42.118.49.211 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08050931)	2019-08-05 17:37:00

相同子网IP讨论:

IP	类型	评论内容	时间
42.118.49.149	attackbotsspam	Spam	2019-10-18 01:08:58
42.118.49.32	attackbotsspam	445/tcp [2019-09-29]1pkt	2019-09-30 02:35:00
42.118.49.230	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-17 02:50:20,700 INFO [shellcode_manager] (42.118.49.230) no match, writing hexdump (186e6e6e9662ac0a2be9cb9c80366506 :2280934) - MS17010 (EternalBlue)	2019-07-18 15:55:32

类型

评论内容

时间

42.118.49.149

attackbotsspam

Spam

2019-10-18 01:08:58

42.118.49.32

attackbotsspam

445/tcp
[2019-09-29]1pkt

2019-09-30 02:35:00

42.118.49.230

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-17 02:50:20,700 INFO [shellcode_manager] (42.118.49.230) no match, writing hexdump (186e6e6e9662ac0a2be9cb9c80366506 :2280934) - MS17010 (EternalBlue)

2019-07-18 15:55:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.118.49.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56363
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.118.49.211.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 17:36:53 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 211.49.118.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 211.49.118.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
202.160.132.84	attackbotsspam	23/tcp 23/tcp [2019-07-29/08-12]2pkt	2019-08-13 04:13:15
36.251.85.113	attackspambots	23/tcp 23/tcp [2019-07-27/08-12]2pkt	2019-08-13 04:07:15
46.101.205.211	attack	Aug 12 22:12:57 SilenceServices sshd[5919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.205.211 Aug 12 22:12:59 SilenceServices sshd[5919]: Failed password for invalid user cinzia from 46.101.205.211 port 39502 ssh2 Aug 12 22:17:25 SilenceServices sshd[8569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.205.211	2019-08-13 04:24:00
222.111.192.52	attack	Telnet Server BruteForce Attack	2019-08-13 04:09:58
92.53.65.201	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-08-13 04:19:37
103.93.76.53	attackbots	2019-08-12T14:15:50.042380 X postfix/smtpd[49725]: NOQUEUE: reject: RCPT from unknown[103.93.76.53]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= 2019-08-12T14:15:55.753992 X postfix/smtpd[49725]: NOQUEUE: reject: RCPT from unknown[103.93.76.53]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= 2019-08-12T14:16:03.465353 X postfix/smtpd[49725]: NOQUEUE: reject: RCPT from unknown[103.93.76.53]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo=	2019-08-13 03:47:30
106.12.24.108	attack	Aug 12 16:17:40 ubuntu-2gb-nbg1-dc3-1 sshd[13183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.108 Aug 12 16:17:42 ubuntu-2gb-nbg1-dc3-1 sshd[13183]: Failed password for invalid user password1234 from 106.12.24.108 port 50540 ssh2 ...	2019-08-13 03:59:44
218.148.41.48	attack	Aug 12 06:54:43 askasleikir sshd[12931]: Failed password for invalid user office from 218.148.41.48 port 35498 ssh2	2019-08-13 04:17:09
213.14.116.235	attack	www.goldgier.de 213.14.116.235 \[12/Aug/2019:15:28:51 +0200\] "POST /wp-login.php HTTP/1.1" 200 8722 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 213.14.116.235 \[12/Aug/2019:15:28:52 +0200\] "POST /wp-login.php HTTP/1.1" 200 8722 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-13 03:53:10
106.12.58.250	attack	2019-08-12T12:03:32.026703Z 3d8fd9d331ef New connection: 106.12.58.250:45402 (172.17.0.3:2222) [session: 3d8fd9d331ef] 2019-08-12T12:15:22.334412Z 91782a6b0436 New connection: 106.12.58.250:45170 (172.17.0.3:2222) [session: 91782a6b0436]	2019-08-13 04:10:36
42.48.104.45	attackspambots	5322/tcp 4922/tcp 4722/tcp... [2019-06-12/08-12]125pkt,34pt.(tcp)	2019-08-13 03:44:49
85.23.199.113	attackbotsspam	SSH login attempts brute force.	2019-08-13 04:25:06
139.255.56.202	attack	Unauthorized connection attempt from IP address 139.255.56.202 on Port 445(SMB)	2019-08-13 04:12:24
64.187.186.163	attack	445/tcp 445/tcp 445/tcp... [2019-06-11/08-12]15pkt,1pt.(tcp)	2019-08-13 04:16:53
218.92.0.185	attack	Aug 12 18:31:32 MK-Soft-VM4 sshd\[8913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.185 user=root Aug 12 18:31:34 MK-Soft-VM4 sshd\[8913\]: Failed password for root from 218.92.0.185 port 24049 ssh2 Aug 12 18:31:36 MK-Soft-VM4 sshd\[8913\]: Failed password for root from 218.92.0.185 port 24049 ssh2 ...	2019-08-13 03:49:08

最近上报的IP列表

188.186.76.41	177.46.197.138	158.69.99.235	152.250.67.42
124.158.109.62	114.91.76.148	114.39.128.54	111.254.38.228
103.212.223.67	46.36.37.97	36.229.84.250	36.73.76.183
36.71.239.175	14.162.176.131	12.8.83.167	200.113.19.251
195.29.137.197	190.140.137.18	185.243.14.250	176.218.55.181