42.52.135.152 - IPInfo

基本信息:

城市(city): Dandong

省份(region): Liaoning

国家(country): China

运营商(isp): Unicom Liaoning Province Network

主机名(hostname): unknown

机构(organization): CHINA UNICOM China169 Backbone

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorised access (Aug 11) SRC=42.52.135.152 LEN=40 TTL=49 ID=44258 TCP DPT=8080 WINDOW=40598 SYN	2019-08-12 00:17:49

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.52.135.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60838
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.52.135.152.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 12 00:17:32 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 152.135.52.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 152.135.52.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.234.28.109	attackspambots	Apr 23 06:59:57 ns381471 sshd[10707]: Failed password for root from 49.234.28.109 port 49016 ssh2	2020-04-23 14:14:28
198.108.66.237	attackspambots	Port scan(s) denied	2020-04-23 14:27:02
14.187.31.33	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-04-23 14:38:06
134.209.41.198	attackspambots	Port Scan detected from 134.209.41.198 (US/United States/California/Bakersfield/-). 4 hits in the last 175 seconds	2020-04-23 13:57:07
150.109.150.77	attack	Invalid user ch from 150.109.150.77 port 58424	2020-04-23 14:21:54
37.49.229.190	attack	[2020-04-23 02:15:19] NOTICE[1170][C-00003e80] chan_sip.c: Call from '' (37.49.229.190:16009) to extension '+48323395006' rejected because extension not found in context 'public'. [2020-04-23 02:15:19] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-23T02:15:19.719-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+48323395006",SessionID="0x7f6c08341c08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.229.190/5060",ACLName="no_extension_match" [2020-04-23 02:16:30] NOTICE[1170][C-00003e83] chan_sip.c: Call from '' (37.49.229.190:26938) to extension '+48323395006' rejected because extension not found in context 'public'. [2020-04-23 02:16:30] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-23T02:16:30.322-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+48323395006",SessionID="0x7f6c0817f3c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.229.190 ...	2020-04-23 14:26:02
49.234.61.180	attack	Apr 23 10:43:22 gw1 sshd[31133]: Failed password for root from 49.234.61.180 port 49742 ssh2 ...	2020-04-23 14:21:11
202.191.200.227	attack	$f2bV_matches	2020-04-23 14:13:32
103.40.25.203	attack	Apr 22 19:57:24 hpm sshd\[10095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.40.25.203 user=root Apr 22 19:57:27 hpm sshd\[10095\]: Failed password for root from 103.40.25.203 port 42628 ssh2 Apr 22 20:03:18 hpm sshd\[10472\]: Invalid user admin from 103.40.25.203 Apr 22 20:03:18 hpm sshd\[10472\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.40.25.203 Apr 22 20:03:20 hpm sshd\[10472\]: Failed password for invalid user admin from 103.40.25.203 port 47878 ssh2	2020-04-23 14:28:51
51.77.140.36	attack	Apr 23 07:57:07 host sshd[41637]: Invalid user ubuntu from 51.77.140.36 port 49836 ...	2020-04-23 14:19:55
118.25.21.176	attack	Invalid user ki from 118.25.21.176 port 33388	2020-04-23 14:16:22
27.154.242.142	attackspambots	Invalid user oy from 27.154.242.142 port 26741	2020-04-23 14:22:52
95.110.248.243	attackbotsspam	Invalid user testserver from 95.110.248.243 port 44917	2020-04-23 14:04:15
132.148.28.167	attackbots	132.148.28.167 - - \[23/Apr/2020:05:53:29 +0200\] "POST /wp-login.php HTTP/1.0" 200 6384 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 132.148.28.167 - - \[23/Apr/2020:05:53:33 +0200\] "POST /wp-login.php HTTP/1.0" 200 6251 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 132.148.28.167 - - \[23/Apr/2020:05:53:35 +0200\] "POST /wp-login.php HTTP/1.0" 200 6247 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-04-23 14:21:28
188.166.68.8	attack	Port scan(s) denied	2020-04-23 14:01:30

最近上报的IP列表

86.239.15.129	215.55.232.53	27.210.206.14	159.100.80.246
118.200.218.232	90.205.150.234	123.222.143.88	93.81.82.122
179.110.217.203	147.161.128.82	67.144.57.152	168.95.116.29
78.134.61.236	120.83.142.158	183.80.130.121	81.71.186.171
124.95.101.126	183.129.102.82	188.7.91.70	212.253.24.219