42.234.210.72 - IPInfo

基本信息:

城市(city): Chifeng

省份(region): Inner Mongolia Autonomous Region

国家(country): China

运营商(isp): China Unicom Henan Province Network

主机名(hostname): unknown

机构(organization): CHINA UNICOM China169 Backbone

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - Port Scan Attack	2019-07-15 00:02:02

相同子网IP讨论:

IP	类型	评论内容	时间
42.234.210.128	attack	Telnet Honeypot -> Telnet Bruteforce / Login	2020-08-21 14:43:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.234.210.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51951
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.234.210.72.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071400 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 00:01:52 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

72.210.234.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
72.210.234.42.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
171.239.200.122	attackspam	Automatic report - Port Scan Attack	2020-02-26 02:13:28
159.65.219.210	attack	Feb 25 07:21:55 wbs sshd\[15923\]: Invalid user renjiawei from 159.65.219.210 Feb 25 07:21:55 wbs sshd\[15923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.219.210 Feb 25 07:21:57 wbs sshd\[15923\]: Failed password for invalid user renjiawei from 159.65.219.210 port 58008 ssh2 Feb 25 07:30:47 wbs sshd\[16641\]: Invalid user jmiller from 159.65.219.210 Feb 25 07:30:47 wbs sshd\[16641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.219.210	2020-02-26 02:19:19
212.252.83.209	attackbotsspam	Honeypot attack, port: 445, PTR: host-212-252-83-209.reverse.superonline.net.	2020-02-26 02:16:03
103.23.138.25	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-26 02:29:52
110.138.148.4	attack	Honeypot attack, port: 445, PTR: 4.subnet110-138-148.speedy.telkom.net.id.	2020-02-26 02:22:52
20.20.20.5	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-26 02:29:24
171.250.176.130	attack	Automatic report - Port Scan Attack	2020-02-26 02:43:22
104.196.4.163	attack	2020-02-26T03:37:39.302697luisaranguren sshd[1233971]: Invalid user zjw from 104.196.4.163 port 46680 2020-02-26T03:37:41.402711luisaranguren sshd[1233971]: Failed password for invalid user zjw from 104.196.4.163 port 46680 ssh2 ...	2020-02-26 02:39:12
49.88.112.65	attackspam	Feb 25 08:30:14 hanapaa sshd\[24027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root Feb 25 08:30:16 hanapaa sshd\[24027\]: Failed password for root from 49.88.112.65 port 59763 ssh2 Feb 25 08:31:18 hanapaa sshd\[24111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root Feb 25 08:31:20 hanapaa sshd\[24111\]: Failed password for root from 49.88.112.65 port 35139 ssh2 Feb 25 08:32:24 hanapaa sshd\[24179\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root	2020-02-26 02:40:50
49.235.246.127	attackbotsspam	Feb 25 18:47:11 sd-53420 sshd\[10712\]: Invalid user jaxson from 49.235.246.127 Feb 25 18:47:11 sd-53420 sshd\[10712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.246.127 Feb 25 18:47:12 sd-53420 sshd\[10712\]: Failed password for invalid user jaxson from 49.235.246.127 port 51970 ssh2 Feb 25 18:56:54 sd-53420 sshd\[11453\]: Invalid user kmycloud from 49.235.246.127 Feb 25 18:56:54 sd-53420 sshd\[11453\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.246.127 ...	2020-02-26 02:27:12
93.174.93.37	attack	VNC brute force attack detected by fail2ban	2020-02-26 02:47:25
5.135.253.172	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 5 - port: 11796 proto: TCP cat: Misc Attack	2020-02-26 02:36:33
45.133.99.130	attack	2020-02-25 19:24:25 dovecot_login authenticator failed for \(\[45.133.99.130\]\) \[45.133.99.130\]: 535 Incorrect authentication data \(set_id=n@no-server.de\) 2020-02-25 19:24:34 dovecot_login authenticator failed for \(\[45.133.99.130\]\) \[45.133.99.130\]: 535 Incorrect authentication data 2020-02-25 19:24:44 dovecot_login authenticator failed for \(\[45.133.99.130\]\) \[45.133.99.130\]: 535 Incorrect authentication data 2020-02-25 19:24:49 dovecot_login authenticator failed for \(\[45.133.99.130\]\) \[45.133.99.130\]: 535 Incorrect authentication data 2020-02-25 19:25:02 dovecot_login authenticator failed for \(\[45.133.99.130\]\) \[45.133.99.130\]: 535 Incorrect authentication data ...	2020-02-26 02:30:10
192.241.211.132	attackbots	9999/tcp 34166/tcp 514/tcp... [2020-02-14/25]11pkt,8pt.(tcp),2pt.(udp)	2020-02-26 02:16:30
103.53.0.41	attackspam	Honeypot attack, port: 445, PTR: xe-103-53-0-41.mag.net.id.	2020-02-26 02:51:45

最近上报的IP列表

161.111.64.62	196.63.138.156	40.113.207.15	217.139.25.100
18.222.25.48	187.159.16.15	2.16.49.99	136.61.120.25
214.25.122.192	190.36.238.72	31.165.177.204	12.97.10.194
151.64.229.130	146.53.72.112	190.16.164.163	2003:d1:7f0a:c400:c5d3:39ad:c1b8:9057
89.34.43.225	129.158.188.218	203.50.43.7	195.61.137.157