42.52.103.231 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Unicom Liaoning Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorised access (Aug 29) SRC=42.52.103.231 LEN=44 TTL=49 ID=48710 TCP DPT=8080 WINDOW=65082 SYN	2019-08-29 20:27:25

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.52.103.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1257
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.52.103.231.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 29 20:27:18 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 231.103.52.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 231.103.52.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
132.148.25.34	attack	xmlrpc attack	2019-08-31 20:18:24
40.125.172.86	attackspambots	Aug 31 15:10:52 yabzik sshd[24320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.125.172.86 Aug 31 15:10:54 yabzik sshd[24320]: Failed password for invalid user redbot from 40.125.172.86 port 1088 ssh2 Aug 31 15:14:45 yabzik sshd[25538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.125.172.86	2019-08-31 20:20:31
142.93.71.94	attack	Aug 31 01:53:55 hcbb sshd\[13774\]: Invalid user admin from 142.93.71.94 Aug 31 01:53:55 hcbb sshd\[13774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.71.94 Aug 31 01:53:57 hcbb sshd\[13774\]: Failed password for invalid user admin from 142.93.71.94 port 52650 ssh2 Aug 31 01:58:05 hcbb sshd\[14175\]: Invalid user wellington from 142.93.71.94 Aug 31 01:58:05 hcbb sshd\[14175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.71.94	2019-08-31 20:38:05
116.21.133.180	attackbots	Aug 31 14:46:17 plex sshd[16050]: Invalid user nbsuser from 116.21.133.180 port 32038	2019-08-31 21:07:43
80.19.251.89	attackbotsspam	DATE:2019-08-31 13:41:53, IP:80.19.251.89, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-08-31 20:32:52
80.82.64.127	attackspam	08/31/2019-08:45:06.711464 80.82.64.127 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 83	2019-08-31 20:57:02
159.148.4.235	attack	Aug 31 12:26:58 web8 sshd\[3736\]: Invalid user oz from 159.148.4.235 Aug 31 12:26:58 web8 sshd\[3736\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.148.4.235 Aug 31 12:27:00 web8 sshd\[3736\]: Failed password for invalid user oz from 159.148.4.235 port 50702 ssh2 Aug 31 12:31:18 web8 sshd\[5793\]: Invalid user kapil from 159.148.4.235 Aug 31 12:31:18 web8 sshd\[5793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.148.4.235	2019-08-31 20:34:06
195.154.102.244	attackbots	www.goldgier.de 195.154.102.244 \[31/Aug/2019:13:42:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 8728 "-" "Mozilla/5.0 $Windows NT 6.1\; WOW64\; rv:61.0.1$ Gecko/20120101 Firefox/61.0.1" www.goldgier.de 195.154.102.244 \[31/Aug/2019:13:42:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 8728 "-" "Mozilla/5.0 $Windows NT 6.1\; WOW64\; rv:61.0.1$ Gecko/20120101 Firefox/61.0.1"	2019-08-31 20:21:15
2.136.131.36	attack	Aug 31 02:12:28 kapalua sshd\[20260\]: Invalid user shakira from 2.136.131.36 Aug 31 02:12:28 kapalua sshd\[20260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.red-2-136-131.staticip.rima-tde.net Aug 31 02:12:30 kapalua sshd\[20260\]: Failed password for invalid user shakira from 2.136.131.36 port 56188 ssh2 Aug 31 02:16:51 kapalua sshd\[20602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.red-2-136-131.staticip.rima-tde.net user=root Aug 31 02:16:53 kapalua sshd\[20602\]: Failed password for root from 2.136.131.36 port 45090 ssh2	2019-08-31 20:17:16
124.41.211.27	attackbotsspam	2019-08-31T12:19:55.221846abusebot-5.cloudsearch.cf sshd\[23727\]: Invalid user zs from 124.41.211.27 port 44454	2019-08-31 20:20:56
192.99.245.135	attack	$f2bV_matches	2019-08-31 20:46:08
96.73.98.33	attackbotsspam	Aug 31 02:34:15 php1 sshd\[17335\]: Invalid user www from 96.73.98.33 Aug 31 02:34:15 php1 sshd\[17335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.73.98.33 Aug 31 02:34:17 php1 sshd\[17335\]: Failed password for invalid user www from 96.73.98.33 port 7292 ssh2 Aug 31 02:38:02 php1 sshd\[17730\]: Invalid user marje from 96.73.98.33 Aug 31 02:38:02 php1 sshd\[17730\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.73.98.33	2019-08-31 20:59:07
46.105.124.52	attackbots	Aug 31 14:24:32 SilenceServices sshd[23265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.124.52 Aug 31 14:24:34 SilenceServices sshd[23265]: Failed password for invalid user kkamja from 46.105.124.52 port 39249 ssh2 Aug 31 14:30:45 SilenceServices sshd[25713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.124.52	2019-08-31 20:50:49
103.72.163.222	attackbotsspam	Aug 31 08:09:24 TORMINT sshd\[27905\]: Invalid user terrariaserver from 103.72.163.222 Aug 31 08:09:24 TORMINT sshd\[27905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.72.163.222 Aug 31 08:09:26 TORMINT sshd\[27905\]: Failed password for invalid user terrariaserver from 103.72.163.222 port 56929 ssh2 ...	2019-08-31 20:55:16
51.83.69.78	attack	Aug 31 08:44:03 plusreed sshd[25584]: Invalid user testuser from 51.83.69.78 ...	2019-08-31 20:45:39

最近上报的IP列表

118.163.245.230	62.47.139.163	187.227.89.175	159.118.178.113
60.13.88.207	11.181.170.122	176.197.19.250	14.142.182.199
65.190.101.247	226.48.53.4	251.231.195.52	212.64.38.37
251.90.108.105	175.52.249.129	7.164.189.254	45.164.23.104
143.13.72.78	8.17.112.220	179.237.125.143	13.174.191.234