61.231.5.42 - IPInfo

基本信息:

城市(city): Taipei

省份(region): Taipei City

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): Data Communication Business Group

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized connection attempt from IP address 61.231.5.42 on Port 445(SMB)	2019-08-27 02:10:10

相同子网IP讨论:

IP	类型	评论内容	时间
61.231.5.216	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 14-02-2020 04:50:15.	2020-02-14 21:08:45
61.231.58.145	attack	Fail2Ban - FTP Abuse Attempt	2020-01-15 13:02:31
61.231.58.200	attack	TW Taiwan 61-231-58-200.dynamic-ip.hinet.net Failures: 20 ftpd	2019-11-13 21:31:09
61.231.53.31	attack	Unauthorized connection attempt from IP address 61.231.53.31 on Port 445(SMB)	2019-11-02 01:57:35

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.231.5.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41829
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.231.5.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 27 02:09:47 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

42.5.231.61.in-addr.arpa domain name pointer 61-231-5-42.dynamic-ip.hinet.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
42.5.231.61.in-addr.arpa	name = 61-231-5-42.dynamic-ip.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
62.234.128.242	attackspambots	Dec 6 17:00:35 localhost sshd\[3904\]: Invalid user peacock from 62.234.128.242 port 43649 Dec 6 17:00:35 localhost sshd\[3904\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.128.242 Dec 6 17:00:37 localhost sshd\[3904\]: Failed password for invalid user peacock from 62.234.128.242 port 43649 ssh2	2019-12-07 00:07:17
222.186.180.6	attackbotsspam	Dec 6 16:59:30 vpn01 sshd[635]: Failed password for root from 222.186.180.6 port 62298 ssh2 Dec 6 16:59:33 vpn01 sshd[635]: Failed password for root from 222.186.180.6 port 62298 ssh2 ...	2019-12-06 23:59:57
52.74.8.32	attack	Dec 6 16:59:53 lnxded64 sshd[9346]: Failed password for root from 52.74.8.32 port 45558 ssh2 Dec 6 16:59:53 lnxded64 sshd[9346]: Failed password for root from 52.74.8.32 port 45558 ssh2	2019-12-07 00:03:21
51.75.202.218	attackbotsspam	Dec 6 15:50:56 vpn01 sshd[31470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.202.218 Dec 6 15:50:57 vpn01 sshd[31470]: Failed password for invalid user undem from 51.75.202.218 port 42370 ssh2 ...	2019-12-06 23:39:32
218.92.0.138	attackspam	Dec 6 17:03:17 dcd-gentoo sshd[2387]: User root from 218.92.0.138 not allowed because none of user's groups are listed in AllowGroups Dec 6 17:03:20 dcd-gentoo sshd[2387]: error: PAM: Authentication failure for illegal user root from 218.92.0.138 Dec 6 17:03:17 dcd-gentoo sshd[2387]: User root from 218.92.0.138 not allowed because none of user's groups are listed in AllowGroups Dec 6 17:03:20 dcd-gentoo sshd[2387]: error: PAM: Authentication failure for illegal user root from 218.92.0.138 Dec 6 17:03:17 dcd-gentoo sshd[2387]: User root from 218.92.0.138 not allowed because none of user's groups are listed in AllowGroups Dec 6 17:03:20 dcd-gentoo sshd[2387]: error: PAM: Authentication failure for illegal user root from 218.92.0.138 Dec 6 17:03:20 dcd-gentoo sshd[2387]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.138 port 44969 ssh2 ...	2019-12-07 00:03:49
186.236.23.33	attackspam	23/tcp [2019-12-06]1pkt	2019-12-06 23:52:53
200.13.195.70	attackbotsspam	Dec 6 11:50:36 firewall sshd[8966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.13.195.70 Dec 6 11:50:36 firewall sshd[8966]: Invalid user lindamood from 200.13.195.70 Dec 6 11:50:37 firewall sshd[8966]: Failed password for invalid user lindamood from 200.13.195.70 port 33250 ssh2 ...	2019-12-07 00:05:32
60.250.164.169	attack	Dec 6 16:39:21 eventyay sshd[18591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.164.169 Dec 6 16:39:23 eventyay sshd[18591]: Failed password for invalid user pumphrey from 60.250.164.169 port 51682 ssh2 Dec 6 16:45:18 eventyay sshd[18838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.164.169 ...	2019-12-07 00:03:02
49.206.127.98	attackspam	TCP Port Scanning	2019-12-06 23:55:59
51.91.156.199	attackbotsspam	Dec 6 05:19:53 kapalua sshd\[346\]: Invalid user hq from 51.91.156.199 Dec 6 05:19:53 kapalua sshd\[346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.ip-51-91-156.eu Dec 6 05:19:55 kapalua sshd\[346\]: Failed password for invalid user hq from 51.91.156.199 port 47654 ssh2 Dec 6 05:25:27 kapalua sshd\[922\]: Invalid user gooch from 51.91.156.199 Dec 6 05:25:27 kapalua sshd\[922\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.ip-51-91-156.eu	2019-12-06 23:35:49
45.55.184.78	attackspam	Dec 6 05:53:05 kapalua sshd\[3841\]: Invalid user tester from 45.55.184.78 Dec 6 05:53:05 kapalua sshd\[3841\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.184.78 Dec 6 05:53:06 kapalua sshd\[3841\]: Failed password for invalid user tester from 45.55.184.78 port 58812 ssh2 Dec 6 06:00:59 kapalua sshd\[4656\]: Invalid user mozes from 45.55.184.78 Dec 6 06:00:59 kapalua sshd\[4656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.184.78	2019-12-07 00:07:43
121.183.203.60	attack	Dec 6 15:44:10 meumeu sshd[5813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.183.203.60 Dec 6 15:44:12 meumeu sshd[5813]: Failed password for invalid user ftp from 121.183.203.60 port 35154 ssh2 Dec 6 15:50:44 meumeu sshd[6853]: Failed password for root from 121.183.203.60 port 44658 ssh2 ...	2019-12-06 23:57:06
203.162.13.68	attack	Too many connections or unauthorized access detected from Arctic banned ip	2019-12-06 23:26:36
124.127.250.162	attackbots	1433/tcp [2019-12-06]1pkt	2019-12-06 23:46:38
2.136.131.36	attackspambots	2019-12-06T15:54:21.305271shield sshd\[31419\]: Invalid user tote from 2.136.131.36 port 39846 2019-12-06T15:54:21.309712shield sshd\[31419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.red-2-136-131.staticip.rima-tde.net 2019-12-06T15:54:23.309459shield sshd\[31419\]: Failed password for invalid user tote from 2.136.131.36 port 39846 ssh2 2019-12-06T16:00:16.633474shield sshd\[32459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.red-2-136-131.staticip.rima-tde.net user=root 2019-12-06T16:00:19.022574shield sshd\[32459\]: Failed password for root from 2.136.131.36 port 60210 ssh2	2019-12-07 00:05:04

最近上报的IP列表

213.236.154.114	36.160.161.10	142.190.168.16	220.176.152.54
122.159.199.63	106.51.226.196	45.168.90.142	112.249.42.207
68.183.178.27	39.42.104.9	165.22.78.212	79.106.149.37
45.235.193.72	218.82.69.103	45.236.152.16	45.235.205.12
255.143.38.123	61.94.149.234	180.192.14.60	45.79.214.232