.			3219	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062602 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 27 05:48:53 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 20.1.118.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 20.1.118.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.15.197	attackspambots	Aug 21 03:22:35 srv-4 sshd\[10585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.197 user=root Aug 21 03:22:38 srv-4 sshd\[10585\]: Failed password for root from 222.186.15.197 port 64738 ssh2 Aug 21 03:22:44 srv-4 sshd\[10597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.197 user=root ...	2019-08-21 08:25:28
18.205.201.241	attack	Aug 21 02:16:49 tuotantolaitos sshd[14322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.205.201.241 Aug 21 02:16:50 tuotantolaitos sshd[14322]: Failed password for invalid user ian123 from 18.205.201.241 port 55614 ssh2 ...	2019-08-21 07:45:47
46.101.17.215	attack	$f2bV_matches	2019-08-21 07:48:05
182.61.166.179	attack	Aug 20 04:40:10 hcbb sshd\[12082\]: Invalid user chuan from 182.61.166.179 Aug 20 04:40:10 hcbb sshd\[12082\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.166.179 Aug 20 04:40:12 hcbb sshd\[12082\]: Failed password for invalid user chuan from 182.61.166.179 port 54370 ssh2 Aug 20 04:45:01 hcbb sshd\[12518\]: Invalid user elsa from 182.61.166.179 Aug 20 04:45:01 hcbb sshd\[12518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.166.179	2019-08-21 07:46:19
203.86.24.203	attack	Aug 21 01:03:44 v22019058497090703 sshd[12839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.86.24.203 Aug 21 01:03:45 v22019058497090703 sshd[12839]: Failed password for invalid user cliente from 203.86.24.203 port 51774 ssh2 Aug 21 01:08:33 v22019058497090703 sshd[13219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.86.24.203 ...	2019-08-21 08:10:59
129.213.63.120	attack	Aug 21 00:02:16 vmd17057 sshd\[14030\]: Invalid user deployer from 129.213.63.120 port 57092 Aug 21 00:02:16 vmd17057 sshd\[14030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.63.120 Aug 21 00:02:18 vmd17057 sshd\[14030\]: Failed password for invalid user deployer from 129.213.63.120 port 57092 ssh2 ...	2019-08-21 08:24:18
221.4.223.212	attackspambots	k+ssh-bruteforce	2019-08-21 08:15:11
81.190.185.154	attack	Aug 20 05:34:32 web9 sshd\[3656\]: Invalid user cmd from 81.190.185.154 Aug 20 05:34:32 web9 sshd\[3656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.190.185.154 Aug 20 05:34:34 web9 sshd\[3656\]: Failed password for invalid user cmd from 81.190.185.154 port 53656 ssh2 Aug 20 05:40:52 web9 sshd\[4955\]: Invalid user zhao from 81.190.185.154 Aug 20 05:40:52 web9 sshd\[4955\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.190.185.154	2019-08-21 07:55:16
110.157.240.134	attackspam	SMTP:25. Blocked 5 login attempts in 3.4 days.	2019-08-21 08:06:27
128.106.195.126	attackbotsspam	Aug 20 23:25:39 sshgateway sshd\[2147\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.106.195.126 user=root Aug 20 23:25:41 sshgateway sshd\[2147\]: Failed password for root from 128.106.195.126 port 59453 ssh2 Aug 20 23:29:16 sshgateway sshd\[2161\]: Invalid user anton from 128.106.195.126	2019-08-21 08:03:07
120.88.185.39	attackbotsspam	Aug 20 09:15:47 askasleikir sshd[29359]: Failed password for invalid user mustang from 120.88.185.39 port 37750 ssh2 Aug 20 09:29:11 askasleikir sshd[30011]: Failed password for invalid user mauro from 120.88.185.39 port 44804 ssh2 Aug 20 09:38:44 askasleikir sshd[30472]: Failed password for invalid user admin from 120.88.185.39 port 52278 ssh2	2019-08-21 07:47:29
5.3.6.166	attack	Aug 21 00:06:51 [munged] sshd[29249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.3.6.166 user=root Aug 21 00:06:53 [munged] sshd[29249]: Failed password for root from 5.3.6.166 port 57354 ssh2	2019-08-21 08:29:51
68.183.148.78	attack	Aug 21 02:16:49 lnxmail61 sshd[11764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.148.78 Aug 21 02:16:49 lnxmail61 sshd[11764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.148.78	2019-08-21 08:17:36
104.131.113.106	attackbotsspam	Invalid user test from 104.131.113.106 port 58770	2019-08-21 07:52:51
192.3.12.190	attackbotsspam	Invalid user ftp from 192.3.12.190 port 37146	2019-08-21 08:30:23

最近上报的IP列表

62.234.77.136	187.10.255.1	92.168.126.193	85.191.126.130
54.36.148.54	5.149.105.154	212.142.140.81	191.14.113.99
40.77.167.66	186.236.125.72	10.182.42.193	79.107.227.20
131.100.77.24	49.67.141.231	213.202.162.141	210.56.27.173
206.117.25.88	202.137.134.108	201.81.101.16	192.182.124.9