42.112.211.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Invalid user erp from 42.112.211.52 port 39306	2020-09-03 20:28:56
attack	Invalid user erp from 42.112.211.52 port 39306	2020-09-03 12:14:01
attack	Invalid user erp from 42.112.211.52 port 39306	2020-09-03 04:33:21
attackbotsspam	Aug 28 16:21:24 v22019038103785759 sshd\[19113\]: Invalid user asterisk from 42.112.211.52 port 57889 Aug 28 16:21:24 v22019038103785759 sshd\[19113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 Aug 28 16:21:26 v22019038103785759 sshd\[19113\]: Failed password for invalid user asterisk from 42.112.211.52 port 57889 ssh2 Aug 28 16:30:24 v22019038103785759 sshd\[19889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 user=root Aug 28 16:30:26 v22019038103785759 sshd\[19889\]: Failed password for root from 42.112.211.52 port 11869 ssh2 ...	2020-08-29 00:08:50
attack	Lines containing failures of 42.112.211.52 Aug 24 04:26:29 kmh-vmh-003-fsn07 sshd[10353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 user=r.r Aug 24 04:26:31 kmh-vmh-003-fsn07 sshd[10353]: Failed password for r.r from 42.112.211.52 port 35634 ssh2 Aug 24 04:26:32 kmh-vmh-003-fsn07 sshd[10353]: Received disconnect from 42.112.211.52 port 35634:11: Bye Bye [preauth] Aug 24 04:26:32 kmh-vmh-003-fsn07 sshd[10353]: Disconnected from authenticating user r.r 42.112.211.52 port 35634 [preauth] Aug 24 04:44:55 kmh-vmh-003-fsn07 sshd[12890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 user=r.r Aug 24 04:44:57 kmh-vmh-003-fsn07 sshd[12890]: Failed password for r.r from 42.112.211.52 port 23324 ssh2 Aug 24 04:44:58 kmh-vmh-003-fsn07 sshd[12890]: Received disconnect from 42.112.211.52 port 23324:11: Bye Bye [preauth] Aug 24 04:44:58 kmh-vmh-003-fsn07 sshd[12890]: Dis........ ------------------------------	2020-08-24 14:38:32
attackbotsspam	Aug 23 23:01:18 game-panel sshd[11087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 Aug 23 23:01:20 game-panel sshd[11087]: Failed password for invalid user webmaster from 42.112.211.52 port 34336 ssh2 Aug 23 23:03:11 game-panel sshd[11166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52	2020-08-24 09:14:33
attack	Aug 17 10:30:27 gw1 sshd[6484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 Aug 17 10:30:29 gw1 sshd[6484]: Failed password for invalid user nci from 42.112.211.52 port 62658 ssh2 ...	2020-08-17 14:03:33
attackspambots	Aug 12 14:39:24 ip106 sshd[30954]: Failed password for root from 42.112.211.52 port 31125 ssh2 ...	2020-08-12 20:53:18
attackspambots	Failed password for root from 42.112.211.52 port 60136 ssh2	2020-08-08 18:58:52
attackbotsspam	Aug 5 22:37:25 ip40 sshd[15013]: Failed password for root from 42.112.211.52 port 40777 ssh2 ...	2020-08-06 05:08:04
attackbots	detected by Fail2Ban	2020-08-05 04:51:22
attackspambots	Invalid user chenjiaze from 42.112.211.52 port 61923	2020-07-31 19:14:51
attackspambots	Invalid user shan from 42.112.211.52 port 48449	2020-07-27 01:10:25
attack	Jul 22 19:46:31 our-server-hostname sshd[20260]: Invalid user tester from 42.112.211.52 Jul 22 19:46:31 our-server-hostname sshd[20260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 Jul 22 19:46:34 our-server-hostname sshd[20260]: Failed password for invalid user tester from 42.112.211.52 port 40514 ssh2 Jul 22 19:58:25 our-server-hostname sshd[22003]: Invalid user testadmin from 42.112.211.52 Jul 22 19:58:25 our-server-hostname sshd[22003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 Jul 22 19:58:27 our-server-hostname sshd[22003]: Failed password for invalid user testadmin from 42.112.211.52 port 44529 ssh2 Jul 22 20:00:50 our-server-hostname sshd[22307]: Invalid user postgre from 42.112.211.52 Jul 22 20:00:51 our-server-hostname sshd[22307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 Jul 22 20........ -------------------------------	2020-07-26 13:14:13
attackbotsspam	Jul 22 19:46:31 our-server-hostname sshd[20260]: Invalid user tester from 42.112.211.52 Jul 22 19:46:31 our-server-hostname sshd[20260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 Jul 22 19:46:34 our-server-hostname sshd[20260]: Failed password for invalid user tester from 42.112.211.52 port 40514 ssh2 Jul 22 19:58:25 our-server-hostname sshd[22003]: Invalid user testadmin from 42.112.211.52 Jul 22 19:58:25 our-server-hostname sshd[22003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 Jul 22 19:58:27 our-server-hostname sshd[22003]: Failed password for invalid user testadmin from 42.112.211.52 port 44529 ssh2 Jul 22 20:00:50 our-server-hostname sshd[22307]: Invalid user postgre from 42.112.211.52 Jul 22 20:00:51 our-server-hostname sshd[22307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.211.52 Jul 22 20........ -------------------------------	2020-07-25 03:15:47

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.112.211.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61974
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.112.211.52.			IN	A

;; AUTHORITY SECTION:
.			417	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072401 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 25 03:15:43 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.211.112.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 52.211.112.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
113.161.4.1	attackspambots	1597031685 - 08/10/2020 05:54:45 Host: 113.161.4.1/113.161.4.1 Port: 445 TCP Blocked ...	2020-08-10 14:08:21
202.188.101.106	attack	Aug 10 08:08:10 server sshd[18906]: Failed password for root from 202.188.101.106 port 39561 ssh2 Aug 10 08:12:41 server sshd[24400]: Failed password for root from 202.188.101.106 port 43667 ssh2 Aug 10 08:17:09 server sshd[30158]: Failed password for root from 202.188.101.106 port 47764 ssh2	2020-08-10 14:41:36
216.24.177.73	attackspambots	$f2bV_matches	2020-08-10 14:19:28
140.143.207.57	attackbotsspam	Aug 10 03:48:12 ns3033917 sshd[6209]: Failed password for root from 140.143.207.57 port 41436 ssh2 Aug 10 03:54:24 ns3033917 sshd[6256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.207.57 user=root Aug 10 03:54:26 ns3033917 sshd[6256]: Failed password for root from 140.143.207.57 port 46480 ssh2 ...	2020-08-10 14:24:06
122.154.24.254	attackbotsspam	Automatic report - XMLRPC Attack	2020-08-10 14:17:06
13.70.199.80	attackspam	13.70.199.80 - - [10/Aug/2020:04:54:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1801 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 13.70.199.80 - - [10/Aug/2020:04:54:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1779 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 13.70.199.80 - - [10/Aug/2020:04:54:28 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-10 14:22:25
81.70.16.246	attackspambots	2020-08-10T06:10:50.182985centos sshd[22508]: Failed password for root from 81.70.16.246 port 36430 ssh2 2020-08-10T06:13:47.673991centos sshd[23090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.16.246 user=root 2020-08-10T06:13:49.492486centos sshd[23090]: Failed password for root from 81.70.16.246 port 49482 ssh2 ...	2020-08-10 14:43:26
77.107.53.238	attackspam	SSH break in attempt ...	2020-08-10 14:38:07
218.77.100.184	attack	(eximsyntax) Exim syntax errors from 218.77.100.184 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-10 08:24:02 SMTP call from [218.77.100.184] dropped: too many syntax or protocol errors (last command was "?\034?\032?\027?\031?\034?\033?\030?\032?\026?\016?\r?\v?\f? ?")	2020-08-10 14:31:50
122.51.167.108	attackspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-10 14:15:52
52.183.56.107	attackspambots	"GET /wp-admin/vuln.php HTTP/1.1" 404 "GET /wp-admin/vuln.htm HTTP/1.1" 404 "GET /wp-content/plugins/downloads-manager/img/unlock.gif HTTP/1.1" 404 "POST /?gf_page=upload HTTP/1.1" 404 "POST /?gf_page=upload HTTP/1.1" 404 "GET /_input_3_vuln.htm HTTP/1.1" 404 "GET /wp-content/_input_3_vuln.htm HTTP/1.1" 404	2020-08-10 14:16:31
202.188.20.123	attackspambots	Bruteforce detected by fail2ban	2020-08-10 14:31:08
43.243.214.42	attackspambots	Aug 10 05:42:26 myvps sshd[12392]: Failed password for root from 43.243.214.42 port 44342 ssh2 Aug 10 05:50:29 myvps sshd[17391]: Failed password for root from 43.243.214.42 port 34188 ssh2 ...	2020-08-10 14:33:01
94.191.23.15	attack	Aug 10 05:35:11 vm0 sshd[31307]: Failed password for root from 94.191.23.15 port 47014 ssh2 ...	2020-08-10 14:06:53
85.209.0.103	attackspam	Automatic report BANNED IP	2020-08-10 14:11:38

最近上报的IP列表

213.195.222.127	201.55.142.15	188.92.214.203	188.92.209.147
179.125.115.182	179.61.94.70	179.49.15.246	45.6.174.221
177.154.72.24	177.23.77.111	143.208.250.99	31.185.98.202
138.36.193.20	103.198.80.76	87.249.157.216	196.0.113.182
191.53.252.58	191.53.250.126	191.37.8.149	189.126.169.158