42.5.110.107 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Unicom Liaoning Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 28 06:29:35 * sshd[340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.5.110.107 Aug 28 06:29:38 * sshd[340]: Failed password for invalid user usuario from 42.5.110.107 port 33407 ssh2	2019-08-28 12:52:23

类型

评论内容

时间

attack

Aug 28 06:29:35 * sshd[340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.5.110.107
Aug 28 06:29:38 * sshd[340]: Failed password for invalid user usuario from 42.5.110.107 port 33407 ssh2

2019-08-28 12:52:23

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.5.110.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62472
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.5.110.107.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 28 12:51:50 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 107.110.5.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 107.110.5.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
121.189.198.135	attackbotsspam	TCP Port Scanning	2020-02-24 18:15:20
222.186.173.154	attackspambots	Feb 24 09:32:59 game-panel sshd[25336]: Failed password for root from 222.186.173.154 port 23462 ssh2 Feb 24 09:33:03 game-panel sshd[25336]: Failed password for root from 222.186.173.154 port 23462 ssh2 Feb 24 09:33:12 game-panel sshd[25336]: error: maximum authentication attempts exceeded for root from 222.186.173.154 port 23462 ssh2 [preauth]	2020-02-24 17:41:44
86.57.254.129	attackbotsspam	Unauthorized connection attempt detected from IP address 86.57.254.129 to port 8080	2020-02-24 17:52:17
163.179.125.21	attackspambots	suspicious action Mon, 24 Feb 2020 01:49:10 -0300	2020-02-24 17:57:20
202.178.120.26	attack	Feb 24 05:48:16 server postfix/smtpd[12063]: NOQUEUE: reject: RCPT from unknown[202.178.120.26]: 554 5.7.1 Service unavailable; Client host [202.178.120.26] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/202.178.120.26; from= to= proto=SMTP helo=	2020-02-24 18:13:56
204.48.31.236	attackspambots	DATE:2020-02-24 07:55:11, IP:204.48.31.236, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-24 17:55:38
177.47.228.30	attackspambots	suspicious action Mon, 24 Feb 2020 01:49:15 -0300	2020-02-24 17:54:13
207.180.214.168	attackbots	[portscan] tcp/22 [SSH] in blocklist.de:'listed [ssh]' *(RWIN=65535)(02241156)	2020-02-24 17:46:45
176.212.96.3	attackspambots	unauthorized connection attempt	2020-02-24 18:01:54
2.59.119.39	attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-02-24 18:04:30
183.80.183.192	attack	MIRAI HOST Sun Feb 23 21:49:48 2020 - Child process 223029 handling connection Sun Feb 23 21:49:48 2020 - New connection from: 183.80.183.192:33011 Sun Feb 23 21:49:48 2020 - Sending data to client: [Login: ] Sun Feb 23 21:49:49 2020 - Got data: admin Sun Feb 23 21:49:50 2020 - Sending data to client: [Password: ] Sun Feb 23 21:49:50 2020 - Got data: 54321 Sun Feb 23 21:49:52 2020 - Child 223033 granting shell Sun Feb 23 21:49:52 2020 - Child 223029 exiting Sun Feb 23 21:49:52 2020 - Sending data to client: [Logged in] Sun Feb 23 21:49:52 2020 - Sending data to client: [Welcome to MX990 Embedded Linux] Sun Feb 23 21:49:52 2020 - Sending data to client: [[root@dvrdvs /]# ] Sun Feb 23 21:49:52 2020 - Got data: enable system shell sh Sun Feb 23 21:49:52 2020 - Sending data to client: [Command not found] Sun Feb 23 21:49:53 2020 - Sending data to client: [[root@dvrdvs /]# ] Sun Feb 23 21:49:53 2020 - Got data: cat /proc/mounts; /bin/busybox ESGMI Sun Feb 23 21:49:53 2020 - Sending data to clie	2020-02-24 17:44:06
185.137.233.164	attack	Feb 24 05:42:35 [host] kernel: [5718159.653333] [U Feb 24 05:44:39 [host] kernel: [5718284.360108] [U Feb 24 05:44:55 [host] kernel: [5718299.609207] [U Feb 24 05:47:33 [host] kernel: [5718458.455298] [U Feb 24 05:48:26 [host] kernel: [5718510.607793] [U Feb 24 05:49:24 [host] kernel: [5718568.794802] [U	2020-02-24 17:50:00
39.36.85.238	attack	Port probing on unauthorized port 445	2020-02-24 18:10:23
188.4.75.167	attackspam	port scan and connect, tcp 80 (http)	2020-02-24 17:43:13
181.25.217.107	attackbots	1582519762 - 02/24/2020 05:49:22 Host: 181.25.217.107/181.25.217.107 Port: 445 TCP Blocked	2020-02-24 17:51:57

最近上报的IP列表

191.53.52.249	252.197.144.5	181.123.177.204	139.35.164.95
195.1.101.200	228.158.88.45	189.187.92.137	173.187.200.121
22.130.208.188	162.35.125.138	1.69.186.94	230.133.94.83
122.248.138.86	46.252.159.247	1.192.91.116	65.232.48.220
10.162.200.241	37.101.174.91	77.164.59.212	119.103.12.136