42.5.254.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Unicom Liaoning Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Port Scan: TCP/23	2019-09-14 13:51:56

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.5.254.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32576
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.5.254.2.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 14 13:51:46 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

Host 2.254.5.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.254.5.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
167.99.77.94	attackbotsspam	Sep 14 03:24:27 vlre-nyc-1 sshd\[1090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.77.94 user=root Sep 14 03:24:29 vlre-nyc-1 sshd\[1090\]: Failed password for root from 167.99.77.94 port 46062 ssh2 Sep 14 03:28:59 vlre-nyc-1 sshd\[1243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.77.94 user=root Sep 14 03:29:02 vlre-nyc-1 sshd\[1243\]: Failed password for root from 167.99.77.94 port 56626 ssh2 Sep 14 03:34:17 vlre-nyc-1 sshd\[1442\]: Invalid user oracle from 167.99.77.94 Sep 14 03:34:17 vlre-nyc-1 sshd\[1442\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.77.94 ...	2020-09-14 14:10:00
153.101.199.106	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-14 13:52:02
117.69.188.17	attackspam	Sep 13 20:36:33 srv01 postfix/smtpd\[8700\]: warning: unknown\[117.69.188.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 20:39:59 srv01 postfix/smtpd\[23344\]: warning: unknown\[117.69.188.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 20:43:25 srv01 postfix/smtpd\[15615\]: warning: unknown\[117.69.188.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 20:46:51 srv01 postfix/smtpd\[15615\]: warning: unknown\[117.69.188.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 20:50:17 srv01 postfix/smtpd\[14316\]: warning: unknown\[117.69.188.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-14 13:46:55
185.147.215.14	attackspam	[2020-09-14 01:11:14] NOTICE[1239] chan_sip.c: Registration from '' failed for '185.147.215.14:56354' - Wrong password [2020-09-14 01:11:14] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-14T01:11:14.954-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="308",SessionID="0x7f4d480d6c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.14/56354",Challenge="4ac01ed7",ReceivedChallenge="4ac01ed7",ReceivedHash="721dc7c5b4473b6766a0fd7bb4ce3624" [2020-09-14 01:16:27] NOTICE[1239] chan_sip.c: Registration from '' failed for '185.147.215.14:63227' - Wrong password [2020-09-14 01:16:27] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-14T01:16:27.177-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1103",SessionID="0x7f4d480d6c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215. ...	2020-09-14 13:40:05
140.143.19.144	attack	Invalid user support from 140.143.19.144 port 36436	2020-09-14 14:04:55
51.77.137.230	attackbots	Invalid user gtaserver from 51.77.137.230 port 53548	2020-09-14 13:35:28
178.33.212.220	attackspambots	Sep 14 04:09:19 db sshd[24899]: Invalid user sinusbot from 178.33.212.220 port 34122 ...	2020-09-14 13:56:53
138.68.253.149	attack	2020-09-13T21:40:20.298077server.mjenks.net sshd[1070025]: Failed password for root from 138.68.253.149 port 58496 ssh2 2020-09-13T21:43:47.149651server.mjenks.net sshd[1070422]: Invalid user admin from 138.68.253.149 port 36496 2020-09-13T21:43:47.156741server.mjenks.net sshd[1070422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.253.149 2020-09-13T21:43:47.149651server.mjenks.net sshd[1070422]: Invalid user admin from 138.68.253.149 port 36496 2020-09-13T21:43:49.517610server.mjenks.net sshd[1070422]: Failed password for invalid user admin from 138.68.253.149 port 36496 ssh2 ...	2020-09-14 13:59:52
222.186.30.76	attackbots	2020-09-14T07:21:44.709090vps773228.ovh.net sshd[24019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-09-14T07:21:46.427610vps773228.ovh.net sshd[24019]: Failed password for root from 222.186.30.76 port 30094 ssh2 2020-09-14T07:21:44.709090vps773228.ovh.net sshd[24019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-09-14T07:21:46.427610vps773228.ovh.net sshd[24019]: Failed password for root from 222.186.30.76 port 30094 ssh2 2020-09-14T07:21:48.304341vps773228.ovh.net sshd[24019]: Failed password for root from 222.186.30.76 port 30094 ssh2 ...	2020-09-14 13:36:04
169.239.108.52	attackspam	Unauthorised access (Sep 13) SRC=169.239.108.52 LEN=52 PREC=0x20 TTL=115 ID=619 DF TCP DPT=445 WINDOW=8192 SYN	2020-09-14 13:49:34
222.186.42.155	attack	Sep 14 01:59:08 ny01 sshd[29667]: Failed password for root from 222.186.42.155 port 24448 ssh2 Sep 14 01:59:30 ny01 sshd[29717]: Failed password for root from 222.186.42.155 port 13366 ssh2 Sep 14 01:59:32 ny01 sshd[29717]: Failed password for root from 222.186.42.155 port 13366 ssh2	2020-09-14 14:00:40
212.33.199.172	attackbots	Time: Mon Sep 14 05:11:09 2020 +0000 IP: 212.33.199.172 (IR/Iran/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 14 05:10:37 ca-37-ams1 sshd[20648]: Did not receive identification string from 212.33.199.172 port 45378 Sep 14 05:10:47 ca-37-ams1 sshd[20662]: Invalid user ansible from 212.33.199.172 port 55950 Sep 14 05:10:49 ca-37-ams1 sshd[20662]: Failed password for invalid user ansible from 212.33.199.172 port 55950 ssh2 Sep 14 05:11:03 ca-37-ams1 sshd[20665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.33.199.172 user=root Sep 14 05:11:05 ca-37-ams1 sshd[20665]: Failed password for root from 212.33.199.172 port 38830 ssh2	2020-09-14 13:39:28
144.217.89.55	attackspambots	Sep 13 19:27:58 wbs sshd\[15595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.89.55 user=root Sep 13 19:28:00 wbs sshd\[15595\]: Failed password for root from 144.217.89.55 port 38558 ssh2 Sep 13 19:32:10 wbs sshd\[16000\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.89.55 user=root Sep 13 19:32:13 wbs sshd\[16000\]: Failed password for root from 144.217.89.55 port 51790 ssh2 Sep 13 19:36:29 wbs sshd\[16408\]: Invalid user mzouhery from 144.217.89.55	2020-09-14 13:44:23
174.138.27.165	attack	leo_www	2020-09-14 13:50:45
194.180.224.130	attackbots	DATE:2020-09-14 08:03:52, IP:194.180.224.130, PORT:ssh SSH brute force auth on honeypot server (honey-neo-dc)	2020-09-14 14:05:41

最近上报的IP列表

66.63.24.217	35.211.203.32	195.224.22.116	192.3.209.227
191.55.205.235	179.110.247.46	177.221.76.156	177.106.141.8
176.36.49.215	203.244.189.106	161.11.225.56	59.129.253.225
156.211.146.38	131.148.26.74	119.249.2.235	119.54.237.150
119.28.32.216	115.59.131.190	112.241.101.125	111.250.141.192