42.82.125.180 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea, Republic of

运营商(isp): CJ Hello Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 42.82.125.180 to port 23 [J]	2020-01-19 19:19:42
attackspam	Unauthorized connection attempt detected from IP address 42.82.125.180 to port 81 [T]	2020-01-08 23:57:26

相同子网IP讨论:

IP	类型	评论内容	时间
42.82.125.188	attackspam	Honeypot attack, port: 81, PTR: PTR record not found	2020-01-20 02:16:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.82.125.180
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22584
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.82.125.180.			IN	A

;; AUTHORITY SECTION:
.			235	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010800 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 08 23:57:19 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 180.125.82.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 180.125.82.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
196.52.43.57	attack	" "	2019-07-06 15:13:19
128.199.149.61	attackspam	detected by Fail2Ban	2019-07-06 15:11:18
103.78.180.252	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-06 15:10:29
174.138.56.93	attack	Jul 6 07:53:18 mail sshd\[31291\]: Invalid user admin from 174.138.56.93 port 54188 Jul 6 07:53:18 mail sshd\[31291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.56.93 ...	2019-07-06 15:03:26
198.50.150.83	attackbots	$f2bV_matches	2019-07-06 15:31:39
180.182.62.156	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-06 15:29:00
168.228.149.132	attackspambots	failed_logins	2019-07-06 14:40:36
186.251.162.152	attackspambots	Brute force attempt	2019-07-06 14:51:41
94.195.80.59	attack	2019-07-03 18:03:04 H=5ec3503b.skybroadband.com [94.195.80.59]:7865 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=94.195.80.59) 2019-07-03 18:03:05 unexpected disconnection while reading SMTP command from 5ec3503b.skybroadband.com [94.195.80.59]:7865 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-03 18:52:10 H=5ec3503b.skybroadband.com [94.195.80.59]:32459 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=94.195.80.59) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.195.80.59	2019-07-06 15:01:00
79.111.123.46	attackbotsspam	[portscan] Port scan	2019-07-06 14:58:01
41.140.175.223	attackbots	Jul 3 18:42:07 riskplan-s sshd[8268]: Invalid user stpi from 41.140.175.223 Jul 3 18:42:07 riskplan-s sshd[8268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.140.175.223 Jul 3 18:42:09 riskplan-s sshd[8268]: Failed password for invalid user stpi from 41.140.175.223 port 33178 ssh2 Jul 3 18:42:09 riskplan-s sshd[8268]: Received disconnect from 41.140.175.223: 11: Bye Bye [preauth] Jul 3 18:46:32 riskplan-s sshd[8319]: Invalid user admin from 41.140.175.223 Jul 3 18:46:32 riskplan-s sshd[8319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.140.175.223 Jul 3 18:46:34 riskplan-s sshd[8319]: Failed password for invalid user admin from 41.140.175.223 port 52743 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.140.175.223	2019-07-06 14:51:20
171.235.50.173	attackspambots	Honeypot attack, port: 445, PTR: dynamic-ip-adsl.viettel.vn.	2019-07-06 15:23:18
91.185.57.22	attackbots	Honeypot attack, port: 23, PTR: 91-185-57-22-irk.cust.dsi.ru.	2019-07-06 15:12:21
144.140.214.68	attackspam	Feb 3 13:58:43 vtv3 sshd\[2685\]: Invalid user gogs from 144.140.214.68 port 45229 Feb 3 13:58:43 vtv3 sshd\[2685\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.140.214.68 Feb 3 13:58:44 vtv3 sshd\[2685\]: Failed password for invalid user gogs from 144.140.214.68 port 45229 ssh2 Feb 3 14:04:55 vtv3 sshd\[4444\]: Invalid user dnslog from 144.140.214.68 port 33130 Feb 3 14:04:55 vtv3 sshd\[4444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.140.214.68 Feb 21 12:18:29 vtv3 sshd\[8389\]: Invalid user ubuntu from 144.140.214.68 port 39636 Feb 21 12:18:29 vtv3 sshd\[8389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.140.214.68 Feb 21 12:18:31 vtv3 sshd\[8389\]: Failed password for invalid user ubuntu from 144.140.214.68 port 39636 ssh2 Feb 21 12:26:35 vtv3 sshd\[10935\]: Invalid user test from 144.140.214.68 port 34595 Feb 21 12:26:35 vtv3 sshd\[10935\]: pam_	2019-07-06 14:44:17
114.239.174.26	attackspam	" "	2019-07-06 14:49:19

最近上报的IP列表

121.121.94.128	116.255.167.28	116.53.19.181	114.226.218.43
113.58.231.111	101.205.156.104	61.166.67.14	194.154.249.102
229.77.106.215	224.165.250.145	200.43.71.64	185.97.116.54
49.70.233.132	38.102.230.77	47.98.148.136	26.76.236.218
42.117.213.50	39.74.233.82	31.134.16.13	14.241.57.61