必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Hong Kong Telecommunications (HKT) Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
类型 评论内容 时间
attackbotsspam
Unauthorized connection attempt detected from IP address 42.2.49.156 to port 5555 [T]
2020-08-29 20:57:03
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.49.156
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3251
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.49.156.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082900 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 29 20:56:57 CST 2020
;; MSG SIZE  rcvd: 115
HOST信息:
156.49.2.42.in-addr.arpa domain name pointer 42-2-49-156.static.netvigator.com.
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
156.49.2.42.in-addr.arpa	name = 42-2-49-156.static.netvigator.com.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
170.80.241.27 attackbots
1599757031 - 09/10/2020 18:57:11 Host: 170.80.241.27/170.80.241.27 Port: 445 TCP Blocked
2020-09-11 06:22:48
152.32.72.50 attackbots
2020-09-10T21:29:00Z - RDP login failed multiple times. (152.32.72.50)
2020-09-11 06:06:06
86.100.13.247 attack
Sep 10 18:56:42 dev sshd\[24559\]: Invalid user admin from 86.100.13.247 port 48036
Sep 10 18:56:42 dev sshd\[24559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.100.13.247
Sep 10 18:56:44 dev sshd\[24559\]: Failed password for invalid user admin from 86.100.13.247 port 48036 ssh2
2020-09-11 05:58:54
103.119.165.232 attack
1599757077 - 09/10/2020 18:57:57 Host: 103.119.165.232/103.119.165.232 Port: 445 TCP Blocked
2020-09-11 05:45:51
122.100.215.82 attackspam
Sep 10 18:57:15 vmd26974 sshd[2236]: Failed password for root from 122.100.215.82 port 44755 ssh2
...
2020-09-11 06:21:08
123.30.236.149 attack
123.30.236.149 (VN/Vietnam/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 10 12:57:14 server5 sshd[24882]: Failed password for root from 178.128.61.101 port 58388 ssh2
Sep 10 12:57:17 server5 sshd[24891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.120.37  user=root
Sep 10 12:57:12 server5 sshd[24882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.61.101  user=root
Sep 10 12:53:03 server5 sshd[22713]: Failed password for root from 54.38.55.136 port 34870 ssh2
Sep 10 12:56:21 server5 sshd[24154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.236.149  user=root
Sep 10 12:56:23 server5 sshd[24154]: Failed password for root from 123.30.236.149 port 11284 ssh2

IP Addresses Blocked:

178.128.61.101 (SG/Singapore/-)
68.183.120.37 (US/United States/-)
54.38.55.136 (PL/Poland/-)
2020-09-11 06:14:50
191.6.52.241 attackspambots
Sep 10 18:57:54 andromeda sshd\[7036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.6.52.241  user=root
Sep 10 18:57:55 andromeda sshd\[7035\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.6.52.241  user=root
Sep 10 18:57:56 andromeda sshd\[7036\]: Failed password for root from 191.6.52.241 port 57409 ssh2
2020-09-11 05:43:21
104.244.74.169 attackbotsspam
Dear user,
 
The IP address [104.244.74.169] experienced 2 failed attempts when attempting to log into SSH running on AstroParrotsNAS within 5 minutes, and was blocked at Wed Sep  9 15:40:51 2020.
 
From AstroParrotsNAS
2020-09-11 06:06:26
61.105.207.143 attackbots
Sep 10 13:57:45 firewall sshd[18010]: Invalid user admin from 61.105.207.143
Sep 10 13:57:48 firewall sshd[18010]: Failed password for invalid user admin from 61.105.207.143 port 53584 ssh2
Sep 10 13:57:50 firewall sshd[18012]: Invalid user admin from 61.105.207.143
...
2020-09-11 05:53:32
111.229.188.72 attackspam
vps:sshd-InvalidUser
2020-09-11 05:48:16
192.99.35.113 attack
192.99.35.113 - - [10/Sep/2020:18:57:49 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-09-11 05:54:00
61.76.19.55 attackbots
Lines containing failures of 61.76.19.55
Sep 10 19:24:38 mellenthin sshd[12998]: Invalid user admin from 61.76.19.55 port 39053
Sep 10 19:24:38 mellenthin sshd[12998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.76.19.55
Sep 10 19:24:41 mellenthin sshd[12998]: Failed password for invalid user admin from 61.76.19.55 port 39053 ssh2
Sep 10 19:24:41 mellenthin sshd[12998]: Connection closed by invalid user admin 61.76.19.55 port 39053 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=61.76.19.55
2020-09-11 05:57:18
200.129.139.116 attackbots
200.129.139.116 (BR/Brazil/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 10 13:01:46 server5 sshd[27133]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.129.139.116  user=root
Sep 10 12:59:51 server5 sshd[26242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.207.6.163  user=root
Sep 10 12:59:54 server5 sshd[26242]: Failed password for root from 115.207.6.163 port 48020 ssh2
Sep 10 12:58:24 server5 sshd[25422]: Failed password for root from 152.136.11.110 port 59980 ssh2
Sep 10 12:58:23 server5 sshd[25422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.11.110  user=root
Sep 10 12:59:02 server5 sshd[25785]: Failed password for root from 82.65.27.68 port 51792 ssh2

IP Addresses Blocked:
2020-09-11 06:24:03
219.78.61.11 attackspambots
Lines containing failures of 219.78.61.11 (max 1000)
Sep 10 19:23:34 HOSTNAME sshd[30175]: Invalid user ubnt from 219.78.61.11 port 55466
Sep 10 19:23:36 HOSTNAME sshd[30175]: Failed password for invalid user ubnt from 219.78.61.11 port 55466 ssh2
Sep 10 19:23:36 HOSTNAME sshd[30175]: Connection closed by 219.78.61.11 port 55466 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=219.78.61.11
2020-09-11 06:09:10
85.209.0.251 attack
Sep  6 : SSH login attempts with invalid user
2020-09-11 06:15:09

最近上报的IP列表

165.232.124.159 141.212.123.205 121.229.198.112 88.135.40.127
87.251.66.206 86.98.159.22 43.230.198.59 27.75.73.82
220.133.223.7 213.61.183.251 189.209.249.64 187.167.71.189
187.163.123.175 187.163.70.85 187.162.135.148 187.162.119.85
187.162.37.22 182.119.62.118 165.22.78.224 142.93.239.248