39.97.107.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 20 06:02:21 Host-KLAX-C sshd[30842]: Invalid user newuser from 39.97.107.42 port 52692 ...	2020-08-21 01:50:34
attackspambots	Jun 28 14:36:01 server1 sshd\[12973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.97.107.42 user=root Jun 28 14:36:03 server1 sshd\[12973\]: Failed password for root from 39.97.107.42 port 57532 ssh2 Jun 28 14:36:51 server1 sshd\[13553\]: Invalid user ftp-user from 39.97.107.42 Jun 28 14:36:51 server1 sshd\[13553\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.97.107.42 Jun 28 14:36:53 server1 sshd\[13553\]: Failed password for invalid user ftp-user from 39.97.107.42 port 39826 ssh2 ...	2020-06-29 06:43:47

类型

评论内容

时间

attackspam

Aug 20 06:02:21 Host-KLAX-C sshd[30842]: Invalid user newuser from 39.97.107.42 port 52692
...

2020-08-21 01:50:34

attackspambots

Jun 28 14:36:01 server1 sshd\[12973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.97.107.42  user=root
Jun 28 14:36:03 server1 sshd\[12973\]: Failed password for root from 39.97.107.42 port 57532 ssh2
Jun 28 14:36:51 server1 sshd\[13553\]: Invalid user ftp-user from 39.97.107.42
Jun 28 14:36:51 server1 sshd\[13553\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.97.107.42 
Jun 28 14:36:53 server1 sshd\[13553\]: Failed password for invalid user ftp-user from 39.97.107.42 port 39826 ssh2
...

2020-06-29 06:43:47

相同子网IP讨论:

IP	类型	评论内容	时间
39.97.107.161	attack	$f2bV_matches	2020-08-24 00:25:28
39.97.107.15	attackbotsspam	Invalid user lmp from 39.97.107.15 port 36660	2020-05-23 15:45:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 39.97.107.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46859
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;39.97.107.42.			IN	A

;; AUTHORITY SECTION:
.			484	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062801 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 29 06:43:43 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 42.107.97.39.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.107.97.39.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
113.236.22.98	attack	Unauthorised access (Sep 26) SRC=113.236.22.98 LEN=40 TTL=49 ID=53982 TCP DPT=8080 WINDOW=2854 SYN Unauthorised access (Sep 25) SRC=113.236.22.98 LEN=40 TTL=49 ID=60261 TCP DPT=8080 WINDOW=2854 SYN	2019-09-26 16:36:18
148.70.1.30	attackspambots	Sep 26 13:04:28 gw1 sshd[15356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.1.30 Sep 26 13:04:30 gw1 sshd[15356]: Failed password for invalid user omu from 148.70.1.30 port 39794 ssh2 ...	2019-09-26 16:08:02
104.40.0.120	attackspam	Sep 26 10:01:35 MK-Soft-VM7 sshd[15317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.40.0.120 Sep 26 10:01:36 MK-Soft-VM7 sshd[15317]: Failed password for invalid user administrator from 104.40.0.120 port 2496 ssh2 ...	2019-09-26 16:14:34
122.224.129.234	attack	Fail2Ban Ban Triggered	2019-09-26 16:29:25
139.155.21.129	attack	Sep 26 05:48:10 [snip] sshd[16972]: Invalid user track from 139.155.21.129 port 53376 Sep 26 05:48:10 [snip] sshd[16972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.129 Sep 26 05:48:12 [snip] sshd[16972]: Failed password for invalid user track from 139.155.21.129 port 53376 ssh2[...]	2019-09-26 16:34:44
115.159.220.190	attackbots	Sep 26 10:03:01 mail sshd\[3557\]: Invalid user admin from 115.159.220.190 Sep 26 10:03:01 mail sshd\[3557\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.220.190 Sep 26 10:03:04 mail sshd\[3557\]: Failed password for invalid user admin from 115.159.220.190 port 60676 ssh2 ...	2019-09-26 16:20:32
122.10.97.60	attackbotsspam	10 attempts against mh_ha-misc-ban on star.magehost.pro	2019-09-26 16:17:27
58.240.52.75	attackspam	SSH Brute Force	2019-09-26 16:39:45
5.196.29.194	attackspam	Sep 26 10:03:46 s64-1 sshd[7963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.29.194 Sep 26 10:03:48 s64-1 sshd[7963]: Failed password for invalid user up from 5.196.29.194 port 44443 ssh2 Sep 26 10:08:44 s64-1 sshd[7999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.29.194 ...	2019-09-26 16:24:58
95.173.196.206	attackspambots	Sep 26 04:15:54 xtremcommunity sshd\[9944\]: Invalid user aideen from 95.173.196.206 port 56436 Sep 26 04:15:54 xtremcommunity sshd\[9944\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.173.196.206 Sep 26 04:15:55 xtremcommunity sshd\[9944\]: Failed password for invalid user aideen from 95.173.196.206 port 56436 ssh2 Sep 26 04:20:59 xtremcommunity sshd\[10017\]: Invalid user achille from 95.173.196.206 port 42762 Sep 26 04:20:59 xtremcommunity sshd\[10017\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.173.196.206 ...	2019-09-26 16:37:33
176.31.182.125	attackspambots	Sep 26 01:24:45 TORMINT sshd\[18409\]: Invalid user newadmin from 176.31.182.125 Sep 26 01:24:45 TORMINT sshd\[18409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.182.125 Sep 26 01:24:47 TORMINT sshd\[18409\]: Failed password for invalid user newadmin from 176.31.182.125 port 34398 ssh2 ...	2019-09-26 16:00:56
46.148.199.34	attackspam	Sep 25 19:07:11 eddieflores sshd\[8787\]: Invalid user isa from 46.148.199.34 Sep 25 19:07:11 eddieflores sshd\[8787\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.148.199.34 Sep 25 19:07:13 eddieflores sshd\[8787\]: Failed password for invalid user isa from 46.148.199.34 port 43002 ssh2 Sep 25 19:11:49 eddieflores sshd\[9204\]: Invalid user rana from 46.148.199.34 Sep 25 19:11:49 eddieflores sshd\[9204\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.148.199.34	2019-09-26 16:07:09
183.82.2.251	attackspam	Automatic report - Banned IP Access	2019-09-26 16:31:30
185.244.25.254	attackbotsspam	DATE:2019-09-26 05:49:07, IP:185.244.25.254, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-09-26 16:14:16
119.29.2.247	attack	Sep 26 09:15:57 v22019058497090703 sshd[23249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.247 Sep 26 09:15:58 v22019058497090703 sshd[23249]: Failed password for invalid user Administrator from 119.29.2.247 port 40442 ssh2 Sep 26 09:22:54 v22019058497090703 sshd[23743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.247 ...	2019-09-26 16:24:09

最近上报的IP列表

89.246.50.63	31.8.210.9	72.230.174.25	61.238.107.81
67.228.9.43	209.56.53.126	67.33.12.62	223.212.25.124
5.199.142.214	110.198.113.222	45.71.147.50	77.220.193.180
222.185.1.76	131.55.105.163	83.226.253.5	68.213.9.143
83.192.239.102	75.159.50.235	109.122.128.114	186.139.194.238