42.247.30.132 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Education and Research Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 9 18:11:19 plesk sshd[11921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.132 user=r.r Oct 9 18:11:22 plesk sshd[11921]: Failed password for r.r from 42.247.30.132 port 57098 ssh2 Oct 9 18:11:22 plesk sshd[11921]: Received disconnect from 42.247.30.132: 11: Bye Bye [preauth] Oct 9 18:24:18 plesk sshd[12354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.132 user=r.r Oct 9 18:24:21 plesk sshd[12354]: Failed password for r.r from 42.247.30.132 port 37578 ssh2 Oct 9 18:24:21 plesk sshd[12354]: Received disconnect from 42.247.30.132: 11: Bye Bye [preauth] Oct 9 18:29:15 plesk sshd[12549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.132 user=r.r Oct 9 18:29:18 plesk sshd[12549]: Failed password for r.r from 42.247.30.132 port 48206 ssh2 Oct 9 18:29:18 plesk sshd[12549]: Received disconnect from 42.247......... -------------------------------	2019-10-10 04:43:54

类型

评论内容

时间

attackspam

Oct  9 18:11:19 plesk sshd[11921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.132  user=r.r
Oct  9 18:11:22 plesk sshd[11921]: Failed password for r.r from 42.247.30.132 port 57098 ssh2
Oct  9 18:11:22 plesk sshd[11921]: Received disconnect from 42.247.30.132: 11: Bye Bye [preauth]
Oct  9 18:24:18 plesk sshd[12354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.132  user=r.r
Oct  9 18:24:21 plesk sshd[12354]: Failed password for r.r from 42.247.30.132 port 37578 ssh2
Oct  9 18:24:21 plesk sshd[12354]: Received disconnect from 42.247.30.132: 11: Bye Bye [preauth]
Oct  9 18:29:15 plesk sshd[12549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.132  user=r.r
Oct  9 18:29:18 plesk sshd[12549]: Failed password for r.r from 42.247.30.132 port 48206 ssh2
Oct  9 18:29:18 plesk sshd[12549]: Received disconnect from 42.247.........
-------------------------------

2019-10-10 04:43:54

相同子网IP讨论:

IP	类型	评论内容	时间
42.247.30.156	attackbotsspam	May 12 01:55:59 vps46666688 sshd[15477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.156 May 12 01:56:01 vps46666688 sshd[15477]: Failed password for invalid user z from 42.247.30.156 port 47058 ssh2 ...	2020-05-12 14:23:25
42.247.30.180	attackbots	2020-01-20T04:50:50.955298shield sshd\[28027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.180 user=root 2020-01-20T04:50:53.265873shield sshd\[28027\]: Failed password for root from 42.247.30.180 port 49020 ssh2 2020-01-20T04:57:00.261511shield sshd\[29942\]: Invalid user nexus from 42.247.30.180 port 53014 2020-01-20T04:57:00.265559shield sshd\[29942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.180 2020-01-20T04:57:01.704123shield sshd\[29942\]: Failed password for invalid user nexus from 42.247.30.180 port 53014 ssh2	2020-01-20 14:57:51
42.247.30.150	attack	Jan 20 05:51:50 srv01 sshd[27145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.150 user=root Jan 20 05:51:53 srv01 sshd[27145]: Failed password for root from 42.247.30.150 port 34760 ssh2 Jan 20 05:57:08 srv01 sshd[27553]: Invalid user nexus from 42.247.30.150 port 34620 Jan 20 05:57:08 srv01 sshd[27553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.150 Jan 20 05:57:08 srv01 sshd[27553]: Invalid user nexus from 42.247.30.150 port 34620 Jan 20 05:57:10 srv01 sshd[27553]: Failed password for invalid user nexus from 42.247.30.150 port 34620 ssh2 ...	2020-01-20 14:52:51
42.247.30.135	attackbots	Jan 14 15:07:00 srv-ubuntu-dev3 sshd[33231]: Invalid user local from 42.247.30.135 Jan 14 15:07:00 srv-ubuntu-dev3 sshd[33231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.135 Jan 14 15:07:00 srv-ubuntu-dev3 sshd[33231]: Invalid user local from 42.247.30.135 Jan 14 15:07:02 srv-ubuntu-dev3 sshd[33231]: Failed password for invalid user local from 42.247.30.135 port 51732 ssh2 Jan 14 15:10:12 srv-ubuntu-dev3 sshd[33663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.135 user=root Jan 14 15:10:14 srv-ubuntu-dev3 sshd[33663]: Failed password for root from 42.247.30.135 port 47460 ssh2 Jan 14 15:13:29 srv-ubuntu-dev3 sshd[33897]: Invalid user log from 42.247.30.135 Jan 14 15:13:29 srv-ubuntu-dev3 sshd[33897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.135 Jan 14 15:13:29 srv-ubuntu-dev3 sshd[33897]: Invalid user log from 42.247.30. ...	2020-01-15 02:31:42
42.247.30.180	attack	Oct 4 00:41:04 ny01 sshd[23824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.180 Oct 4 00:41:07 ny01 sshd[23824]: Failed password for invalid user 123May from 42.247.30.180 port 59736 ssh2 Oct 4 00:50:35 ny01 sshd[25377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.180	2019-10-04 12:59:49
42.247.30.174	attackspam	Sep 17 04:44:30 vtv3 sshd\[16335\]: Invalid user carpe from 42.247.30.174 port 40058 Sep 17 04:44:30 vtv3 sshd\[16335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.174 Sep 17 04:44:32 vtv3 sshd\[16335\]: Failed password for invalid user carpe from 42.247.30.174 port 40058 ssh2 Sep 17 04:50:52 vtv3 sshd\[19753\]: Invalid user qc from 42.247.30.174 port 37788 Sep 17 04:50:52 vtv3 sshd\[19753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.174 Sep 17 05:04:21 vtv3 sshd\[26109\]: Invalid user mongo from 42.247.30.174 port 47894 Sep 17 05:04:21 vtv3 sshd\[26109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.174 Sep 17 05:04:24 vtv3 sshd\[26109\]: Failed password for invalid user mongo from 42.247.30.174 port 47894 ssh2 Sep 17 05:09:03 vtv3 sshd\[28638\]: Invalid user temp from 42.247.30.174 port 32792 Sep 17 05:09:03 vtv3 sshd\[28638\]: pam_unix\	2019-09-17 13:48:20
42.247.30.153	attack	Sep 16 01:58:21 ovpn sshd[32566]: Invalid user bu from 42.247.30.153 Sep 16 01:58:21 ovpn sshd[32566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.153 Sep 16 01:58:23 ovpn sshd[32566]: Failed password for invalid user bu from 42.247.30.153 port 47150 ssh2 Sep 16 01:58:23 ovpn sshd[32566]: Received disconnect from 42.247.30.153 port 47150:11: Bye Bye [preauth] Sep 16 01:58:23 ovpn sshd[32566]: Disconnected from 42.247.30.153 port 47150 [preauth] Sep 16 02:09:23 ovpn sshd[2199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.153 user=r.r Sep 16 02:09:25 ovpn sshd[2199]: Failed password for r.r from 42.247.30.153 port 51304 ssh2 Sep 16 02:09:25 ovpn sshd[2199]: Received disconnect from 42.247.30.153 port 51304:11: Bye Bye [preauth] Sep 16 02:09:25 ovpn sshd[2199]: Disconnected from 42.247.30.153 port 51304 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.ht	2019-09-17 06:56:54
42.247.30.188	attack	Sep 16 08:26:02 localhost sshd\[9892\]: Invalid user felipe from 42.247.30.188 port 34346 Sep 16 08:26:02 localhost sshd\[9892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.188 Sep 16 08:26:04 localhost sshd\[9892\]: Failed password for invalid user felipe from 42.247.30.188 port 34346 ssh2 ...	2019-09-16 19:56:11
42.247.30.176	attack	Sep 15 19:30:05 xtremcommunity sshd\[124643\]: Invalid user webalizer from 42.247.30.176 port 41632 Sep 15 19:30:05 xtremcommunity sshd\[124643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.176 Sep 15 19:30:07 xtremcommunity sshd\[124643\]: Failed password for invalid user webalizer from 42.247.30.176 port 41632 ssh2 Sep 15 19:34:47 xtremcommunity sshd\[124740\]: Invalid user bpadmin from 42.247.30.176 port 53968 Sep 15 19:34:47 xtremcommunity sshd\[124740\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.176 ...	2019-09-16 11:51:01
42.247.30.164	attackspam	Sep 15 17:42:04 www sshd\[78802\]: Invalid user boomi from 42.247.30.164 Sep 15 17:42:04 www sshd\[78802\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.164 Sep 15 17:42:05 www sshd\[78802\]: Failed password for invalid user boomi from 42.247.30.164 port 32768 ssh2 ...	2019-09-15 22:51:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.247.30.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14646
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.247.30.132.			IN	A

;; AUTHORITY SECTION:
.			228	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100901 1800 900 604800 86400

;; Query time: 126 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 10 04:43:51 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 132.30.247.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 132.30.247.42.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
119.29.216.238	attackspam	Jul 25 12:49:15 game-panel sshd[381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.216.238 Jul 25 12:49:17 game-panel sshd[381]: Failed password for invalid user download from 119.29.216.238 port 50784 ssh2 Jul 25 12:53:31 game-panel sshd[590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.216.238	2020-07-25 20:59:02
220.132.35.144	attack	Unauthorized connection attempt detected from IP address 220.132.35.144 to port 80	2020-07-25 20:50:57
36.74.100.14	attack	Unauthorized connection attempt detected from IP address 36.74.100.14 to port 8080	2020-07-25 20:46:54
186.46.45.62	attack	Unauthorized connection attempt detected from IP address 186.46.45.62 to port 23	2020-07-25 20:28:20
223.155.155.29	attack	Unauthorized connection attempt detected from IP address 223.155.155.29 to port 5555	2020-07-25 20:49:36
186.251.169.14	attack	Unauthorized connection attempt detected from IP address 186.251.169.14 to port 445	2020-07-25 20:27:44
59.153.235.242	attackspam	Unauthorized connection attempt detected from IP address 59.153.235.242 to port 445	2020-07-25 21:05:45
27.184.248.120	attack	Unauthorized connection attempt detected from IP address 27.184.248.120 to port 23	2020-07-25 20:47:24
69.197.161.210	attack	Unauthorized connection attempt detected from IP address 69.197.161.210 to port 3389	2020-07-25 21:05:06
42.63.69.70	attackspambots	Unauthorized connection attempt detected from IP address 42.63.69.70 to port 23	2020-07-25 20:46:14
123.194.187.92	attackspambots	Unauthorized connection attempt detected from IP address 123.194.187.92 to port 85	2020-07-25 20:34:01
1.165.95.229	attackbots	Unauthorized connection attempt detected from IP address 1.165.95.229 to port 23	2020-07-25 20:48:59
92.19.86.100	attackbots	Unauthorized connection attempt detected from IP address 92.19.86.100 to port 23	2020-07-25 20:39:12
121.185.27.141	attackspam	Unauthorized connection attempt detected from IP address 121.185.27.141 to port 5555	2020-07-25 20:58:46
175.138.190.218	attackbots	Unauthorized connection attempt detected from IP address 175.138.190.218 to port 81	2020-07-25 20:30:04

最近上报的IP列表

217.12.84.142	188.3.62.18	117.62.57.53	125.9.184.66
189.69.87.214	190.228.247.213	81.174.44.110	51.79.99.106
222.93.65.53	61.223.21.178	115.70.184.65	118.136.113.168
49.72.20.46	118.46.113.89	170.80.225.226	92.38.178.57
77.42.127.228	48.241.224.140	104.203.86.235	24.148.213.234