42.2.125.225 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Hong Kong Telecommunications (HKT) Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized connection attempt detected from IP address 42.2.125.225 to port 5555 [J]	2020-03-01 01:10:28

相同子网IP讨论:

IP	类型	评论内容	时间
42.2.125.4	attackbots	Brute-force attempt banned	2020-09-24 01:06:44
42.2.125.4	attackbotsspam	Brute-force attempt banned	2020-09-23 17:09:37
42.2.125.4	attackspam	Sep 18 07:00:14 scw-focused-cartwright sshd[17103]: Failed password for root from 42.2.125.4 port 55468 ssh2	2020-09-20 00:31:22
42.2.125.4	attackspam	Sep 18 07:00:14 scw-focused-cartwright sshd[17103]: Failed password for root from 42.2.125.4 port 55468 ssh2	2020-09-19 16:17:42
42.2.125.4	attack	Sep 18 07:00:14 scw-focused-cartwright sshd[17103]: Failed password for root from 42.2.125.4 port 55468 ssh2	2020-09-19 07:52:57
42.2.125.137	attack	Honeypot attack, port: 5555, PTR: 42-2-125-137.static.netvigator.com.	2020-03-23 05:30:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.125.225
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28824
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.125.225.			IN	A

;; AUTHORITY SECTION:
.			449	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022900 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 01 01:10:26 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

225.125.2.42.in-addr.arpa domain name pointer 42-2-125-225.static.netvigator.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
225.125.2.42.in-addr.arpa	name = 42-2-125-225.static.netvigator.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
78.118.109.112	attackspam	Apr 24 19:50:38 gw1 sshd[1405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.118.109.112 Apr 24 19:50:39 gw1 sshd[1405]: Failed password for invalid user night from 78.118.109.112 port 50738 ssh2 ...	2020-04-24 23:31:04
123.16.29.57	attackbots	DATE:2020-04-24 14:05:53, IP:123.16.29.57, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-04-24 23:41:25
170.130.98.157	attack	(From eric@talkwithwebvisitor.com) Cool website! My name’s Eric, and I just found your site - performancechiroofga.com - while surfing the net. You showed up at the top of the search results, so I checked you out. Looks like what you’re doing is pretty cool. But if you don’t mind me asking – after someone like me stumbles across performancechiroofga.com, what usually happens? Is your site generating leads for your business? I’m guessing some, but I also bet you’d like more… studies show that 7 out 10 who land on a site wind up leaving without a trace. Not good. Here’s a thought – what if there was an easy way for every visitor to “raise their hand” to get a phone call from you INSTANTLY… the second they hit your site and said, “call me now.” You can – Talk With Web Visitor is a software widget that’s works on your site, ready to capture any visitor’s Name, Email address and Phone Number. It lets you know IMMEDIATELY – so that you can talk to that lead while they’re literally look	2020-04-24 23:23:42
91.121.145.227	attackbotsspam	Apr 24 13:58:57 server sshd[8523]: Failed password for root from 91.121.145.227 port 47902 ssh2 Apr 24 14:02:56 server sshd[9938]: Failed password for invalid user sampath from 91.121.145.227 port 39242 ssh2 Apr 24 14:06:53 server sshd[11244]: Failed password for invalid user graylog from 91.121.145.227 port 58464 ssh2	2020-04-24 22:57:45
94.191.64.14	attack	Apr 23 01:46:26 vl01 sshd[1214]: Invalid user sr from 94.191.64.14 port 10132 Apr 23 01:46:26 vl01 sshd[1214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.64.14 Apr 23 01:46:28 vl01 sshd[1214]: Failed password for invalid user sr from 94.191.64.14 port 10132 ssh2 Apr 23 01:46:28 vl01 sshd[1214]: Received disconnect from 94.191.64.14 port 10132:11: Bye Bye [preauth] Apr 23 01:46:28 vl01 sshd[1214]: Disconnected from 94.191.64.14 port 10132 [preauth] Apr 23 01:51:25 vl01 sshd[1741]: Invalid user user from 94.191.64.14 port 55526 Apr 23 01:51:25 vl01 sshd[1741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.64.14 Apr 23 01:51:28 vl01 sshd[1741]: Failed password for invalid user user from 94.191.64.14 port 55526 ssh2 Apr 23 01:51:28 vl01 sshd[1741]: Received disconnect from 94.191.64.14 port 55526:11: Bye Bye [preauth] Apr 23 01:51:28 vl01 sshd[1741]: Disconnected from 94.191........ -------------------------------	2020-04-24 23:09:28
139.59.108.237	attack	Apr 24 16:10:02 nextcloud sshd\[8877\]: Invalid user dice from 139.59.108.237 Apr 24 16:10:02 nextcloud sshd\[8877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.108.237 Apr 24 16:10:04 nextcloud sshd\[8877\]: Failed password for invalid user dice from 139.59.108.237 port 55654 ssh2	2020-04-24 23:12:40
77.55.219.174	attack	Lines containing failures of 77.55.219.174 Apr 23 13:38:24 shared09 sshd[10761]: Invalid user ghostname from 77.55.219.174 port 40526 Apr 23 13:38:24 shared09 sshd[10761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.55.219.174 Apr 23 13:38:26 shared09 sshd[10761]: Failed password for invalid user ghostname from 77.55.219.174 port 40526 ssh2 Apr 23 13:38:26 shared09 sshd[10761]: Received disconnect from 77.55.219.174 port 40526:11: Bye Bye [preauth] Apr 23 13:38:26 shared09 sshd[10761]: Disconnected from invalid user ghostname 77.55.219.174 port 40526 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=77.55.219.174	2020-04-24 23:39:32
85.117.233.204	attackbots	Apr 23 05:29:59 mxgate1 postfix/postscreen[7517]: CONNECT from [85.117.233.204]:40058 to [176.31.12.44]:25 Apr 23 05:29:59 mxgate1 postfix/dnsblog[7519]: addr 85.117.233.204 listed by domain zen.spamhaus.org as 127.0.0.3 Apr 23 05:30:05 mxgate1 postfix/postscreen[7517]: DNSBL rank 2 for [85.117.233.204]:40058 Apr 23 05:30:05 mxgate1 postfix/tlsproxy[7830]: CONNECT from [85.117.233.204]:40058 Apr x@x Apr 23 05:30:06 mxgate1 postfix/postscreen[7517]: DISCONNECT [85.117.233.204]:40058 Apr 23 05:30:06 mxgate1 postfix/tlsproxy[7830]: DISCONNECT [85.117.233.204]:40058 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=85.117.233.204	2020-04-24 23:18:48
45.55.155.72	attack	Bruteforce detected by fail2ban	2020-04-24 23:24:14
5.230.84.57	attack	Fake meds	2020-04-24 23:17:48
31.40.214.200	attack	Apr 24 16:03:28 pornomens sshd\[20509\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.40.214.200 user=root Apr 24 16:03:30 pornomens sshd\[20509\]: Failed password for root from 31.40.214.200 port 41406 ssh2 Apr 24 16:07:45 pornomens sshd\[20544\]: Invalid user piotr from 31.40.214.200 port 57042 Apr 24 16:07:45 pornomens sshd\[20544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.40.214.200 ...	2020-04-24 23:41:50
178.33.237.66	attackbotsspam	[2020-04-24 11:05:04] NOTICE[1170] chan_sip.c: Registration from '' failed for '178.33.237.66:63782' - Wrong password [2020-04-24 11:05:04] SECURITY[1184] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-24T11:05:04.399-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="test",SessionID="0x7f6c0832ab08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/178.33.237.66/49452",Challenge="31194c87",ReceivedChallenge="31194c87",ReceivedHash="d65f0a32cd4efb5598071dcfbb3f6d0d" [2020-04-24 11:07:42] NOTICE[1170] chan_sip.c: Registration from '' failed for '178.33.237.66:62942' - Wrong password [2020-04-24 11:07:42] SECURITY[1184] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-24T11:07:42.052-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="6150",SessionID="0x7f6c0832ab08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/178.33.237.66 ...	2020-04-24 23:34:17
218.92.0.172	attackbotsspam	Apr 24 16:33:20 vps sshd[1035534]: Failed password for root from 218.92.0.172 port 44665 ssh2 Apr 24 16:33:23 vps sshd[1035534]: Failed password for root from 218.92.0.172 port 44665 ssh2 Apr 24 16:33:26 vps sshd[1035534]: Failed password for root from 218.92.0.172 port 44665 ssh2 Apr 24 16:33:30 vps sshd[1035534]: Failed password for root from 218.92.0.172 port 44665 ssh2 Apr 24 16:33:33 vps sshd[1035534]: Failed password for root from 218.92.0.172 port 44665 ssh2 ...	2020-04-24 23:06:58
92.57.74.239	attackspam	Unauthorized SSH login attempts	2020-04-24 23:33:13
54.38.193.111	attackbots	Apr 24 16:58:31 debian-2gb-nbg1-2 kernel: \[9999254.989858\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=54.38.193.111 DST=195.201.40.59 LEN=52 TOS=0x02 PREC=0x00 TTL=113 ID=16355 DF PROTO=TCP SPT=49662 DPT=60 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2020-04-24 22:59:07

最近上报的IP列表

186.227.44.215	90.96.103.240	185.208.148.91	185.160.60.160
185.128.136.182	185.41.82.190	180.245.91.54	178.65.117.216
177.132.192.28	170.106.37.222	168.0.128.124	75.187.9.14
159.146.11.42	151.30.155.229	197.124.144.31	238.132.107.112
131.4.244.6	226.81.14.230	124.122.182.241	123.194.185.254