42.2.49.156 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Hong Kong Telecommunications (HKT) Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 42.2.49.156 to port 5555 [T]	2020-08-29 20:57:03

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.49.156
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3251
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.49.156.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082900 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 29 20:56:57 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

156.49.2.42.in-addr.arpa domain name pointer 42-2-49-156.static.netvigator.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
156.49.2.42.in-addr.arpa	name = 42-2-49-156.static.netvigator.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
78.47.157.226	attack	Nov 18 06:58:04 mc1 kernel: \[5342943.802445\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=78.47.157.226 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54321 PROTO=TCP SPT=50942 DPT=2376 WINDOW=65535 RES=0x00 SYN URGP=0 Nov 18 07:04:22 mc1 kernel: \[5343322.088256\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=78.47.157.226 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54321 PROTO=TCP SPT=33452 DPT=4243 WINDOW=65535 RES=0x00 SYN URGP=0 Nov 18 07:06:06 mc1 kernel: \[5343425.643622\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=78.47.157.226 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54321 PROTO=TCP SPT=51969 DPT=2375 WINDOW=65535 RES=0x00 SYN URGP=0 ...	2019-11-18 14:06:41
60.222.254.231	attackspam	Rude login attack (2 tries in 1d)	2019-11-18 14:07:00
138.68.47.91	attackbots	POST /wp-login.php HTTP/1.1 200 3886 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0	2019-11-18 14:22:49
200.148.25.60	attackspam	Automatic report - Banned IP Access	2019-11-18 14:29:57
185.176.27.6	attackbots	Nov 18 07:09:57 mc1 kernel: \[5343656.353779\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=26054 PROTO=TCP SPT=45486 DPT=36890 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 18 07:13:28 mc1 kernel: \[5343867.999314\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=51096 PROTO=TCP SPT=45486 DPT=40628 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 18 07:13:54 mc1 kernel: \[5343893.794027\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=19199 PROTO=TCP SPT=45486 DPT=35274 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-18 14:22:30
150.136.201.200	attack	Connection by 150.136.201.200 on port: 6380 got caught by honeypot at 11/18/2019 3:52:05 AM	2019-11-18 14:18:23
159.65.234.23	attack	159.65.234.23 - - \[18/Nov/2019:06:39:03 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 159.65.234.23 - - \[18/Nov/2019:06:39:04 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-18 14:46:32
184.75.211.130	attackspambots	(From winfred.kimball98@googlemail.com) We're looking for website owners like yourself who want to automate their existing business and make some extra income... Continuous Residual Income and the product practically sells itself on auto pilot. Check out: http://trimurl.co/AutomateAnyBusiness.	2019-11-18 14:19:22
107.172.61.124	attack	(From HildaSutton982@gmail.com) Hi there! I'm a mobile app developer that can design and program on any platform (Android, iOs, etc). If you already have ideas in mind, I'd love to hear about them. I also have ideas of my own that I'd really love to share with you. Different types of apps can assist your business whether in terms of marketing, business efficiency or both. I can design and program on any platform (Android, iOs), and I wanted to know if you'd like to have an app built for our business for an affordable price. I have some ideas that I'd really like to share with you of things that have worked really well for my other clients. I'd like to also hear about your ideas, so we can collaborate and make them all possible. I'd really like to discuss more about this with you if you're interested in my services. Kindly write back to let me know what you think. I hope to speak with you soon! Sincerely, Hilda Sutton	2019-11-18 14:23:45
92.63.194.90	attack	Nov 18 07:01:48 localhost sshd\[3165\]: Invalid user admin from 92.63.194.90 port 38944 Nov 18 07:01:48 localhost sshd\[3165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.90 Nov 18 07:01:50 localhost sshd\[3165\]: Failed password for invalid user admin from 92.63.194.90 port 38944 ssh2	2019-11-18 14:17:09
60.168.173.80	attack	Bad Postfix AUTH attempts ...	2019-11-18 13:53:44
217.208.52.235	attack	5x Failed Password	2019-11-18 14:44:27
49.88.112.114	attackspambots	Nov 17 19:51:45 wbs sshd\[3186\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Nov 17 19:51:46 wbs sshd\[3186\]: Failed password for root from 49.88.112.114 port 27158 ssh2 Nov 17 19:56:13 wbs sshd\[3517\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Nov 17 19:56:15 wbs sshd\[3517\]: Failed password for root from 49.88.112.114 port 64624 ssh2 Nov 17 19:57:17 wbs sshd\[3592\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root	2019-11-18 13:58:49
171.240.240.239	attack	Automatic report - Port Scan Attack	2019-11-18 14:14:51
222.186.175.169	attack	Nov 18 07:41:55 MK-Soft-Root2 sshd[985]: Failed password for root from 222.186.175.169 port 58288 ssh2 Nov 18 07:42:00 MK-Soft-Root2 sshd[985]: Failed password for root from 222.186.175.169 port 58288 ssh2 ...	2019-11-18 14:42:22

最近上报的IP列表

165.232.124.159	141.212.123.205	121.229.198.112	88.135.40.127
87.251.66.206	86.98.159.22	43.230.198.59	27.75.73.82
220.133.223.7	213.61.183.251	189.209.249.64	187.167.71.189
187.163.123.175	187.163.70.85	187.162.135.148	187.162.119.85
187.162.37.22	182.119.62.118	165.22.78.224	142.93.239.248