42.200.113.220

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): PCCW IMS Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Caught in portsentry honeypot	2019-08-17 19:36:19

相同子网IP讨论:

IP	类型	评论内容	时间
42.200.113.140	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54149f4ddb77dce6 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: HK \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Safari/605.1.15 \| CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:50:18

类型

评论内容

时间

42.200.113.140

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54149f4ddb77dce6 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: HK | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Safari/605.1.15 | CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 02:50:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.200.113.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52971
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.200.113.220.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 17 19:36:00 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

220.113.200.42.in-addr.arpa domain name pointer 42-200-113-220.static.imsbiz.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
220.113.200.42.in-addr.arpa	name = 42-200-113-220.static.imsbiz.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
178.48.16.181	attackspam	Sep 15 03:19:37 sachi sshd\[23009\]: Invalid user clerezza from 178.48.16.181 Sep 15 03:19:37 sachi sshd\[23009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=business-178-48-16-181.business.broadband.hu Sep 15 03:19:39 sachi sshd\[23009\]: Failed password for invalid user clerezza from 178.48.16.181 port 36289 ssh2 Sep 15 03:23:54 sachi sshd\[23346\]: Invalid user koko from 178.48.16.181 Sep 15 03:23:54 sachi sshd\[23346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=business-178-48-16-181.business.broadband.hu	2019-09-15 21:34:18
37.114.188.177	attackbots	Chat Spam	2019-09-15 21:51:36
104.42.27.187	attack	Sep 15 15:11:26 mail sshd[28779]: Invalid user webuser from 104.42.27.187 Sep 15 15:11:26 mail sshd[28779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Sep 15 15:11:26 mail sshd[28779]: Invalid user webuser from 104.42.27.187 Sep 15 15:11:27 mail sshd[28779]: Failed password for invalid user webuser from 104.42.27.187 port 1920 ssh2 Sep 15 15:23:16 mail sshd[14460]: Invalid user fk from 104.42.27.187 ...	2019-09-15 22:13:22
45.226.194.210	attackspambots	BR - 1H : (104) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN266981 IP : 45.226.194.210 CIDR : 45.226.192.0/22 PREFIX COUNT : 1 UNIQUE IP COUNT : 1024 WYKRYTE ATAKI Z ASN266981 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-15 21:32:23
124.42.239.214	attack	Sep 15 03:35:00 web1 sshd\[2020\]: Invalid user stpi from 124.42.239.214 Sep 15 03:35:00 web1 sshd\[2020\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.42.239.214 Sep 15 03:35:02 web1 sshd\[2020\]: Failed password for invalid user stpi from 124.42.239.214 port 34950 ssh2 Sep 15 03:40:43 web1 sshd\[2598\]: Invalid user ui from 124.42.239.214 Sep 15 03:40:43 web1 sshd\[2598\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.42.239.214	2019-09-15 21:57:16
139.59.105.141	attack	2019-09-15T15:18:47.296926 sshd[19677]: Invalid user chris from 139.59.105.141 port 55318 2019-09-15T15:18:47.309419 sshd[19677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.105.141 2019-09-15T15:18:47.296926 sshd[19677]: Invalid user chris from 139.59.105.141 port 55318 2019-09-15T15:18:48.919983 sshd[19677]: Failed password for invalid user chris from 139.59.105.141 port 55318 ssh2 2019-09-15T15:23:53.635865 sshd[19736]: Invalid user jefferson from 139.59.105.141 port 42998 ...	2019-09-15 22:13:03
182.18.139.201	attack	Sep 15 03:46:44 hcbb sshd\[17465\]: Invalid user andrew from 182.18.139.201 Sep 15 03:46:44 hcbb sshd\[17465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.18.139.201 Sep 15 03:46:46 hcbb sshd\[17465\]: Failed password for invalid user andrew from 182.18.139.201 port 40666 ssh2 Sep 15 03:51:00 hcbb sshd\[17842\]: Invalid user patricia from 182.18.139.201 Sep 15 03:51:00 hcbb sshd\[17842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.18.139.201	2019-09-15 21:54:34
45.136.109.40	attackbots	Sep 15 15:19:53 mc1 kernel: \[1104145.940097\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.40 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=17774 PROTO=TCP SPT=41944 DPT=8695 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 15 15:21:28 mc1 kernel: \[1104240.207258\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.40 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=42646 PROTO=TCP SPT=41944 DPT=8450 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 15 15:23:07 mc1 kernel: \[1104339.063480\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.40 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=14106 PROTO=TCP SPT=41944 DPT=8630 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-15 22:22:04
153.254.113.26	attackbotsspam	Sep 15 13:58:02 www_kotimaassa_fi sshd[4058]: Failed password for root from 153.254.113.26 port 50180 ssh2 Sep 15 14:02:45 www_kotimaassa_fi sshd[4077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.254.113.26 ...	2019-09-15 22:12:02
189.163.221.93	attack	Automatic report - Banned IP Access	2019-09-15 22:22:31
167.88.113.136	attackbotsspam	Sep 15 16:30:11 www sshd\[41112\]: Invalid user testuser from 167.88.113.136 Sep 15 16:30:11 www sshd\[41112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.88.113.136 Sep 15 16:30:14 www sshd\[41112\]: Failed password for invalid user testuser from 167.88.113.136 port 46888 ssh2 ...	2019-09-15 21:40:29
81.26.247.132	attackbots	09/15/2019-09:22:56.820530 81.26.247.132 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 86	2019-09-15 22:31:29
223.72.63.86	attackbots	Sep 15 17:19:33 server sshd\[4128\]: Invalid user edu from 223.72.63.86 port 3695 Sep 15 17:19:33 server sshd\[4128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.72.63.86 Sep 15 17:19:35 server sshd\[4128\]: Failed password for invalid user edu from 223.72.63.86 port 3695 ssh2 Sep 15 17:22:41 server sshd\[28581\]: Invalid user ftpuser1 from 223.72.63.86 port 3601 Sep 15 17:22:41 server sshd\[28581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.72.63.86	2019-09-15 22:28:27
51.75.26.106	attackbotsspam	Jan 31 00:49:03 microserver sshd[53889]: Invalid user newuser from 51.75.26.106 port 46856 Jan 31 00:49:03 microserver sshd[53889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.26.106 Jan 31 00:49:06 microserver sshd[53889]: Failed password for invalid user newuser from 51.75.26.106 port 46856 ssh2 Jan 31 00:52:12 microserver sshd[54369]: Invalid user alex from 51.75.26.106 port 43852 Jan 31 00:52:12 microserver sshd[54369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.26.106 Feb 4 09:19:01 microserver sshd[24225]: Invalid user ben from 51.75.26.106 port 54556 Feb 4 09:19:01 microserver sshd[24225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.26.106 Feb 4 09:19:03 microserver sshd[24225]: Failed password for invalid user ben from 51.75.26.106 port 54556 ssh2 Feb 4 09:22:14 microserver sshd[24682]: Invalid user suporte from 51.75.26.106 port 51384 Feb 4 09:22:	2019-09-15 22:25:46
110.80.17.26	attackbotsspam	Sep 15 16:01:06 SilenceServices sshd[26655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.80.17.26 Sep 15 16:01:08 SilenceServices sshd[26655]: Failed password for invalid user mpsoc from 110.80.17.26 port 57886 ssh2 Sep 15 16:04:38 SilenceServices sshd[28341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.80.17.26	2019-09-15 22:38:52

最近上报的IP列表

104.193.88.243	179.146.236.114	61.9.48.99	231.129.182.23
45.55.177.230	187.16.47.14	15.206.9.189	226.66.32.113
3.102.120.76	0.17.214.179	27.217.148.90	92.211.173.61
183.173.123.138	80.41.111.200	35.200.30.164	123.254.66.233
92.119.113.26	215.56.227.122	206.189.204.63	159.89.207.210