42.56.25.49 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Unicom Liaoning Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Sep 8 22:57:09 srv206 sshd[5615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.56.25.49 user=root Sep 8 22:57:11 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2 Sep 8 22:57:14 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2 Sep 8 22:57:09 srv206 sshd[5615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.56.25.49 user=root Sep 8 22:57:11 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2 Sep 8 22:57:14 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2 ...	2019-09-09 09:49:03

类型

评论内容

时间

attackbotsspam

Sep  8 22:57:09 srv206 sshd[5615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.56.25.49  user=root
Sep  8 22:57:11 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2
Sep  8 22:57:14 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2
Sep  8 22:57:09 srv206 sshd[5615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.56.25.49  user=root
Sep  8 22:57:11 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2
Sep  8 22:57:14 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2
...

2019-09-09 09:49:03

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.56.25.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9979
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.56.25.49.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 09 09:48:48 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 49.25.56.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 49.25.56.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
98.4.41.184	attackspambots	Automatic report - SSH Brute-Force Attack	2019-12-24 08:46:27
182.139.134.107	attackspam	$f2bV_matches	2019-12-24 08:48:29
190.41.173.219	attack	Dec 24 01:38:55 silence02 sshd[1420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.41.173.219 Dec 24 01:38:57 silence02 sshd[1420]: Failed password for invalid user baumberg from 190.41.173.219 port 47694 ssh2 Dec 24 01:43:57 silence02 sshd[4034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.41.173.219	2019-12-24 08:44:41
52.58.205.23	attack	Brute force RDP, port 3389	2019-12-24 09:06:38
182.61.190.228	attack	Dec 23 23:02:21 localhost sshd\[82131\]: Invalid user yenjhy from 182.61.190.228 port 57268 Dec 23 23:02:21 localhost sshd\[82131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.190.228 Dec 23 23:02:22 localhost sshd\[82131\]: Failed password for invalid user yenjhy from 182.61.190.228 port 57268 ssh2 Dec 23 23:04:40 localhost sshd\[82194\]: Invalid user server from 182.61.190.228 port 48026 Dec 23 23:04:40 localhost sshd\[82194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.190.228 ...	2019-12-24 08:56:00
157.230.248.89	attackspambots	157.230.248.89 - - \[23/Dec/2019:23:46:09 +0100\] "POST /wp-login.php HTTP/1.0" 200 6597 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 157.230.248.89 - - \[23/Dec/2019:23:46:11 +0100\] "POST /wp-login.php HTTP/1.0" 200 6410 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 157.230.248.89 - - \[23/Dec/2019:23:46:12 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-24 08:57:00
154.66.196.32	attack	2019-12-24T00:47:43.059265vps751288.ovh.net sshd\[14228\]: Invalid user fctrserver from 154.66.196.32 port 34296 2019-12-24T00:47:43.071863vps751288.ovh.net sshd\[14228\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=32.196.cloud.net.za 2019-12-24T00:47:45.155385vps751288.ovh.net sshd\[14228\]: Failed password for invalid user fctrserver from 154.66.196.32 port 34296 ssh2 2019-12-24T00:50:30.859269vps751288.ovh.net sshd\[14258\]: Invalid user mysql from 154.66.196.32 port 55380 2019-12-24T00:50:30.868069vps751288.ovh.net sshd\[14258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=32.196.cloud.net.za	2019-12-24 08:36:15
218.92.0.179	attackspambots	Dec 23 21:43:01 firewall sshd[27906]: Failed password for root from 218.92.0.179 port 65095 ssh2 Dec 23 21:43:10 firewall sshd[27906]: error: maximum authentication attempts exceeded for root from 218.92.0.179 port 65095 ssh2 [preauth] Dec 23 21:43:10 firewall sshd[27906]: Disconnecting: Too many authentication failures [preauth] ...	2019-12-24 08:47:01
177.47.39.254	attack	firewall-block, port(s): 2323/tcp	2019-12-24 09:05:01
123.136.161.146	attackspam	Dec 23 22:52:48 thevastnessof sshd[7632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.136.161.146 ...	2019-12-24 08:41:17
110.78.151.203	attack	1577141205 - 12/23/2019 23:46:45 Host: 110.78.151.203/110.78.151.203 Port: 445 TCP Blocked	2019-12-24 08:43:56
180.101.221.152	attackspam	Dec 24 00:07:18 localhost sshd\[7300\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.221.152 user=root Dec 24 00:07:20 localhost sshd\[7300\]: Failed password for root from 180.101.221.152 port 53316 ssh2 Dec 24 00:08:34 localhost sshd\[7477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.221.152 user=root	2019-12-24 08:49:23
185.176.27.178	attack	Dec 24 01:48:40 debian-2gb-nbg1-2 kernel: \[801263.204818\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=21176 PROTO=TCP SPT=44088 DPT=15725 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-24 08:58:05
46.105.124.219	attackspam	Dec 23 23:45:51 legacy sshd[3507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.124.219 Dec 23 23:45:53 legacy sshd[3507]: Failed password for invalid user qqqqqqqq from 46.105.124.219 port 37474 ssh2 Dec 23 23:47:07 legacy sshd[3547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.124.219 ...	2019-12-24 08:30:09
159.203.197.15	attackspambots	5631/tcp 7199/tcp 2380/tcp... [2019-10-25/12-23]49pkt,39pt.(tcp),2pt.(udp)	2019-12-24 09:08:01

最近上报的IP列表

217.165.51.94	52.39.80.22	183.78.195.54	209.10.97.210
103.1.222.171	162.50.53.211	187.162.28.67	218.241.227.196
169.61.23.13	114.32.27.145	61.48.179.142	132.66.72.236
58.142.118.115	188.136.250.118	189.244.51.19	87.229.42.62
185.98.225.15	221.41.255.122	83.183.91.239	110.247.171.150