42.200.130.155

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Hong Kong Telecommunications (HKT) Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - Port Scan Attack	2019-12-25 06:44:46
attackspam	Splunk® : port scan detected: Aug 22 00:40:06 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=42.200.130.155 DST=104.248.11.191 LEN=44 TOS=0x00 PREC=0x00 TTL=49 ID=62698 PROTO=TCP SPT=10115 DPT=52869 WINDOW=44295 RES=0x00 SYN URGP=0	2019-08-22 15:14:21

类型

评论内容

时间

attack

Automatic report - Port Scan Attack

2019-12-25 06:44:46

attackspam

Splunk® : port scan detected:
Aug 22 00:40:06 testbed kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=42.200.130.155 DST=104.248.11.191 LEN=44 TOS=0x00 PREC=0x00 TTL=49 ID=62698 PROTO=TCP SPT=10115 DPT=52869 WINDOW=44295 RES=0x00 SYN URGP=0

2019-08-22 15:14:21

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.200.130.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9704
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.200.130.155.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 15:14:11 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

155.130.200.42.in-addr.arpa domain name pointer 42-200-130-155.static.imsbiz.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
155.130.200.42.in-addr.arpa	name = 42-200-130-155.static.imsbiz.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
157.230.100.192	attackspam	Sep 18 09:37:39 haigwepa sshd[21986]: Failed password for root from 157.230.100.192 port 41302 ssh2 ...	2020-09-18 16:33:25
182.16.175.114	attackspambots	MAIL: User Login Brute Force Attempt	2020-09-18 16:36:25
94.68.26.33	attackbotsspam	Sep 18 10:13:11 vps647732 sshd[21804]: Failed password for root from 94.68.26.33 port 64910 ssh2 ...	2020-09-18 16:23:43
168.121.104.115	attackbots	2020-09-17T20:59:06.319431morrigan.ad5gb.com sshd[941251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.121.104.115 user=root 2020-09-17T20:59:08.482753morrigan.ad5gb.com sshd[941251]: Failed password for root from 168.121.104.115 port 49971 ssh2	2020-09-18 16:20:18
181.191.215.48	attackspam	Automatic report - Port Scan Attack	2020-09-18 16:07:23
114.239.0.28	attackbotsspam	Lines containing failures of 114.239.0.28 Sep 17 21:39:03 kmh-mb-001 sshd[3195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.239.0.28 user=r.r Sep 17 21:39:05 kmh-mb-001 sshd[3195]: Failed password for r.r from 114.239.0.28 port 52424 ssh2 Sep 17 21:39:06 kmh-mb-001 sshd[3195]: Received disconnect from 114.239.0.28 port 52424:11: Bye Bye [preauth] Sep 17 21:39:06 kmh-mb-001 sshd[3195]: Disconnected from authenticating user r.r 114.239.0.28 port 52424 [preauth] Sep 17 21:46:20 kmh-mb-001 sshd[3474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.239.0.28 user=r.r Sep 17 21:46:22 kmh-mb-001 sshd[3474]: Failed password for r.r from 114.239.0.28 port 43908 ssh2 Sep 17 21:46:24 kmh-mb-001 sshd[3474]: Received disconnect from 114.239.0.28 port 43908:11: Bye Bye [preauth] Sep 17 21:46:24 kmh-mb-001 sshd[3474]: Disconnected from authenticating user r.r 114.239.0.28 port 43908 [preauth]........ ------------------------------	2020-09-18 16:11:47
45.55.63.118	attackbotsspam	(sshd) Failed SSH login from 45.55.63.118 (US/United States/-): 5 in the last 3600 secs	2020-09-18 16:37:06
98.155.238.182	attackspam	(sshd) Failed SSH login from 98.155.238.182 (US/United States/Hawaii/Lahaina/cpe-98-155-238-182.hawaii.res.rr.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 17 12:58:46 atlas sshd[5787]: Invalid user admin from 98.155.238.182 port 42128 Sep 17 12:58:48 atlas sshd[5787]: Failed password for invalid user admin from 98.155.238.182 port 42128 ssh2 Sep 17 12:58:49 atlas sshd[5792]: Invalid user admin from 98.155.238.182 port 42207 Sep 17 12:58:51 atlas sshd[5792]: Failed password for invalid user admin from 98.155.238.182 port 42207 ssh2 Sep 17 12:58:52 atlas sshd[5799]: Invalid user admin from 98.155.238.182 port 42288	2020-09-18 16:19:17
51.254.173.47	attackspam	Date: Thu, 17 Sep 2020 15:52:19 -0000 Message-ID: Reply-To: Dan Edwards From: Dan Edwards	2020-09-18 16:00:31
118.25.194.250	attackbots	Brute-force attempt banned	2020-09-18 16:27:38
183.237.175.97	attackspambots	(sshd) Failed SSH login from 183.237.175.97 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 18 03:07:54 server sshd[12804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.237.175.97 user=root Sep 18 03:07:55 server sshd[12804]: Failed password for root from 183.237.175.97 port 57309 ssh2 Sep 18 03:27:22 server sshd[18418]: Invalid user user from 183.237.175.97 port 15555 Sep 18 03:27:24 server sshd[18418]: Failed password for invalid user user from 183.237.175.97 port 15555 ssh2 Sep 18 03:31:43 server sshd[19712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.237.175.97 user=root	2020-09-18 16:19:31
75.167.194.61	attackbots	Brute forcing email accounts	2020-09-18 16:14:08
88.214.26.29	attackspam	79 packets to ports 1984 1985 1988 1994 1998 2083 2103 2104 2105 2106 2200 2447 2710 2809 3000 3001 3002 3004 3005 3007 3030 3036 3380 3382 3386 3387 3388 3390 3391 3393 3394 3396 3398 3399 3872 4007	2020-09-18 16:13:36
178.62.117.106	attackbotsspam	Sep 18 08:08:48 ip106 sshd[22556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.117.106 Sep 18 08:08:49 ip106 sshd[22556]: Failed password for invalid user fbl from 178.62.117.106 port 55150 ssh2 ...	2020-09-18 16:05:43
78.46.162.196	attack	Email spam message	2020-09-18 16:17:22

最近上报的IP列表

212.127.73.221	206.119.228.171	218.19.158.231	183.184.159.248
183.149.244.66	182.241.141.164	32.9.46.7	208.170.236.131
50.206.52.8	182.117.151.111	44.98.98.166	182.45.24.119
180.104.78.100	175.165.161.87	175.16.195.190	171.119.9.136
125.44.130.6	125.32.186.166	123.169.128.214	122.143.177.194