42.5.201.212 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Unicom Liaoning Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorised access (Aug 25) SRC=42.5.201.212 LEN=40 TTL=46 ID=64425 TCP DPT=8080 WINDOW=47336 SYN Unauthorised access (Aug 25) SRC=42.5.201.212 LEN=40 TTL=46 ID=22637 TCP DPT=8080 WINDOW=47336 SYN	2020-08-25 19:58:15

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.5.201.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22520
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.5.201.212.			IN	A

;; AUTHORITY SECTION:
.			546	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082500 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 25 19:58:12 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 212.201.5.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 212.201.5.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
180.168.16.6	attackspambots	Sep 23 05:24:20 XXX sshd[32228]: Invalid user snatch from 180.168.16.6 port 14466	2019-09-23 17:11:08
116.196.115.156	attackbotsspam	Sep 23 10:33:12 zeus postfix/smtpd\[29868\]: warning: unknown\[116.196.115.156\]: SASL LOGIN authentication failed: authentication failure Sep 23 10:33:15 zeus postfix/smtpd\[29868\]: warning: unknown\[116.196.115.156\]: SASL LOGIN authentication failed: authentication failure Sep 23 10:33:20 zeus postfix/smtpd\[29868\]: warning: unknown\[116.196.115.156\]: SASL LOGIN authentication failed: authentication failure ...	2019-09-23 17:05:37
185.36.81.250	attack	Rude login attack (4 tries in 1d)	2019-09-23 17:11:51
210.14.77.102	attackbotsspam	Sep 23 11:34:00 server sshd\[30352\]: Invalid user qsvr from 210.14.77.102 port 33417 Sep 23 11:34:00 server sshd\[30352\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.14.77.102 Sep 23 11:34:02 server sshd\[30352\]: Failed password for invalid user qsvr from 210.14.77.102 port 33417 ssh2 Sep 23 11:37:16 server sshd\[8977\]: Invalid user admin from 210.14.77.102 port 39632 Sep 23 11:37:16 server sshd\[8977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.14.77.102	2019-09-23 16:50:55
88.249.28.226	attack	Connection by 88.249.28.226 on port: 8000 got caught by honeypot at 9/22/2019 8:52:40 PM	2019-09-23 16:44:58
43.241.145.108	attackbots	Sep 23 14:18:11 areeb-Workstation sshd[7958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.241.145.108 Sep 23 14:18:14 areeb-Workstation sshd[7958]: Failed password for invalid user aman from 43.241.145.108 port 55355 ssh2 ...	2019-09-23 17:01:02
79.155.112.192	attackspam	Sep 23 07:43:27 vmanager6029 sshd\[25182\]: Invalid user netgate from 79.155.112.192 port 58338 Sep 23 07:43:27 vmanager6029 sshd\[25182\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.155.112.192 Sep 23 07:43:29 vmanager6029 sshd\[25182\]: Failed password for invalid user netgate from 79.155.112.192 port 58338 ssh2	2019-09-23 17:18:13
181.55.94.162	attackspam	$f2bV_matches	2019-09-23 16:54:10
106.13.93.161	attackspambots	$f2bV_matches	2019-09-23 16:42:54
84.217.109.6	attackbots	Sep 22 20:00:21 auw2 sshd\[28256\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84-217-109-6.customers.ownit.se user=root Sep 22 20:00:23 auw2 sshd\[28256\]: Failed password for root from 84.217.109.6 port 34018 ssh2 Sep 22 20:05:02 auw2 sshd\[28676\]: Invalid user fr from 84.217.109.6 Sep 22 20:05:02 auw2 sshd\[28676\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84-217-109-6.customers.ownit.se Sep 22 20:05:03 auw2 sshd\[28676\]: Failed password for invalid user fr from 84.217.109.6 port 46072 ssh2	2019-09-23 16:49:13
54.36.180.236	attack	2019-09-23T05:57:32.273857hub.schaetter.us sshd\[19028\]: Invalid user marinho from 54.36.180.236 2019-09-23T05:57:32.306669hub.schaetter.us sshd\[19028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=236.ip-54-36-180.eu 2019-09-23T05:57:34.449455hub.schaetter.us sshd\[19028\]: Failed password for invalid user marinho from 54.36.180.236 port 51036 ssh2 2019-09-23T06:01:07.207294hub.schaetter.us sshd\[19074\]: Invalid user rowenta from 54.36.180.236 2019-09-23T06:01:07.245600hub.schaetter.us sshd\[19074\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=236.ip-54-36-180.eu ...	2019-09-23 17:10:45
117.48.208.124	attackbotsspam	Sep 22 19:48:29 hanapaa sshd\[4697\]: Invalid user oracle from 117.48.208.124 Sep 22 19:48:29 hanapaa sshd\[4697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.208.124 Sep 22 19:48:31 hanapaa sshd\[4697\]: Failed password for invalid user oracle from 117.48.208.124 port 41672 ssh2 Sep 22 19:51:54 hanapaa sshd\[5712\]: Invalid user edna from 117.48.208.124 Sep 22 19:51:54 hanapaa sshd\[5712\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.208.124	2019-09-23 17:01:51
31.163.173.52	attack	Sep 23 05:40:08 h2177944 kernel: \[2086338.097964\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=31.163.173.52 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=40099 PROTO=TCP SPT=14780 DPT=23 WINDOW=11180 RES=0x00 SYN URGP=0 Sep 23 05:40:08 h2177944 kernel: \[2086338.118062\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=31.163.173.52 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=40099 PROTO=TCP SPT=14780 DPT=23 WINDOW=11180 RES=0x00 SYN URGP=0 Sep 23 05:40:08 h2177944 kernel: \[2086338.131193\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=31.163.173.52 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=40099 PROTO=TCP SPT=14780 DPT=23 WINDOW=11180 RES=0x00 SYN URGP=0 Sep 23 05:40:08 h2177944 kernel: \[2086338.144428\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=31.163.173.52 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=40099 PROTO=TCP SPT=14780 DPT=23 WINDOW=11180 RES=0x00 SYN URGP=0 Sep 23 05:52:48 h2177944 kernel: \[2087097.859168\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=31.163.173.52 DST=85.214.117.9 LEN=40	2019-09-23 16:39:14
218.92.0.192	attackbots	Sep 23 01:46:00 debian sshd[9426]: Unable to negotiate with 218.92.0.192 port 50434: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 23 01:46:47 debian sshd[9428]: Unable to negotiate with 218.92.0.192 port 16979: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] ...	2019-09-23 16:44:11
192.42.116.13	attackspambots	www.blogonese.net 192.42.116.13 \[23/Sep/2019:05:51:54 +0200\] "POST /xmlrpc.php HTTP/1.0" 301 493 "-" "Mozilla/5.0 $iPad\; CPU OS 11_4_1 like Mac OS X$ AppleWebKit/605.1.15 $KHTML, like Gecko$ Version/11.0 Mobile/15E148 Safari/604.1" blogonese.net 192.42.116.13 \[23/Sep/2019:05:51:55 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 3777 "-" "Mozilla/5.0 $iPad\; CPU OS 11_4_1 like Mac OS X$ AppleWebKit/605.1.15 $KHTML, like Gecko$ Version/11.0 Mobile/15E148 Safari/604.1"	2019-09-23 17:12:41

最近上报的IP列表

108.138.45.18	92.52.98.62	150.89.161.214	217.252.173.59
253.143.136.52	18.23.249.239	194.44.20.78	255.29.219.149
190.76.8.184	64.85.66.206	53.132.0.52	203.43.140.244
181.149.243.63	234.173.178.57	134.116.254.157	122.175.196.98
41.209.104.129	45.148.10.11	61.220.28.250	109.96.62.117