42.119.27.185 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Attempt to attack host OS, exploiting network vulnerabilities, on 08-04-2020 04:55:09.	2020-04-08 16:59:36

相同子网IP讨论:

IP	类型	评论内容	时间
42.119.27.143	attackbotsspam	Unauthorized connection attempt from IP address 42.119.27.143 on Port 445(SMB)	2020-08-22 21:40:01
42.119.27.151	attackspam	Unauthorized connection attempt from IP address 42.119.27.151 on Port 445(SMB)	2020-07-07 21:00:46
42.119.27.205	attackbots	(Oct 3) LEN=40 TTL=47 ID=10963 TCP DPT=8080 WINDOW=58940 SYN (Oct 3) LEN=40 TTL=47 ID=24845 TCP DPT=8080 WINDOW=60509 SYN (Oct 2) LEN=40 TTL=47 ID=49630 TCP DPT=8080 WINDOW=41084 SYN (Oct 2) LEN=40 TTL=47 ID=51594 TCP DPT=8080 WINDOW=58940 SYN (Oct 2) LEN=40 TTL=47 ID=48405 TCP DPT=8080 WINDOW=58940 SYN (Oct 2) LEN=40 TTL=47 ID=34550 TCP DPT=8080 WINDOW=60509 SYN (Oct 2) LEN=40 TTL=47 ID=53729 TCP DPT=8080 WINDOW=58940 SYN (Oct 1) LEN=40 TTL=43 ID=42907 TCP DPT=8080 WINDOW=58940 SYN (Sep 30) LEN=40 TTL=43 ID=51357 TCP DPT=8080 WINDOW=58940 SYN (Sep 30) LEN=40 TTL=47 ID=35500 TCP DPT=8080 WINDOW=41084 SYN	2019-10-03 21:52:58

类型

评论内容

时间

42.119.27.143

attackbotsspam

Unauthorized connection attempt from IP address 42.119.27.143 on Port 445(SMB)

2020-08-22 21:40:01

42.119.27.151

attackspam

Unauthorized connection attempt from IP address 42.119.27.151 on Port 445(SMB)

2020-07-07 21:00:46

42.119.27.205

attackbots

(Oct  3)  LEN=40 TTL=47 ID=10963 TCP DPT=8080 WINDOW=58940 SYN 
 (Oct  3)  LEN=40 TTL=47 ID=24845 TCP DPT=8080 WINDOW=60509 SYN 
 (Oct  2)  LEN=40 TTL=47 ID=49630 TCP DPT=8080 WINDOW=41084 SYN 
 (Oct  2)  LEN=40 TTL=47 ID=51594 TCP DPT=8080 WINDOW=58940 SYN 
 (Oct  2)  LEN=40 TTL=47 ID=48405 TCP DPT=8080 WINDOW=58940 SYN 
 (Oct  2)  LEN=40 TTL=47 ID=34550 TCP DPT=8080 WINDOW=60509 SYN 
 (Oct  2)  LEN=40 TTL=47 ID=53729 TCP DPT=8080 WINDOW=58940 SYN 
 (Oct  1)  LEN=40 TTL=43 ID=42907 TCP DPT=8080 WINDOW=58940 SYN 
 (Sep 30)  LEN=40 TTL=43 ID=51357 TCP DPT=8080 WINDOW=58940 SYN 
 (Sep 30)  LEN=40 TTL=47 ID=35500 TCP DPT=8080 WINDOW=41084 SYN

2019-10-03 21:52:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.119.27.185
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2499
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.119.27.185.			IN	A

;; AUTHORITY SECTION:
.			419	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040800 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 08 16:59:32 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 185.27.119.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 185.27.119.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
61.163.78.132	attackbots	Aug 19 08:17:11 mail sshd\[28640\]: Failed password for invalid user pentaho from 61.163.78.132 port 35510 ssh2 Aug 19 08:38:19 mail sshd\[29091\]: Invalid user gn from 61.163.78.132 port 56946 Aug 19 08:38:19 mail sshd\[29091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.163.78.132 ...	2019-08-19 19:41:56
190.45.14.116	attackbots	Automatic report - Port Scan Attack	2019-08-19 20:24:27
76.68.131.24	attack	F2B jail: sshd. Time: 2019-08-19 10:32:48, Reported by: VKReport	2019-08-19 20:21:43
124.149.253.83	attackbots	Aug 19 11:26:12 estefan sshd[29539]: Invalid user xrdp from 124.149.253.83 Aug 19 11:26:12 estefan sshd[29539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.149.253.83 Aug 19 11:26:14 estefan sshd[29539]: Failed password for invalid user xrdp from 124.149.253.83 port 43990 ssh2 Aug 19 11:26:15 estefan sshd[29540]: Received disconnect from 124.149.253.83: 11: Bye Bye Aug 19 11:39:11 estefan sshd[29575]: Invalid user rakhi from 124.149.253.83 Aug 19 11:39:11 estefan sshd[29575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.149.253.83 Aug 19 11:39:13 estefan sshd[29575]: Failed password for invalid user rakhi from 124.149.253.83 port 36384 ssh2 Aug 19 11:39:13 estefan sshd[29576]: Received disconnect from 124.149.253.83: 11: Bye Bye Aug 19 11:44:46 estefan sshd[29594]: Invalid user joe from 124.149.253.83 Aug 19 11:44:46 estefan sshd[29594]: pam_unix(sshd:auth): authentication f........ -------------------------------	2019-08-19 19:55:59
104.40.4.51	attack	Aug 19 13:58:33 root sshd[10014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.40.4.51 Aug 19 13:58:35 root sshd[10014]: Failed password for invalid user admin from 104.40.4.51 port 18624 ssh2 Aug 19 14:03:15 root sshd[10059]: Failed password for root from 104.40.4.51 port 18624 ssh2 ...	2019-08-19 20:09:22
179.178.142.215	attack	Automatic report - Port Scan Attack	2019-08-19 19:50:24
177.44.26.105	attackspam	$f2bV_matches	2019-08-19 20:13:53
45.55.35.40	attackspam	$f2bV_matches_ltvn	2019-08-19 19:46:33
51.38.150.104	attack	19.08.2019 12:48:36 - Wordpress fail Detected by ELinOX-ALM	2019-08-19 19:58:30
132.232.82.244	attackbotsspam	Aug 19 12:23:52 game-panel sshd[19744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.82.244 Aug 19 12:23:53 game-panel sshd[19744]: Failed password for invalid user potsdam from 132.232.82.244 port 50914 ssh2 Aug 19 12:29:13 game-panel sshd[19992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.82.244	2019-08-19 20:35:12
115.159.214.247	attackbots	Aug 19 01:54:34 kapalua sshd\[28334\]: Invalid user wp-user from 115.159.214.247 Aug 19 01:54:34 kapalua sshd\[28334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.214.247 Aug 19 01:54:37 kapalua sshd\[28334\]: Failed password for invalid user wp-user from 115.159.214.247 port 41010 ssh2 Aug 19 02:00:54 kapalua sshd\[28932\]: Invalid user shekhar from 115.159.214.247 Aug 19 02:00:54 kapalua sshd\[28932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.214.247	2019-08-19 20:11:31
177.184.240.221	attack	$f2bV_matches	2019-08-19 20:41:11
37.49.230.21	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-19 19:58:56
150.223.18.250	attack	Aug 19 00:47:10 kapalua sshd\[20801\]: Invalid user martin from 150.223.18.250 Aug 19 00:47:10 kapalua sshd\[20801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.18.250 Aug 19 00:47:12 kapalua sshd\[20801\]: Failed password for invalid user martin from 150.223.18.250 port 34214 ssh2 Aug 19 00:50:44 kapalua sshd\[21110\]: Invalid user bwadmin from 150.223.18.250 Aug 19 00:50:44 kapalua sshd\[21110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.18.250	2019-08-19 20:02:38
129.204.38.202	attackspam	Aug 19 11:49:31 dev0-dcfr-rnet sshd[30143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.38.202 Aug 19 11:49:33 dev0-dcfr-rnet sshd[30143]: Failed password for invalid user debian from 129.204.38.202 port 58798 ssh2 Aug 19 11:56:43 dev0-dcfr-rnet sshd[30198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.38.202	2019-08-19 20:03:34

最近上报的IP列表

46.37.171.183	116.23.19.172	42.119.35.198	171.231.74.38
139.199.80.75	201.21.36.191	206.211.90.96	192.36.53.165
54.38.142.73	198.50.234.163	165.22.232.39	58.249.26.89
134.175.143.123	123.126.113.121	54.190.176.173	13.231.224.163
129.28.158.91	162.243.131.32	182.254.153.90	188.166.212.166