42.101.38.160 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Heilongjiang Telecom Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Invalid user yft from 42.101.38.160 port 44700	2020-03-31 18:00:07
attackbotsspam	SSH login attempts.	2020-03-27 20:35:59
attackbots	Mar 25 22:29:15 Ubuntu-1404-trusty-64-minimal sshd\[15748\]: Invalid user willma from 42.101.38.160 Mar 25 22:29:15 Ubuntu-1404-trusty-64-minimal sshd\[15748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.101.38.160 Mar 25 22:29:16 Ubuntu-1404-trusty-64-minimal sshd\[15748\]: Failed password for invalid user willma from 42.101.38.160 port 41578 ssh2 Mar 25 22:42:37 Ubuntu-1404-trusty-64-minimal sshd\[28332\]: Invalid user vk from 42.101.38.160 Mar 25 22:42:37 Ubuntu-1404-trusty-64-minimal sshd\[28332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.101.38.160	2020-03-26 07:44:55
attackspam	Mar 23 18:41:22 vmd17057 sshd[12572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.101.38.160 Mar 23 18:41:23 vmd17057 sshd[12572]: Failed password for invalid user sinus from 42.101.38.160 port 47156 ssh2 ...	2020-03-24 02:16:56
attackspam	SSH Brute Force	2020-03-12 08:59:56

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.101.38.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43612
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.101.38.160.			IN	A

;; AUTHORITY SECTION:
.			371	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031102 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 12 08:59:50 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 160.38.101.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 160.38.101.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.85.42.232	attackbotsspam	May 20 22:46:48 home sshd[5583]: Failed password for root from 112.85.42.232 port 31098 ssh2 May 20 22:48:05 home sshd[5776]: Failed password for root from 112.85.42.232 port 32502 ssh2 May 20 22:48:08 home sshd[5776]: Failed password for root from 112.85.42.232 port 32502 ssh2 ...	2020-05-21 05:00:11
71.45.233.98	attack	May 20 20:15:22 game-panel sshd[4259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.45.233.98 May 20 20:15:24 game-panel sshd[4259]: Failed password for invalid user cdph from 71.45.233.98 port 49528 ssh2 May 20 20:20:06 game-panel sshd[4446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.45.233.98	2020-05-21 04:58:34
148.229.3.242	attackspam	May 21 05:20:12 localhost sshd[2826258]: Connection closed by 148.229.3.242 port 54360 [preauth] ...	2020-05-21 04:57:45
103.253.42.59	attackspam	[2020-05-20 16:54:46] NOTICE[1157][C-00007581] chan_sip.c: Call from '' (103.253.42.59:62884) to extension '00046812400987' rejected because extension not found in context 'public'. [2020-05-20 16:54:46] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-20T16:54:46.260-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00046812400987",SessionID="0x7f5f10443b28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.253.42.59/62884",ACLName="no_extension_match" [2020-05-20 16:57:00] NOTICE[1157][C-00007582] chan_sip.c: Call from '' (103.253.42.59:55298) to extension '46812400987' rejected because extension not found in context 'public'. [2020-05-20 16:57:00] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-20T16:57:00.189-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="46812400987",SessionID="0x7f5f1058e4f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.253.42 ...	2020-05-21 05:07:45
195.54.160.211	attackbotsspam	May 20 21:33:14 debian-2gb-nbg1-2 kernel: \[12262019.700817\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.211 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=62108 PROTO=TCP SPT=49534 DPT=39596 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-21 05:12:48
95.9.162.240	attackspambots	Honeypot attack, port: 445, PTR: 95.9.162.240.static.ttnet.com.tr.	2020-05-21 05:14:03
115.73.98.125	attack	" "	2020-05-21 05:02:33
113.252.163.157	attackspam	Honeypot attack, port: 5555, PTR: 157-163-252-113-on-nets.com.	2020-05-21 05:01:12
118.25.74.248	attackbotsspam	May 20 23:59:29 pkdns2 sshd\[7203\]: Invalid user tlq from 118.25.74.248May 20 23:59:30 pkdns2 sshd\[7203\]: Failed password for invalid user tlq from 118.25.74.248 port 50134 ssh2May 21 00:03:46 pkdns2 sshd\[7369\]: Invalid user xic from 118.25.74.248May 21 00:03:48 pkdns2 sshd\[7369\]: Failed password for invalid user xic from 118.25.74.248 port 47880 ssh2May 21 00:07:56 pkdns2 sshd\[7535\]: Invalid user lsp from 118.25.74.248May 21 00:07:58 pkdns2 sshd\[7535\]: Failed password for invalid user lsp from 118.25.74.248 port 45622 ssh2 ...	2020-05-21 05:13:14
140.143.136.89	attack	Automatic report BANNED IP	2020-05-21 04:47:20
159.89.194.103	attackbotsspam	May 18 18:27:32 sip sshd[1901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.194.103 May 18 18:27:34 sip sshd[1901]: Failed password for invalid user wangxiaoli from 159.89.194.103 port 59954 ssh2 May 18 18:32:26 sip sshd[3716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.194.103	2020-05-21 04:56:05
36.67.163.146	attackbotsspam	2020-05-20T20:22:19.897568ionos.janbro.de sshd[87281]: Invalid user ftx from 36.67.163.146 port 39708 2020-05-20T20:22:22.100729ionos.janbro.de sshd[87281]: Failed password for invalid user ftx from 36.67.163.146 port 39708 ssh2 2020-05-20T20:26:28.802087ionos.janbro.de sshd[87314]: Invalid user gnp from 36.67.163.146 port 58068 2020-05-20T20:26:29.044976ionos.janbro.de sshd[87314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.67.163.146 2020-05-20T20:26:28.802087ionos.janbro.de sshd[87314]: Invalid user gnp from 36.67.163.146 port 58068 2020-05-20T20:26:31.180680ionos.janbro.de sshd[87314]: Failed password for invalid user gnp from 36.67.163.146 port 58068 ssh2 2020-05-20T20:30:28.792549ionos.janbro.de sshd[87372]: Invalid user mil from 36.67.163.146 port 48192 2020-05-20T20:30:29.068642ionos.janbro.de sshd[87372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.67.163.146 2020-05-20T20:30:28.7925 ...	2020-05-21 04:45:33
222.186.173.180	attack	May 20 22:29:30 server sshd[63530]: Failed none for root from 222.186.173.180 port 50098 ssh2 May 20 22:29:32 server sshd[63530]: Failed password for root from 222.186.173.180 port 50098 ssh2 May 20 22:29:35 server sshd[63530]: Failed password for root from 222.186.173.180 port 50098 ssh2	2020-05-21 04:46:37
212.164.238.189	attackspambots	trying to access non-authorized port	2020-05-21 05:14:41
128.199.206.140	attack	Automatic report - XMLRPC Attack	2020-05-21 05:07:29

最近上报的IP列表

216.158.219.246	202.79.168.154	113.173.182.36	14.226.84.73
37.114.157.76	171.241.59.161	83.234.18.24	212.250.160.34
171.239.186.193	115.79.140.220	163.172.232.199	92.83.36.106
185.201.226.109	34.76.253.30	45.192.160.164	180.242.36.142
183.221.39.39	77.218.103.11	14.241.226.78	14.251.46.138