52.116.42.243 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): SoftLayer Technologies Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Nov 1 01:52:00 www6-3 sshd[27212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.116.42.243 user=r.r Nov 1 01:52:01 www6-3 sshd[27212]: Failed password for r.r from 52.116.42.243 port 34154 ssh2 Nov 1 01:52:02 www6-3 sshd[27212]: Received disconnect from 52.116.42.243 port 34154:11: Bye Bye [preauth] Nov 1 01:52:02 www6-3 sshd[27212]: Disconnected from 52.116.42.243 port 34154 [preauth] Nov 1 02:02:11 www6-3 sshd[27927]: Invalid user shell from 52.116.42.243 port 38682 Nov 1 02:02:11 www6-3 sshd[27927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.116.42.243 Nov 1 02:02:13 www6-3 sshd[27927]: Failed password for invalid user shell from 52.116.42.243 port 38682 ssh2 Nov 1 02:02:13 www6-3 sshd[27927]: Received disconnect from 52.116.42.243 port 38682:11: Bye Bye [preauth] Nov 1 02:02:13 www6-3 sshd[27927]: Disconnected from 52.116.42.243 port 38682 [preauth] Nov 1 02:06:1........ -------------------------------	2019-11-03 06:31:47
attackbotsspam	Nov 1 01:52:00 www6-3 sshd[27212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.116.42.243 user=r.r Nov 1 01:52:01 www6-3 sshd[27212]: Failed password for r.r from 52.116.42.243 port 34154 ssh2 Nov 1 01:52:02 www6-3 sshd[27212]: Received disconnect from 52.116.42.243 port 34154:11: Bye Bye [preauth] Nov 1 01:52:02 www6-3 sshd[27212]: Disconnected from 52.116.42.243 port 34154 [preauth] Nov 1 02:02:11 www6-3 sshd[27927]: Invalid user shell from 52.116.42.243 port 38682 Nov 1 02:02:11 www6-3 sshd[27927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.116.42.243 Nov 1 02:02:13 www6-3 sshd[27927]: Failed password for invalid user shell from 52.116.42.243 port 38682 ssh2 Nov 1 02:02:13 www6-3 sshd[27927]: Received disconnect from 52.116.42.243 port 38682:11: Bye Bye [preauth] Nov 1 02:02:13 www6-3 sshd[27927]: Disconnected from 52.116.42.243 port 38682 [preauth] Nov 1 02:06:1........ -------------------------------	2019-11-01 20:50:50

类型

评论内容

时间

attackspambots

Nov  1 01:52:00 www6-3 sshd[27212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.116.42.243  user=r.r
Nov  1 01:52:01 www6-3 sshd[27212]: Failed password for r.r from 52.116.42.243 port 34154 ssh2
Nov  1 01:52:02 www6-3 sshd[27212]: Received disconnect from 52.116.42.243 port 34154:11: Bye Bye [preauth]
Nov  1 01:52:02 www6-3 sshd[27212]: Disconnected from 52.116.42.243 port 34154 [preauth]
Nov  1 02:02:11 www6-3 sshd[27927]: Invalid user shell from 52.116.42.243 port 38682
Nov  1 02:02:11 www6-3 sshd[27927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.116.42.243
Nov  1 02:02:13 www6-3 sshd[27927]: Failed password for invalid user shell from 52.116.42.243 port 38682 ssh2
Nov  1 02:02:13 www6-3 sshd[27927]: Received disconnect from 52.116.42.243 port 38682:11: Bye Bye [preauth]
Nov  1 02:02:13 www6-3 sshd[27927]: Disconnected from 52.116.42.243 port 38682 [preauth]
Nov  1 02:06:1........
-------------------------------

2019-11-03 06:31:47

attackbotsspam

Nov  1 01:52:00 www6-3 sshd[27212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.116.42.243  user=r.r
Nov  1 01:52:01 www6-3 sshd[27212]: Failed password for r.r from 52.116.42.243 port 34154 ssh2
Nov  1 01:52:02 www6-3 sshd[27212]: Received disconnect from 52.116.42.243 port 34154:11: Bye Bye [preauth]
Nov  1 01:52:02 www6-3 sshd[27212]: Disconnected from 52.116.42.243 port 34154 [preauth]
Nov  1 02:02:11 www6-3 sshd[27927]: Invalid user shell from 52.116.42.243 port 38682
Nov  1 02:02:11 www6-3 sshd[27927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.116.42.243
Nov  1 02:02:13 www6-3 sshd[27927]: Failed password for invalid user shell from 52.116.42.243 port 38682 ssh2
Nov  1 02:02:13 www6-3 sshd[27927]: Received disconnect from 52.116.42.243 port 38682:11: Bye Bye [preauth]
Nov  1 02:02:13 www6-3 sshd[27927]: Disconnected from 52.116.42.243 port 38682 [preauth]
Nov  1 02:06:1........
-------------------------------

2019-11-01 20:50:50

相同子网IP讨论:

IP	类型	评论内容	时间
52.116.42.247	attackspam	Oct 30 04:46:08 minden010 sshd[12430]: Failed password for root from 52.116.42.247 port 43636 ssh2 Oct 30 04:51:52 minden010 sshd[14307]: Failed password for root from 52.116.42.247 port 52548 ssh2 ...	2019-10-30 12:57:37

类型

评论内容

时间

52.116.42.247

attackspam

Oct 30 04:46:08 minden010 sshd[12430]: Failed password for root from 52.116.42.247 port 43636 ssh2
Oct 30 04:51:52 minden010 sshd[14307]: Failed password for root from 52.116.42.247 port 52548 ssh2
...

2019-10-30 12:57:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.116.42.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64543
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.116.42.243.			IN	A

;; AUTHORITY SECTION:
.			493	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110100 1800 900 604800 86400

;; Query time: 472 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 01 20:50:43 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 243.42.116.52.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 243.42.116.52.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
165.227.80.114	attackspambots	Dec 15 06:10:38 sd-53420 sshd\[1057\]: User root from 165.227.80.114 not allowed because none of user's groups are listed in AllowGroups Dec 15 06:10:38 sd-53420 sshd\[1057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.80.114 user=root Dec 15 06:10:40 sd-53420 sshd\[1057\]: Failed password for invalid user root from 165.227.80.114 port 57966 ssh2 Dec 15 06:17:22 sd-53420 sshd\[2986\]: User root from 165.227.80.114 not allowed because none of user's groups are listed in AllowGroups Dec 15 06:17:22 sd-53420 sshd\[2986\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.80.114 user=root ...	2019-12-15 13:53:15
122.51.233.63	attack	Dec 15 06:36:09 ns381471 sshd[16836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.233.63 Dec 15 06:36:11 ns381471 sshd[16836]: Failed password for invalid user mathilda from 122.51.233.63 port 39292 ssh2	2019-12-15 14:06:43
222.186.175.202	attack	Dec 15 06:50:18 vps691689 sshd[30566]: Failed password for root from 222.186.175.202 port 13062 ssh2 Dec 15 06:50:29 vps691689 sshd[30566]: error: maximum authentication attempts exceeded for root from 222.186.175.202 port 13062 ssh2 [preauth] ...	2019-12-15 14:02:39
101.91.238.160	attack	Dec 15 06:44:48 loxhost sshd\[12685\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.91.238.160 user=root Dec 15 06:44:50 loxhost sshd\[12685\]: Failed password for root from 101.91.238.160 port 35844 ssh2 Dec 15 06:50:58 loxhost sshd\[12809\]: Invalid user guest from 101.91.238.160 port 57490 Dec 15 06:50:58 loxhost sshd\[12809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.91.238.160 Dec 15 06:51:00 loxhost sshd\[12809\]: Failed password for invalid user guest from 101.91.238.160 port 57490 ssh2 ...	2019-12-15 14:08:57
66.96.233.31	attackspambots	Dec 15 07:19:09 ArkNodeAT sshd\[21307\]: Invalid user pcap from 66.96.233.31 Dec 15 07:19:09 ArkNodeAT sshd\[21307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.96.233.31 Dec 15 07:19:11 ArkNodeAT sshd\[21307\]: Failed password for invalid user pcap from 66.96.233.31 port 49939 ssh2	2019-12-15 14:26:24
116.203.80.96	attack	Dec 15 01:07:15 ny01 sshd[22132]: Failed password for sshd from 116.203.80.96 port 46878 ssh2 Dec 15 01:12:32 ny01 sshd[22701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.203.80.96 Dec 15 01:12:33 ny01 sshd[22701]: Failed password for invalid user ingersoll from 116.203.80.96 port 55372 ssh2	2019-12-15 14:13:36
139.155.71.154	attack	Dec 15 05:57:12 herz-der-gamer sshd[32515]: Invalid user zabbix from 139.155.71.154 port 51196 Dec 15 05:57:12 herz-der-gamer sshd[32515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.71.154 Dec 15 05:57:12 herz-der-gamer sshd[32515]: Invalid user zabbix from 139.155.71.154 port 51196 Dec 15 05:57:14 herz-der-gamer sshd[32515]: Failed password for invalid user zabbix from 139.155.71.154 port 51196 ssh2 ...	2019-12-15 14:24:17
14.186.40.213	attackbotsspam	SMTP-sasl brute force ...	2019-12-15 14:10:53
94.191.85.216	attackspam	Dec 15 05:38:25 zeus sshd[22769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.85.216 Dec 15 05:38:27 zeus sshd[22769]: Failed password for invalid user boom from 94.191.85.216 port 33980 ssh2 Dec 15 05:44:57 zeus sshd[23022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.85.216 Dec 15 05:44:59 zeus sshd[23022]: Failed password for invalid user rpc from 94.191.85.216 port 47524 ssh2	2019-12-15 14:12:56
172.58.101.252	spambotsattackproxynormal	Said ip address logged in my acvount	2019-12-15 14:11:55
191.235.93.236	attackspambots	Dec 15 07:15:15 OPSO sshd\[13412\]: Invalid user corentin from 191.235.93.236 port 52654 Dec 15 07:15:15 OPSO sshd\[13412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.235.93.236 Dec 15 07:15:17 OPSO sshd\[13412\]: Failed password for invalid user corentin from 191.235.93.236 port 52654 ssh2 Dec 15 07:22:09 OPSO sshd\[14889\]: Invalid user smmsp from 191.235.93.236 port 35702 Dec 15 07:22:09 OPSO sshd\[14889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.235.93.236	2019-12-15 14:24:00
112.162.191.160	attackspam	Invalid user dailey from 112.162.191.160 port 45616	2019-12-15 14:13:15
164.132.102.168	attackspambots	Dec 14 19:48:14 sachi sshd\[15028\]: Invalid user ribaud from 164.132.102.168 Dec 14 19:48:14 sachi sshd\[15028\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.ip-164-132-102.eu Dec 14 19:48:17 sachi sshd\[15028\]: Failed password for invalid user ribaud from 164.132.102.168 port 48548 ssh2 Dec 14 19:53:24 sachi sshd\[15505\]: Invalid user root6666 from 164.132.102.168 Dec 14 19:53:24 sachi sshd\[15505\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.ip-164-132-102.eu	2019-12-15 13:53:43
77.34.46.126	attackspam	Unauthorized connection attempt detected from IP address 77.34.46.126 to port 445	2019-12-15 14:46:11
185.71.81.184	attackbots	Unauthorized connection attempt detected from IP address 185.71.81.184 to port 445	2019-12-15 14:43:10

最近上报的IP列表

75.227.199.0	170.168.49.82	118.163.127.100	68.39.168.66
224.198.205.253	181.97.17.18	110.8.253.24	159.158.107.14
247.36.113.177	105.69.194.150	222.16.49.78	211.36.157.237
200.112.20.138	87.106.123.111	122.154.198.100	5.187.2.99
203.12.147.233	163.84.167.31	196.6.0.83	44.148.250.181