104.42.27.250 - IPInfo

基本信息:

城市(city): San Jose

省份(region): California

国家(country): United States

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): Microsoft Corporation

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	$f2bV_matches	2019-09-30 02:23:35
attackbotsspam	ET EXPLOIT Linksys E-Series Device RCE Attempt Outbound	2019-07-23 04:04:33

相同子网IP讨论:

IP	类型	评论内容	时间
104.42.27.187	attack	Nov 2 05:44:10 unicornsoft sshd\[30631\]: User root from 104.42.27.187 not allowed because not listed in AllowUsers Nov 2 05:44:10 unicornsoft sshd\[30631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 user=root Nov 2 05:44:12 unicornsoft sshd\[30631\]: Failed password for invalid user root from 104.42.27.187 port 26560 ssh2	2019-11-02 16:43:12
104.42.27.187	attack	2019-10-30 13:06:20,337 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 13:27:54,342 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 13:45:44,284 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 14:03:37,791 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 14:21:16,437 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 13:06:20,337 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 13:27:54,342 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 13:45:44,284 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 14:03:37,791 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 14:21:16,437 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 13:06:20,337 fail2ban.actions \[1897\]: NOTICE \[ssh\] Ban 104.42.27.187 2019-10-30 1	2019-11-01 04:13:14
104.42.27.187	attackspam	firewall-block, port(s): 23/tcp	2019-10-29 21:25:18
104.42.27.187	attackbotsspam	Oct 8 12:36:32 microserver sshd[10984]: Invalid user asdf@123456 from 104.42.27.187 port 10816 Oct 8 12:36:32 microserver sshd[10984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Oct 8 12:36:33 microserver sshd[10984]: Failed password for invalid user asdf@123456 from 104.42.27.187 port 10816 ssh2 Oct 8 12:41:56 microserver sshd[11635]: Invalid user Puzzle2017 from 104.42.27.187 port 64640 Oct 8 12:41:56 microserver sshd[11635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Oct 8 12:52:30 microserver sshd[12974]: Invalid user ROOT@2016 from 104.42.27.187 port 39488 Oct 8 12:52:30 microserver sshd[12974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Oct 8 12:52:32 microserver sshd[12974]: Failed password for invalid user ROOT@2016 from 104.42.27.187 port 39488 ssh2 Oct 8 12:57:13 microserver sshd[13614]: Invalid user %TGB6yhn&UJM fro	2019-10-09 01:55:17
104.42.27.187	attackspambots	Automatic report - Banned IP Access	2019-10-05 07:15:37
104.42.27.187	attackspambots	Automatic report - SSH Brute-Force Attack	2019-10-01 15:31:26
104.42.27.187	attackbotsspam	Sep 26 19:15:41 aiointranet sshd\[10621\]: Invalid user cretu from 104.42.27.187 Sep 26 19:15:41 aiointranet sshd\[10621\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Sep 26 19:15:43 aiointranet sshd\[10621\]: Failed password for invalid user cretu from 104.42.27.187 port 10368 ssh2 Sep 26 19:20:55 aiointranet sshd\[11020\]: Invalid user scrappy from 104.42.27.187 Sep 26 19:20:55 aiointranet sshd\[11020\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187	2019-09-27 17:54:29
104.42.27.187	attackspam	Sep 26 12:29:40 aiointranet sshd\[6715\]: Invalid user zj from 104.42.27.187 Sep 26 12:29:40 aiointranet sshd\[6715\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Sep 26 12:29:42 aiointranet sshd\[6715\]: Failed password for invalid user zj from 104.42.27.187 port 10368 ssh2 Sep 26 12:34:25 aiointranet sshd\[7313\]: Invalid user vonno from 104.42.27.187 Sep 26 12:34:25 aiointranet sshd\[7313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187	2019-09-27 06:48:51
104.42.27.187	attack	Sep 17 07:45:42 yabzik sshd[24346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Sep 17 07:45:44 yabzik sshd[24346]: Failed password for invalid user silvio from 104.42.27.187 port 1920 ssh2 Sep 17 07:49:55 yabzik sshd[25467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187	2019-09-17 12:50:43
104.42.27.187	attack	Sep 15 15:11:26 mail sshd[28779]: Invalid user webuser from 104.42.27.187 Sep 15 15:11:26 mail sshd[28779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Sep 15 15:11:26 mail sshd[28779]: Invalid user webuser from 104.42.27.187 Sep 15 15:11:27 mail sshd[28779]: Failed password for invalid user webuser from 104.42.27.187 port 1920 ssh2 Sep 15 15:23:16 mail sshd[14460]: Invalid user fk from 104.42.27.187 ...	2019-09-15 22:13:22
104.42.27.187	attack	Sep 13 21:32:07 vps691689 sshd[20492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Sep 13 21:32:09 vps691689 sshd[20492]: Failed password for invalid user mysql2 from 104.42.27.187 port 48696 ssh2 ...	2019-09-14 03:48:00
104.42.27.187	attackspam	Sep 8 22:39:32 kapalua sshd\[21278\]: Invalid user admin from 104.42.27.187 Sep 8 22:39:32 kapalua sshd\[21278\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Sep 8 22:39:34 kapalua sshd\[21278\]: Failed password for invalid user admin from 104.42.27.187 port 1408 ssh2 Sep 8 22:46:39 kapalua sshd\[21960\]: Invalid user server from 104.42.27.187 Sep 8 22:46:39 kapalua sshd\[21960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187	2019-09-09 16:47:04
104.42.27.187	attackspam	Sep 7 14:21:06 hpm sshd\[27072\]: Invalid user ftp_user from 104.42.27.187 Sep 7 14:21:06 hpm sshd\[27072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Sep 7 14:21:09 hpm sshd\[27072\]: Failed password for invalid user ftp_user from 104.42.27.187 port 1408 ssh2 Sep 7 14:26:11 hpm sshd\[27478\]: Invalid user steam from 104.42.27.187 Sep 7 14:26:11 hpm sshd\[27478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187	2019-09-08 08:40:18
104.42.27.187	attack	Aug 13 10:00:58 localhost sshd\[30174\]: Invalid user angie from 104.42.27.187 Aug 13 10:00:58 localhost sshd\[30174\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Aug 13 10:01:00 localhost sshd\[30174\]: Failed password for invalid user angie from 104.42.27.187 port 1600 ssh2 Aug 13 10:06:20 localhost sshd\[30628\]: Invalid user b from 104.42.27.187 Aug 13 10:06:20 localhost sshd\[30628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 ...	2019-08-13 18:48:53
104.42.27.187	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-12 07:57:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.42.27.250
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55778
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.42.27.250.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 23 04:04:28 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 250.27.42.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 250.27.42.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.51.21.93	attackspambots	Feb 6 21:23:44 legacy sshd[15231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 Feb 6 21:23:47 legacy sshd[15231]: Failed password for invalid user uiu from 122.51.21.93 port 59814 ssh2 Feb 6 21:31:24 legacy sshd[15768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 ...	2020-02-07 04:33:56
114.39.241.29	attack	Brute force blocker - service: proftpd1 - aantal: 59 - Tue Jan 22 12:40:06 2019	2020-02-07 04:15:01
189.15.207.164	attack	2020-02-0620:55:561iznFj-0007G4-Un\<=verena@rs-solution.chH=$localhost$[113.177.134.102]:43992P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2268id=1613A5F6FD2907B4686D249C689E863F@rs-solution.chT="Iwantsomethingbeautiful"forluiscarrero@gmail.com2020-02-0620:56:181iznG5-0007Gv-T6\<=verena@rs-solution.chH=mx-ll-183.88.243-95.dynamic.3bb.co.th$localhost$[183.88.243.95]:57728P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2115id=6762D4878C5876C5191C55ED195A7CDF@rs-solution.chT="Iwantsomethingbeautiful"forlvortouni@gmail.com2020-02-0620:56:451iznGW-0007Hr-60\<=verena@rs-solution.chH=$localhost$[14.161.5.229]:60558P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2133id=B6B305565D89A714C8CD843CC812200D@rs-solution.chT="Iwantsomethingbeautiful"forraidergirl42557@yahoo.com2020-02-0620:55:311iznFK-0007F7-Lx\<=verena@rs-solution.chH=$localhost$[113.162.175.148]:52170P=e	2020-02-07 04:16:48
49.70.53.79	attackbotsspam	Brute force blocker - service: proftpd1 - aantal: 25 - Thu Jan 24 07:45:09 2019	2020-02-07 04:08:40
34.93.149.4	attackspambots	Feb 6 20:54:21 DAAP sshd[24867]: Invalid user jde from 34.93.149.4 port 47216 Feb 6 20:54:21 DAAP sshd[24867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.93.149.4 Feb 6 20:54:21 DAAP sshd[24867]: Invalid user jde from 34.93.149.4 port 47216 Feb 6 20:54:24 DAAP sshd[24867]: Failed password for invalid user jde from 34.93.149.4 port 47216 ssh2 Feb 6 20:57:10 DAAP sshd[24902]: Invalid user uea from 34.93.149.4 port 33214 ...	2020-02-07 04:46:44
183.135.1.96	attack	Brute force blocker - service: proftpd1 - aantal: 34 - Sat Jan 12 08:25:07 2019	2020-02-07 04:36:51
114.46.222.10	attackspambots	Brute force blocker - service: proftpd1 - aantal: 36 - Mon Jan 21 02:30:07 2019	2020-02-07 04:18:57
3.113.64.117	attackbots	Automatic report - SSH Brute-Force Attack	2020-02-07 04:43:32
36.88.42.53	attackbotsspam	Automatic report - Port Scan Attack	2020-02-07 04:16:17
77.243.181.54	attackbots	02/06/2020-20:57:12.039184 77.243.181.54 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 74	2020-02-07 04:45:21
189.213.160.137	attackbots	Automatic report - Port Scan	2020-02-07 04:38:11
222.244.81.251	attackbotsspam	Brute force blocker - service: proftpd1 - aantal: 147 - Mon Jan 14 10:25:08 2019	2020-02-07 04:32:55
113.226.127.111	attack	Brute force blocker - service: proftpd1, proftpd2 - aantal: 45 - Sun Jan 13 08:30:08 2019	2020-02-07 04:35:52
113.177.134.102	attack	2020-02-0620:55:561iznFj-0007G4-Un\<=verena@rs-solution.chH=$localhost$[113.177.134.102]:43992P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2268id=1613A5F6FD2907B4686D249C689E863F@rs-solution.chT="Iwantsomethingbeautiful"forluiscarrero@gmail.com2020-02-0620:56:181iznG5-0007Gv-T6\<=verena@rs-solution.chH=mx-ll-183.88.243-95.dynamic.3bb.co.th$localhost$[183.88.243.95]:57728P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2115id=6762D4878C5876C5191C55ED195A7CDF@rs-solution.chT="Iwantsomethingbeautiful"forlvortouni@gmail.com2020-02-0620:56:451iznGW-0007Hr-60\<=verena@rs-solution.chH=$localhost$[14.161.5.229]:60558P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2133id=B6B305565D89A714C8CD843CC812200D@rs-solution.chT="Iwantsomethingbeautiful"forraidergirl42557@yahoo.com2020-02-0620:55:311iznFK-0007F7-Lx\<=verena@rs-solution.chH=$localhost$[113.162.175.148]:52170P=e	2020-02-07 04:25:31
200.209.174.38	attack	Feb 6 21:08:23 srv-ubuntu-dev3 sshd[98626]: Invalid user kpe from 200.209.174.38 Feb 6 21:08:23 srv-ubuntu-dev3 sshd[98626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.209.174.38 Feb 6 21:08:23 srv-ubuntu-dev3 sshd[98626]: Invalid user kpe from 200.209.174.38 Feb 6 21:08:24 srv-ubuntu-dev3 sshd[98626]: Failed password for invalid user kpe from 200.209.174.38 port 60617 ssh2 Feb 6 21:11:42 srv-ubuntu-dev3 sshd[99114]: Invalid user efg from 200.209.174.38 Feb 6 21:11:42 srv-ubuntu-dev3 sshd[99114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.209.174.38 Feb 6 21:11:42 srv-ubuntu-dev3 sshd[99114]: Invalid user efg from 200.209.174.38 Feb 6 21:11:44 srv-ubuntu-dev3 sshd[99114]: Failed password for invalid user efg from 200.209.174.38 port 45085 ssh2 Feb 6 21:15:08 srv-ubuntu-dev3 sshd[99394]: Invalid user vih from 200.209.174.38 ...	2020-02-07 04:26:50

最近上报的IP列表

62.157.189.81	37.0.248.108	53.191.80.53	41.140.2.30
51.83.76.139	38.179.49.11	104.212.155.28	160.156.110.127
103.136.189.250	138.68.9.54	74.110.240.176	201.41.92.112
88.160.216.166	154.13.114.233	106.71.116.186	54.233.32.224
194.245.14.63	150.179.82.103	77.243.209.154	68.197.166.131